[dm-crypt] LUKS is written to a device with no partition table. Is it possible to add a partition table?

Ralf Ramsauer ralf+dm at ramses-pyramidenbau.de
Tue Apr 19 22:14:25 CEST 2016


Hi,

Hmm, you would have to 'move' your header together with btrfs to some
higher address to get free space at the beginning of the disk for the
partition table and the new header. I would _not_ even think about
trying it if data loss is a threat to you...

In a very informal way: you can shrink your btrfs to minimum and use dd
to move it to move 'in-situ' it to some higher offset inside the luks
block device (this is really dangerous, erroneous dd arguments lead to
data loss, a power failure is probably not recoverable). Now that you
have enough space at the beginning of your underlying block device, you
can create a partition table and restore the header back to the first
partition. Then you have to adjust the sector offsets by using luksOpen
twice: for the new luks block device and for the old one, passing the
right offset to luksOpen. Then dump your btrfs back from the old luks
device to the new one.

*Any* step might fail and cause unrecoverable data loss and this
approach is really dangerous.
Anyone better suggestions?

  Ralf

PS: I had a similar issue some years ago: I wanted to change my Raid
(luks inside) from Raid6 (4x3TiB) to Raid10. I degraded  the Raid6 by
two disks and created a new degraded Raid10 and dumped data from A to B.
Afterwards I added the two remaining Raid6 disks to the new Raid10.
Luckily, everything worked out, but I would not try it again.

On 04/19/2016 09:08 PM, Joe Hillenbrand wrote:
> I posted this to https://gitlab.com/cryptsetup/cryptsetup/issues/292
> but now I'm worried that might not be the appropriate place to ask
> questions.
>
> I have a 12TB hardware RAID5 external hard drive array.
>
> I had initially planned to only ever encrypt data to the device, but
> now I need about half encrypted and half not.
>
> The device is `/dev/sdd`. It mounts as `fatty`.
>
> There is no partition table.
>
>     # dd if=/dev/sdd | hexdump -C | head -1
>     00000000  4c 55 4b 53 ba be 00 01  61 65 73 00 00 00 00 00 
> |LUKS....aes.....|
>
>     # parted /dev/sdd
>     GNU Parted 3.2
>     Using /dev/sdd
>     Welcome to GNU Parted! Type 'help' to view a list of commands.
>     (parted)
> print                                                           
>     Error: /dev/sdd: unrecognised disk label
>     Model: ORICO H/ W RAID5
> (scsi)                                           
>     Disk /dev/sdd: 12.0TB
>     Sector size (logical/physical): 512B/4096B
>     Partition Table: unknown
>     Disk Flags:
>
> As you can see LUKS starts at the first byte of the device.
>
> There is a btrfs filesystem on the LUKS device and I resized it down
> to 4TB.
>
>     # cryptsetup status fatty
>     /dev/mapper/fatty is active.
>       type:    LUKS1
>       cipher:  aes-xts-plain64
>       keysize: 256 bits
>       device:  /dev/sdd
>       offset:  4096 sectors
>       size:    23441764352 sectors
>       mode:    read/write
>
>     # btrfs filesystem show /dev/mapper/fatty
>     Label: 'fatty'  uuid: XXX-XX-XX-XX-XXXXXXXXX
>         Total devices 1 FS bytes used 2.75TiB
>         devid    1 size 4.00TiB used 2.80TiB path /dev/mapper/fatty
>
> I can't really move the data anywhere, because it's too big and would
> require buying more hardware.
> Is it possible to add a partition table without losing the data?
>
>
>
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20160419/791858b8/attachment-0001.html>


More information about the dm-crypt mailing list