[dm-crypt] LUKS2 resizing
okozina at redhat.com
Wed Dec 13 14:04:01 CET 2017
On 12/13/2017 12:35 AM, Andrius Štikonas wrote:
> I was testing how well KDE Partition Manager works on LUKS2 partitions.
> Apparently, it fails to resize them. It seems that now cryptsetup resize asks
> for passphrase before resizing the container.
Yes, cryptsetup utility asks for passphrase if it detects volume key was
previously passed to dm-crypt via kernel keyring service. VK is passed
to kernel keyring by default for LUKS2 devices.
> Unfortunately, I wasn't able to find any documentation on this. So, the passphrase
> is now required to resize the container? When I tried entering wrong passphrase,
> cryptsetup silently returns exit code 2, not 0. I guess cryptsetup refused to resize. Am I right?
Unfortunately we forgot to regenerate doxygen API documentation together
with 2.0.0 final release. But we fixed the mistake recently.
See note at bottom of crypt_resize() description:
On libcryptsetup API level, you can either query active device
(crypt_get_active_device()) and check for CRYPT_ACTIVATE_KEYRING_KEY
flag. The flag raised means you should load volume key to keyring before
crypt_resize(). Or, you can detect return value from crypt_resize. The
-EPERM hints you basically the same.
Thank you for the report. I'll check the silent failure with cryptsetup
utility. Yes, in general exit status != 0 says the operation was not
More information about the dm-crypt