[dm-crypt] cryptsetup upgrade to 1.6.x unlocking problem in initramfs
sven at whgl.uni-frankfurt.de
Wed Sep 3 23:03:01 CEST 2014
On Wed, September 3, 2014 18:56, Milan Broz wrote:
> On 09/01/2014 11:35 PM, Sven Eschenberg wrote:
>> Here's the CRYPTO config of the kernel that works with old cryptsetup:
>> What I added to get to the passphrase for current cryptsetup is:
>> CONFIG_CRYPTO_USER_API=y <= AF_ALGO
>> The Volume is AES-XTS-plain and the hashspec sha1
>> I can't see what might be missing ...
> If you can send which exact kernel version it is and full .config,
> which fails I can try to reproduce it.
Will mail that in a bit directly to you. I looked at the strace again and
realized the following:
the call to initialize the backend with the fixed values in sockaddr_alg
(AF_ALG,"hash","sha1") obviously succeeds, the one after entering the
passphrase, which is filled with AF_ALG, "hash", and the hashname, which
should be sha1 again, seems to fail.
Unfortunately strace only displays the initial part os sa_data, so I can
see sa_type is hash, but I cannot see what is actually passed in sa_name.
But as the volume uses sha1, I'd expect that the bind() call has the exact
same values in sockaddr_alg as the one that is used to test+initialize the
kernel crypto backend. This is a little surprising to me.
Do you know how I could force strace to show the complete sa_data field in
the bind() call? -s to increase the string size has no effect,
> dm-crypt mailing list
> dm-crypt at saout.de
More information about the dm-crypt