• Status New
  • Percent Complete
    0%
  • Task Type Bug Report
  • Category Packages → Testing
  • Assigned To No-one
  • Operating System i486
  • Severity Low
  • Priority Medium
  • Reported Version
  • Due in Version Undecided
  • Due Date Undecided
  • Votes
  • Private
Attached to Project: Arch Linux 32
Opened by Erich Eckner - 28.11.2019

FS#98 - swap encryption fails

I tried to get encrypted swap following the guide in the wiki.

However, ultimately,

/usr/lib/systemd/systemd-cryptsetup attach 'swap' '/dev/disk/by-uuid/13b0e159-8573-40f8-a308-b34f1bbf1a6f' '/dev/urandom' 'swap,offset=2048'

fails, which works on upstream archlinux. It gives:

Set cipher aes, mode cbc-essiv:sha256, key size 256 bits for device /dev/disk/by-uuid/13b0e159-8573-40f8-a308-b34f1bbf1a6f.
device-mapper: reload ioctl on   failed: No such file or directory
Failed to activate with key file '/dev/urandom'. (Key file missing?)
Please enter passphrase for disk Ultra_Line (swap): 
Loading of cryptographic parameters failed: Invalid argument

In the middle, it asks for a passphrase. On archlinux, the output is:

Set cipher aes, mode cbc-essiv:sha256, key size 256 bits for device /dev/loop0.

are we missing ciphers here somewhere (where?)?

As usual (for my boxes), everything is up-to-date on that machine:
cryptsetup 2.2.2-1.0
linux 5.1.15.arch1-1.0
systemd 243.162-2.0

Cheers,
Erich

Admin
Erich Eckner commented on 28.11.2019 08:58

steps to reproduce:

dd if=/dev/zero of=raw bs=1M count=1024
losetup loop0 raw 
/usr/lib/systemd/systemd-cryptsetup attach swap /dev/loop0 /dev/urandom 'swap,offset=2048'

(works on pentium4)

Admin
Erich Eckner commented on 28.11.2019 09:11

attached is a strace of running

/usr/lib/systemd/systemd-cryptsetup attach swap /dev/loop0 /dev/urandom 'swap,offset=2048'

on i486

   log (39 KiB)
Admin
Erich Eckner commented on 29.11.2019 08:38

another (related) command, that fails on i486 but works on pentium4:

cryptsetup plainOpen /dev/loop0 swap –key-file=/dev/urandom –offset=2048

straces are attached

   i486 (18.5 KiB)
   pentium4 (20.4 KiB)
Admin
Erich Eckner commented on 29.11.2019 09:10

might be due to

# CONFIG_CRYPTO_CFB is not set

… changed now to

CONFIG_CRYPTO_CFB=m

let's see …

Admin
Erich Eckner commented on 30.11.2019 21:18

… still fails with

CONFIG_CRYPTO_CFB=m

(but at least, the kernel builds again on i486 ;-P)

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing