• Status Closed
  • Percent Complete
    100%
  • Task Type Bug Report
  • Category Packages → Packages: Testing
  • Assigned To No-one
  • Operating System i486
  • Severity Low
  • Priority Medium
  • Reported Version
  • Due in Version Undecided
  • Due Date Undecided
  • Votes
  • Private
Attached to Project: Arch Linux 32
Opened by Erich Eckner - 28.11.2019
Last edited by Erich Eckner - 04.02.2020

FS#98 - swap encryption fails

I tried to get encrypted swap following the guide in the wiki.

However, ultimately,

/usr/lib/systemd/systemd-cryptsetup attach 'swap' '/dev/disk/by-uuid/13b0e159-8573-40f8-a308-b34f1bbf1a6f' '/dev/urandom' 'swap,offset=2048'

fails, which works on upstream archlinux. It gives:

Set cipher aes, mode cbc-essiv:sha256, key size 256 bits for device /dev/disk/by-uuid/13b0e159-8573-40f8-a308-b34f1bbf1a6f.
device-mapper: reload ioctl on   failed: No such file or directory
Failed to activate with key file '/dev/urandom'. (Key file missing?)
Please enter passphrase for disk Ultra_Line (swap): 
Loading of cryptographic parameters failed: Invalid argument

In the middle, it asks for a passphrase. On archlinux, the output is:

Set cipher aes, mode cbc-essiv:sha256, key size 256 bits for device /dev/loop0.

are we missing ciphers here somewhere (where?)?

As usual (for my boxes), everything is up-to-date on that machine:
cryptsetup 2.2.2-1.0
linux 5.1.15.arch1-1.0
systemd 243.162-2.0

Cheers,
Erich

Closed by  Erich Eckner
04.02.2020 13:41
Reason for closing:  Works for me
Admin
Erich Eckner commented on 28.11.2019 08:58

steps to reproduce:

dd if=/dev/zero of=raw bs=1M count=1024
losetup loop0 raw 
/usr/lib/systemd/systemd-cryptsetup attach swap /dev/loop0 /dev/urandom 'swap,offset=2048'

(works on pentium4)

Admin
Erich Eckner commented on 28.11.2019 09:11

attached is a strace of running

/usr/lib/systemd/systemd-cryptsetup attach swap /dev/loop0 /dev/urandom 'swap,offset=2048'

on i486

   log (39 KiB)
Admin
Erich Eckner commented on 29.11.2019 08:38

another (related) command, that fails on i486 but works on pentium4:

cryptsetup plainOpen /dev/loop0 swap –key-file=/dev/urandom –offset=2048

straces are attached

   i486 (18.5 KiB)
   pentium4 (20.4 KiB)
Admin
Erich Eckner commented on 29.11.2019 09:10

might be due to

# CONFIG_CRYPTO_CFB is not set

… changed now to

CONFIG_CRYPTO_CFB=m

let's see …

Admin
Erich Eckner commented on 30.11.2019 21:18

… still fails with

CONFIG_CRYPTO_CFB=m

(but at least, the kernel builds again on i486 ;-P)

Admin
Andreas Baumann commented on 14.12.2019 09:38

[ 284.201175] Error allocating fallback algo cbc(aes)
[ 284.201290] device-mapper: table: 254:0: crypt: Error allocating crypto tfm

I have a hunch there are more modules missing.
Also, the Geode is supposed to have AES cyrpto hardware support, which is another set
of modules, I suppose.

Admin
Erich Eckner commented on 14.12.2019 20:12

we could try to remove as many differences between config.i686 and config.i486 as possible.
abaumann: do you want to do that (my only "i486" is the alix)?

Admin
Erich Eckner commented on 04.02.2020 13:41

I wanted to get disappointed today and tried this once more (without any modifications - besides fixing a typo in one of my UUIDs): It works now!

Just for the record: I used the instructions from upstream's wiki page

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing