[Pkg-cryptsetup-devel] Bug#464673: Bug#464673: cryptsetup seems to try to load some padlock modules

Joachim Breitner nomeata at debian.org
Fri Feb 8 12:57:15 UTC 2008 

Hi,


Am Freitag, den 08.02.2008, 13:29 +0100 schrieb Jonas Meurer:
> On 08/02/2008 Joachim Breitner wrote:
> > > > on my system, when cryptsetup starts the root crypto partition during
> > > > the initrd phase, I get error messages that seem to come from modprobing
> > > > padlock-* modules, although I do not have such a devices.
> > > > 
> > > > These messages are confusing, and I`m not really sure what to think of
> > > > them, but they look too much like an error to me than they should.
> > >
> > > Could you provide the exact error message?
> > 
> > Not so easy, as it happens during the initramfs state.
> >
> > When I enter a wrong key, the error message (which seems to be just the
> > result of a "modprobe padlock-something", no other output happening)
> > appears before I can retry to enter the password again. This made me
> > think that it’s a cryptsetup issue.
> 
> you could write the error down to a paper ;-)

I’ll do that when I next restart the machine.

> 
> does the message look like the following?
> FATAL: Module padlock_rng not found.

No, the module is present, but refused to load. I think the error
message is identical to this one:

$ sudo modprobe padlock-aes
FATAL: Error inserting padlock_aes (/lib/modules/2.6.24-1-686/kernel/drivers/crypto/padlock-aes.ko): No such device

This is from dmesg, from the kernel boot:

padlock: VIA PadLock not detected.
padlock: VIA PadLock Hash Engine not detected.

> > I also observed:
> > $ strings /sbin/cryptsetup |grep -i padlock
> > padlock-rng
> > padlock-aes
> > padlock-sha
> 
> you're correct, even though these strings don't come from cryptsetup.
> searching for 'padlock' in the sourcecode of cryptsetup doesn't give any
> results other than one comment in line 114 of utils.c:
> 
> /* Credits go to Michal's padlock patches for this alignment code */
> 
> the strings in /sbin/cryptsetup actually come from static linking
> against libgcrypt:
> 
> $ strings /usr/lib/libgcrypt.a |grep -i padlock
> padlock-rng
> padlock-aes
> padlock-sha

Ah, I see. But running gdb during initrd to find out which function by
gcrypt caused this will be hard. And I just tried to cryptsetup open a
loopback-file, without such an error.

> > > And did this happen forever, or was it introduced by some subsequent
> > > package upgrade?
> > 
> > Oh, sorry for forgetting to mention that: It occurred after the upgrade
> > to the kernel version 2.6.24.
> 
> Ok, so i believe that this is rather an issue with the debian linux 2.6.24
> kernel, not with cryptsetup.

Should I reassign this bug then to the kernel package? Or gcrypt?

Greetings and thanks for helping to debug this,
Joachim
-- 
Joachim "nomeata" Breitner
Debian Developer
  nomeata at debian.org | ICQ# 74513189 | GPG-Keyid: 4743206C
  JID: nomeata at joachim-breitner.de | http://people.debian.org/~nomeata
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.alioth.debian.org/pipermail/pkg-cryptsetup-devel/attachments/20080208/f1bbdd16/attachment.pgp

More information about the Pkg-cryptsetup-devel mailing list