[pkg-cryptsetup-devel] Bug#541835: Bug#541835: cryptsetup: unclear kernel requirements
Celejar
celejar at gmail.com
Sun Aug 16 20:53:53 UTC 2009
On Sun, 16 Aug 2009 20:40:41 +0200
Jonas Meurer <jonas at freesources.org> wrote:
...
> please paste the output of the following commands:
> # cryptsetup luksDump /dev/hda4
~# cryptsetup luksDump /dev/hda4
LUKS header information for /dev/hda4
Version: 1
Cipher name: aes
Cipher mode: cbc-essiv:sha256
Hash spec: sha1
Payload offset: 2056
MK bits: 256
MK digest: c8 9f 7f 46 ae e7 47 9d 70 22 1d 66 21 67 93 45 b0 13 0e 35
MK salt: 94 6e bc 69 88 a2 d5 e4 b0 01 f3 1e 61 7c 07 db
8b 93 f3 c3 df ff 86 a1 e2 ca 56 65 6f 04 e8 db
MK iterations: 10
UUID: 6c6eabf0-f0c3-4cab-b61d-75ed2248e1c5
Key Slot 0: ENABLED
Iterations: 151612
Salt: 99 81 f8 fc 3f 7d 24 af 9d f5 9c 7e 60 ef 18 bf
d2 59 f6 50 8b 69 d3 3e f8 87 4a 5c c4 0f 77 45
Key material offset: 8
AF stripes: 4000
Key Slot 1: DISABLED
Key Slot 2: DISABLED
Key Slot 3: DISABLED
Key Slot 4: DISABLED
Key Slot 5: DISABLED
Key Slot 6: DISABLED
Key Slot 7: DISABLED
> # dmsetup targets
~# dmsetup targets
mirror v1.12.0
snapshot-origin v1.6.0
snapshot v1.6.0
crypt v1.7.0
striped v1.2.0
linear v1.1.0
error v1.0.1
> # lsmod
~$ lsmod
Module Size Used by
i915 181644 1
drm 136932 2 i915
i2c_algo_bit 4812 1 i915
ip6table_filter 3028 1
ip6_tables 11316 1 ip6table_filter
xt_time 2264 0
xt_connlimit 3484 0
xt_realm 1216 0
iptable_raw 2248 0
xt_comment 1232 20
xt_policy 2472 0
ipt_ULOG 6548 0
ipt_REJECT 2448 2
ipt_REDIRECT 1432 0
ipt_NETMAP 1452 0
ipt_MASQUERADE 2108 0
ipt_LOG 4500 21
ipt_ECN 2016 0
ipt_ecn 1564 0
ipt_CLUSTERIP 5608 0
ipt_ah 1344 0
ipt_addrtype 2000 4
nf_nat_tftp 1276 0
nf_nat_snmp_basic 7648 0
nf_nat_sip 5400 0
nf_nat_pptp 2520 0
nf_nat_proto_gre 1884 1 nf_nat_pptp
nf_nat_irc 1788 0
nf_nat_h323 5356 0
nf_nat_ftp 2244 0
nf_nat_amanda 1532 0
ts_kmp 1832 5
nf_conntrack_amanda 3512 1 nf_nat_amanda
nf_conntrack_sane 4080 0
nf_conntrack_tftp 3876 1 nf_nat_tftp
nf_conntrack_sip 15680 1 nf_nat_sip
nf_conntrack_proto_sctp 6288 0
nf_conntrack_pptp 5420 1 nf_nat_pptp
nf_conntrack_proto_gre 4772 1 nf_conntrack_pptp
nf_conntrack_netlink 13964 0
nf_conntrack_netbios_ns 2020 0
nf_conntrack_irc 4820 1 nf_nat_irc
nf_conntrack_h323 43004 1 nf_nat_h323
nf_conntrack_ftp 6240 1 nf_nat_ftp
xt_tcpmss 1652 0
xt_recent 7648 0
xt_pkttype 1316 0
xt_physdev 1936 0
xt_owner 2132 0
xt_NFQUEUE 2332 0
xt_NFLOG 1384 0
nfnetlink_log 7964 1 xt_NFLOG
xt_multiport 2448 4
xt_MARK 1732 0
xt_mark 1424 0
xt_mac 1300 0
xt_limit 1980 0
xt_length 1432 0
xt_iprange 1928 0
xt_helper 1684 0
xt_hashlimit 8084 0
xt_DSCP 2612 0
xt_dscp 1992 0
xt_dccp 2408 0
xt_conntrack 3664 0
xt_CONNMARK 2324 0
xt_connmark 1848 0
xt_CLASSIFY 1272 0
xt_tcpudp 2464 27
xt_state 1724 34
iptable_nat 4880 0
nf_nat 15572 12 ipt_REDIRECT,ipt_NETMAP,ipt_MASQUERADE,nf_nat_tftp,nf_nat_sip,nf_nat_pptp,nf_nat_proto_gre,nf_nat_irc,nf_nat_h323,nf_nat_ftp,nf_nat_amanda,iptable_nat
nf_conntrack_ipv4 11560 37 iptable_nat,nf_nat
nf_defrag_ipv4 1612 1 nf_conntrack_ipv4
nf_conntrack 58460 31 xt_connlimit,ipt_MASQUERADE,ipt_CLUSTERIP,nf_nat_tftp,nf_nat_snmp_basic,nf_nat_sip,nf_nat_pptp,nf_nat_irc,nf_nat_h323,nf_nat_ftp,nf_nat_amanda,nf_conntrack_amanda,nf_conntrack_sane,nf_conntrack_tftp,nf_conntrack_sip,nf_conntrack_proto_sctp,nf_conntrack_pptp,nf_conntrack_proto_gre,nf_conntrack_netlink,nf_conntrack_netbios_ns,nf_conntrack_irc,nf_conntrack_h323,nf_conntrack_ftp,xt_helper,xt_conntrack,xt_CONNMARK,xt_connmark,xt_state,iptable_nat,nf_nat,nf_conntrack_ipv4
iptable_mangle 3212 1
nfnetlink 4284 2 nf_conntrack_netlink,nfnetlink_log
iptable_filter 2904 1
ip_tables 10156 4 iptable_raw,iptable_nat,iptable_mangle,iptable_filter
x_tables 14492 44 ip6_tables,xt_time,xt_connlimit,xt_realm,xt_comment,xt_policy,ipt_ULOG,ipt_REJECT,ipt_REDIRECT,ipt_NETMAP,ipt_MASQUERADE,ipt_LOG,ipt_ECN,ipt_ecn,ipt_CLUSTERIP,ipt_ah,ipt_addrtype,xt_tcpmss,xt_recent,xt_pkttype,xt_physdev,xt_owner,xt_NFQUEUE,xt_NFLOG,xt_multiport,xt_MARK,xt_mark,xt_mac,xt_limit,xt_length,xt_iprange,xt_helper,xt_hashlimit,xt_DSCP,xt_dscp,xt_dccp,xt_conntrack,xt_CONNMARK,xt_connmark,xt_CLASSIFY,xt_tcpudp,xt_state,iptable_nat,ip_tables
loop 13212 0
arc4 1528 2
ecb 2336 2
b43 107012 0
mac80211 120656 1 b43
snd_hda_codec_realtek 183864 1
snd_hda_intel 22900 0
snd_hda_codec 64036 2 snd_hda_codec_realtek,snd_hda_intel
snd_hwdep 6120 1 snd_hda_codec
snd_pcm 63028 2 snd_hda_intel,snd_hda_codec
snd_seq 41820 0
snd_timer 17432 2 snd_pcm,snd_seq
snd_seq_device 6084 1 snd_seq
snd 47300 8 snd_hda_codec_realtek,snd_hda_intel,snd_hda_codec,snd_hwdep,snd_pcm,snd_seq,snd_timer,snd_seq_device
soundcore 6248 1 snd
i2c_i801 8504 0
yenta_socket 21120 1
cfg80211 76228 2 b43,mac80211
joydev 8532 0
acer_wmi 14476 0
rfkill 16232 2 cfg80211,acer_wmi
rsrc_nonstatic 9608 1 yenta_socket
psmouse 37468 0
snd_page_alloc 7960 2 snd_hda_intel,snd_pcm
serio_raw 4560 0
rng_core 3648 1 b43
i2c_core 19796 4 i915,drm,i2c_algo_bit,i2c_i801
pcspkr 2148 0
wmi 6156 1 acer_wmi
evdev 8056 18
container 3204 0
ac 2808 0
processor 34164 1
battery 5788 0
button 5028 0
ext3 105116 6
jbd 40736 1 ext3
mbcache 6832 1 ext3
sha256_generic 11160 0
sd_mod 28688 2
crc_t10dif 1588 1 sd_mod
usbhid 31332 0
hid 34312 1 usbhid
dm_mirror 12064 0
dm_region_hash 10108 1 dm_mirror
dm_log 8268 2 dm_mirror,dm_region_hash
dm_snapshot 19032 0
ide_cd_mod 23908 0
ide_gd_mod 19812 3
cdrom 30292 1 ide_cd_mod
ata_generic 4300 0
ata_piix 22004 0
libata 150704 2 ata_generic,ata_piix
ide_pci_generic 3580 0
usb_storage 48476 1
scsi_mod 132236 3 sd_mod,libata,usb_storage
b44 21776 0
uhci_hcd 18968 0
sdhci_pci 6560 0
sdhci 15124 1 sdhci_pci
piix 5724 2
ssb 37048 2 b43,b44
ehci_hcd 29684 0
mmc_core 45056 1 sdhci
led_class 3808 3 b43,acer_wmi,sdhci
pcmcia 23996 2 b43,ssb
pcmcia_core 31012 5 b43,yenta_socket,rsrc_nonstatic,ssb,pcmcia
mii 4656 1 b44
ide_core 88120 4 ide_cd_mod,ide_gd_mod,ide_pci_generic,piix
usbcore 127944 5 usbhid,usb_storage,uhci_hcd,ehci_hcd
nls_base 6688 1 usbcore
intel_agp 23148 1
agpgart 30604 3 drm,intel_agp
video 18244 1 i915
output 2572 1 video
thermal 12544 0
fan 4016 0
thermal_sys 13096 4 processor,video,thermal,fan
cbc 2980 2
aes_generic 27388 4
dm_crypt 10856 2
dm_mod 55860 34 dm_mirror,dm_log,dm_snapshot,dm_crypt
> # cat /proc/crypto
~$ cat /proc/crypto
name : ecb(arc4)
driver : ecb(arc4-generic)
module : ecb
priority : 0
refcnt : 3
selftest : passed
type : blkcipher
blocksize : 1
min keysize : 1
max keysize : 256
ivsize : 0
geniv : <default>
name : arc4
driver : arc4-generic
module : arc4
priority : 0
refcnt : 3
selftest : passed
type : cipher
blocksize : 1
min keysize : 1
max keysize : 256
name : sha256
driver : sha256-generic
module : sha256_generic
priority : 0
refcnt : 1
selftest : passed
type : shash
blocksize : 64
digestsize : 32
descsize : 168
name : sha224
driver : sha224-generic
module : sha256_generic
priority : 0
refcnt : 1
selftest : passed
type : shash
blocksize : 64
digestsize : 28
descsize : 168
name : cbc(aes)
driver : cbc(aes-generic)
module : kernel
priority : 100
refcnt : 3
selftest : passed
type : givcipher
async : yes
blocksize : 16
min keysize : 16
max keysize : 32
ivsize : 16
geniv : chainiv
name : cbc(aes)
driver : cbc(aes-generic)
module : cbc
priority : 100
refcnt : 3
selftest : passed
type : blkcipher
blocksize : 16
min keysize : 16
max keysize : 32
ivsize : 16
geniv : <default>
name : aes
driver : aes-generic
module : aes_generic
priority : 100
refcnt : 5
selftest : passed
type : cipher
blocksize : 16
min keysize : 16
max keysize : 32
name : stdrng
driver : krng
module : kernel
priority : 200
refcnt : 2
selftest : passed
type : rng
seedsize : 0
name : md5
driver : md5-generic
module : kernel
priority : 0
refcnt : 1
selftest : passed
type : shash
blocksize : 64
digestsize : 16
descsize : 88
Note: these are from a kernel that handles the LUKS volume successfully
(2.6.31-rc6 from mainline git repo). Getting the output from one of my
non-working kernels would be more difficult, since the entire system
(except /boot) is on LVM on top of the LUKS volume, and my kernels'
fail during the initrds' (made by initramfs-tools) attempts to unlock
the LUKS volume. I have tried to explore the problem using the
'break=mount' kernel parameter, but even after manually modprobing the
aes, cbc, blkcipher, dm-crypt modules, the kernel can't unlock the
volume.
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
More information about the pkg-cryptsetup-devel
mailing list