[pkg-cryptsetup-devel] Bug#872342: cryptsetup: initramfs ignore parameters offset and skip from /etc/crypttab in cryptroot

Pascal Liehne debianbug at gmx.de
Wed Aug 16 13:35:02 UTC 2017 

Package: cryptsetup
Version: 2:1.7.3-4
Severity: important
Tags: patch

Dear Maintainer,

I whould like to use skip and offset in /etc/crypttab for my root volume, but those options are ignored by update-initramfs.

Ex crypttab:
cryptsda /dev/sda /etc/crypttab.conf/cryptsda.key hash=plain,cipher=aes-cbc-essiv:sha256,size=256,offset=2048

should produce conf/conf.d/cryptroot in initramfs:
target=cryptsda,source=/dev/sda,rootdev,lvm=vg00-root,hash=plain,cipher=aes-cbc-essiv:sha256,size=256,offset=2048,keyscript=cat,key=/cryptroot-keyfiles/cryptsda.key

but generate:
target=cryptsda,source=/dev/sda,rootdev,lvm=vg00-root,hash=plain,cipher=aes-cbc-essiv:sha256,size=256,keyscript=cat,key=/cryptroot-keyfiles/cryptsda.key

It is part of BUG #714380, as a patch is provided, I created a seperat bug report.

Regards

Pascal


-- Package-specific info:

-- System Information:
Debian Release: 9.1
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages cryptsetup depends on:
ii  cryptsetup-bin         2:1.7.3-4
ii  debconf [debconf-2.0]  1.5.61
ii  dmsetup                2:1.02.137-2
ii  libc6                  2.24-11+deb9u1

Versions of packages cryptsetup recommends:
ii  busybox                                 1:1.22.0-19+b3
ii  console-setup                           1.164
ii  initramfs-tools [linux-initramfs-tool]  0.130
ii  kbd                                     2.0.3-2+b1

Versions of packages cryptsetup suggests:
ii  dosfstools              4.1-1
pn  keyutils                <none>
ii  liblocale-gettext-perl  1.07-3+b1

-- debconf-show failed

--- /usr/share/initramfs-tools/hooks/cryptroot	2017-08-15 22:21:12.173751572 +0200
+++ /usr/share/initramfs-tools/hooks/cryptroot	2017-08-15 22:44:38.926963077 +0200
@@ -394,6 +405,12 @@
 	unset LUKS_FOUND
 	for opt in $rootopts; do
 		case $opt in
+			skip=*)
+				OPTIONS="$OPTIONS,$opt"
+				;;
+			offset=*)
+				OPTIONS="$OPTIONS,$opt"
+				;;
 			cipher=*)
 				OPTIONS="$OPTIONS,$opt"
 				;;


*** /usr/share/initramfs-tools/scripts/local-top/cryptroot	2017-08-15 22:58:03.215438789 +0200
--- /usr/share/initramfs-tools/scripts/local-top/cryptroot	2017-08-15 23:02:45.096369947 +0200
*************** parse_options()
*** 62,67 ****
--- 62,69 ----
  	# Defaults
  	cryptcipher=aes-cbc-essiv:sha256
  	cryptsize=256
+ 	cryptoffset=""
+ 	cryptskip=""
  	crypthash=ripemd160
  	crypttarget=cryptroot
  	cryptsource=""
*************** parse_options()
*** 80,85 ****
--- 82,93 ----
  	local IFS=" ,"
  	for x in $cryptopts; do
  		case $x in
+ 		offset=*)
+ 			cryptoffset=${x#offset=}
+ 			;;
+ 		skip=*)
+ 			cryptskip=${x#skip=}
+ 			;;
  		hash=*)
  			crypthash=${x#hash=}
  			;;
*************** setup_mapping()
*** 285,290 ****
--- 293,304 ----
  	if [ -n "$cryptheader" ]; then
  		cryptopen="$cryptopen --header=$cryptheader"
  	fi
+ 	if [ -n "$cryptoffset" ]; then
+ 		cryptopen="$cryptopen --offset=$cryptoffset"
+ 	fi
+ 	if [ -n "$cryptskip" ]; then
+ 		cryptopen="$cryptopen --skip=$cryptskip"
+ 	fi
  	if [ -n "$cryptkeyslot" ]; then
  		cryptopen="$cryptopen --key-slot=$cryptkeyslot"
  	fi

More information about the pkg-cryptsetup-devel mailing list