Red Hat Bugzilla – Bug 1311286
kernel 4.1.18 has broken crypto API
Last modified: 2016-02-24 08:19:59 EST
Description of problem:
A patch in Kernel 4.1.18 broke luks. You can't open luks devices any more nor format them. ArchLinux patched cryptsetup to be compatible again (see below)
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Install/boot Kernel 4.1.18
2. Try to open/format a luks device (fails)
# cryptsetup luksFormat /dev/loop2
This will overwrite data on /dev/loop2 irrevocably.
Are you sure? (Type uppercase yes): YES
Failed to setup dm-crypt key mapping for device /dev/loop2.
Check that kernel supports aes-xts-plain64 cipher (check syslog for more info).
The error is the same if you try to luksOpen an existing luks formated device, that worked with all previous kernel versions.
It should be possible to open/format devices with luks with Kernel 4.1.18, like it worked with all previous Kernels.
There is an upstream bug report:
ArchLinux fixed cryptsetup, to work around this problem:
In fact it's broken kernel crypto API for older userspace. For reference see: http://www.spinics.net/lists/linux-crypto/msg18521.html
Oh, didn't realise f23 doesn't ship 4.1.18 kernel at all so probably safe to close anyway...
Even though I understand it's annoying bug we don't plan to fix it by updating cryptsetup (in userspace) in stable fedora realease. This is clearly mistake in 4.1.18 backport of crypto API patches.
Thanks for the report. None of the Fedora releases are on the 4.1.y kernel any longer. All are 4.3.y or newer. This isn't an issue for Fedora afaik, so I'm closing this as UPSTREAM.