1567992 – RFE: Allow resizing of LUKS devices

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1567992 - RFE: Allow resizing of LUKS devices

Summary: RFE: Allow resizing of LUKS devices

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	udisks2
Sub Component:
Version:	7.6
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	Vojtech Trefny
QA Contact:	xhe@redhat.com
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2018-04-16 14:22 UTC by Vojtech Trefny
Modified:	2021-09-06 12:34 UTC (History)
CC List:	3 users (show)
Fixed In Version:	udisks2-2.7.3-7
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2018-10-30 11:37:15 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2018:3271	0	None	None	None	2018-10-30 11:37:22 UTC

Description Vojtech Trefny 2018-04-16 14:22:20 UTC

UDisks API should allow resizing of LUKS encrypted devices.

Comment 3 Vojtech Trefny 2018-04-16 14:23:31 UTC

We already have upstream pull request for this -- https://github.com/storaged-project/udisks/pull/474

Comment 5 xhe@redhat.com 2018-07-27 07:42:52 UTC

Hi Vojtech,

How it could be used look like? Is there usage or example? Thanks!

Comment 6 Vojtech Trefny 2018-07-27 11:52:42 UTC

There is a new "Resize" function in the "Encrypted" interface.

Resize /dev/vda (contains unlocked luks device) to 50 MiB
# busctl call org.freedesktop.UDisks2 /org/freedesktop/UDisks2/block_devices/vda org.freedesktop.UDisks2.Encrypted Resize "ta{sv}" $((50*1024*1024)) 0

$ lsblk /dev/vda
NAME                                        MAJ:MIN RM  SIZE RO TYPE  MOUNTPOINT
vda                                         252:0    0  512M  0 disk  
└─luks-d03c2b92-5454-42f8-b77e-85c995e2613f 253:2    0   50M  0 crypt 

Resize /dev/vda back to its original size (0 = max size/size of the underlying device)
# busctl call org.freedesktop.UDisks2 /org/freedesktop/UDisks2/block_devices/vda org.freedesktop.UDisks2.Encrypted Resize "ta{sv}" 0 0

$ lsblk /dev/vda
NAME                                        MAJ:MIN RM  SIZE RO TYPE  MOUNTPOINT
vda                                         252:0    0  512M  0 disk  
└─luks-d03c2b92-5454-42f8-b77e-85c995e2613f 253:2    0  510M  0 crypt

Comment 7 xhe@redhat.com 2018-08-14 06:00:12 UTC

Thanks Vojtech for providing details. 

It works when I resized the unlocked luks device to 50M, but it doesn't work when I tried to resize it to 0. 

*************** snip ************************
# dd if=/dev/zero of=/tmp/tfile_loop0 iflag=fullblock bs=1M count=100
# udisksctl loop-setup -f /tmp/tfile_loop0
Mapped file /tmp/tfile_loop0 as /dev/loop0

# echo Redhat2018|cryptsetup --verbose --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 5000 luksFormat /dev/loop0

# echo -n Redhat2018>/tmp/passwd.key

# udisksctl unlock -b /dev/loop0 --key-file /tmp/passwd.key
Unlocked /dev/loop0 as /dev/dm-3.

============== TEST START =====================
# lsblk -l 
NAME                                      MAJ:MIN RM  SIZE RO TYPE  MOUNTPOINT
luks-3bb93ed6-d796-4fd4-8736-0d50b242094d 253:3    0   98M  0 crypt

# busctl call org.freedesktop.UDisks2 /org/freedesktop/UDisks2/block_devices/loop0 org.freedesktop.UDisks2.Encrypted Resize "ta{sv}" $((50*1024*1024)) 0

lsblk -l
NAME                                      MAJ:MIN RM  SIZE RO TYPE  MOUNTPOINT
sda                                         8:0    0 68.3G  0 disk  
sda1                                        8:1    0    1G  0 part  /boot
sda2                                        8:2    0 67.3G  0 part  
rhel_storageqe--16-root                   253:0    0 40.7G  0 lvm   /
rhel_storageqe--16-swap                   253:1    0  6.9G  0 lvm   [SWAP]
rhel_storageqe--16-home                   253:2    0 19.9G  0 lvm   /home
loop0                                       7:0    0  100M  0 loop  
luks-3bb93ed6-d796-4fd4-8736-0d50b242094d 253:3    0   50M  0 crypt

# busctl call org.freedesktop.UDisks2 /org/freedesktop/UDisks2/block_devices/loop0 org.freedesktop.UDisks2.Encrypted Resize "ta{sv}" 0 0

# lsblk /dev/loop0'...
NAME                                      MAJ:MIN RM  SIZE RO TYPE  MOUNTPOINT
loop0                                       7:0    0  100M  0 loop  
luks-6a253ff8-8a7f-4d7e-90be-203f8bf74501 253:3    0   98M  0 crypt

============== TEST END =====================
*************** snip ************************

Comment 8 xhe@redhat.com 2018-08-14 08:38:41 UTC

After confirmed with vtrefny@, the test result in #c7 are what we expected. Move it to VERIFIED.

vtrefny@: if you call resize with 0 as size it means to resize it to its maximum size -- e.g size of the underlying device (minus size of the metadata)

Comment 10 errata-xmlrpc 2018-10-30 11:37:15 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:3271

Note You need to log in before you can comment on or make changes to this bug.