Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
Bug 610278 - f12 crypto devices won't mount under f13 and newer.
f12 crypto devices won't mount under f13 and newer.
Status: CLOSED WONTFIX
Product: Fedora
Classification: Fedora
Component: cryptsetup-luks (Show other bugs)
13
All Linux
low Severity medium
: ---
: ---
Assigned To: Milan Broz
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-07-01 18:30 EDT by Dave Jones
Modified: 2015-01-04 17:31 EST (History)
18 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-07-02 04:11:37 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Dave Jones 2010-07-01 18:30:38 EDT
created a crypto dev on a 1g usb key on f12. Tried to mount it under f13, it fails.

creation:

(18:17:45:root@gelk:~)# dd if=/dev/zero of=/dev/sdg bs=1M
dd: writing `/dev/sdg': No space left on device
982+0 records in
981+0 records out
1028653056 bytes (1.0 GB) copied, 247.166 s, 4.2 MB/s
(18:22:12:root@gelk:~)# cryptsetup create test /dev/sdg
Enter passphrase: 
(18:25:22:root@gelk:~)# mkfs.ext2 /dev/mapper/test 
mke2fs 1.41.9 (22-Aug-2009)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
62848 inodes, 251136 blocks
12556 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=260046848
8 block groups
32768 blocks per group, 32768 fragments per group
7856 inodes per group
Superblock backups stored on blocks: 
	32768, 98304, 163840, 229376

Writing inode tables: done                            
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 31 mounts or
180 days, whichever comes first.  Use tune2fs -c or -i to override.
(18:25:39:root@gelk:~)# mount /dev/mapper/test /mnt/test/
(18:25:49:root@gelk:~)# cd /mnt/test/
(18:25:51:root@gelk:test)# ls
lost+found/
(18:25:51:root@gelk:test)# mkdir testdir
(18:25:55:root@gelk:test)# touch testfile
(18:25:58:root@gelk:test)# echo blah > testfile2
(18:26:06:root@gelk:test)# sync
(18:26:08:root@gelk:test)# ls -l
total 36
drwx------. 2 root root 16384 2010-07-01 18:25 lost+found/
drwxr-xr-x. 2 root root  4096 2010-07-01 18:25 testdir/
-rw-r--r--. 1 root root     0 2010-07-01 18:25 testfile
-rw-r--r--. 1 root root     5 2010-07-01 18:26 testfile2
(18:26:19:root@gelk:test)# cd ..
(18:26:21:root@gelk:mnt)# umount /mnt/test 
(18:26:23:root@gelk:mnt)# 


Then, plug it into an f13 box..

$ cryptsetup create test /dev/sdd
Enter passphrase:
$ mount /dev/mapper/test /mnt/test/
[  997.364633] EXT2-fs (dm-4): error: ext2_check_descriptors: Block bitmap for group 0 not in group (block 3416865761)!
[  997.370967] EXT2-fs (dm-4): group descriptors corrupted
Comment 1 Dave Jones 2010-07-01 18:40:31 EDT
I did a dd if=/dev/mapper/test on f12 and f13 to compare the two. Something is immediately wrong..

-rw-r--r--. 1 davej davej 1028653056 2010-07-01 18:36 f12-decrypted
-rw-r--r--. 1 davej davej  199872471 2010-07-01 18:34 f13-decrypted

for some reason dm-crypt on f13 thinks it's smaller than it is.
Comment 2 Eric Sandeen 2010-07-01 18:45:11 EDT
*nod* sorry (heh!) to say this doesn't look like a filesystem problem.
Comment 3 Milan Broz 2010-07-02 04:11:37 EDT
Please use LUKS, not plain crypto mapping (cryptsetup create).

Default mode for plain crypt changed because old mode was vulnerable, if you want to use old plain crypt devices in f13 (formatted in older Fedora) you have to specify encryption mode explicitly (either in crypttab or on commandline).

Try "cryptsetup create -c aes-cbc-plain -s 256 -h ripemd160 <name> <device>"
on F13.

and read
http://code.google.com/p/cryptsetup/wiki/FrequentlyAskedQuestions#6._Issues_with_Specific_Versions_of_cryptsetup

The LUKS hasn't this problem, because it stores mode in metadata on-disk.

Note You need to log in before you can comment on or make changes to this bug.