Re: [pkg-cryptsetup-devel] Bug#541835: crypto configuration /dependencies broken

From: Jonas Meurer
Date: Thu Aug 27 2009 - 15:14:23 EST

Next message: Ulrich Drepper: "Re: popen2 popen call"
Previous message: Hugh Dickins: "Re: [PATCH 13/12] ksm: fix munlock during exit_mmap deadlock"
In reply to: Randy Dunlap: "Re: crypto configuration / dependencies broken"
Next in thread: Randy Dunlap: "Re: [pkg-cryptsetup-devel] Bug#541835: crypto configuration /dependencies broken"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

hey,

On 27/08/2009 Randy Dunlap wrote:
> On Tue, 25 Aug 2009 19:58:52 -0400 Celejar wrote:
>
> > I'm having a pretty bizarre problem with my kernel crypto
> > configuration. I need support for a bog standard LUKS (aes /
> > cbc-essiv:sha256) / cryptsetup installation, but even after I enable
> > virtually everything in the crypto section of the kernel configs, cbc
> > fails to load. All the relevant modules are exist (dm-mod, dm-crypt,
> > crypto_blkcipher, crypto_algapi, crypto_hash, aes_generic,
> > sha256_generic), but even after modprobing / insmoding
> > everything, /proc/crypto shows that aes and sha is there, but not cbc.
> >
> > The problem has been reproduced (using my kernel config) by Jonas
> > Meurer, the Debian cryptsetup maintainer, so it's not just me ;).
> > We've tried numerous different kernel versions in the .30 / .31 range.
> >
> > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=541835
> >
> > Does this mean that something else somewhere in the kernel needs to be
> > configured but isn't, and the necessary dependency isn't properly
> > declared?
> >
> > My config is at:
> > http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=45;filename=config-2.6.31-rc6-lizzie-00042-gb2add73;att=1;bug=541835
> >
> > [I'm not subscribed to lkml; please cc me on responses]
>
>
> You could try/test a patch that was just posted:
> http://lkml.org/lkml/2009/8/27/249

that patch seems to be for ecryptfs only, while Celejar uses dm-crypt.
second, the patch just ensures that CRYPTO_ECB and CRYPTO_CBC are
selected along with ECRYPT_FS. but Celejar does have both CRYPTO_ECB and
CRYPTO_CBC selected.

the problem rather is that loading the cbc blockcipher module simply
does nothing. the module is listed in /proc/modules, but the blockcipher
is still missing from /proc/crypto.

the problem is not reproducible with a debian/unstable 2.6.30.6 kernel,
even though it has cbc compiled as module as well. but if I recompile
the same kernel sources with Celejars kernel .config, the problem
occurs. thus it must be related to the kernel config in some way.

greetings,
jonas

Attachment: signature.asc
Description: Digital signature

Next message: Ulrich Drepper: "Re: popen2 popen call"
Previous message: Hugh Dickins: "Re: [PATCH 13/12] ksm: fix munlock during exit_mmap deadlock"
In reply to: Randy Dunlap: "Re: crypto configuration / dependencies broken"
Next in thread: Randy Dunlap: "Re: [pkg-cryptsetup-devel] Bug#541835: crypto configuration /dependencies broken"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]