Debian Bug report logs - #206396
mount: losetup does not cooperate with 2.6 kernel cryptoapi

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Grzegorz Jaskiewicz <gj@pointblue.com.pl>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: mount: losetup does not cooperate with 2.6 kernel cryptoapi
Date: Wed, 20 Aug 2003 15:10:19 +0100

Package: mount
Version: 2.11z-4
Severity: normal


losetup -e aes /dev/loop/0 /tmp/image.img
(as an example) is not able to use 2.6 kernels api,
snip from strace:
nalesnik:~# strace losetup -e aes /dev/loop/0 /var/tmp/image.img
........
open("/proc/crypto/cipher/aes-cbc", O_RDONLY|O_LARGEFILE) = -1 ENOTDIR (Not a directory)
.........

this is what /proc/crypto contains

name         : cipher_null
module       : kernel
blocksize    : 1
min keysize  : 0
max keysize  : 0
ivsize       : 0

name         : digest_null
module       : kernel
blocksize    : 1
digestsize   : 0

name         : compress_null
module       : kernel

name         : md4
module       : kernel
blocksize    : 64
digestsize   : 16

name         : md5
module       : kernel
blocksize    : 64
digestsize   : 16

name         : sha1
module       : kernel
blocksize    : 64
digestsize   : 20

name         : sha256
module       : kernel
blocksize    : 64
digestsize   : 32

name         : sha384
module       : kernel
blocksize    : 96
digestsize   : 48

name         : sha512
module       : kernel
blocksize    : 128
digestsize   : 64

name         : des
module       : kernel
blocksize    : 8
min keysize  : 8
max keysize  : 8
ivsize       : 8

name         : des3_ede
module       : kernel
blocksize    : 8
min keysize  : 24
max keysize  : 24
ivsize       : 8

name         : blowfish
module       : kernel
blocksize    : 8
min keysize  : 4
max keysize  : 56
ivsize       : 8

name         : twofish
module       : kernel
blocksize    : 16
min keysize  : 16
max keysize  : 32
ivsize       : 16

name         : serpent
module       : kernel
blocksize    : 16
min keysize  : 0
max keysize  : 32
ivsize       : 16

name         : aes
module       : kernel
blocksize    : 16
min keysize  : 16
max keysize  : 32
ivsize       : 16

name         : cast5
module       : kernel
blocksize    : 8
min keysize  : 5
max keysize  : 16
ivsize       : 8

name         : cast6
module       : kernel
blocksize    : 16
min keysize  : 16
max keysize  : 32
ivsize       : 16

name         : deflate
module       : kernel

there are no subdirectories there.

also kernel includes crypto loop and crypto api linked staticaly:

nalesnik:~# grep -i crypto /boot/config-2.6.0-test3-bk6
CONFIG_BLK_DEV_CRYPTOLOOP=y
# Cryptographic options
CONFIG_CRYPTO=y
CONFIG_CRYPTO_HMAC=y
CONFIG_CRYPTO_NULL=y
CONFIG_CRYPTO_MD4=y
CONFIG_CRYPTO_MD5=y
CONFIG_CRYPTO_SHA1=y
CONFIG_CRYPTO_SHA256=y
CONFIG_CRYPTO_SHA512=y
CONFIG_CRYPTO_DES=y
CONFIG_CRYPTO_BLOWFISH=y
CONFIG_CRYPTO_TWOFISH=y
CONFIG_CRYPTO_SERPENT=y
CONFIG_CRYPTO_AES=y
CONFIG_CRYPTO_CAST5=y
CONFIG_CRYPTO_CAST6=y
CONFIG_CRYPTO_DEFLATE=y
# CONFIG_CRYPTO_TEST is not set


Even if losetup does not ment to have 2.6 crypto api, i think it should be patched to contain it asap as 2.6 kernels crypto api will be a standart api across.

-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux nalesnik 2.6.0-test3-bk6 #1 Mon Aug 18 14:17:12 BST 2003 i686
Locale: LANG=C, LC_CTYPE=C

Versions of packages mount depends on:
ii  libc6                         2.3.2-3    GNU C Library: Shared libraries an

-- no debconf information

Message #10 received at 206396@bugs.debian.org (full text, mbox):

From: Jonah Sherman <jsherman@stuy.edu>
To: 206396@bugs.debian.org
Subject: Patch for 2.6 cryptoloop
Date: Fri, 29 Aug 2003 17:09:19 -0400

[Message part 1 (text/plain, inline)]

This is caused by losetup being unable to find if the keysize option is
allowed for the particular cipher.  The checks in losetup/mount are
redundant, as the kernel will simply return EINVAL if you pick a bad
key size.  This small patch to util-linux will remove the redundant checks 
so losetup works on 2.6.


--- util-linux-2.11z/mount/lomount.c.old	2003-08-29 16:49:26.000000000 -0400
+++ util-linux-2.11z/mount/lomount.c	2003-08-29 16:49:29.000000000 -0400
@@ -87,18 +87,8 @@
 extern void error (const char *fmt, ...);	/* idem */
 
 
-struct cipher_info
-{
-	const char *name;
-	int blocksize;
-	int keysize_mask;
-	int ivsize;
-	int key_schedule_size;
-};
-
 static int set_loop_passwd(struct loop_info *_loopinfo, int pfd, int keysz,
 			   const char *encryption, int fd, int ffd);
-static int get_cipher_info(const char *name, struct cipher_info *res);
 static int name_to_id(const char *name);
 #ifdef MAIN
 static char *id_to_name(int id);
@@ -380,7 +370,6 @@
 	char *pass;
 	char keybits[2*HASHLENGTH]; 
 	char passwdbuff[PASSWDBUFFLEN];
-	struct cipher_info info;
 
 	switch (loopinfo->lo_encrypt_type) {
 	case LO_CRYPT_NONE:
@@ -440,31 +429,8 @@
 	case LO_CRYPT_CRYPTOAPI:
 		/* Give the kernel an opportunity to load the cipher */
 		(void) ioctl (fd, LOOP_SET_STATUS, loopinfo);
-		if (get_cipher_info(loopinfo->lo_name, &info) < 0) {
-			return 1;
-		}
-		if (keysz > 0 &&
-		    !((1 << ((keysz / 8) - 1)) & info.keysize_mask)) {
-			error("The specified keysize is not supported by "
-			      "the selected cipher");
-			keysz = 0;
-		}
-
-		while (keysz <= 0 ||
-		       !((1 << ((keysz / 8) - 1)) & info.keysize_mask)) {
-			int i = 0;
-			int available = 0;
+		while (keysz <= 0) {
 			char keysize[200];
-			printf("Available keysizes (bits): ");
-			for (; i < 32; i++) {
-				if (info.keysize_mask & (1 << i)) {
-					printf("%d ", 8*(i+1));
-					available = 1;
-				}
-			}
-			if (!available) {
-				printf("none");
-			}
 			printf("\nKeysize: ");
 			fgets(keysize, sizeof(keysize), stdin);
 			keysz = atoi(keysize);
@@ -691,36 +657,6 @@
 #endif
 #endif
 
-static int get_cipher_info(const char *name, struct cipher_info *res)
-{
-	char path[PATH_MAX];
-	char buf[2000];
-	FILE *f;
-	struct {
-		int *out;
-		const char *prefix;
-	} fields[] = {{&res->blocksize, "blocksize:"},
-		      {&res->keysize_mask, "keysize_mask:"},
-		      {&res->ivsize, "ivsize:"},
-		      {&res->key_schedule_size, "key_schedule_size:"}};
-	snprintf(path, sizeof(path), "/proc/crypto/cipher/%s", name);
-	f = fopen(path, "r");
-	while(f && fgets(buf, sizeof(buf), f)) {
-		int i;
-		for (i = 0; i < sizeof(fields)/sizeof(fields[0]); i++) {
-			int len = strlen(fields[i].prefix);
-			if (strncmp(buf, fields[i].prefix, len) == 0) {
-				*fields[i].out = strtoul(&buf[len+1], NULL, 0);
-				break;
-			}
-		}
-		
-	}
-	if (!f) 
-		return -1;
-	return 0;
-}
-
 
 static int 
 name_to_id(const char *name) 

[Message part 2 (application/pgp-signature, inline)]

Message #15 received at 206396@bugs.debian.org (full text, mbox):

From: Alexander Zangerl <az@debian.org>
To: Debian Bug Tracking System <206396@bugs.debian.org>
Subject: mount: losetup patch for 2.6 cryptoapi
Date: Wed, 10 Sep 2003 17:53:45 +1000

Package: mount
Version: 2.11z-1
Followup-For: Bug #206396

The patch Jonah Sherman submitted does fix the main problem of not 
being able to losetup encrypted loops, but has an annoying side effect:

Losetup now prompts for keysize and password whenever you try to 
losetup something unencrypted (eg. an iso9660 image).

Workarount to make it work non-interactively: 
pass losetup the options '-p N -k 1', with N being 
a FD which is definitely not open (ie. >=3). I don't think you can
do that for mount, though.

I'm not sure that this problem is actually present in 2.6, as I'm 
using the cryptoapi backport to 2.4.22.

az

-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux CFT 2.4.22 #3 Mon Sep 8 09:38:25 EST 2003 i686
Locale: LANG=C, LC_CTYPE=de_AT

Versions of packages mount depends on:
ii  libc6                         2.3.1-16   GNU C Library: Shared libraries an

Message #20 received at 206396-close@bugs.debian.org (full text, mbox):

From: LaMont Jones <lamont@debian.org>
To: 206396-close@bugs.debian.org
Subject: Bug#206396: fixed in util-linux 2.12-2
Date: Wed, 17 Sep 2003 01:17:31 -0400

Source: util-linux
Source-Version: 2.12-2

We believe that the bug you reported is fixed in the latest version of
util-linux, which is due to be installed in the Debian FTP archive:

bsdutils_2.12-2_i386.deb
  to pool/main/u/util-linux/bsdutils_2.12-2_i386.deb
fdisk-udeb_2.12-2_i386.udeb
  to pool/main/u/util-linux/fdisk-udeb_2.12-2_i386.udeb
mount_2.12-2_i386.deb
  to pool/main/u/util-linux/mount_2.12-2_i386.deb
util-linux-locales_2.12-2_all.deb
  to pool/main/u/util-linux/util-linux-locales_2.12-2_all.deb
util-linux_2.12-2.diff.gz
  to pool/main/u/util-linux/util-linux_2.12-2.diff.gz
util-linux_2.12-2.dsc
  to pool/main/u/util-linux/util-linux_2.12-2.dsc
util-linux_2.12-2_i386.deb
  to pool/main/u/util-linux/util-linux_2.12-2_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 206396@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
LaMont Jones <lamont@debian.org> (supplier of updated util-linux package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 16 Sep 2003 23:07:27 -0600
Source: util-linux
Binary: util-linux fdisk-udeb util-linux-locales bsdutils mount
Architecture: source i386 all
Version: 2.12-2
Distribution: unstable
Urgency: low
Maintainer: LaMont Jones <lamont@debian.org>
Changed-By: LaMont Jones <lamont@debian.org>
Description: 
 bsdutils   - Basic utilities from 4.4BSD-Lite
 fdisk-udeb - Partition a hard drive (manual, cfdisk) (udeb)
 mount      - Tools for mounting and manipulating filesystems
 util-linux - Miscellaneous system utilities
 util-linux-locales - Locales files for util-linux
Closes: 180353 206396
Changes: 
 util-linux (2.12-2) unstable; urgency=low
 .
   * release to unstable.  Closes: #206396,#180353
Files: 
 30d6050867b12dfb3175fe379c11e066 655 base required util-linux_2.12-2.dsc
 b941b9c69791b9ac4cb20b7cad1bad7d 63398 base required util-linux_2.12-2.diff.gz
 de7d8b1bc92f597807e5cd8aabd64475 349794 base required util-linux_2.12-2_i386.deb
 beea6a54d0fc539733349e37e1983848 85424 debian-installer extra fdisk-udeb_2.12-2_i386.udeb
 07b9dde9e5cd4f1389ea1f5c4502e0bb 130522 base required mount_2.12-2_i386.deb
 3204929144cb3025e54a3f8cf0d33abb 61534 base required bsdutils_2.12-2_i386.deb
 718c0edc3c1566c2d82b37369b8f6062 1003542 utils optional util-linux-locales_2.12-2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/Z+2hzN/kmwoKyScRAptCAJ9jr4Cti2Zp2FDTHHjd+stqBlP2qwCdGnlI
2+czhbe/KlmCijuDIp1fFGY=
=XgQx
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.