Debian Bug report logs - #610258
cryptsetup --master-key-file foo luksAddKey succeeds but returns non-zero error code

version graph

Package: cryptsetup; Maintainer for cryptsetup is Debian Cryptsetup Team <pkg-cryptsetup-devel@lists.alioth.debian.org>; Source for cryptsetup is src:cryptsetup.

Reported by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Date: Sun, 16 Jan 2011 19:39:02 UTC

Severity: normal

Found in version cryptsetup/2:1.1.3-4

Fixed in version cryptsetup/2:1.2.0-1

Done: Jonas Meurer <jonas@freesources.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Debian Cryptsetup Team <pkg-cryptsetup-devel@lists.alioth.debian.org>:
Bug#610258; Package cryptsetup. (Sun, 16 Jan 2011 19:39:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Daniel Kahn Gillmor <dkg@fifthhorseman.net>:
New Bug report received and forwarded. Copy sent to Debian Cryptsetup Team <pkg-cryptsetup-devel@lists.alioth.debian.org>. (Sun, 16 Jan 2011 19:39:04 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: cryptsetup --master-key-file foo luksAddKey succeeds but returns non-zero error code
Date: Sun, 16 Jan 2011 14:35:25 -0500
Package: cryptsetup
Version: 2:1.1.3-4
Severity: normal

if i use the --master-key-file option for the luksAddKey command, even
if it succeeds, the command returns 1 or 2 (instead of 0).

here's an example with --verbose (the number before my prompt
indicates the return code of the previous command):

0 pip:~# cryptsetup --debug --master-key-file x luksAddKey /dev/mapper/vg_pip0-testy 
# cryptsetup 1.1.3 processing "cryptsetup --debug --master-key-file x luksAddKey /dev/mapper/vg_pip0-testy"
# Locking memory.
# Allocating crypt device /dev/mapper/vg_pip0-testy context.
# Trying to open and read device /dev/mapper/vg_pip0-testy.
# Initialising device-mapper backend, UDEV is enabled.
# Detected dm-crypt target of version 1.7.0.
# Trying to load LUKS1 crypt type from device /dev/mapper/vg_pip0-testy.
# Initializing crypto backend (using secure memory).
# Reading LUKS header of size 1024 from device /dev/mapper/vg_pip0-testy
# Password verification enabled.
# Timeout set to 0 miliseconds.
# Iteration time set to 1000 miliseconds.
# Adding new keyslot -1 using volume key.
Enter new passphrase for key slot: 
Verify passphrase: 
# Calculating data for key slot 3
# PBKDF2: 79641 iterations per second using hash sha1.
# Key slot 3 use 38886 password iterations.
# Using hash sha1 for AF in key slot 3, 4000 stripes
# Updating key slot 3 [0x61000] area on device /dev/mapper/vg_pip0-testy.
# DM-UUID is CRYPT-TEMP-temporary-cryptsetup-4006
# Udev cookie 0xd4d1cc2 (semid 1474570) created
# Udev cookie 0xd4d1cc2 (semid 1474570) incremented
# Udev cookie 0xd4d1cc2 (semid 1474570) incremented
# Udev cookie 0xd4d1cc2 (semid 1474570) assigned to dm_task type 0 with flags 0xe
# dm create temporary-cryptsetup-4006 CRYPT-TEMP-temporary-cryptsetup-4006 OF   [16384]
# temporary-cryptsetup-4006: Stacking NODE_ADD (253,9) 0:6 0660
# dm reload temporary-cryptsetup-4006  OF   [16384]
# dm resume temporary-cryptsetup-4006  OF   [16384]
# temporary-cryptsetup-4006: Stacking NODE_READ_AHEAD 256 (flags=1)
# Udev cookie 0xd4d1cc2 (semid 1474570) decremented
# Udev cookie 0xd4d1cc2 (semid 1474570): Waiting for zero
# Udev cookie 0xd4d1cc2 (semid 1474570) destroyed
# temporary-cryptsetup-4006: read ahead is 256
# temporary-cryptsetup-4006: Setting read ahead to 256
# Udev cookie 0xd4d1f35 (semid 1507338) created
# Udev cookie 0xd4d1f35 (semid 1507338) incremented
# Udev cookie 0xd4d1f35 (semid 1507338) incremented
# Udev cookie 0xd4d1f35 (semid 1507338) assigned to dm_task type 2 with flags 0x0
# dm remove temporary-cryptsetup-4006  OF   [16384]
# temporary-cryptsetup-4006: Stacking NODE_DEL (replaces other stacked ops)
# Udev cookie 0xd4d1f35 (semid 1507338) decremented
# Udev cookie 0xd4d1f35 (semid 1507338): Waiting for zero
# Udev cookie 0xd4d1f35 (semid 1507338) destroyed
# Key slot 3 was enabled in LUKS header.
# Updating LUKS header of size 1024 on device /dev/mapper/vg_pip0-testy
# Reading LUKS header of size 1024 from device /dev/mapper/vg_pip0-testy
# Releasing crypt device /dev/mapper/vg_pip0-testy context.
# Releasing device-mapper backend.
# Unlocking memory.
Command failed with code -3: Unknown error 4294967293
3 pip:~# 


and here's another run, where the master key is pulled from an
anonymous pipe instead of a regular file:

0 pip:~# cryptsetup --debug --master-key-file <( dmsetup --showkeys table | awk '/^testy_crypt: /{ print $6 }' | tr -d '\n' | perl -e 'print pack("H*", <STDIN>);' ) luksAddKey /dev/mapper/vg_pip0-testy 
# cryptsetup 1.1.3 processing "cryptsetup --debug --master-key-file /dev/fd/63 luksAddKey /dev/mapper/vg_pip0-testy"
# Locking memory.
# Allocating crypt device /dev/mapper/vg_pip0-testy context.
# Trying to open and read device /dev/mapper/vg_pip0-testy.
# Initialising device-mapper backend, UDEV is enabled.
# Detected dm-crypt target of version 1.7.0.
# Trying to load LUKS1 crypt type from device /dev/mapper/vg_pip0-testy.
# Initializing crypto backend (using secure memory).
# Reading LUKS header of size 1024 from device /dev/mapper/vg_pip0-testy
# Password verification enabled.
# Timeout set to 0 miliseconds.
# Iteration time set to 1000 miliseconds.
# Adding new keyslot -1 using volume key.
Enter new passphrase for key slot: 
Verify passphrase: 
# Calculating data for key slot 5
# PBKDF2: 81184 iterations per second using hash sha1.
# Key slot 5 use 39640 password iterations.
# Using hash sha1 for AF in key slot 5, 4000 stripes
# Updating key slot 5 [0xa1000] area on device /dev/mapper/vg_pip0-testy.
# DM-UUID is CRYPT-TEMP-temporary-cryptsetup-4371
# Udev cookie 0xd4db023 (semid 1769482) created
# Udev cookie 0xd4db023 (semid 1769482) incremented
# Udev cookie 0xd4db023 (semid 1769482) incremented
# Udev cookie 0xd4db023 (semid 1769482) assigned to dm_task type 0 with flags 0xe
# dm create temporary-cryptsetup-4371 CRYPT-TEMP-temporary-cryptsetup-4371 OF   [16384]
# temporary-cryptsetup-4371: Stacking NODE_ADD (253,10) 0:6 0660
# dm reload temporary-cryptsetup-4371  OF   [16384]
# dm resume temporary-cryptsetup-4371  OF   [16384]
# temporary-cryptsetup-4371: Stacking NODE_READ_AHEAD 256 (flags=1)
# Udev cookie 0xd4db023 (semid 1769482) decremented
# Udev cookie 0xd4db023 (semid 1769482): Waiting for zero
# Udev cookie 0xd4db023 (semid 1769482) destroyed
# temporary-cryptsetup-4371: read ahead is 256
# temporary-cryptsetup-4371: Setting read ahead to 256
# Udev cookie 0xd4d354a (semid 1802250) created
# Udev cookie 0xd4d354a (semid 1802250) incremented
# Udev cookie 0xd4d354a (semid 1802250) incremented
# Udev cookie 0xd4d354a (semid 1802250) assigned to dm_task type 2 with flags 0x0
# dm remove temporary-cryptsetup-4371  OF   [16384]
# temporary-cryptsetup-4371: Stacking NODE_DEL (replaces other stacked ops)
# Udev cookie 0xd4d354a (semid 1802250) decremented
# Udev cookie 0xd4d354a (semid 1802250): Waiting for zero
# Udev cookie 0xd4d354a (semid 1802250) destroyed
# Key slot 5 was enabled in LUKS header.
# Updating LUKS header of size 1024 on device /dev/mapper/vg_pip0-testy
# Reading LUKS header of size 1024 from device /dev/mapper/vg_pip0-testy
# Releasing crypt device /dev/mapper/vg_pip0-testy context.
# Releasing device-mapper backend.
# Unlocking memory.
Command failed with code -5: Unknown error 4294967291
5 pip:~# 

thanks for cryptsetup!

       --dkg

-- Package-specific info:
-- /proc/cmdline
BOOT_IMAGE=/vmlinuz-2.6.37-trunk-686 root=/dev/mapper/vg_pip0-root ro verbose


-- System Information:
Debian Release: 6.0
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.37-trunk-686 (SMP w/1 CPU core)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages cryptsetup depends on:
ii  dmsetup                      2:1.02.48-4 The Linux Kernel Device Mapper use
ii  libc6                        2.11.2-7    Embedded GNU C Library: Shared lib
ii  libdevmapper1.02.1           2:1.02.48-4 The Linux Kernel Device Mapper use
ii  libpopt0                     1.16-1      lib for parsing cmdline parameters
ii  libuuid1                     2.17.2-5    Universally Unique ID library

cryptsetup recommends no packages.

Versions of packages cryptsetup suggests:
ii  busybox                       1:1.17.1-8 Tiny utilities for small and embed
ii  dosfstools                    3.0.9-1    utilities for making and checking 
ii  initramfs-tools [linux-initra 0.98.7     tools for generating an initramfs
ii  udev                          164-3      /dev/ and hotplug management daemo

-- no debconf information




Reply sent to Jonas Meurer <jonas@freesources.org>:
You have taken responsibility. (Sun, 16 Jan 2011 21:18:11 GMT) Full text and rfc822 format available.

Notification sent to Daniel Kahn Gillmor <dkg@fifthhorseman.net>:
Bug acknowledged by developer. (Sun, 16 Jan 2011 21:18:11 GMT) Full text and rfc822 format available.

Message #10 received at 610258-done@bugs.debian.org (full text, mbox):

From: Jonas Meurer <jonas@freesources.org>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, 610258-done@bugs.debian.org
Subject: Re: [pkg-cryptsetup-devel] Bug#610258: cryptsetup --master-key-file foo luksAddKey succeeds but returns non-zero error code
Date: Sun, 16 Jan 2011 22:14:21 +0100
[Message part 1 (text/plain, inline)]
On 16/01/2011 Daniel Kahn Gillmor wrote:
> if i use the --master-key-file option for the luksAddKey command, even
> if it succeeds, the command returns 1 or 2 (instead of 0).
> 
> here's an example with --verbose (the number before my prompt
> indicates the return code of the previous command):

this bug has been fixed with the upload of cryptsetup 2:1.2.0-2 to
debian experimental.

greetings,
 jonas
[signature.asc (application/pgp-signature, inline)]

Bug Marked as fixed in versions cryptsetup/2:1.2.0-1. Request was from Daniel Kahn Gillmor <dkg@fifthhorseman.net> to control@bugs.debian.org. (Tue, 18 Jan 2011 00:39:07 GMT) Full text and rfc822 format available.

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sat, 30 Apr 2011 08:26:25 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sat Apr 19 02:21:09 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.