lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 30 Aug 2009 20:06:56 -0400
From:	Celejar <celejar@...il.com>
To:	Sebastian Andrzej Siewior <sebastian@...breakpoint.cc>
Cc:	Randy Dunlap <randy.dunlap@...cle.com>,
	Jonas Meurer <jonas@...esources.org>, 541835@...s.debian.org,
	lkml <linux-kernel@...r.kernel.org>, linux-crypto@...r.kernel.org
Subject: Re: [pkg-cryptsetup-devel] Bug#541835: crypto configuration /
 dependencies broken

On Sun, 30 Aug 2009 17:37:22 +0200
Sebastian Andrzej Siewior <sebastian@...breakpoint.cc> wrote:

> * Sebastian Andrzej Siewior | 2009-08-28 10:00:56 [+0200]:
> 
> >>> the problem is not reproducible with a debian/unstable 2.6.30.6 kernel,
> >>> even though it has cbc compiled as module as well. but if I recompile
> >>> the same kernel sources with Celejars kernel .config, the problem
> >>> occurs. thus it must be related to the kernel config in some way.
> >It must be the kernel confing since I run .30.stable and it works. I try
> >to look at it later.
> 
> Your kernel config is fine, the problem is that the initramfs tools do
> not copy all of the required modules into the initramfs. The missing
> modles are:
> - cryptomgr: that one is responsible to load the cbc and aes module and
>   bind them to cbc(aes)
> - chainiv: that one creates IVs if the "user" does not specify one.
>   dm-crypt probably does not use that one but is required due to the way
>   crypto works atm.
> - krng: provides random numbers and is required by chainiv.
> 
> If you add those three to /etc/initramfs/modules than it should work.

Right your are!  It now works, thanks very much.  I guess the catch was
that the working (stock Debian) kernel config built cryptomgr
(CRYPTO_MANAGER and CRYPTO_MANAGER2) and krng (CRYPTO_RNG2, although
not CRYPTO_RNG) and chainiv (CRYPTO_BLKCIPHER2, although not
CRYPTO_BLKCIPHER - I have the impression that chainiv is now
controlled by the BLKCIPHER options?) into the kernel, not as modules,
so I wasn't hit by the initramfs failure until I built them as modules
(I have a bit of a fetish for building everything as a module,
especially when using initrd's :/).

> Could someone please look at initramfs to figure out why those three
> modules are not copied in this reduced setup?

Celejar
-- 
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ