| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 27 Aug 2009 12:34:01 -0700 From: Randy Dunlap <randy.dunlap@...cle.com> To: Jonas Meurer <jonas@...esources.org> Cc: 541835@...s.debian.org, Celejar <celejar@...il.com>, lkml <linux-kernel@...r.kernel.org>, linux-crypto@...r.kernel.org Subject: Re: [pkg-cryptsetup-devel] Bug#541835: crypto configuration / dependencies broken On Thu, 27 Aug 2009 20:35:01 +0200 Jonas Meurer wrote: > hey, > > On 27/08/2009 Randy Dunlap wrote: > > On Tue, 25 Aug 2009 19:58:52 -0400 Celejar wrote: > > > > > I'm having a pretty bizarre problem with my kernel crypto > > > configuration. I need support for a bog standard LUKS (aes / > > > cbc-essiv:sha256) / cryptsetup installation, but even after I enable > > > virtually everything in the crypto section of the kernel configs, cbc > > > fails to load. All the relevant modules are exist (dm-mod, dm-crypt, > > > crypto_blkcipher, crypto_algapi, crypto_hash, aes_generic, > > > sha256_generic), but even after modprobing / insmoding > > > everything, /proc/crypto shows that aes and sha is there, but not cbc. > > > > > > The problem has been reproduced (using my kernel config) by Jonas > > > Meurer, the Debian cryptsetup maintainer, so it's not just me ;). > > > We've tried numerous different kernel versions in the .30 / .31 range. > > > > > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=541835 > > > > > > Does this mean that something else somewhere in the kernel needs to be > > > configured but isn't, and the necessary dependency isn't properly > > > declared? > > > > > > My config is at: > > > http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=45;filename=config-2.6.31-rc6-lizzie-00042-gb2add73;att=1;bug=541835 > > > > > > [I'm not subscribed to lkml; please cc me on responses] > > > > > > You could try/test a patch that was just posted: > > http://lkml.org/lkml/2009/8/27/249 > > that patch seems to be for ecryptfs only, while Celejar uses dm-crypt. > second, the patch just ensures that CRYPTO_ECB and CRYPTO_CBC are > selected along with ECRYPT_FS. but Celejar does have both CRYPTO_ECB and > CRYPTO_CBC selected. ack. > the problem rather is that loading the cbc blockcipher module simply > does nothing. the module is listed in /proc/modules, but the blockcipher > is still missing from /proc/crypto. > > the problem is not reproducible with a debian/unstable 2.6.30.6 kernel, > even though it has cbc compiled as module as well. but if I recompile > the same kernel sources with Celejars kernel .config, the problem > occurs. thus it must be related to the kernel config in some way. add cc: linux-crypto@...r.kernel.org -- maybe someone there can help out. --- ~Randy *** Remember to use Documentation/SubmitChecklist when testing your code *** -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists