Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[SOLVED] cryptsetup luksFormat error: device-mapper: reload
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Installing Gentoo
View previous topic :: View next topic  
Author Message
pgu
Guru
Guru


Joined: 30 Jul 2009
Posts: 594
Location: Oslo, Norway

PostPosted: Sun Jun 08, 2014 5:54 pm    Post subject: [SOLVED] cryptsetup luksFormat error: device-mapper: reload Reply with quote

I'm trying to encrypt a partition using luksFormat, but I keep getting:

Code:
 
# cryptsetup luksFormat /dev/sda6

WARNING!
========
This will overwrite data on /dev/sda6 irrevocably.

Are you sure? (Type uppercase yes): YES
Enter passphrase:
Verify passphrase:
System is out of entropy while generating volume key.
Please move mouse or type some text in another window to gather some random events.
Generating key (75% done).
Generating key (100% done).
device-mapper: reload ioctl on temporary-cryptsetup-2079 failed: Invalid argument
Failed to open temporary keystore device.
device-mapper: remove ioctl on temporary-cryptsetup-2079 failed: No such device or address
device-mapper: reload ioctl on temporary-cryptsetup-2079 failed: No such device or address
device-mapper: remove ioctl on temporary-cryptsetup-2079 failed: No such device or address
device-mapper: remove ioctl on temporary-cryptsetup-2079 failed: No such device or address
device-mapper: remove ioctl on temporary-cryptsetup-2079 failed: No such device or address
device-mapper: remove ioctl on temporary-cryptsetup-2079 failed: No such device or address



Any ideas how to resolve this issue?


Last edited by pgu on Sun Jun 08, 2014 10:01 pm; edited 1 time in total
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6228
Location: Room 101

PostPosted: Sun Jun 08, 2014 7:36 pm    Post subject: Reply with quote

pgu ...

udev looks to be locking temp devices again, its an old problem that from what I remember was fixed. So, firstly, is your install up to date?

Can you add '--debug' to the command and run again, its should show if the command was successful or not.

Unrelated but without '--cipher <cypher> --keysize <bits>' you'll get the default (aes-cbc-essiv:sha256) which has recently been shown to be breakable, you might want '-c aes-xts-plain -s 256 -y' (the '-y, --verify-passphrase' is always a good idea too).

best ... khay
Back to top
View user's profile Send private message
pgu
Guru
Guru


Joined: 30 Jul 2009
Posts: 594
Location: Oslo, Norway

PostPosted: Sun Jun 08, 2014 9:07 pm    Post subject: Reply with quote

Thank you khayyam,

I noticed an udev related message when I used the --debug version: "Device-mapper backend running with UDEV support disabled" See the bottom of the message for output. I usually use other arguments, but tried with as few as possible in order to rule out other problems. I just installed Gentoo today on this particular machine and did a sync so it should be pretty up to date.


Code:
cryptsetup luksFormat /dev/sda6 -ctwofish-xts-plain:wd256 -s 256 --debug
# cryptsetup 1.6.2 processing "cryptsetup luksFormat /dev/sda6 -ctwofish-xts-plain:wd256 -s 256 --debug"
# Running command luksFormat.
# Locking memory.
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.

WARNING!
========
This will overwrite data on /dev/sda6 irrevocably.

Are you sure? (Type uppercase yes): YES
# Allocating crypt device /dev/sda6 context.
# Trying to open and read device /dev/sda6.
# Initialising device-mapper backend library.
# Timeout set to 0 miliseconds.
# Iteration time set to 1000 miliseconds.
# Interactive passphrase entry requested.
Enter passphrase:
Verify passphrase:
# Formatting device /dev/sda6 as type LUKS1.
# Crypto backend (gcrypt 1.5.3) initialized.
System is out of entropy while generating volume key.
Please move mouse or type some text in another window to gather some random events.
Generating key (50% done).
Generating key (100% done).
# Topology: IO (512/0), offset = 0; Required alignment is 1048576 bytes.
# Generating LUKS header version 1 using hash sha1, twofish, xts-plain:wd256, MK 32 bytes
# Crypto backend (gcrypt 1.5.3) initialized.
# KDF pbkdf2, hash sha1: 273066 iterations per second.
# Data offset 4096, UUID 268bc836-dafe-4726-a98e-aa0bfe2577d1, digest iterations 33250
# Updating LUKS header of size 1024 on device /dev/sda6
# Key length 32, device size 328741232 sectors, header size 2050 sectors.
# Reading LUKS header of size 1024 from device /dev/sda6
# Key length 32, device size 328741232 sectors, header size 2050 sectors.
# Adding new keyslot -1 using volume key.
# Calculating data for key slot 0
# Crypto backend (gcrypt 1.5.3) initialized.
# KDF pbkdf2, hash sha1: 273351 iterations per second.
# Key slot 0 use 133471 password iterations.
# Using hash sha1 for AF in key slot 0, 4000 stripes
# Updating key slot 0 [0x1000] area.
# Calculated device size is 250 sectors (RW), offset 8.
# Detected kernel Linux 3.12.21-gentoo-r1 x86_64.
# dm version   OF   [16384] (*1)
# dm versions   OF   [16384] (*1)
# Device-mapper backend running with UDEV support disabled.
# DM-UUID is CRYPT-TEMP-temporary-cryptsetup-2103
# Detected kernel Linux 3.12.21-gentoo-r1 x86_64.
# dm versions   OF   [16384] (*1)
# Device-mapper backend running with UDEV support disabled.
# dm create temporary-cryptsetup-2103 CRYPT-TEMP-temporary-cryptsetup-2103 OF   [16384] (*1)
# dm reload temporary-cryptsetup-2103  OF   [16384] (*1)
device-mapper: reload ioctl on temporary-cryptsetup-2103 failed: Invalid argument
# Cookie value is not set while trying to call DM_DEVICE_REMOVE ioctl. Please, consider using libdevmapper's udev synchronisation interface or disable it explicitly by calling dm_udev_set_sync_support(0).
# Switching off device-mapper and all subsystem related udev rules. Falling back to libdevmapper node creation.
# dm remove temporary-cryptsetup-2103  OF   [16384] (*1)
# temporary-cryptsetup-2103: Stacking NODE_DEL
# temporary-cryptsetup-2103: Processing NODE_DEL
Failed to open temporary keystore device.
# Detected kernel Linux 3.12.21-gentoo-r1 x86_64.
# dm versions   OF   [16384] (*1)
# Device-mapper backend running with UDEV support disabled.
# Cookie value is not set while trying to call DM_DEVICE_REMOVE ioctl. Please, consider using libdevmapper's udev synchronisation interface or disable it explicitly by calling dm_udev_set_sync_support(0).
# Switching off device-mapper and all subsystem related udev rules. Falling back to libdevmapper node creation.
...


Aslo

Code:
Calculating dependencies... done!
[ebuild   R    ] sys-fs/cryptsetup-1.6.2  USE="gcrypt nls -kernel -nettle -openssl -python -reencrypt -static -static-libs -udev -urandom" PYTHON_SINGLE_TARGET="python2_7 (-python2_6)" PYTHON_TARGETS="python2_7 (-python2_6)" 0 kB


So there's a -udev there. On my other machine I have:

Code:
Calculating dependencies... done!                                               
[ebuild   R    ] sys-fs/cryptsetup-1.6.2  USE="gcrypt nls udev -kernel -nettle -
openssl -python -reencrypt -static -static-libs -urandom" PYTHON_SINGLE_TARGET="
python2_7 -python2_6" PYTHON_TARGETS="python2_7 -python2_6" 0 kB               


But the make.conf don't have any udev flags on either machine...

Then I tried to enable udev but the error persists:

Code:
# Device-mapper backend running with UDEV support enabled.
# DM-UUID is CRYPT-TEMP-temporary-cryptsetup-2335
# Udev cookie 0xd4d475b (semid 196608) created
# Udev cookie 0xd4d475b (semid 196608) incremented to 1
# Udev cookie 0xd4d475b (semid 196608) incremented to 2
# Udev cookie 0xd4d475b (semid 196608) assigned to CREATE task(0) with flags DISABLE_SUBSYSTEM_RULES DISABLE_DISK_RULES DISABLE_OTHER_RULES (0xe)
# Detected kernel Linux 3.12.21-gentoo-r1 x86_64.
# dm versions   OF   [16384] (*1)
# Device-mapper backend running with UDEV support enabled.
# dm create temporary-cryptsetup-2335 CRYPT-TEMP-temporary-cryptsetup-2335 OF   [16384] (*1)
# dm reload temporary-cryptsetup-2335  OF   [16384] (*1)
device-mapper: reload ioctl on temporary-cryptsetup-2335 failed: Invalid argument


dmesg shows:

Code:
[  141.764453] device-mapper: table: 253:0: crypt: unknown target type
Back to top
View user's profile Send private message
Tractor Girl
Apprentice
Apprentice


Joined: 16 May 2013
Posts: 159

PostPosted: Sun Jun 08, 2014 9:20 pm    Post subject: Reply with quote

khayyam wrote:

Unrelated but without '--cipher <cypher> --keysize <bits>' you'll get the default (aes-cbc-essiv:sha256)

aes-cbc-essiv:sha256 is default for plain dm-crypt, default for luks is aes-xts-plain64 :)
Back to top
View user's profile Send private message
pgu
Guru
Guru


Joined: 30 Jul 2009
Posts: 594
Location: Oslo, Norway

PostPosted: Sun Jun 08, 2014 9:47 pm    Post subject: Reply with quote

This is probably the source of the problem:

Code:
grep CONFIG_DM_CRYPT /usr/src/linux/.config
# CONFIG_DM_CRYPT is not set
Back to top
View user's profile Send private message
pgu
Guru
Guru


Joined: 30 Jul 2009
Posts: 594
Location: Oslo, Norway

PostPosted: Sun Jun 08, 2014 10:01 pm    Post subject: Reply with quote

That was indeed the source of the problem...
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6228
Location: Room 101

PostPosted: Sun Jun 08, 2014 10:54 pm    Post subject: Reply with quote

Tractor Girl wrote:
khayyam wrote:
Unrelated but without '--cipher <cypher> --keysize <bits>' you'll get the default (aes-cbc-essiv:sha256)

aes-cbc-essiv:sha256 is default for plain dm-crypt, default for luks is aes-xts-plain64 :)

Tractor Girl ... whoa, I'd actually checked the manpage, but only read as far as "[t]he current default in the distributed sources is aes-cbc-essiv:sha256 ...." I stand corrected.

best ... khay
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Installing Gentoo All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum