From: Milan Broz <mbroz@redhat.com>
To: dm-crypt@saout.de
Subject: Re: [dm-crypt] Question on LUKS master key digest and its effect on security
Date: Sat, 19 Sep 2009 21:00:32 +0200 [thread overview]
Message-ID: <4AB52A50.1060503@redhat.com> (raw)
In-Reply-To: <20090919165148.GA5619@fancy-poultry.org>
Heinz Diehl wrote:
> On 18.09.2009, Milan Broz wrote:
>
> As reported some weeks ago, the buffer i/o errors are still present with
> the latest svn code (from today):
>
> [....]
> Sep 19 18:33:05 liesel kernel: Buffer I/O error on device dm-4, logical block 32
This is not cryptsetup bug but interference with badly written
udev rules or programs reacting to uevents (like DeviceKit etc) which tries
to open/scan temporary/keyslot cryptstetup devices (I see this messages too
with dracut in Fedora).
(In 1.0.7 was 1 sec timeout which was removed, that caused these messages to appear
more often. But this timeout slowed down keyslot scan unnecessarily.)
You can easily verify that - run command which produces this messages
like cryptsetup luksOpen with --debug, and if you see
WARNING: other process locked internal device ... it is this problem.
These messages are ugly, but there is actually no problem - if cryptsetup
detects that someone locks internal keyslot device by opening it (usually it is blkid),
it remaps it to error target, so that program receives io errors on read
and quickly closes it. (unfortunately kernel log this read error to syslog.)
(I hope that udev problems will be solved soon by switching device-mapper
to use udev directly and maintain its own, correctly written, rules.)
Milan
next prev parent reply other threads:[~2009-09-19 19:00 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-09-18 17:39 [dm-crypt] Question on LUKS master key digest and its effect on security Tero Pesonen
2009-09-18 18:16 ` Milan Broz
2009-09-18 20:18 ` Tero Pesonen
2009-09-22 15:08 ` Tero Pesonen
2009-09-22 15:47 ` Milan Broz
2009-09-22 17:47 ` Tero Pesonen
2009-09-22 16:14 ` [dm-crypt] Question on LUKS master key digest and its effect on?security Heinz Diehl
2009-09-22 16:21 ` Milan Broz
2009-09-19 16:51 ` [dm-crypt] Question on LUKS master key digest and its effect on security Heinz Diehl
2009-09-19 19:00 ` Milan Broz [this message]
2009-09-20 11:28 ` Heinz Diehl
2009-09-20 15:09 ` Heinz Diehl
2009-09-20 18:11 ` Milan Broz
2009-09-20 21:03 ` Heinz Diehl
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4AB52A50.1060503@redhat.com \
--to=mbroz@redhat.com \
--cc=dm-crypt@saout.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.