From: Milan Broz <mbroz@redhat.com>
To: ".. ink .." <mhogomchungu@gmail.com>
Cc: dm-crypt <dm-crypt@saout.de>
Subject: Re: [dm-crypt] about invalid key slots
Date: Mon, 02 Apr 2012 15:06:51 +0200 [thread overview]
Message-ID: <4F79A46B.505@redhat.com> (raw)
In-Reply-To: <CAFnMBaQ=gKxqH+X14jPNVgcyFE7AR32jkRyXD8yRcV1_25kLOw@mail.gmail.com>
On 04/02/2012 02:14 PM, .. ink .. wrote:
>
> Please do not try to parse physical header structure outside of
> cryptsetup, header can change in future (new version) etc.
> libcryptsetup should be wrapper over these internals.
>
> was not going to. I was puzzled by the "CRYPT_SLOT_INVALID" entry in
> the "crypt_keyslot_info" structure when i looked at the API couple of
> months ago but i never asked about it. All these posts about invalid
> key slots just made me relooked the puzzle and ask about it.
Well, then we should add better documentation...
> CRYPT_SLOT_INVALID is returned if e.g. slot # is above limit, not if
> header is corrupted.
> An invalid key slot due to a corrupted header is a serious problem
> and everybody seem to be reporting on this. How serious is the
> "CRYPT_SLOT_INVALID" status on a key slot as reported by
> crypt_keyslot_status()?
Corrupted LUKS header is very rare.
crypt_keyslot_status() returns currently CRYPT_SLOT_INVALID
- if you run it over crypto context which does not support keyslots
(non-LUKS)
- if keyslot number is out of limits for the crypt type
- for LUKS, if keyslot status is in some unexpected state
(either not active or active) - well, this one can be caused by
partial header corruption.
(This check should be perhaps in crypt_load as well...
Anyway, slot with invalid status is the same like non-active slot
- cannot be used for unlocking.
> Since my code goes further enoght to see this one( crypt_load() pass
> ) and can open volumes if key is on another slot,it seem useful to
> inform my users of this status but not confuse them with the more
> serious one.
Crypt_load checks only if keyslot area is in some limits (does not
overlap with user data). So some minor corruptuions
can be undetected by crypt_load but status returns invalid...
Nothing is perfect :)
(I am thinking to export current repair code, so it can suggest
to user to run something like "cryptsetup repair <device>" if
there is some invalid values... It is not 100% but should help.)
Milan
next prev parent reply other threads:[~2012-04-02 13:06 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-04-02 0:41 [dm-crypt] about invalid key slots .. ink ..
2012-04-02 5:43 ` .. ink ..
2012-04-02 7:47 ` Arno Wagner
2012-04-02 8:42 ` Milan Broz
[not found] ` <CAFnMBaS63WvxydnvMmhfXBjLKh4KkxYGg_CABHM3ypP6_63Zog@mail.gmail.com>
2012-04-02 10:10 ` .. ink ..
2012-04-02 11:15 ` Milan Broz
[not found] ` <4F7980D1.4080703@redhat.com>
2012-04-02 12:14 ` .. ink ..
2012-04-02 13:06 ` Milan Broz [this message]
[not found] ` <CAFnMBaTmxH+s2bwt+VJAtOb8sa6wHb2pTGtk5CxsM2+BYs0rpQ@mail.gmail.com>
2012-04-02 18:19 ` .. ink ..
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4F79A46B.505@redhat.com \
--to=mbroz@redhat.com \
--cc=dm-crypt@saout.de \
--cc=mhogomchungu@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.