From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=+vZy=HC=saout.de=dm-crypt-bounces@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-5.0 required=3.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,
	SPF_PASS,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id BBC2EC433DB
	for <dm-crypt@archiver.kernel.org>; Sun, 31 Jan 2021 16:58:55 +0000 (UTC)
Received: from mail.server123.net (mail.server123.net [78.46.64.186])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 006F664DDF
	for <dm-crypt@archiver.kernel.org>; Sun, 31 Jan 2021 16:58:54 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 006F664DDF
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=lirmm.fr
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=dm-crypt-bounces@saout.de
X-Virus-Scanned: amavisd-new at saout.de
Authentication-Results: mail.server123.net (amavisd-new);
 dkim=pass (2048-bit key) header.d=lirmm.fr
Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=193.49.104.30;
 helo=kirkenes.lirmm.fr; envelope-from=maxime.alves@lirmm.fr;
 receiver=<UNKNOWN> 
X-Greylist: delayed 581 seconds by postgrey-1.37 at siona;
 Sun, 31 Jan 2021 17:58:02 CET
Received: from kirkenes.lirmm.fr (kirkenes.lirmm.fr [193.49.104.30])
 by mail.server123.net (Postfix) with ESMTP
 for <dm-crypt@saout.de>; Sun, 31 Jan 2021 17:58:02 +0100 (CET)
Received: from bung (lfbn-mon-1-324-105.w86-193.abo.wanadoo.fr
 [86.193.159.105])
 by kirkenes.lirmm.fr (Postfix) with ESMTPSA id 0DD14650
 for <dm-crypt@saout.de>; Sun, 31 Jan 2021 17:48:20 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lirmm.fr; s=mail;
 t=1612111700; bh=TneY5c7S5SH7CZ0ruKy7eE2DHFWk7cQdzdAa++oW8XM=;
 h=Date:From:To:Subject:From;
 b=gGxQxhEAf7BQcjvY5X7gJvGKXUtAHf7afa8WT/b+hpjN8UkhDORlo8M5RNXJs1Vlp
 zBn5hKhR1/i7l1PnIs7pRqG0jJGW+ymcaF3wv+nkbMM8o1BCA8d+dilnZCRbWGn+54
 7YWRLoNsr0y1oymSDJ2E7kmmjf/0r0Q+WkvtYVqdMI4FDlsIYsdoEI1PVz+ivN+lVt
 9/GgMWS2ty+FbRWrIwLHTKwMXssZJA9ohUGotkB5nJY8Tvlni+9JT9k1VEIbN6cEP2
 R+HtEkId7YKg85Azb4XTAW3mrdDbwbmPLFhsse8vHvtn4RHB0CeyF7Mf/oeJZfdbOF
 NYUcsh/f2p2Zg==
Date: Sun, 31 Jan 2021 17:48:18 +0100
From: Maxime Alves <maxime.alves@lirmm.fr>
To: dm-crypt@saout.de
Message-ID: <20210131164818.GK10286@bung>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="fdj2RfSjLxBAspz7"
Content-Disposition: inline
User-Agent: Mutt/1.10.1 (2018-07-13)
Subject: [dm-crypt] LUKS device failure after Cryptsetup upgrade
X-BeenThere: dm-crypt@saout.de
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <https://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <https://www.saout.de/pipermail/dm-crypt/>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <https://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
Errors-To: dm-crypt-bounces@saout.de
Sender: "dm-crypt" <dm-crypt-bounces@saout.de>


--fdj2RfSjLxBAspz7
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Hi,

I just upgraded my Gentoo distribution, and now I can't open my Luks-encrypted
LMV volume. I spent almost a year without rebooting/upgrading and don't really
know what could have caused this error.

Cryptsetup was upgraded from 2.2.1 to 2.3.2, but I did not reboot since it was
version 1.7.5, so maybe I was still using the 1.7.5 through libvirt.


Sadly, I did NOT backup before upgrading my Gentoo distro, thinking that there
would be no big problem upgrading my system. The volume was unmounted, and is
used only in a virtual machine ran by libvirt/kvm. I realized the device was
not unlockable when I restarted my hypervisor and my VM.

I tried to use a SystemRescue iso to open the device, with cryptsetup 1.7.x . I
could repair the volume, but after that impossible to open it with my old
passphrase.

Thanks for reading,
Maxime


Here are some informations I gathered after the advices of some people of
#gentoo.


--fdj2RfSjLxBAspz7
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename=repair

## REPAIR

f00 /mnt/storage # cryptsetup repair --debug ./mail-20210131-old
# cryptsetup 2.3.2 processing "cryptsetup repair --debug ./mail-20210131-old"
# Running command repair.
# Locking memory.
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.
# Allocating context for crypt device ./mail-20210131-old.
# Trying to open and read device ./mail-20210131-old with direct-io.
# Initialising device-mapper backend library.
# Trying to load any crypt type from device ./mail-20210131-old.
# Crypto backend (OpenSSL 1.1.1i  8 Dec 2020) initialized in cryptsetup library version 2.3.2.
# Detected kernel Linux 4.14.83-gentoo-xxxx-std-ipv6-64 x86_64.
# PBKDF pbkdf2-sha256, time_ms 2000 (iterations 0).
# Reading LUKS header of size 1024 from device ./mail-20210131-old
# Invalid stripes count 1 in keyslot 4.
LUKS keyslot 4 is invalid.
WARNING: Device ./mail-20210131-old already contains a 'dos' partition signature.

WARNING!
========
Really try to repair LUKS device header?

Are you sure? (Type 'yes' in capital letters): YES
# Trying to repair any crypt type from device ./mail-20210131-old.
# Reading LUKS header of size 1024 from device ./mail-20210131-old
# Reusing open ro fd on device ./mail-20210131-old
# Invalid stripes count 1 in keyslot 4.
LUKS keyslot 4 is invalid.
Non standard keyslots alignment, manual repair required.
# Releasing crypt device ./mail-20210131-old context.
# Releasing device-mapper backend.
# Closing read only fd for ./mail-20210131-old.
# Unlocking memory.
Command failed with code -1 (wrong or missing parameters).


--fdj2RfSjLxBAspz7
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename=hexdump

## HEXDUMP

f00 /mnt/storage # hexdump -C -n 4096 ./mail-20210131-old
00000000  4c 55 4b 53 ba be 00 01  61 65 73 00 00 00 00 00  |LUKS....aes.....|
00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000020  00 00 00 00 00 00 00 00  78 74 73 2d 70 6c 61 69  |........xts-plai|
00000030  6e 36 34 00 00 00 00 00  00 00 00 00 00 00 00 00  |n64.............|
00000040  00 00 00 00 00 00 00 00  73 68 61 32 35 36 00 00  |........sha256..|
00000050  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000060  00 00 00 00 00 00 00 00  00 00 10 00 00 00 00 40  |...............@|
00000070  17 36 b2 d3 46 d2 62 85  49 2d 67 3d 20 ed 07 26  |.6..F.b.I-g= ..&|
00000080  37 4a ac 0e 87 3a bb 2a  44 e4 60 6b 2d 4b 8d 68  |7J...:.*D.`k-K.h|
00000090  3b 37 5e 49 9a 16 c2 fd  4e b4 a7 f6 15 e5 87 45  |;7^I....N......E|
000000a0  ec cd 85 0e 00 01 ae aa  31 38 64 35 32 64 33 33  |........18d52d33|
000000b0  2d 62 34 66 63 2d 34 35  30 37 2d 38 62 30 65 2d  |-b4fc-4507-8b0e-|
000000c0  63 65 66 64 39 35 61 36  61 61 61 38 00 00 00 00  |cefd95a6aaa8....|
000000d0  00 ac 71 f3 00 0f 23 f8  16 8b 75 b3 0e 89 06 b2  |..q...#...u.....|
000000e0  1a a5 ac ba 43 ee 34 d9  db 93 1d e6 b6 b2 84 a4  |....C.4.........|
000000f0  4c cb 81 ed 48 0f 49 23  00 00 00 08 00 00 0f a0  |L...H.I#........|
00000100  00 00 de ad 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000110  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000120  00 00 00 00 00 00 00 00  00 00 02 00 00 00 0f a0  |................|
00000130  00 00 de ad 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000140  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000150  00 00 00 00 00 00 00 00  00 00 03 f8 00 00 0f a0  |................|
00000160  00 00 de ad 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000170  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000180  00 00 00 00 00 00 00 00  00 00 05 f0 00 00 0f a0  |................|
00000190  00 00 de ad 00 00 00 00  00 00 00 00 00 00 00 00  |................|
000001a0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
000001b0  00 00 00 00 00 00 00 00  00 00 07 e8 00 00 00 01  |................|
000001c0  01 00 83 0f ff ff 3f 00  00 00 71 ff 3f 01 00 00  |......?...q.?...|
000001d0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
000001f0  00 00 00 00 00 00 00 00  00 00 00 00 00 00 55 aa  |..............U.|
00000200  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000210  00 00 00 00 00 00 00 00  00 00 0b d8 00 00 0f a0  |................|
00000220  00 00 de ad 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000230  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000240  00 00 00 00 00 00 00 00  00 00 0d d0 00 00 0f a0  |................|
00000250  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
00001000

--fdj2RfSjLxBAspz7
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
dm-crypt mailing list
dm-crypt@saout.de
https://www.saout.de/mailman/listinfo/dm-crypt

--fdj2RfSjLxBAspz7--