From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gmazyland@gmail.com>
Received: from mail-wr1-x442.google.com (mail-wr1-x442.google.com
 [IPv6:2a00:1450:4864:20::442])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 (No client certificate requested)
 by mail.server123.net (Postfix) with ESMTPS
 for <dm-crypt@saout.de>; Thu, 18 Jul 2019 15:09:20 +0200 (CEST)
Received: by mail-wr1-x442.google.com with SMTP id r1so28617637wrl.7
 for <dm-crypt@saout.de>; Thu, 18 Jul 2019 06:09:20 -0700 (PDT)
References: <40fa6a57-ac08-1f50-dbce-cadefcbf1ff4@codethink.co.uk>
 <0ce29b38-3f32-d2bc-651e-071075941d43@gmail.com>
 <e28edf2d-36d3-7f0e-91c1-ded42fe2d688@codethink.co.uk>
From: Milan Broz <gmazyland@gmail.com>
Message-ID: <3671b534-ce49-ee1e-77a9-0ce7f5618992@gmail.com>
Date: Thu, 18 Jul 2019 15:09:17 +0200
MIME-Version: 1.0
In-Reply-To: <e28edf2d-36d3-7f0e-91c1-ded42fe2d688@codethink.co.uk>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Subject: Re: [dm-crypt] veritysetup forward error correction failure
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <https://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <https://www.saout.de/pipermail/dm-crypt/>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <https://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: Tom Eccles <tom.eccles@codethink.co.uk>, dm-crypt@saout.de
Cc: richardmaw@codethink.co.uk

On 18/07/2019 13:41, Tom Eccles wrote:
> On 17/07/2019 8:49 pm, Milan Broz wrote:
>> If you can still reproduce it, please send version of the utility and
>> kernel (and --debug output as suggested in another mail) and if you have some
>> data/hash/fec images that can be used to reproduce it, let me know where I can find it.
> 
> Attached is a bash script gen_image.sh which should reproduce the issue.
> find_and_corrupt.c should be in the working directory when gen_image.sh is
> run. find_and_corrupt.c corrupts the disk image by simply searching for a
> known string and introducing an error (see the diff outputted by gen_image.sh).
> 
> See in particular the error and dmesg sample when reading the corrupted file
> (gen_image.sh:77) and the success when running veritysetup verify
> (gen_image.sh:86).
> 
> I have created an issue at https://gitlab.com/cryptsetup/cryptsetup/issues/462

Thanks.

I think I see the problem, and it is actually not FEC related.

Could you please try to manually allocate loop devices in RW mode (not read-only
as we have during automatic loop allocation if mapping image is in file)
over the provided images, and then use these loop device as arguments for
the veritysetup?

Like
 # losetup /dev/loop0 data8M.img.corrupt 
 # losetup /dev/loop1 hash-img 
 # losetup /dev/loop2 fec-img 

and

 # veritysetup open --fec-roots 24 --fec-device /dev/loop2 /dev/loop0 test /dev/loop1 15546e6799bb13608c77fa9cb840682a2dec3cfdb948d942ff3487f537966c01 --debug

Does it correct the data now? For me it prints

  kernel: device-mapper: verity: sha256 using implementation "sha256-generic"
  kernel: fec_decode_bufs: 13 callbacks suppressed
  kernel: device-mapper: verity-fec: 7:0: FEC 0: corrected 153 errors

Milan