From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <n-roeser@gmx.net>
Received: from mail.gmx.net (mail.gmx.net [213.165.64.20])
	by mail.saout.de (Postfix) with SMTP
	for <dm-crypt@saout.de>; Wed,  9 Dec 2009 23:26:16 +0100 (CET)
Message-ID: <4B2023F1.6050306@gmx.net>
Date: Wed, 09 Dec 2009 23:25:53 +0100
From: "Nico R." <n-roeser@gmx.net>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-ripemd160;
	protocol="application/pgp-signature";
	boundary="------------enig62DE2C61BB3CF6675055CA80"
Subject: [dm-crypt] Exhaustive key reading seems to silently stop on error
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
	<mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
	<mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig62DE2C61BB3CF6675055CA80
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Hello!

Just a minute ago, I have subscribed to this list in order to let you
know about what I have found in the cryptsetup code and which seems to
be a bug to me.

In lib/utils.c (line 450f. in cryptsetup-1.0.7; line 490f. in current
SVN revision, r132, equal to r152), we see the following code:

if(read(fd, pass + i, 1) !=3D 1 || (newline_stop && pass[i] =3D=3D '\n'))=

        break;

If I interpret that snipped (and its surroundings) correctly, the code
will read until EOF *or* until an error occurs.

If my interpretation is true, that code causes a problem: imagine a
hardware failure while reading the key the first two times (for
luksFormat/luksOpen). The read function returns -1 and sets errno to
EIO. cryptsetup continues with a truncated key, it seems. On a later
attempt to read the key (for luksOpen), the hardware failure is gone,
and the key can be read completely. cryptsetup will not be able to open
the encrypted partition anymore.

Please correct me if I got the code wrong=E2=80=AF=E2=80=A6 :-)

Thanks
--=20
Nico


--------------enig62DE2C61BB3CF6675055CA80
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.13 (GNU/Linux)

iEYEAREDAAYFAksgI/oACgkQxI5uhYOGv4Wf4gCgnQ2slj/A0Ss244ISohnEOv20
MrkAoPZnHTt113JVgF06/JLJvzBvlrYf
=Dh3B
-----END PGP SIGNATURE-----

--------------enig62DE2C61BB3CF6675055CA80--