So booting into a next-20151222 kernel, I can mount an external drive
that uses cryptLuks. I try -1231, and I get this failure:
Failed to setup dm-crypt key mapping for device /dev/sdb2.
Check that kernel supports aes-cbc-essiv:sha256 cipher (check syslog for more info).
Tracked it down to this difference in /proc/crypto between the 12/22 and 12/31:
diff -u crypto.1222 crypto.1231
--- crypto.1222 2016-01-03 00:16:28.912507156 -0500
+++ crypto.1231 2016-01-03 00:09:14.243081574 -0500
@@ -1,37 +1,8 @@
-name : ecb(aes)
-driver : ecb(aes-asm)
-module : kernel
-priority : 200
-refcnt : 1
-selftest : passed
-internal : no
-type : blkcipher
-blocksize : 16
-min keysize : 16
-max keysize : 32
-ivsize : 0
-geniv : <default>
-
-name : cbc(aes)
-driver : cbc(aes-asm)
-module : kernel
-priority : 200
-refcnt : 2
-selftest : passed
-internal : no
-type : givcipher
-async : no
-blocksize : 16
-min keysize : 16
-max keysize : 32
-ivsize : 16
-geniv : eseqiv
-
name : ccm(aes)
driver : ccm_base(ctr(aes-asm),aes-asm)
module : kernel
priority : 200
Not seeing any obvious error messages about failed self-tests in dmesg output.
Not seeing a difference in .config that would explain it:
grep AES /boot/config-4.4.0-rc[67]*
/boot/config-4.4.0-rc6-next-20151222-dirty:CONFIG_CRYPTO_AES=y
/boot/config-4.4.0-rc6-next-20151222-dirty:CONFIG_CRYPTO_AES_X86_64=y
/boot/config-4.4.0-rc6-next-20151222-dirty:# CONFIG_CRYPTO_AES_NI_INTEL is not set
/boot/config-4.4.0-rc6-next-20151222-dirty:CONFIG_CRYPTO_CAMELLIA_AESNI_AVX_X86_64=m
/boot/config-4.4.0-rc6-next-20151222-dirty:CONFIG_CRYPTO_CAMELLIA_AESNI_AVX2_X86_64=m
/boot/config-4.4.0-rc7-next-20151231-00006-gc66c8c42ba97:CONFIG_CRYPTO_AES=y
/boot/config-4.4.0-rc7-next-20151231-00006-gc66c8c42ba97:CONFIG_CRYPTO_AES_X86_64=y
/boot/config-4.4.0-rc7-next-20151231-00006-gc66c8c42ba97:# CONFIG_CRYPTO_AES_NI_INTEL is not set
/boot/config-4.4.0-rc7-next-20151231-00006-gc66c8c42ba97:CONFIG_CRYPTO_CAMELLIA_AESNI_AVX_X86_64=m
/boot/config-4.4.0-rc7-next-20151231-00006-gc66c8c42ba97:CONFIG_CRYPTO_CAMELLIA_AESNI_AVX2_X86_64=m
The module was built, and nothing's touched that source in a while:
[/usr/src/linux-next] find crypto/ -name '*aes*' -ls
2104235 12 -rw-r--r-- 1 source source 11000 Jan 2 03:44 crypto/aes_generic.dwo
2104241 32 -rw-r--r-- 1 source source 32645 Jan 2 03:44 crypto/.aes_generic.o.cmd
2111768 64 -rw-r--r-- 1 source source 63440 Jan 20 2015 crypto/aes_generic.c
2104179 56 -rw-r--r-- 1 source source 54664 Jan 2 03:44 crypto/aes_generic.o
This ringing any bells, before I start the New Year with a bisect? :)
On 01/03/2016 06:34 AM, Valdis Kletnieks wrote:
> So booting into a next-20151222 kernel, I can mount an external drive
> that uses cryptLuks. I try -1231, and I get this failure:
>
> Failed to setup dm-crypt key mapping for device /dev/sdb2.
> Check that kernel supports aes-cbc-essiv:sha256 cipher (check syslog for more info).
>
> Tracked it down to this difference in /proc/crypto between the 12/22 and 12/31:
...
> This ringing any bells, before I start the New Year with a bisect? :)
Perhaps see the discussion in thread
[PATCH v2] crypto: algif_skcipher - Require setkey before accept(2)
Could you try to revert this patch?
http://git.kernel.org/cgit/linux/kernel/git/next/linux-next-history.git/commit/crypto?id=9f47e11b9e3169ff4cb35b3cdac0e0f7c2fcfe27
Milan
On Sun, 03 Jan 2016 11:20:03 +0100, Milan Broz said:
> On 01/03/2016 06:34 AM, Valdis Kletnieks wrote:
> > So booting into a next-20151222 kernel, I can mount an external drive
> > that uses cryptLuks. I try -1231, and I get this failure:
> >
> > Failed to setup dm-crypt key mapping for device /dev/sdb2.
> > Check that kernel supports aes-cbc-essiv:sha256 cipher (check syslog for more info).
> >
> > Tracked it down to this difference in /proc/crypto between the 12/22 and 12/31:
>
> ...
> > This ringing any bells, before I start the New Year with a bisect? :)
>
> Perhaps see the discussion in thread
> [PATCH v2] crypto: algif_skcipher - Require setkey before accept(2)
>
> Could you try to revert this patch?
> http://git.kernel.org/cgit/linux/kernel/git/next/linux-next-history.git/commit/crypto?id=9f47e11b9e3169ff4cb35b3cdac0e0f7c2fcfe27
Confirming that this patch reverts cleanly for me, and makes cryptsetup
happy again on next-20151231.