From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wr1-x441.google.com (mail-wr1-x441.google.com [IPv6:2a00:1450:4864:20::441]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Wed, 30 Sep 2020 22:23:58 +0200 (CEST) Received: by mail-wr1-x441.google.com with SMTP id s12so3190082wrw.11 for ; Wed, 30 Sep 2020 13:23:58 -0700 (PDT) Received: from linux-f1uu.localnet ([95.147.44.236]) by smtp.gmail.com with ESMTPSA id v2sm5071855wme.19.2020.09.30.13.23.56 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 30 Sep 2020 13:23:56 -0700 (PDT) Sender: Adam Pigg From: Adam Pigg Date: Wed, 30 Sep 2020 21:23:56 +0100 Message-ID: <43289151.68iqNxZmNP@linux-f1uu> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="UTF-8" Subject: [dm-crypt] Help with dm-crypt/luks on mediatek device List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de Hi Im porting the linux based SailfishOS to a mediatek based phone. All is go= od,=20 except for enabling the encryption support. The UI tools arnt working, ad= =20 neither is a basic command line setup, so im hoping if I can fix the comman= d=20 line issues, the UI will just work. As far as i can tell, I have the=20 appropriate CONFIG* options, but cant be 100% sure. Here is what is happeni= ng,=20 any suggestions greatly appreciated. cryptsetup luksFormat /dev/mmcblk1p1=20 =E2=80=8B WARNING! =3D=3D=3D=3D=3D=3D=3D=3D This will overwrite data on /dev/mmcblk1p1 irrevocably. =E2=80=8B Are you sure? (Type uppercase yes): YES Enter passphrase for /dev/mmcblk1p1:=20 Verify passphrase:=20 device-mapper: reload ioctl on failed: Operation not permitted =46ailed to setup dm-crypt key mapping for device /dev/mmcblk1p1. Check that kernel supports aes-xts-plain64 cipher (check syslog for more=20 info). device-mapper: remove ioctl on temporary-cryptsetup-4149 failed: No such=20 device or address device-mapper: table ioctl on failed: No such device or address device-mapper: remove ioctl on temporary-cryptsetup-4149 failed: No such=20 device or address device-mapper: table ioctl on failed: No such device or address device-mapper: remove ioctl on temporary-cryptsetup-4149 failed: No such=20 device or address device-mapper: table ioctl on failed: No such device or address device-mapper: remove ioctl on temporary-cryptsetup-4149 failed: No such=20 device or address device-mapper: table ioctl on failed: No such device or address device-mapper: remove ioctl on temporary-cryptsetup-4149 failed: No such=20 device or address =2D-- [root@VollaPhone nemo]# cryptsetup --debug luksFormat /dev/mmcblk1p1 # cryptsetup 2.1.0 processing "cryptsetup --debug luksFormat /dev/mmcblk1p1" # Running command luksFormat. # Locking memory. # Installing SIGINT/SIGTERM handler. # Unblocking interruption on signal. # Allocating context for crypt device /dev/mmcblk1p1. # Trying to open and read device /dev/mmcblk1p1 with direct-io. # Initialising device-mapper backend library. WARNING! =3D=3D=3D=3D=3D=3D=3D=3D This will overwrite data on /dev/mmcblk1p1 irrevocably. Are you sure? (Type uppercase yes): YES # Interactive passphrase entry requested. Enter passphrase for /dev/mmcblk1p1:=20 Verify passphrase:=20 # Crypto backend (OpenSSL 1.0.2o-fips 27 Mar 2018) initialized in cryptset= up=20 library version 2.1.0. # Detected kernel Linux 4.4.146+ aarch64. # PBKDF argon2i, hash sha256, time_ms 2000 (iterations 0), max_memory_kb=20 1048576, parallel_threads 4. # Formatting device /dev/mmcblk1p1 as type LUKS2. # Topology: IO (512/0), offset =3D 0; Required alignment is 1048576 bytes. # Checking if cipher aes-xts-plain64 is usable. # Userspace crypto wrapper cannot use aes-xts-plain64 (-95). # Using dmcrypt to access keyslot area. # Calculated device size is 1 sectors (RW), offset 0. # dm version [ opencount flush ] [16384] (*1) # dm versions [ opencount flush ] [16384] (*1) # Detected dm-ioctl version 4.34.0. # Detected dm-verity version 1.4.0. # Detected dm-crypt version 1.14.1. # Device-mapper backend running with UDEV support disabled. # DM-UUID is CRYPT-TEMP-temporary-cryptsetup-17590 # dm create temporary-cryptsetup-17590 CRYPT-TEMP-temporary-cryptsetup-1759= 0 [=20 opencount flush ] [16384] (*1) # dm reload temporary-cryptsetup-17590 [ opencount flush readonly secureda= ta=20 ] [16384] (*1) device-mapper: reload ioctl on failed: Operation not permitted # dm remove temporary-cryptsetup-17590 [ opencount flush readonly secureda= ta=20 ] [16384] (*1) # temporary-cryptsetup-17590: Stacking NODE_DEL # temporary-cryptsetup-17590: Processing NODE_DEL =46ailed to setup dm-crypt key mapping for device /dev/mmcblk1p1. Check that kernel supports aes-xts-plain64 cipher (check syslog for more=20 info). # dm versions [ opencount flush ] [16384] (*1) # dm remove temporary-cryptsetup-17590 [ opencount flush retryremove ] =20 [16384] (*1) device-mapper: remove ioctl on temporary-cryptsetup-17590 failed: No such= =20 device or address # WARNING: other process locked internal device temporary-cryptsetup-17590,= =20 retrying remove. # dm versions [ opencount flush ] [16384] (*1) # dm table temporary-cryptsetup-17590 [ opencount flush securedata ] =20 [16384] (*1) device-mapper: table ioctl on failed: No such device or address # dm remove temporary-cryptsetup-17590 [ opencount flush retryremove ] =20 [16384] (*1) device-mapper: remove ioctl on temporary-cryptsetup-17590 failed: No such= =20 device or address # WARNING: other process locked internal device temporary-cryptsetup-17590,= =20 retrying remove. # dm versions [ opencount flush ] [16384] (*1) # dm table temporary-cryptsetup-17590 [ opencount flush securedata ] =20 [16384] (*1) device-mapper: table ioctl on failed: No such device or address # dm remove temporary-cryptsetup-17590 [ opencount flush retryremove ] =20 [16384] (*1) device-mapper: remove ioctl on temporary-cryptsetup-17590 failed: No such= =20 device or address # WARNING: other process locked internal device temporary-cryptsetup-17590,= =20 retrying remove. # dm versions [ opencount flush ] [16384] (*1) # dm table temporary-cryptsetup-17590 [ opencount flush securedata ] =20 [16384] (*1) device-mapper: table ioctl on failed: No such device or address # dm remove temporary-cryptsetup-17590 [ opencount flush retryremove ] =20 [16384] (*1) device-mapper: remove ioctl on temporary-cryptsetup-17590 failed: No such= =20 device or address # WARNING: other process locked internal device temporary-cryptsetup-17590,= =20 retrying remove. # dm versions [ opencount flush ] [16384] (*1) # dm table temporary-cryptsetup-17590 [ opencount flush securedata ] =20 [16384] (*1) device-mapper: table ioctl on failed: No such device or address # dm remove temporary-cryptsetup-17590 [ opencount flush retryremove ] =20 [16384] (*1) device-mapper: remove ioctl on temporary-cryptsetup-17590 failed: No such= =20 device or address # Releasing crypt device /dev/mmcblk1p1 context. # Releasing device-mapper backend. # Unlocking memory. Command failed with code -1 (wrong or missing parameters). =2D-- Kernel messages when this happens: Sep 30 16:03:44 VollaPhone kernel: [dm-crypt] dev path: /dev/mmcblk1p1,= =20 type: -1 Sep 30 16:03:44 VollaPhone kernel: [dm-crypt] dev path: /dev/mmcblk1p1,= =20 type: -1 Sep 30 16:03:44 VollaPhone kernel: device-mapper: table: 252:2: crypt:= =20 Unknown error Sep 30 16:03:44 VollaPhone kernel: device-mapper: ioctl: error adding=20 target to table =2D-- [root@VollaPhone nemo]# cat /proc/crypto=20 name : cbc(aes) driver : cbc(aes-ce) module : kernel priority : 250 refcnt : 1 selftest : passed internal : no type : blkcipher blocksize : 16 min keysize : 16 max keysize : 32 ivsize : 16 geniv : =E2=80=8B name : hmac(sha256) driver : hmac(sha256-ce) module : kernel priority : 200 refcnt : 2 selftest : passed internal : no type : shash blocksize : 64 digestsize : 32 =E2=80=8B name : ghash driver : ghash-generic module : kernel priority : 100 refcnt : 1 selftest : passed internal : no type : shash blocksize : 16 digestsize : 16 =E2=80=8B name : jitterentropy_rng driver : jitterentropy_rng module : kernel priority : 100 refcnt : 1 selftest : passed internal : no type : rng seedsize : 0 =E2=80=8B name : stdrng driver : drbg_nopr_hmac_sha256 module : kernel priority : 207 refcnt : 1 selftest : passed internal : no type : rng seedsize : 0 =E2=80=8B name : stdrng driver : drbg_nopr_hmac_sha512 module : kernel priority : 206 refcnt : 1 selftest : passed internal : no type : rng seedsize : 0 =E2=80=8B name : stdrng driver : drbg_nopr_hmac_sha384 module : kernel priority : 205 refcnt : 1 selftest : passed internal : no type : rng seedsize : 0 =E2=80=8B name : stdrng driver : drbg_nopr_hmac_sha1 module : kernel priority : 204 refcnt : 1 selftest : passed internal : no type : rng seedsize : 0 =E2=80=8B name : stdrng driver : drbg_pr_hmac_sha256 module : kernel priority : 203 refcnt : 1 selftest : passed internal : no type : rng seedsize : 0 =E2=80=8B name : stdrng driver : drbg_pr_hmac_sha512 module : kernel priority : 202 refcnt : 1 selftest : passed internal : no type : rng seedsize : 0 =E2=80=8B name : stdrng driver : drbg_pr_hmac_sha384 module : kernel priority : 201 refcnt : 1 selftest : passed internal : no type : rng seedsize : 0 =E2=80=8B name : stdrng driver : drbg_pr_hmac_sha1 module : kernel priority : 200 refcnt : 1 selftest : passed internal : no type : rng seedsize : 0 =E2=80=8B name : lzo driver : lzo-generic module : kernel priority : 0 refcnt : 1 selftest : passed internal : no type : compression =E2=80=8B name : crc32c driver : crc32c-generic module : kernel priority : 100 refcnt : 3 selftest : passed internal : no type : shash blocksize : 1 digestsize : 4 =E2=80=8B name : deflate driver : deflate-generic module : kernel priority : 0 refcnt : 1 selftest : passed internal : no type : compression =E2=80=8B name : ecb(arc4) driver : ecb(arc4)-generic module : kernel priority : 100 refcnt : 1 selftest : passed internal : no type : blkcipher blocksize : 1 min keysize : 1 max keysize : 256 ivsize : 0 geniv : =E2=80=8B name : arc4 driver : arc4-generic module : kernel priority : 0 refcnt : 1 selftest : passed internal : no type : cipher blocksize : 1 min keysize : 1 max keysize : 256 =E2=80=8B name : aes driver : aes-generic module : kernel priority : 100 refcnt : 1 selftest : passed internal : no type : cipher blocksize : 16 min keysize : 16 max keysize : 32 =E2=80=8B name : twofish driver : twofish-generic module : kernel priority : 100 refcnt : 1 selftest : passed internal : no type : cipher blocksize : 16 min keysize : 16 max keysize : 32 =E2=80=8B name : des3_ede driver : des3_ede-generic module : kernel priority : 100 refcnt : 1 selftest : passed internal : no type : cipher blocksize : 8 min keysize : 24 max keysize : 24 =E2=80=8B name : des driver : des-generic module : kernel priority : 100 refcnt : 1 selftest : passed internal : no type : cipher blocksize : 8 min keysize : 8 max keysize : 8 =E2=80=8B name : poly_hash driver : poly_hash-generic module : kernel priority : 100 refcnt : 1 selftest : passed internal : no type : shash blocksize : 0 digestsize : 16 =E2=80=8B name : sha384 driver : sha384-generic module : kernel priority : 0 refcnt : 1 selftest : passed internal : no type : shash blocksize : 128 digestsize : 48 =E2=80=8B name : sha512 driver : sha512-generic module : kernel priority : 0 refcnt : 1 selftest : passed internal : no type : shash blocksize : 128 digestsize : 64 =E2=80=8B name : sha224 driver : sha224-generic module : kernel priority : 0 refcnt : 1 selftest : passed internal : no type : shash blocksize : 64 digestsize : 28 =E2=80=8B name : sha256 driver : sha256-generic module : kernel priority : 0 refcnt : 1 selftest : passed internal : no type : shash blocksize : 64 digestsize : 32 =E2=80=8B name : sha1 driver : sha1-generic module : kernel priority : 0 refcnt : 2 selftest : passed internal : no type : shash blocksize : 64 digestsize : 20 =E2=80=8B name : md5 driver : md5-generic module : kernel priority : 0 refcnt : 1 selftest : passed internal : no type : shash blocksize : 64 digestsize : 16 =E2=80=8B name : digest_null driver : digest_null-generic module : kernel priority : 0 refcnt : 1 selftest : passed internal : no type : shash blocksize : 1 digestsize : 0 =E2=80=8B name : compress_null driver : compress_null-generic module : kernel priority : 0 refcnt : 1 selftest : passed internal : no type : compression =E2=80=8B name : ecb(cipher_null) driver : ecb-cipher_null module : kernel priority : 100 refcnt : 1 selftest : passed internal : no type : blkcipher blocksize : 1 min keysize : 0 max keysize : 0 ivsize : 0 geniv : =E2=80=8B name : cipher_null driver : cipher_null-generic module : kernel priority : 0 refcnt : 1 selftest : passed internal : no type : cipher blocksize : 1 min keysize : 0 max keysize : 0 =E2=80=8B name : xts(aes) driver : xts-aes-ce module : kernel priority : 300 refcnt : 1 selftest : passed internal : no type : ablkcipher async : yes blocksize : 16 min keysize : 32 max keysize : 64 ivsize : 16 geniv : =E2=80=8B name : ctr(aes) driver : ctr-aes-ce module : kernel priority : 300 refcnt : 1 selftest : passed internal : no type : ablkcipher async : yes blocksize : 1 min keysize : 16 max keysize : 32 ivsize : 16 geniv : =E2=80=8B name : cbc(aes) driver : cbc-aes-ce module : kernel priority : 300 refcnt : 1 selftest : passed internal : no type : ablkcipher async : yes blocksize : 16 min keysize : 16 max keysize : 32 ivsize : 16 geniv : =E2=80=8B name : ecb(aes) driver : ecb-aes-ce module : kernel priority : 300 refcnt : 1 selftest : passed internal : no type : ablkcipher async : yes blocksize : 16 min keysize : 16 max keysize : 32 ivsize : 0 geniv : =E2=80=8B name : __xts-aes-ce driver : __driver-xts-aes-ce module : kernel priority : 0 refcnt : 1 selftest : passed internal : yes type : blkcipher blocksize : 16 min keysize : 32 max keysize : 64 ivsize : 16 geniv : =E2=80=8B name : __ctr-aes-ce driver : __driver-ctr-aes-ce module : kernel priority : 0 refcnt : 1 selftest : passed internal : yes type : blkcipher blocksize : 1 min keysize : 16 max keysize : 32 ivsize : 16 geniv : =E2=80=8B name : __cbc-aes-ce driver : __driver-cbc-aes-ce module : kernel priority : 0 refcnt : 1 selftest : passed internal : yes type : blkcipher blocksize : 16 min keysize : 16 max keysize : 32 ivsize : 16 geniv : =E2=80=8B name : __ecb-aes-ce driver : __driver-ecb-aes-ce module : kernel priority : 0 refcnt : 1 selftest : passed internal : yes type : blkcipher blocksize : 16 min keysize : 16 max keysize : 32 ivsize : 0 geniv : =E2=80=8B name : aes driver : aes-ce module : kernel priority : 250 refcnt : 1 selftest : passed internal : no type : cipher blocksize : 16 min keysize : 16 max keysize : 32 =E2=80=8B name : poly_hash driver : poly_hash-ce module : kernel priority : 300 refcnt : 1 selftest : passed internal : no type : shash blocksize : 0 digestsize : 16 =E2=80=8B name : sha256 driver : sha256-ce module : kernel priority : 200 refcnt : 3 selftest : passed internal : no type : shash blocksize : 64 digestsize : 32 =E2=80=8B name : sha224 driver : sha224-ce module : kernel priority : 200 refcnt : 1 selftest : passed internal : no type : shash blocksize : 64 digestsize : 28 =E2=80=8B [root@VollaPhone nemo]#=20