From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Thu, 2 Aug 2018 12:38:30 +0200 (CEST) Received: from pps.filterd (m0098404.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w72AXX9r126736 for ; Thu, 2 Aug 2018 06:38:28 -0400 Received: from e06smtp03.uk.ibm.com (e06smtp03.uk.ibm.com [195.75.94.99]) by mx0a-001b2d01.pphosted.com with ESMTP id 2km025gw8s-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Thu, 02 Aug 2018 06:38:27 -0400 Received: from localhost by e06smtp03.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 2 Aug 2018 11:38:25 +0100 Received: from d06av21.portsmouth.uk.ibm.com (d06av21.portsmouth.uk.ibm.com [9.149.105.232]) by b06cxnps3074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id w72AcM5M27197666 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL) for ; Thu, 2 Aug 2018 10:38:22 GMT Received: from d06av21.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C4B7752052 for ; Thu, 2 Aug 2018 13:38:32 +0100 (BST) Received: from [9.152.222.62] (unknown [9.152.222.62]) by d06av21.portsmouth.uk.ibm.com (Postfix) with ESMTP id A49A452054 for ; Thu, 2 Aug 2018 13:38:32 +0100 (BST) References: <6df9d673-5392-1171-3cd7-ed8a244b565e@linux.ibm.com> <20180802092832.GA16707@h-174-65.A328.priv.bahnhof.se> From: Ingo Franzki Date: Thu, 2 Aug 2018 12:38:23 +0200 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Message-Id: <91ba1df1-0882-b843-c5e3-d4384e4ad08a@linux.ibm.com> Subject: Re: [dm-crypt] cryptsetup-reencrypt fails after converting a LUKS1 volume to LUKS2 List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de On 02.08.2018 11:44, Ondrej Kozina wrote: > On 08/02/2018 11:28 AM, Michael Kjörling wrote: >> On 2 Aug 2018 11:20 +0200, from okozina@redhat.com (Ondrej Kozina): >>> Ok, I know what's wrong. The convert action works as expected and >>> there's nothing wrong with data offset. The issue is >>> cryptsetup-reencrypt utility currently can't handle setup where >>> existing LUKS2 header, on a device you're about to reencrypt is >>> different size from default LUKS2 header size which is 4MiBs >>> currently. The converted header is as you wrote 2MiBs. >> >> Sounds to me like that should be easy enough to add an early check and >> specific error message for. Even if the error is just something like >> "this container cannot be converted to LUKS2 because of header size >> mismatch, no changes made", it's far better than erroring out with a >> scary error message. cryptsetup-reencrypt is scary enough as it is. >> > > In my reproducer, the data were not damaged and I think neither were in Ingo's case (but can't speak for him). In fact, cryptsetup library behaved correctly and identified the mismatch. It's exactly just missing error message in cryptsetup-reencrypt as you pointed out. The reencryption stopped while creating header backups so no harm done (in my case). But let me think about it for some time yet. Correct, the data was not currupted. So the LUKS1 to LUKS2 coversion works fine. Just cryptsetup-reencrypt does not. A better error message is fine, but I would rather like to see a fix that makes cryptsetup-reencrypt work with non-default LUKS2 header sizes I guess you don't need any debug output anymore, since you can reproduce it on your own? > > O. > _______________________________________________ > dm-crypt mailing list > dm-crypt@saout.de > https://www.saout.de/mailman/listinfo/dm-crypt -- Ingo Franzki eMail: ifranzki@linux.ibm.com Tel: ++49 (0)7031-16-4648 Fax: ++49 (0)7031-16-3456 Linux on z Systems Development, IBM z Systems, Schoenaicher Str. 220, 71032 Boeblingen, Germany IBM Deutschland Research & Development GmbH / Vorsitzender des Aufsichtsrats: Martina Koederitz Geschäftsführung: Dirk Wittkopp Sitz der Gesellschaft: Böblingen / Registergericht: Amtsgericht Stuttgart, HRB 243294