I have a question on Luks2 header size. = I created luck2 partition with out one passphrase slot enabled. But i= t seems to take really 10 M space. Here is the luks dump:

sh-4.4# cryptsetup luksDump /dev/mmcblk2gp0p2
LUKS header information
Version: 2
Epoch: 3
Metadata area: 16384 [bytes]
Keyslots area: 16744448 [bytes] <<<<<<<<<<<= ;<<<<<<<<<<< why keyslots take so much spa= ce?
UUID: 9037890e-0f2b-4d73-b93b-e2bb53579492
Label: (no label)
Subsystem: (no subsystem)
Flags: (no flags)

Dat= a segments:
0: crypt
offset: 16777216 [bytes] &l= t;<<<<<<<<<<<<<<<<<<&= lt;<<< so this means the space available to user data is after key= lots
length: (whole device)
cipher: aes-xts-plain64
sector: 512 [bytes]

I check in the internet and f= ound all luks2 header dumps show the same values for those two commented en= tries.
I actually also looked into my device content using dd command, and see ind= eed the space before 16777216 bytes (10 M) is all scatted filled with somet= hing, only after that point, it is all '0'. I zeroed out entire device befo= re doing cryptsetup luksFormat.

Also checked the mapped device size from /dev/= mapper/<mapped dev>, and from dev/<device> :

sh-4.4# fdisk -l /dev/mmcblk2gp0p2

Disk /dev/mmcblk2gp0p2: 392 MB, 411041792 bytes, 802816 sectors

12544 cylinders, 4 heads, 16 sectors/track

Units: sectors of 1 * 512 =3D 512 bytes=

Disk /dev/mmcblk2gp0p2 doesn't contain a valid= partition table

sh-4.4#

sh-4.4# fdisk -l /dev/mapper/gp0p2

Disk /dev/mapper/gp0p2: 376 MB, 394264576 bytes, 770048 sectors

47 cylinders, 255 heads, 63 sectors/track

Units: sectors of 1 * 512 =3D 512 bytes=

411041792 – 394264576 =3D 16777216 (10M)

Is there anything wrong? Should luks has= so much overhead?

I appreciate it greatly if you could share you= thinking on this.

Thank you,

Hualing

_____________________________________________ From: Hualing Yu
Sent: Friday, October 18, 2019 10:22 AM
To: dm-crypt@saout.de
Subject: question on LUKS2

Hello,

Is this mailing list still active?

May I still ask questions here?

Thanks,

Huali= ng

= ;

Firmw= are Engineering

Secur= ity Products

Johns= on Controls

6 Tec= hnology Park Drive

Westf= ord, MA 01886

USA

+= 1 978 577 4171 direct

= ;

--_000_CH2P132MB0187C795460B1641BBE842CD876C0CH2P132MB0187NAMP_-- From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM04-SN1-obe.outbound.protection.outlook.com (mail-eopbgr700042.outbound.protection.outlook.com [40.107.70.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Fri, 18 Oct 2019 21:24:21 +0200 (CEST) From: Hualing Yu Date: Fri, 18 Oct 2019 19:24:18 +0000 Message-ID: Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_CH2P132MB0187421E3EE93C734348DBB0876C0CH2P132MB0187NAMP_" MIME-Version: 1.0 Subject: Re: [dm-crypt] 10 M Luks2 header size? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "dm-crypt@saout.de" --_000_CH2P132MB0187421E3EE93C734348DBB0876C0CH2P132MB0187NAMP_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi, Sorry one typo - See in red below. Thank you very much for the help! _____________________________________________ From: Hualing Yu Sent: Friday, October 18, 2019 3:02 PM To: 'dm-crypt@saout.de' Subject: 10 M Luks2 header size? Hello, I have a question on Luks2 header size. I created luck2 partition with onl= y one passphrase slot enabled. But it seems to take really 10 M space. He= re is the luks dump: sh-4.4# cryptsetup luksDump /dev/mmcblk2gp0p2 LUKS header information Version: 2 Epoch: 3 Metadata area: 16384 [bytes] Keyslots area: 16744448 [bytes] <<<<<<<<<<<<<<<<<<<<<< why keyslots take so= much space? UUID: 9037890e-0f2b-4d73-b93b-e2bb53579492 Label: (no label) Subsystem: (no subsystem) Flags: (no flags) Data segments: 0: crypt offset: 16777216 [bytes] <<<<<<<<<<<<<<<<<<<<<<< so this means the sp= ace available to user data is after keylots length: (whole device) cipher: aes-xts-plain64 sector: 512 [bytes] I check in the internet and found all luks2 header dumps show the same valu= es for those two commented entries. I actually also looked into my device content using dd command, and see ind= eed the space before 16777216 bytes (10 M) is all scatted filled with somet= hing, only after that point, it is all '0'. I zeroed out entire device befo= re doing cryptsetup luksFormat. Also checked the mapped device size from /dev/mapper/, and from= dev/ : sh-4.4# fdisk -l /dev/mmcblk2gp0p2 Disk /dev/mmcblk2gp0p2: 392 MB, 411041792 bytes, 802816 sectors 12544 cylinders, 4 heads, 16 sectors/track Units: sectors of 1 * 512 =3D 512 bytes Disk /dev/mmcblk2gp0p2 doesn't contain a valid partition table sh-4.4# sh-4.4# fdisk -l /dev/mapper/gp0p2 Disk /dev/mapper/gp0p2: 376 MB, 394264576 bytes, 770048 sectors 47 cylinders, 255 heads, 63 sectors/track Units: sectors of 1 * 512 =3D 512 bytes 411041792 - 394264576 =3D 16777216 (10M) Is there anything wrong? Should luks has so much overhead? I appreciate it greatly if you could share you thinking on this. Thank you, Hualing _____________________________________________ From: Hualing Yu Sent: Friday, October 18, 2019 10:22 AM To: dm-crypt@saout.de Subject: question on LUKS2 Hello, Is this mailing list still active? May I still ask questions here? Thanks, Hualing Yu Firmware Engineering Security Products Johnson Controls 6 Technology Park Drive Westford, MA 01886 USA +1 978 577 4171 direct --_000_CH2P132MB0187421E3EE93C734348DBB0876C0CH2P132MB0187NAMP_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi,

Sorry one typo –

See in red below.

Thank you very much for the help!

_____________________________________________ From: Hualing Yu
Sent: Friday, October 18, 2019 3:02 PM
To: 'dm-crypt@saout.de' <dm-crypt@saout.de>
Subject: 10 M Luks2 header size?

Hello,

I have a question on Luks2 he= ader size. I created luck2 partition with only one passphrase slot enabled. But it seems to take really 10 M sp= ace. Here is the luks dump:

Also checked the mapped devic= e size from /dev/mapper/<mapped dev>, and from dev/<device> :

sh-4.4# fdisk -l /dev/mmcblk2= gp0p2

Disk /dev/mmcblk2gp0p2: 392 M= B, 411041792 bytes, 802816 = sectors

12544 cylinders, 4 heads, 16 = sectors/track

Units: sectors of 1 * 512 =3D= 512 bytes

Disk /dev/mmcblk2gp0p2 doesn'= t contain a valid partition table

sh-4.4#

sh-4.4# fdisk -l /dev/mapper/= gp0p2

Disk /dev/mapper/gp0p2: 376 M= B, 394264576 bytes, 770048 = sectors

47 cylinders, 255 heads, 63 s= ectors/track

Units: sectors of 1 * 512 =3D= 512 bytes

411041792 – 394264576 = =3D 16777216 (10M)

Is there anything wrong? = ; Should luks has so much overhead?

I appreciate it greatly if yo= u could share you thinking on this.

Thank you,

Hualing

_____________________________________________ From: Hualing Yu
Sent: Friday, October 18, 2019 10:22 AM
To: = dm-crypt@saout.de
Subject: question on LUKS2

Hello,

Is this mailing list still active?

May I still ask questions here?

Thanks,

Huali= ng

= ;

Firmw= are Engineering

Secur= ity Products

Johns= on Controls

6 Tec= hnology Park Drive

Westf= ord, MA 01886

USA

+= 1 978 577 4171 direct

= ;

--_000_CH2P132MB0187421E3EE93C734348DBB0876C0CH2P132MB0187NAMP_-- From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wm1-x330.google.com (mail-wm1-x330.google.com [IPv6:2a00:1450:4864:20::330]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Sat, 19 Oct 2019 09:07:43 +0200 (CEST) Received: by mail-wm1-x330.google.com with SMTP id p7so8240534wmp.4 for ; Sat, 19 Oct 2019 00:07:43 -0700 (PDT) References: From: Milan Broz Message-ID: Date: Sat, 19 Oct 2019 09:07:39 +0200 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="windows-1252" Content-Language: en-US Content-Transfer-Encoding: quoted-printable Subject: Re: [dm-crypt] 10 M Luks2 header size? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Hualing Yu , "dm-crypt@saout.de" On 18/10/2019 21:24, Hualing Yu wrote: > Sorry one typo =96 > See in red below. > Thank you very much for the help! Hi, Please, could you send your question without using HTML in the mail next time? I am usually replaying to the HTML emails, but your mail is almost unreadable in a text mail client. For the question, I was able to decode: Yes, the default LUKS2 header size is 16M, it allocates much more area for a possible online operation later (online reencryption). But it is configurable, and you can decrease pre-allocated areas, even to the absolute minimum. It only applies if 1 keyslot is ok for you and you do not want to use any extensions in the future, more explanation here https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=3D932437#10 For the generic area description read design doc https://gitlab.com/cryptsetup/LUKS2-docs For the generic user, if you can, please do not change the default, 16MB is today really not a big amount of disk storage. (With the exceptions of embedded systems.) Milan > _____________________________________________ > *From:* Hualing Yu > *Sent:* Friday, October 18, 2019 3:02 PM > *To:* 'dm-crypt@saout.de' > *Subject:* 10 M Luks2 header size? > =A0 > =A0 > Hello, > =A0 > I have a question on Luks2 header size.=A0 I created luck2 partition with= only one passphrase slot enabled.=A0 But it seems to take really 10 M spac= e.=A0 Here is the luks dump: >=20 > sh-4.4# cryptsetup luksDump /dev/mmcblk2gp0p2 > LUKS header information > Version: 2 > Epoch: 3 > Metadata area: 16384 [bytes] > Keyslots area: 16744448 [bytes] <<<<<<<<<<<<<<<<<<<<<< why keyslots take = so much space? > UUID: 9037890e-0f2b-4d73-b93b-e2bb53579492 > Label: (no label) > Subsystem: (no subsystem) > Flags: (no flags) > Data segments: > 0: crypt > offset: 16777216 [bytes] <<<<<<<<<<<<<<<<<<<<<<< so this means the space = available to user data is after keylots > length: (whole device) > cipher: aes-xts-plain64 > sector: 512 [bytes] > I check in the internet and found all luks2 header dumps show the same va= lues for those two commented entries. > I actually also looked into my device content using dd command, and see i= ndeed the space before 16777216 bytes (10 M) is all scatted filled with som= ething, only after that point, it is all '0'. I zeroed out entire device be= fore doing cryptsetup luksFormat. > Also checked the mapped device size from /dev/mapper/, and fr= om dev/ : > sh-4.4# fdisk -l /dev/mmcblk2gp0p2 > Disk /dev/mmcblk2gp0p2: 392 MB, 411041792 bytes, 802816 sectors > 12544 cylinders, 4 heads, 16 sectors/track > Units: sectors of 1 * 512 =3D 512 bytes > =A0 > Disk /dev/mmcblk2gp0p2 doesn't contain a valid partition table > sh-4.4# > sh-4.4# fdisk -l /dev/mapper/gp0p2 > Disk /dev/mapper/gp0p2: 376 MB, 394264576 bytes, 770048 sectors > 47 cylinders, 255 heads, 63 sectors/track > Units: sectors of 1 * 512 =3D 512 bytes > =A0 > 411041792 =96 394264576 =3D 16777216 (10M) > =A0 > Is there anything wrong?=A0 Should luks has so much overhead? > I appreciate it greatly if you could share you thinking on this. > =A0 > Thank you, > =A0 > =A0 > Hualing > =A0 > _____________________________________________ > *From:* Hualing Yu > *Sent:* Friday, October 18, 2019 10:22 AM > *To:* _dm-crypt@saout.de_ > *Subject:* question on LUKS2 > =A0 > =A0 > Hello, > =A0 > Is this mailing list still active? > May I still ask questions here? > =A0 > Thanks, > =A0 > =A0 > Hualing > Yu > =A0 > Firmware Engineering > Security Products > Johnson Controls > 6 Technology Park Drive > Westford, MA 01886 > USA > +1 978 577 4171 direct > =A0 > =A0 > =A0 >=20 > _______________________________________________ > dm-crypt mailing list > dm-crypt@saout.de > https://www.saout.de/mailman/listinfo/dm-crypt >=20 From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM05-BY2-obe.outbound.protection.outlook.com (mail-eopbgr710042.outbound.protection.outlook.com [40.107.71.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Sat, 19 Oct 2019 20:47:18 +0200 (CEST) From: Hualing Yu Date: Sat, 19 Oct 2019 18:47:14 +0000 Message-ID: References:

In-Reply-To: Content-Language: en-US Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [dm-crypt] 10 M Luks2 header size? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Milan Broz , "dm-crypt@saout.de" Hi Milan, Finally I found the right person for this! Thank you very much!! I will try the way to make a smaller header, but also will share your sugge= stion with our team about keeping the default settings. We work on embedde= d system but not very tiny one. We may be able to survive with 16 M defaul= t header. =20 The important part is to understand this is correct. I was worried if I di= d something wrong 8-) Again, thank you very much!! Hualing -----Original Message----- From: Milan Broz [mailto:gmazyland@gmail.com]=20 Sent: Saturday, October 19, 2019 3:08 AM To: Hualing Yu ; dm-crypt@saout.de Subject: Re: [dm-crypt] 10 M Luks2 header size? On 18/10/2019 21:24, Hualing Yu wrote: > Sorry one typo - > See in red below. > Thank you very much for the help! Hi, Please, could you send your question without using HTML in the mail next ti= me? I am usually replaying to the HTML emails, but your mail is almost unreadab= le in a text mail client. For the question, I was able to decode: Yes, the default LUKS2 header size is 16M, it allocates much more area for = a possible online operation later (online reencryption). But it is configurable, and you can decrease pre-allocated areas, even to t= he absolute minimum. It only applies if 1 keyslot is ok for you and you do not want to use any e= xtensions in the future, more explanation here https://nam02.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fbugs.de= bian.org%2Fcgi-bin%2Fbugreport.cgi%3Fbug%3D932437%2310&data=3D02%7C01%7= Chualing.yu%40jci.com%7Cbddc0c78fcb24d90ca1308d754630972%7Ca1f1e2147ded45b6= 81a19e8ae3459641%7C0%7C0%7C637070656655052689&sdata=3DZqInWp0IIFwUT2tG5= HQ1YviL2Bc9UcM1yevFT8bn66w%3D&reserved=3D0 For the generic area description read design doc https://nam02.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fgitlab.= com%2Fcryptsetup%2FLUKS2-docs&data=3D02%7C01%7Chualing.yu%40jci.com%7Cb= ddc0c78fcb24d90ca1308d754630972%7Ca1f1e2147ded45b681a19e8ae3459641%7C0%7C0%= 7C637070656655052689&sdata=3Dzv66AtTvvXU6jJHbzRfQkJ2zG5aKENRLuiid41KBp6= I%3D&reserved=3D0 For the generic user, if you can, please do not change the default, 16MB is= today really not a big amount of disk storage. (With the exceptions of embedded systems.) Milan > _____________________________________________ > *From:* Hualing Yu > *Sent:* Friday, October 18, 2019 3:02 PM > *To:* 'dm-crypt@saout.de' > *Subject:* 10 M Luks2 header size? > =A0 > =A0 > Hello, > =A0 > I have a question on Luks2 header size.=A0 I created luck2 partition with= only one passphrase slot enabled.=A0 But it seems to take really 10 M spac= e.=A0 Here is the luks dump: >=20 > sh-4.4# cryptsetup luksDump /dev/mmcblk2gp0p2 LUKS header information > Version: 2 > Epoch: 3 > Metadata area: 16384 [bytes] > Keyslots area: 16744448 [bytes] <<<<<<<<<<<<<<<<<<<<<< why keyslots take = so much space? > UUID: 9037890e-0f2b-4d73-b93b-e2bb53579492 > Label: (no label) > Subsystem: (no subsystem) > Flags: (no flags) > Data segments: > 0: crypt > offset: 16777216 [bytes] <<<<<<<<<<<<<<<<<<<<<<< so this means the=20 > space available to user data is after keylots > length: (whole device) > cipher: aes-xts-plain64 > sector: 512 [bytes] > I check in the internet and found all luks2 header dumps show the same va= lues for those two commented entries. > I actually also looked into my device content using dd command, and see i= ndeed the space before 16777216 bytes (10 M) is all scatted filled with som= ething, only after that point, it is all '0'. I zeroed out entire device be= fore doing cryptsetup luksFormat. > Also checked the mapped device size from /dev/mapper/, and fr= om dev/ : > sh-4.4# fdisk -l /dev/mmcblk2gp0p2 > Disk /dev/mmcblk2gp0p2: 392 MB, 411041792 bytes, 802816 sectors > 12544 cylinders, 4 heads, 16 sectors/track > Units: sectors of 1 * 512 =3D 512 bytes > =A0 > Disk /dev/mmcblk2gp0p2 doesn't contain a valid partition table sh-4.4#=20 > sh-4.4# fdisk -l /dev/mapper/gp0p2 Disk /dev/mapper/gp0p2: 376 MB,=20 > 394264576 bytes, 770048 sectors > 47 cylinders, 255 heads, 63 sectors/track > Units: sectors of 1 * 512 =3D 512 bytes > =A0 > 411041792 - 394264576 =3D 16777216 (10M) > =A0 > Is there anything wrong?=A0 Should luks has so much overhead? > I appreciate it greatly if you could share you thinking on this. > =A0 > Thank you, > =A0 > =A0 > Hualing > =A0 > _____________________________________________ > *From:* Hualing Yu > *Sent:* Friday, October 18, 2019 10:22 AM > *To:* _dm-crypt@saout.de_ > *Subject:* question on LUKS2 > =A0 > =A0 > Hello, > =A0 > Is this mailing list still active? > May I still ask questions here? > =A0 > Thanks, > =A0 > =A0 > Hualing > Yu > =A0 > Firmware Engineering > Security Products > Johnson Controls > 6 Technology Park Drive > Westford, MA 01886 > USA > +1 978 577 4171 direct > =A0 > =A0 > =A0 >=20 > _______________________________________________ > dm-crypt mailing list > dm-crypt@saout.de > https://nam02.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fwww. > saout.de%2Fmailman%2Flistinfo%2Fdm-crypt&data=3D02%7C01%7Chualing.yu > %40jci.com%7Cbddc0c78fcb24d90ca1308d754630972%7Ca1f1e2147ded45b681a19e > 8ae3459641%7C0%7C0%7C637070656655052689&sdata=3DFXr5jwrKa5oVnlMC0svl > VAk3k55qNL0lUaYkl9NHkvo%3D&reserved=3D0 >=20 From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM01-BY2-obe.outbound.protection.outlook.com (mail-eopbgr810059.outbound.protection.outlook.com [40.107.81.59]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Sat, 19 Oct 2019 21:59:08 +0200 (CEST) From: Hualing Yu Date: Sat, 19 Oct 2019 19:59:00 +0000 Message-ID: References:

In-Reply-To: Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_CH2P132MB0187355415BBA6FAA578C79A876F0CH2P132MB0187NAMP_" MIME-Version: 1.0 Subject: Re: [dm-crypt] 10 M Luks2 header size? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Milan Broz , "dm-crypt@saout.de" --_000_CH2P132MB0187355415BBA6FAA578C79A876F0CH2P132MB0187NAMP_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Milan, I just setup my outlook email text format to HTML. Please let me know if t= his is readable to you. May I ask a couple of additional questions about this so that we know how t= o trade off. 1. What the reencryption can do for us? Could you explain very briefl= y as I'm not sure if we need it? 2. We need only one or at most two keyslots but we do want them to be = scattered as much as needed just as if for the default case, what we can do= ? Use -luks2-keyslots-size=3D1 M (or whatever size that will give two key = enough space to scatter)? 3. What the size of metadata size for default configuration? What's t= he downside of using 16 K? I thank you very much for your help on this! Hualing -----Original Message----- From: Hualing Yu Sent: Saturday, October 19, 2019 2:47 PM To: Milan Broz ; dm-crypt@saout.de Subject: RE: [dm-crypt] 10 M Luks2 header size? Hi Milan, Finally I found the right person for this! Thank you very much!! I will try the way to make a smaller header, but also will share your sugge= stion with our team about keeping the default settings. We work on embedde= d system but not very tiny one. We may be able to survive with 16 M defaul= t header. The important part is to understand this is correct. I was worried if I di= d something wrong 8-) Again, thank you very much!! Hualing -----Original Message----- From: Milan Broz [mailto:gmazyland@gmail.com] Sent: Saturday, October 19, 2019 3:08 AM To: Hualing Yu ; dm-crypt@saout.de Subject: Re: [dm-crypt] 10 M Luks2 header size? On 18/10/2019 21:24, Hualing Yu wrote: > Sorry one typo - > See in red below. > Thank you very much for the help! Hi, Please, could you send your question without using HTML in the mail next ti= me? I am usually replaying to the HTML emails, but your mail is almost unreadab= le in a text mail client. For the question, I was able to decode: Yes, the default LUKS2 header size is 16M, it allocates much more area for = a possible online operation later (online reencryption). But it is configurable, and you can decrease pre-allocated areas, even to t= he absolute minimum. It only applies if 1 keyslot is ok for you and you do not want to use any e= xtensions in the future, more explanation here https://nam02.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fbugs.de= bian.org%2Fcgi-bin%2Fbugreport.cgi%3Fbug%3D932437%2310&data=3D02%7C01%7= Chualing.yu%40jci.com%7Cbddc0c78fcb24d90ca1308d754630972%7Ca1f1e2147ded45b6= 81a19e8ae3459641%7C0%7C0%7C637070656655052689&sdata=3DZqInWp0IIFwUT2tG5= HQ1YviL2Bc9UcM1yevFT8bn66w%3D&reserved=3D0 For the generic area description read design doc https://nam02.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fgitlab.= com%2Fcryptsetup%2FLUKS2-docs&data=3D02%7C01%7Chualing.yu%40jci.com%7Cb= ddc0c78fcb24d90ca1308d754630972%7Ca1f1e2147ded45b681a19e8ae3459641%7C0%7C0%= 7C637070656655052689&sdata=3Dzv66AtTvvXU6jJHbzRfQkJ2zG5aKENRLuiid41KBp6= I%3D&reserved=3D0 For the generic user, if you can, please do not change the default, 16MB is= today really not a big amount of disk storage. (With the exceptions of embedded systems.) Milan > _____________________________________________ > *From:* Hualing Yu > *Sent:* Friday, October 18, 2019 3:02 PM > *To:* 'dm-crypt@saout.de' > *Subject:* 10 M Luks2 header size? > > > Hello, > > I have a question on Luks2 header size. I created luck2 partition with o= nly one passphrase slot enabled. But it seems to take really 10 M space. = Here is the luks dump: > > sh-4.4# cryptsetup luksDump /dev/mmcblk2gp0p2 LUKS header information > Version: 2 > Epoch: 3 > Metadata area: 16384 [bytes] > Keyslots area: 16744448 [bytes] <<<<<<<<<<<<<<<<<<<<<< why keyslots take = so much space? > UUID: 9037890e-0f2b-4d73-b93b-e2bb53579492 > Label: (no label) > Subsystem: (no subsystem) > Flags: (no flags) > Data segments: > 0: crypt > offset: 16777216 [bytes] <<<<<<<<<<<<<<<<<<<<<<< so this means the > space available to user data is after keylots > length: (whole device) > cipher: aes-xts-plain64 > sector: 512 [bytes] > I check in the internet and found all luks2 header dumps show the same va= lues for those two commented entries. > I actually also looked into my device content using dd command, and see i= ndeed the space before 16777216 bytes (10 M) is all scatted filled with som= ething, only after that point, it is all '0'. I zeroed out entire device be= fore doing cryptsetup luksFormat. > Also checked the mapped device size from /dev/mapper/, and fr= om dev/ : > sh-4.4# fdisk -l /dev/mmcblk2gp0p2 > Disk /dev/mmcblk2gp0p2: 392 MB, 411041792 bytes, 802816 sectors > 12544 cylinders, 4 heads, 16 sectors/track > Units: sectors of 1 * 512 =3D 512 bytes > > Disk /dev/mmcblk2gp0p2 doesn't contain a valid partition table sh-4.4# > sh-4.4# fdisk -l /dev/mapper/gp0p2 Disk /dev/mapper/gp0p2: 376 MB, > 394264576 bytes, 770048 sectors > 47 cylinders, 255 heads, 63 sectors/track > Units: sectors of 1 * 512 =3D 512 bytes > > 411041792 - 394264576 =3D 16777216 (10M) > > Is there anything wrong? Should luks has so much overhead? > I appreciate it greatly if you could share you thinking on this. > > Thank you, > > > Hualing > > _____________________________________________ > *From:* Hualing Yu > *Sent:* Friday, October 18, 2019 10:22 AM > *To:* _dm-crypt@saout.de_ > *Subject:* question on LUKS2 > > > Hello, > > Is this mailing list still active? > May I still ask questions here? > > Thanks, > > > Hualing > Yu > > Firmware Engineering > Security Products > Johnson Controls > 6 Technology Park Drive > Westford, MA 01886 > USA > +1 978 577 4171 direct > > > > > _______________________________________________ > dm-crypt mailing list > dm-crypt@saout.de > https://nam02.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fwww. > saout.de%2Fmailman%2Flistinfo%2Fdm-crypt&data=3D02%7C01%7Chualing.yu > %40jci.com%7Cbddc0c78fcb24d90ca1308d754630972%7Ca1f1e2147ded45b681a19e > 8ae3459641%7C0%7C0%7C637070656655052689&sdata=3DFXr5jwrKa5oVnlMC0svl > VAk3k55qNL0lUaYkl9NHkvo%3D&reserved=3D0 > --_000_CH2P132MB0187355415BBA6FAA578C79A876F0CH2P132MB0187NAMP_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi Milan,

I just setup my outlook email text format to HTML= . Please let me know if this is readable to you.

May I ask a couple of additional questions about = this so that we know how to trade off.

1. What the reencryption can do for us? Could yo= u explain very briefly as I’m not sure if we need it?

2. We need only one or at most two keyslots but we do = want them to be scattered as much as needed just as if for the default case= , what we can do? Use –luks2-keyslots-size=3D1 M (or whatever s= ize that will give two key enough space to scatter)?

3. What the size of metadata size for default configur= ation? What’s the downside of using 16 K?

I thank you very much for your help on this!=

Hualing

-----Original Message-----

From: Hualing Yu

Sent: Saturday, October 19, 2019 2:47 PM

To: Milan Broz <gmazyland@gmail.com>; dm-cr= ypt@saout.de

Subject: RE: [dm-crypt] 10 M Luks2 header size?

Hi Milan,

Finally I found the right person for this! = Thank you very much!!

I will try the way to make a smaller header, but = also will share your suggestion with our team about keeping the default set= tings. We work on embedded system but not very tiny one. We may= be able to survive with 16 M default header.

The important part is to understand this is corre= ct. I was worried if I did something wrong 8-)

Again, thank you very much!!

Hualing

-----Original Message-----

From: Milan Broz [mailto:gmazyland@gmail.com]

Sent: Saturday, October 19, 2019 3:08 AM

To: Hualing Yu <hualing.yu@jci.com>; dm-cry= pt@saout.de

Subject: Re: [dm-crypt] 10 M Luks2 header size?

On 18/10/2019 21:24, Hualing Yu wrote:=

> Sorry one typo –

> See in red below.

> Thank you very much for the help!=

Hi,

Please, could you send your question without usin= g HTML in the mail next time?

I am usually replaying to the HTML emails, but yo= ur mail is almost unreadable in a text mail client.

For the question, I was able to decode:

Yes, the default LUKS2 header size is 16M, it all= ocates much more area for a possible online operation later (online reencry= ption).

But it is configurable, and you can decrease pre-= allocated areas, even to the absolute minimum.

It only applies if 1 keyslot is ok for you and yo= u do not want to use any extensions in the future, more explanation here

https://nam02.safelinks.protection.outlook.com/?u= rl=3Dhttps%3A%2F%2Fbugs.debian.org%2Fcgi-bin%2Fbugreport.cgi%3Fbug%3D932437= %2310&data=3D02%7C01%7Chualing.yu%40jci.com%7Cbddc0c78fcb24d90ca130= 8d754630972%7Ca1f1e2147ded45b681a19e8ae3459641%7C0%7C0%7C637070656655052689= &sdata=3DZqInWp0IIFwUT2tG5HQ1YviL2Bc9UcM1yevFT8bn66w%3D&res= erved=3D0

For the generic area description read design doc<= o:p>

https://nam02.safelinks.protection.outlook.com/?u= rl=3Dhttps%3A%2F%2Fgitlab.com%2Fcryptsetup%2FLUKS2-docs&data=3D02%7= C01%7Chualing.yu%40jci.com%7Cbddc0c78fcb24d90ca1308d754630972%7Ca1f1e2147de= d45b681a19e8ae3459641%7C0%7C0%7C637070656655052689&sdata=3Dzv66AtTv= vXU6jJHbzRfQkJ2zG5aKENRLuiid41KBp6I%3D&reserved=3D0

For the generic user, if you can, please do not c= hange the default, 16MB is today really not a big amount of disk storage.

(With the exceptions of embedded systems.)

Milan

> ____________________________________________= _

> *From:* Hualing Yu

> *Sent:* Friday, October 18, 2019 3:02 PM

> *To:* 'dm-crypt@saout.de' <dm-crypt@saout= .de>

> *Subject:* 10 M Luks2 header size?

> Hello,

> I have a question on Luks2 header size. = ; I created luck2 partition with only one passphrase slot enabled. Bu= t it seems to take really 10 M space. Here is the luks dump:

> sh-4.4# cryptsetup luksDump /dev/mmcblk2gp0p= 2 LUKS header information

> Version: 2

> Epoch: 3

> Metadata area: 16384 [bytes]

> Keyslots area: 16744448 [bytes] <<<= <<<<<<<<<<<<<<<<<<<= ; why keyslots take so much space?

> UUID: 9037890e-0f2b-4d73-b93b-e2bb53579492

> Label: (no label)

> Subsystem: (no subsystem)

> Flags: (no flags)

> Data segments:

> 0: crypt

> offset: 16777216 [bytes] <<<<<= ;<<<<<<<<<<<<<<<<<< s= o this means the

> space available to user data is after keylot= s

> length: (whole device)

> cipher: aes-xts-plain64

> sector: 512 [bytes]

> I check in the internet and found all luks2 = header dumps show the same values for those two commented entries.

> I actually also looked into my device conten= t using dd command, and see indeed the space before 16777216 bytes (10 M) i= s all scatted filled with something, only after that point, it is all '0'. = I zeroed out entire device before doing cryptsetup luksFormat.

> Also checked the mapped device size from /de= v/mapper/<mapped dev>, and from dev/<device> :

> sh-4.4# fdisk -l /dev/mmcblk2gp0p2

> Disk /dev/mmcblk2gp0p2: 392 MB, 411041792 by= tes, 802816 sectors

> 12544 cylinders, 4 heads, 16 sectors/track

> Units: sectors of 1 * 512 =3D 512 bytes=

> Disk /dev/mmcblk2gp0p2 doesn't contain a val= id partition table sh-4.4#

> sh-4.4# fdisk -l /dev/mapper/gp0p2 Disk /dev= /mapper/gp0p2: 376 MB,

> 394264576 bytes, 770048 sectors

> 47 cylinders, 255 heads, 63 sectors/track

> Units: sectors of 1 * 512 =3D 512 bytes=

> 411041792 – 394264576 =3D 16777216 (10= M)

> Is there anything wrong? Should luks h= as so much overhead?

> I appreciate it greatly if you could share y= ou thinking on this.

> Thank you,

> Hualing

> ____________________________________________= _

> *From:* Hualing Yu

> *Sent:* Friday, October 18, 2019 10:22 AM

> *To:* _dm-crypt@saout.de_ <mailto:dm-cryp= t@saout.de>

> *Subject:* question on LUKS2

> Hello,

> Is this mailing list still active?

> May I still ask questions here?

> Thanks,

> Hualing

> Yu

> Firmware Engineering

> Security Products

> Johnson Controls

> 6 Technology Park Drive

> Westford, MA 01886

> USA

> +1 978 577 4171 direct

> ____________________________________________= ___

> dm-crypt mailing list

> dm-crypt@saout.de

> https://nam02.safelinks.protection.outlook.c= om/?url=3Dhttps%3A%2F%2Fwww.

> saout.de%2Fmailman%2Flistinfo%2Fdm-crypt&= ;amp;data=3D02%7C01%7Chualing.yu

> %40jci.com%7Cbddc0c78fcb24d90ca1308d75463097= 2%7Ca1f1e2147ded45b681a19e

> 8ae3459641%7C0%7C0%7C637070656655052689&= amp;sdata=3DFXr5jwrKa5oVnlMC0svl

> VAk3k55qNL0lUaYkl9NHkvo%3D&reserved= =3D0

--_000_CH2P132MB0187355415BBA6FAA578C79A876F0CH2P132MB0187NAMP_-- From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wr1-x42b.google.com (mail-wr1-x42b.google.com [IPv6:2a00:1450:4864:20::42b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Sun, 20 Oct 2019 12:07:37 +0200 (CEST) Received: by mail-wr1-x42b.google.com with SMTP id r3so10600634wrj.6 for ; Sun, 20 Oct 2019 03:07:37 -0700 (PDT) References:

From: Milan Broz Message-ID: <4eea62ab-e121-d069-9be2-048b09cf301e@gmail.com> Date: Sun, 20 Oct 2019 12:07:34 +0200 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="windows-1252" Content-Language: en-US Content-Transfer-Encoding: quoted-printable Subject: Re: [dm-crypt] 10 M Luks2 header size? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Hualing Yu , "dm-crypt@saout.de" Hi, this information should be later in FAQ, so I try to explain it here. Anyway, stay with defaults, if you can. On 19/10/2019 21:59, Hualing Yu wrote: >=20 > May I ask a couple of additional questions about this so that we know how= to trade off. > =A0 >=20 > 1. What the reencryption can do for us? Could you explain very > briefly as I=92m not sure if we need it? In principle it can perform changes that requires full-device rewrite (chan= ge of the volume key). See man cryptsetup-reencrypt - just for LUKS2 it is more reliable and mainl= y online (you can use device while it is in reencryption process). See slides from Ondra https://okozina.fedorapeople.org/online-disk-reencryption-with-luks2-comp= act.pdf There should be also some online demos Reencryption demo: https://asciinema.org/a/268573 Encryption demo: https://asciinema.org/a/268574 For this we require some reserved area for storing temporary encryption dat= a. > 2. We need only one or at most two keyslots but we do want them > to be scattered as much as needed just as if for the default case, > what we can do? Use =96luks2-keyslots-size=3D1 M (or whatever size that > will give two key enough space to scatter)? There are two areas (see LUKS2 docs) - JSON area for metadata and binary ar= ea. JSON has small binary header, than JSON data (it is 16k currently, stored t= wice). For the binary area, it depends what you need, exact size depends on the st= ored key size (here the binary keyslot data are stored, exactly the same as in L= UKS1). I would expect you are using current default for disk encryption, AES256-XT= S. Then you need to store 512bit (2x256bit) key in each binary keyslot. With the LUKS AF filter and 4k alignment it should be 256KiB of binary data= per keyslot. So for 1M and 512bit key it allows 4 LUKS keyslots here. > 3. What the size of metadata size for default configuration? > What=92s the downside of using 16 K? The whole LUKS2 default header takes 16MiB. For JSON area it is 16k, stored twice (we will increase it later, this is f= or compatibility reasons), for binary area - it is "16M - 2x16k" (16M minus JSON areas). There is only several possible sizes of JSON area you can use (see LUKS2 do= cs), binary area is basically arbitrary with maximum 128M, it must be aligned to= 4k sectors. JSON areas allows to store user token metadata, so if you do not need it, n= o need to enlarge it. Thanks, Milan From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-eopbgr770080.outbound.protection.outlook.com [40.107.77.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Mon, 21 Oct 2019 18:13:11 +0200 (CEST) From: Hualing Yu Date: Mon, 21 Oct 2019 16:13:08 +0000 Message-ID: References:

<4eea62ab-e121-d069-9be2-048b09cf301e@gmail.com> In-Reply-To: <4eea62ab-e121-d069-9be2-048b09cf301e@gmail.com> Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_CH2P132MB0187F6574C7736A42B09AFFA87690CH2P132MB0187NAMP_" MIME-Version: 1.0 Subject: Re: [dm-crypt] 10 M Luks2 header size? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Milan Broz , "dm-crypt@saout.de" --_000_CH2P132MB0187F6574C7736A42B09AFFA87690CH2P132MB0187NAMP_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Milan, Thank you very much for the detailed explanation! This is tremendous help = to us! I had already brought this up in our group meeting. We will re-arrange out= partitions to ensure all have enough space for default configurations. Th= ank you very much on that! May I ask further - (sorry more questions, I just want to do it right and m= ake the best out from your original design.) 1. I'm using linux kernel keyring as token for passphrase. Do I need = to enlarge JSON? (BTW, Why JSON area is stored twice, for backup only that= area?) 2. Do we still need to use luksHeaderBackup and luksHeaderRes= tore are for entire 16 M header backup? This means each luks part= ition needs 32 M for its header! Now here is our story : We have storage redundancy on our board, that is, f= or each component (for example linux rootfs) we have two partitions to save= two copies of the component. I think with that, we may not need luks head= er backup. When we detect anything wrong with current active partition, in= clude luks header, we can switch to use the standby partition for rootfs fo= r example, and then repair, or simply wipe everything and redo luks format = and copy the data into it. Should this work? Can you suggest some ways, or check points, for our back= ground task to periodically checking to ensure all luks's are good, in case= you have something on top of your head? 8-) Thank you so much! Hualing -----Original Message----- From: Milan Broz [mailto:gmazyland@gmail.com] Sent: Sunday, October 20, 2019 6:08 AM To: Hualing Yu ; dm-crypt@saout.de Subject: Re: [dm-crypt] 10 M Luks2 header size? Hi, this information should be later in FAQ, so I try to explain it here. Anyway, stay with defaults, if you can. On 19/10/2019 21:59, Hualing Yu wrote: > > May I ask a couple of additional questions about this so that we know how= to trade off. > > > 1. What the reencryption can do for us? Could you explain very > briefly as I'm not sure if we need it? In principle it can perform changes that requires full-device rewrite (chan= ge of the volume key). See man cryptsetup-reencrypt - just for LUKS2 it is more reliable and mainl= y online (you can use device while it is in reencryption process). See slides from Ondra https://nam02.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fokozi= na.fedorapeople.org%2Fonline-disk-reencryption-with-luks2-compact.pdf&d= ata=3D02%7C01%7Chualing.yu%40jci.com%7Ca096abcf38e8483e599808d7554555fc%7Ca= 1f1e2147ded45b681a19e8ae3459641%7C0%7C1%7C637071628596824108&sdata=3DZn= 13uT%2B7wsLKex3r6u3LWAC7xFobCn4PLs10ywQYxeU%3D&reserved=3D0 There should be also some online demos Reencryption demo: https://nam02.safelinks.protection.outlook.com/?url=3D= https%3A%2F%2Fasciinema.org%2Fa%2F268573&data=3D02%7C01%7Chualing.yu%40= jci.com%7Ca096abcf38e8483e599808d7554555fc%7Ca1f1e2147ded45b681a19e8ae34596= 41%7C0%7C1%7C637071628596824108&sdata=3D6DkH8Bwz699zeGzk25vf8gh4%2FKuIm= VaMeGEu34qHkCA%3D&reserved=3D0 Encryption demo: https://nam02.safelinks.protection.outlook.com/?url=3Dht= tps%3A%2F%2Fasciinema.org%2Fa%2F268574&data=3D02%7C01%7Chualing.yu%40jc= i.com%7Ca096abcf38e8483e599808d7554555fc%7Ca1f1e2147ded45b681a19e8ae3459641= %7C0%7C1%7C637071628596824108&sdata=3D8nuvhvj5fBB%2FeH0pu0%2F0qRNd7l47d= VMQwzDrNFoeeMA%3D&reserved=3D0 For this we require some reserved area for storing temporary encryption dat= a. > 2. We need only one or at most two keyslots but we do want them > to be scattered as much as needed just as if for the default case, > what we can do? Use -luks2-keyslots-size=3D1 M (or whatever size that > will give two key enough space to scatter)? There are two areas (see LUKS2 docs) - JSON area for metadata and binary ar= ea. JSON has small binary header, than JSON data (it is 16k currently, stored t= wice). For the binary area, it depends what you need, exact size depends on the st= ored key size (here the binary keyslot data are stored, exactly the same as= in LUKS1). I would expect you are using current default for disk encryption, AES256-XT= S. Then you need to store 512bit (2x256bit) key in each binary keyslot. With the LUKS AF filter and 4k alignment it should be 256KiB of binary data= per keyslot. So for 1M and 512bit key it allows 4 LUKS keyslots here. > 3. What the size of metadata size for default configuration? > What's the downside of using 16 K? The whole LUKS2 default header takes 16MiB. For JSON area it is 16k, stored twice (we will increase it later, this is f= or compatibility reasons), for binary area - it is "16M - 2x16k" (16M minus= JSON areas). There is only several possible sizes of JSON area you can use (see LUKS2 do= cs), binary area is basically arbitrary with maximum 128M, it must be align= ed to 4k sectors. JSON areas allows to store user token metadata, so if you do not need it, n= o need to enlarge it. Thanks, Milan --_000_CH2P132MB0187F6574C7736A42B09AFFA87690CH2P132MB0187NAMP_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi Milan,

Thank you very much for the detailed explanation!= This is tremendous help to us!

I had already brought this up in our group meetin= g. We will re-arrange out partitions to ensure all have enough space = for default configurations. Thank you very much on that!

May I ask further – (sorry more questions, = I just want to do it right and make the best out from your original design.= )

1. I’m using linux kernel keyring as token for p= assphrase. Do I need to enlarge JSON? (BTW, Why JSON area is st= ored twice, for backup only that area?)

2. &nbs= p; Do we still need to use luksHeaderBackup <= device> and luksHeaderRestore <device> are for entire 16 M header backup?&n= bsp; This means each luks partition needs 32 M for its header!

Now here is our sto= ry : We have storage redundancy on our board, that is, for each component (= for example linux rootfs) we have two partitions to save two copies of the = component. I think with that, we may not need luks header backup. When we detect anything wrong with curr= ent active partition, include luks header, we can switch to use the standby= partition for rootfs for example, and then repair, or simply wipe everythi= ng and redo luks format and copy the data into it.

Should this work?&n= bsp; Can you suggest some ways, or check points, for our background task to= periodically checking to ensure all luks’s are good, in case you hav= e something on top of your head? 8-)

Thank you so much!&= nbsp;

Hualing<= /span>

-----Original Message-----
From: Milan Broz [mailto:gmazyland@gmail.com]
Sent: Sunday, October 20, 2019 6:08 AM
To: Hualing Yu <hualing.yu@jci.com>; dm-crypt@saout.de
Subject: Re: [dm-crypt] 10 M Luks2 header size?

Hi,

this information should be later in FAQ, so I try= to explain it here.

Anyway, stay with defaults, if you can.

On 19/10/2019 21:59, Hualing Yu wrote:=

> May I ask a couple of additional questions a= bout this so that we know how to trade off.

> 1. What the re= encryption can do for us? Could you explain very

> briefly as I’m not sure if we need it?=

In principle it can perform changes that requires= full-device rewrite (change of the volume key).

See man cryptsetup-reencrypt - just for LUKS2 it = is more reliable and mainly online (you can use device while it is in reenc= ryption process).

See slides from Ondra

https://nam02.safelin= ks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fokozina.fedorapeople.org%2Fo= nline-disk-reencryption-with-luks2-compact.pdf&data=3D02%7C01%7Chua= ling.yu%40jci.com%7Ca096abcf38e8483e599808d7554555fc%7Ca1f1e2147ded45b681a1= 9e8ae3459641%7C0%7C1%7C637071628596824108&sdata=3DZn13uT%2B7wsLKex3= r6u3LWAC7xFobCn4PLs10ywQYxeU%3D&reserved=3D0<= /p>

There should be also some online demos=

Reencryption demo: https://nam02.safelin= ks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fasciinema.org%2Fa%2F268573&a= mp;amp;data=3D02%7C01%7Chualing.yu%40jci.com%7Ca096abcf38e8483e599808d75545= 55fc%7Ca1f1e2147ded45b681a19e8ae3459641%7C0%7C1%7C637071628596824108&am= p;sdata=3D6DkH8Bwz699zeGzk25vf8gh4%2FKuImVaMeGEu34qHkCA%3D&reserved= =3D0

Encryption demo: https://nam02.safelin= ks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fasciinema.org%2Fa%2F268574&a= mp;amp;data=3D02%7C01%7Chualing.yu%40jci.com%7Ca096abcf38e8483e599808d75545= 55fc%7Ca1f1e2147ded45b681a19e8ae3459641%7C0%7C1%7C637071628596824108&am= p;sdata=3D8nuvhvj5fBB%2FeH0pu0%2F0qRNd7l47dVMQwzDrNFoeeMA%3D&reserv= ed=3D0

For this we require some reserved area for storin= g temporary encryption data.

> 2. We need onl= y one or at most two keyslots but we do want them

> to be scattered as much as needed just as if= for the default case,

> what we can do? Use –luks2-keysl= ots-size=3D1 M (or whatever size that

> will give two key enough space to scatter)?<= o:p>

There are two areas (see LUKS2 docs) - JSON area = for metadata and binary area.

JSON has small binary header, than JSON data (it = is 16k currently, stored twice).

For the binary area, it depends what you need, ex= act size depends on the stored key size (here the binary keyslot data are s= tored, exactly the same as in LUKS1).

I would expect you are using current default for = disk encryption, AES256-XTS.

Then you need to store 512bit (2x256bit) key in e= ach binary keyslot.

With the LUKS AF filter and 4k alignment it shoul= d be 256KiB of binary data per keyslot.

So for 1M and 512bit key it allows 4 LUKS keyslot= s here.

> 3. What the si= ze of metadata size for default configuration?

> What’s the downside of using 16 K?

The whole LUKS2 default header takes 16MiB.<= /o:p>

For JSON area it is 16k, stored twice (we will in= crease it later, this is for compatibility reasons), for binary area - it i= s "16M - 2x16k" (16M minus JSON areas).

There is only several possible sizes of JSON area= you can use (see LUKS2 docs), binary area is basically arbitrary with maxi= mum 128M, it must be aligned to 4k sectors.

JSON areas allows to store user token metadata, s= o if you do not need it, no need to enlarge it.

Thanks,

Milan

--_000_CH2P132MB0187F6574C7736A42B09AFFA87690CH2P132MB0187NAMP_-- From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-eopbgr750078.outbound.protection.outlook.com [40.107.75.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Sun, 27 Oct 2019 14:15:16 +0100 (CET) From: Hualing Yu Date: Sun, 27 Oct 2019 13:15:12 +0000 Message-ID: References:

<4eea62ab-e121-d069-9be2-048b09cf301e@gmail.com> In-Reply-To: Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_CH2P132MB01877105D585DC5F093FE30787670CH2P132MB0187NAMP_" MIME-Version: 1.0 Subject: Re: [dm-crypt] 10 M Luks2 header size? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Milan Broz , "dm-crypt@saout.de" --_000_CH2P132MB01877105D585DC5F093FE30787670CH2P132MB0187NAMP_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hello Milan, How are you? We truly appreciate your help with your expertise on this LUKS configuratio= n! Could you please answer my last two questions below? 1. I'm using linux kernel keyring as token for passphrase (likely one = passphrase per LUKS partition). Do I need to enlarge JSON? (BTW, Why JSON= area is stored twice, for backup only that area?) 2. If we have full filesystem redundancy, do we still need to use luks= HeaderBackup and luksHeaderRestore are for entire 16 M he= ader backup? Any suggestion on what to check to ensure that the standby (i= nactivate) luks partition is in good condition? Thank you very much! Hualing From: Hualing Yu Sent: Monday, October 21, 2019 12:13 PM To: Milan Broz ; dm-crypt@saout.de Subject: RE: [dm-crypt] 10 M Luks2 header size? Hi Milan, Thank you very much for the detailed explanation! This is tremendous help = to us! I had already brought this up in our group meeting. We will re-arrange out= partitions to ensure all have enough space for default configurations. Th= ank you very much on that! May I ask further - (sorry more questions, I just want to do it right and m= ake the best out from your original design.) 1. I'm using linux kernel keyring as token for passphrase. Do I need = to enlarge JSON? (BTW, Why JSON area is stored twice, for backup only that= area?) 2. Do we still need to use luksHeaderBackup and luksHeaderRes= tore are for entire 16 M header backup? This means each luks part= ition needs 32 M for its header! Now here is our story : We have storage redundancy on our board, that is, f= or each component (for example linux rootfs) we have two partitions to save= two copies of the component. I think with that, we may not need luks head= er backup. When we detect anything wrong with current active partition, in= clude luks header, we can switch to use the standby partition for rootfs fo= r example, and then repair, or simply wipe everything and redo luks format = and copy the data into it. Should this work? Can you suggest some ways, or check points, for our back= ground task to periodically checking to ensure all luks's are good, in case= you have something on top of your head? 8-) Thank you so much! Hualing -----Original Message----- From: Milan Broz [mailto:gmazyland@gmail.com] Sent: Sunday, October 20, 2019 6:08 AM To: Hualing Yu >; dm-crypt@sa= out.de Subject: Re: [dm-crypt] 10 M Luks2 header size? Hi, this information should be later in FAQ, so I try to explain it here. Anyway, stay with defaults, if you can. On 19/10/2019 21:59, Hualing Yu wrote: > > May I ask a couple of additional questions about this so that we know how= to trade off. > > > 1. What the reencryption can do for us? Could you explain very > briefly as I'm not sure if we need it? In principle it can perform changes that requires full-device rewrite (chan= ge of the volume key). See man cryptsetup-reencrypt - just for LUKS2 it is more reliable and mainl= y online (you can use device while it is in reencryption process). See slides from Ondra https://nam02.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fokozi= na.fedorapeople.org%2Fonline-disk-reencryption-with-luks2-compact.pdf&d= ata=3D02%7C01%7Chualing.yu%40jci.com%7Ca096abcf38e8483e599808d7554555fc%7Ca= 1f1e2147ded45b681a19e8ae3459641%7C0%7C1%7C637071628596824108&sdata=3DZn= 13uT%2B7wsLKex3r6u3LWAC7xFobCn4PLs10ywQYxeU%3D&reserved=3D0 There should be also some online demos Reencryption demo: https://nam02.safelinks.protection.outlook.com/?url=3D= https%3A%2F%2Fasciinema.org%2Fa%2F268573&data=3D02%7C01%7Chualing.yu%40= jci.com%7Ca096abcf38e8483e599808d7554555fc%7Ca1f1e2147ded45b681a19e8ae34596= 41%7C0%7C1%7C637071628596824108&sdata=3D6DkH8Bwz699zeGzk25vf8gh4%2FKuIm= VaMeGEu34qHkCA%3D&reserved=3D0 Encryption demo: https://nam02.safelinks.protection.outlook.com/?url=3Dht= tps%3A%2F%2Fasciinema.org%2Fa%2F268574&data=3D02%7C01%7Chualing.yu%40jc= i.com%7Ca096abcf38e8483e599808d7554555fc%7Ca1f1e2147ded45b681a19e8ae3459641= %7C0%7C1%7C637071628596824108&sdata=3D8nuvhvj5fBB%2FeH0pu0%2F0qRNd7l47d= VMQwzDrNFoeeMA%3D&reserved=3D0 For this we require some reserved area for storing temporary encryption dat= a. > 2. We need only one or at most two keyslots but we do want them > to be scattered as much as needed just as if for the default case, > what we can do? Use -luks2-keyslots-size=3D1 M (or whatever size that > will give two key enough space to scatter)? There are two areas (see LUKS2 docs) - JSON area for metadata and binary ar= ea. JSON has small binary header, than JSON data (it is 16k currently, stored t= wice). For the binary area, it depends what you need, exact size depends on the st= ored key size (here the binary keyslot data are stored, exactly the same as= in LUKS1). I would expect you are using current default for disk encryption, AES256-XT= S. Then you need to store 512bit (2x256bit) key in each binary keyslot. With the LUKS AF filter and 4k alignment it should be 256KiB of binary data= per keyslot. So for 1M and 512bit key it allows 4 LUKS keyslots here. > 3. What the size of metadata size for default configuration? > What's the downside of using 16 K? The whole LUKS2 default header takes 16MiB. For JSON area it is 16k, stored twice (we will increase it later, this is f= or compatibility reasons), for binary area - it is "16M - 2x16k" (16M minus= JSON areas). There is only several possible sizes of JSON area you can use (see LUKS2 do= cs), binary area is basically arbitrary with maximum 128M, it must be align= ed to 4k sectors. JSON areas allows to store user token metadata, so if you do not need it, n= o need to enlarge it. Thanks, Milan --_000_CH2P132MB01877105D585DC5F093FE30787670CH2P132MB0187NAMP_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hello Milan,

How are you?

We truly appreciate yo= ur help with your expertise on this LUKS configuration!
Could you please answer my last two questions below?

1. I’m using linux kernel keyring as token for p= assphrase (likely one passphrase per LUKS partition). Do I need to en= large JSON? (BTW, Why JSON area is stored twice, for backup only that= area?)

2. &nbs= p; If we have full filesystem redundancy, do we= still need to use luksHeaderBackup <device> and luksHeaderRestore <device> are for entire 16 M header backup?&n= bsp; Any suggestion on what to check to ensure that the standby (inactivate= ) luks partition is in good condition?

Thank you very much!

Hualing

From: Hualing Yu
Sent: Monday, October 21, 2019 12:13 PM
To: Milan Broz <gmazyland@gmail.com>; dm-crypt@saout.de
Subject: RE: [dm-crypt] 10 M Luks2 header size?

Hi Milan,

Thank you very much for the detailed explanation!= This is tremendous help to us!

I had already brought this up in our group meetin= g. We will re-arrange out partitions to ensure all have enough space = for default configurations. Thank you very much on that!

May I ask further – (sorry more questions, = I just want to do it right and make the best out from your original design.= )

1. I’m using linux kernel keyring as token for p= assphrase. Do I need to enlarge JSON? (BTW, Why JSON area is st= ored twice, for backup only that area?)

2. &nbs= p; Do we still need to use luksHeaderBackup <= device> and luksHeaderRestore <device> are for entire 16 M header backup?&n= bsp; This means each luks partition needs 32 M for its header!

Thank you so much!&= nbsp;

Hualing<= /span>

-----Original Message-----
From: Milan Broz [mailto:gmazyland@g= mail.com]
Sent: Sunday, October 20, 2019 6:08 AM
To: Hualing Yu <hualing.yu@jci.com= >; dm-crypt@saout.de
Subject: Re: [dm-crypt] 10 M Luks2 header size?

Hi,

this information should be later in FAQ, so I try= to explain it here.

Anyway, stay with defaults, if you can.

On 19/10/2019 21:59, Hualing Yu wrote:=

> May I ask a couple of additional questions a= bout this so that we know how to trade off.

> 1. What the re= encryption can do for us? Could you explain very

> briefly as I’m not sure if we need it?=

In principle it can perform changes that requires= full-device rewrite (change of the volume key).

See man cryptsetup-reencrypt - just for LUKS2 it = is more reliable and mainly online (you can use device while it is in reenc= ryption process).

See slides from Ondra

There should be also some online demos=

For this we require some reserved area for storin= g temporary encryption data.

> 2. We need onl= y one or at most two keyslots but we do want them

> to be scattered as much as needed just as if= for the default case,

> what we can do? Use –luks2-keysl= ots-size=3D1 M (or whatever size that

> will give two key enough space to scatter)?<= o:p>

There are two areas (see LUKS2 docs) - JSON area = for metadata and binary area.

JSON has small binary header, than JSON data (it = is 16k currently, stored twice).

For the binary area, it depends what you need, ex= act size depends on the stored key size (here the binary keyslot data are s= tored, exactly the same as in LUKS1).

I would expect you are using current default for = disk encryption, AES256-XTS.

Then you need to store 512bit (2x256bit) key in e= ach binary keyslot.

With the LUKS AF filter and 4k alignment it shoul= d be 256KiB of binary data per keyslot.

So for 1M and 512bit key it allows 4 LUKS keyslot= s here.

> 3. What the si= ze of metadata size for default configuration?

> What’s the downside of using 16 K?

The whole LUKS2 default header takes 16MiB.<= /o:p>

For JSON area it is 16k, stored twice (we will in= crease it later, this is for compatibility reasons), for binary area - it i= s "16M - 2x16k" (16M minus JSON areas).

There is only several possible sizes of JSON area= you can use (see LUKS2 docs), binary area is basically arbitrary with maxi= mum 128M, it must be aligned to 4k sectors.

JSON areas allows to store user token metadata, s= o if you do not need it, no need to enlarge it.

Thanks,

Milan

--_000_CH2P132MB01877105D585DC5F093FE30787670CH2P132MB0187NAMP_-- From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from v1.tansi.org (mail.tansi.org [84.19.178.47]) by mail.server123.net (Postfix) with ESMTP for ; Sun, 27 Oct 2019 19:33:51 +0100 (CET) Received: from gatewagner.dyndns.org (81-6-44-245.init7.net [81.6.44.245]) by v1.tansi.org (Postfix) with ESMTPA id 7B508140148 for ; Sun, 27 Oct 2019 19:33:44 +0100 (CET) Date: Sun, 27 Oct 2019 19:33:51 +0100 From: Arno Wagner Message-ID: <20191027183350.GA15269@tansi.org> References:

<4eea62ab-e121-d069-9be2-048b09cf301e@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: Subject: Re: [dm-crypt] 10 M Luks2 header size? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de I can answer 2.: Redundancy (of any kind) is not backup. You need that backup. A backup is independent from the original data storage mechanism, redundancy is not. Regards, Arno On Sun, Oct 27, 2019 at 14:15:12 CET, Hualing Yu wrote: > Hello Milan, > > > How are you? > > We truly appreciate your help with your expertise on this LUKS > configuration! > Could you please answer my last two questions below? > > 1. I’m using linux kernel keyring as token for passphrase (likely > one passphrase per LUKS partition). Do I need to enlarge JSON? (BTW, > Why JSON area is stored twice, for backup only that area?) > > 2. If we have full filesystem redundancy, do we still need to use > luksHeaderBackup and luksHeaderRestore are for entire > 16 M header backup? Any suggestion on what to check to ensure that the > standby (inactivate) luks partition is in good condition? > > > Thank you very much! > > > Hualing > > > From: Hualing Yu > Sent: Monday, October 21, 2019 12:13 PM > To: Milan Broz ; dm-crypt@saout.de > Subject: RE: [dm-crypt] 10 M Luks2 header size? > > > Hi Milan, > > > Thank you very much for the detailed explanation! This is tremendous > help to us! > > > I had already brought this up in our group meeting. We will re-arrange > out partitions to ensure all have enough space for default > configurations. Thank you very much on that! > > > May I ask further – (sorry more questions, I just want to do it right > and make the best out from your original design.) > > 1. I’m using linux kernel keyring as token for passphrase. Do I > need to enlarge JSON? (BTW, Why JSON area is stored twice, for backup > only that area?) > > 2. Do we still need to use luksHeaderBackup and > luksHeaderRestore are for entire 16 M header backup? This > means each luks partition needs 32 M for its header! > > > Now here is our story : We have storage redundancy on our board, that > is, for each component (for example linux rootfs) we have two > partitions to save two copies of the component. I think with that, we > may not need luks header backup. When we detect anything wrong with > current active partition, include luks header, we can switch to use the > standby partition for rootfs for example, and then repair, or simply > wipe everything and redo luks format and copy the data into it. > > Should this work? Can you suggest some ways, or check points, for our > background task to periodically checking to ensure all luks’s are good, > in case you have something on top of your head? 8-) > > > Thank you so much! > > > > Hualing > > > > -----Original Message----- > From: Milan Broz [[1]mailto:gmazyland@gmail.com] > Sent: Sunday, October 20, 2019 6:08 AM > To: Hualing Yu <[2]hualing.yu@jci.com>; [3]dm-crypt@saout.de > Subject: Re: [dm-crypt] 10 M Luks2 header size? > > > Hi, > > > this information should be later in FAQ, so I try to explain it here. > > > Anyway, stay with defaults, if you can. > > > On 19/10/2019 21:59, Hualing Yu wrote: > > > > > > May I ask a couple of additional questions about this so that we know > how to trade off. > > > > > > > > > 1. What the reencryption can do for us? Could you explain very > > > briefly as I’m not sure if we need it? > > > In principle it can perform changes that requires full-device rewrite > (change of the volume key). > > See man cryptsetup-reencrypt - just for LUKS2 it is more reliable and > mainly online (you can use device while it is in reencryption process). > > > See slides from Ondra > > > [4]https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fok > ozina.fedorapeople.org%2Fonline-disk-reencryption-with-luks2-compact.pd > f&data=02%7C01%7Chualing.yu%40jci.com%7Ca096abcf38e8483e599808d7554 > 555fc%7Ca1f1e2147ded45b681a19e8ae3459641%7C0%7C1%7C637071628596824108&a > mp;sdata=Zn13uT%2B7wsLKex3r6u3LWAC7xFobCn4PLs10ywQYxeU%3D&reserved= > 0 > > > There should be also some online demos > > Reencryption demo: > [5]https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fas > ciinema.org%2Fa%2F268573&data=02%7C01%7Chualing.yu%40jci.com%7Ca096 > abcf38e8483e599808d7554555fc%7Ca1f1e2147ded45b681a19e8ae3459641%7C0%7C1 > %7C637071628596824108&sdata=6DkH8Bwz699zeGzk25vf8gh4%2FKuImVaMeGEu3 > 4qHkCA%3D&reserved=0 > > Encryption demo: > [6]https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fas > ciinema.org%2Fa%2F268574&data=02%7C01%7Chualing.yu%40jci.com%7Ca096 > abcf38e8483e599808d7554555fc%7Ca1f1e2147ded45b681a19e8ae3459641%7C0%7C1 > %7C637071628596824108&sdata=8nuvhvj5fBB%2FeH0pu0%2F0qRNd7l47dVMQwzD > rNFoeeMA%3D&reserved=0 > > > For this we require some reserved area for storing temporary encryption > data. > > > > 2. We need only one or at most two keyslots but we do want them > > > to be scattered as much as needed just as if for the default case, > > > what we can do? Use –luks2-keyslots-size=1 M (or whatever size that > > > will give two key enough space to scatter)? > > > There are two areas (see LUKS2 docs) - JSON area for metadata and > binary area. > > > JSON has small binary header, than JSON data (it is 16k currently, > stored twice). > > > For the binary area, it depends what you need, exact size depends on > the stored key size (here the binary keyslot data are stored, exactly > the same as in LUKS1). > > > I would expect you are using current default for disk encryption, > AES256-XTS. > > > Then you need to store 512bit (2x256bit) key in each binary keyslot. > > > With the LUKS AF filter and 4k alignment it should be 256KiB of binary > data per keyslot. > > > So for 1M and 512bit key it allows 4 LUKS keyslots here. > > > > 3. What the size of metadata size for default configuration? > > > What’s the downside of using 16 K? > > The whole LUKS2 default header takes 16MiB. > > > For JSON area it is 16k, stored twice (we will increase it later, this > is for compatibility reasons), for binary area - it is "16M - 2x16k" > (16M minus JSON areas). > > > There is only several possible sizes of JSON area you can use (see > LUKS2 docs), binary area is basically arbitrary with maximum 128M, it > must be aligned to 4k sectors. > > > JSON areas allows to store user token metadata, so if you do not need > it, no need to enlarge it. > > > Thanks, > > Milan > > References > > 1. mailto:gmazyland@gmail.com > 2. mailto:hualing.yu@jci.com > 3. mailto:dm-crypt@saout.de > 4. https://nam02.safelinks.protection.outlook.com/?url=https://okozina.fedorapeople.org/online-disk-reencryption-with-luks2-compact.pdf&data=02|01|hualing.yu@jci.com|a096abcf38e8483e599808d7554555fc|a1f1e2147ded45b681a19e8ae3459641|0|1|637071628596824108&sdata=Zn13uT+7wsLKex3r6u3LWAC7xFobCn4PLs10ywQYxeU=&reserved=0 > 5. https://nam02.safelinks.protection.outlook.com/?url=https://asciinema.org/a/268573&data=02|01|hualing.yu@jci.com|a096abcf38e8483e599808d7554555fc|a1f1e2147ded45b681a19e8ae3459641|0|1|637071628596824108&sdata=6DkH8Bwz699zeGzk25vf8gh4/KuImVaMeGEu34qHkCA=&reserved=0 > 6. https://nam02.safelinks.protection.outlook.com/?url=https://asciinema.org/a/268574&data=02|01|hualing.yu@jci.com|a096abcf38e8483e599808d7554555fc|a1f1e2147ded45b681a19e8ae3459641|0|1|637071628596824108&sdata=8nuvhvj5fBB/eH0pu0/0qRNd7l47dVMQwzDrNFoeeMA=&reserved=0 > _______________________________________________ > dm-crypt mailing list > dm-crypt@saout.de > https://www.saout.de/mailman/listinfo/dm-crypt -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@wagner.name GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- A good decision is based on knowledge and not on numbers. -- Plato If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wm1-x336.google.com (mail-wm1-x336.google.com [IPv6:2a00:1450:4864:20::336]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Mon, 28 Oct 2019 11:36:41 +0100 (CET) Received: by mail-wm1-x336.google.com with SMTP id n7so8851600wmc.3 for ; Mon, 28 Oct 2019 03:36:41 -0700 (PDT) References:

<4eea62ab-e121-d069-9be2-048b09cf301e@gmail.com> From: Milan Broz Message-ID: Date: Mon, 28 Oct 2019 11:36:38 +0100 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Language: en-US Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] 10 M Luks2 header size? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Hualing Yu , "dm-crypt@saout.de" Hi, sorry for the late reply, I have a lot of personal issues these days, so this mail was just stuck in the queue - thanks for the reminder. On 27/10/2019 14:15, Hualing Yu wrote:> Could you please answer my last two questions below? > > 1. I'm using linux kernel keyring as token for passphrase > (likely one passphrase per LUKS partition). Do I need to enlarge > JSON? (BTW, Why JSON area is stored twice, for backup only that > area?) Token (JSON) configuration takes some extra space, but if you are limited to a few keyslots and few keyring tokens, default JSON area size should be enough. You can, of course, increase it during format, but I do not suggest to use big JSON areas (>1MB). IOW increasing to 64k should be more than enough if you have no extra user JSON data stored there.) The best is if you create the most complicated configuration for your setup (used all slots + all tokens) and try to configure it. If cryptsetup doesn't complain that there is not enough space, it is enough :) For the storing JSON twice - long description is in LUKS2 doc https://gitlab.com/cryptsetup/LUKS2-docs It is not backup! We store it twice because LUKS2 expects more frequent modification of metadata, so we can recover in the case one area is corrupted (power fail or so). Also, it increases reliability in the case one area is corrupted by some other tool (it automatically updates from the second copy). Note that BINARY area (binary stored keyslot content) is stored only once (duplication would undermine anti-forensic filter). > > 2. If we have full filesystem redundancy, do we still need to > use /luksHeaderBackup/ and /luksHeaderRestore/ are > for entire 16 M header backup? Any suggestion on what to check to > ensure that the standby (inactivate) luks partition is in good > condition? RAID is not a backup. The same applies to redundant LUKS headers. It increases availability (you can quickly recover if possible), but you should have offline/offsite backup, The luksHeaderBackup is in principle just copy of the area with whole LUKS header (so it contains even unused reserved space, this space is filled with random data - if it is not conversion of old header). I hope this helps. Thanks, Milan From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-eopbgr800082.outbound.protection.outlook.com [40.107.80.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Mon, 28 Oct 2019 14:50:47 +0100 (CET) From: Hualing Yu Date: Mon, 28 Oct 2019 13:50:44 +0000 Message-ID: References:

<4eea62ab-e121-d069-9be2-048b09cf301e@gmail.com>

In-Reply-To: Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_CH2P132MB0187418DB7BD6C9DF85EC5C587660CH2P132MB0187NAMP_" MIME-Version: 1.0 Subject: Re: [dm-crypt] 10 M Luks2 header size? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Milan Broz , "dm-crypt@saout.de" --_000_CH2P132MB0187418DB7BD6C9DF85EC5C587660CH2P132MB0187NAMP_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Milan, Thank you very much for the detailed reply. This is again very helpful to = us! It's not a problem at all. I appreciate it very very much for you usi= ng your family time helping us! I am sorry that I cannot resist asking more questions as your answer indica= te more opportunities 8-) If they are very simple to you to answer, thank = you for just drop a few lines; if not, you can simply ignore. 1. You said "...if you have no extra user JSON data stored there". Ca= n we use that area to store additional user data? How? 2. To check if a LUKS is in good condition, can we just use isLuks com= mand? Does this cmd trigger some internal sanitary checking? Thank you, Hualing -----Original Message----- From: Milan Broz [mailto:gmazyland@gmail.com] Sent: Monday, October 28, 2019 6:37 AM To: Hualing Yu ; dm-crypt@saout.de Subject: Re: [dm-crypt] 10 M Luks2 header size? Hi, sorry for the late reply, I have a lot of personal issues these days, so th= is mail was just stuck in the queue - thanks for the reminder. On 27/10/2019 14:15, Hualing Yu wrote:> Could you please answer my last two= questions below? > > 1. I'm using linux kernel keyring as token for passphrase (likely one > passphrase per LUKS partition). Do I need to enlarge JSON? (BTW, Why > JSON area is stored twice, for backup only that > area?) Token (JSON) configuration takes some extra space, but if you are limited t= o a few keyslots and few keyring tokens, default JSON area size should be e= nough. You can, of course, increase it during format, but I do not suggest to use = big JSON areas (>1MB). IOW increasing to 64k should be more than enough if you have no extra user = JSON data stored there.) The best is if you create the most complicated configuration for your setup= (used all slots + all tokens) and try to configure it. If cryptsetup doesn't complain that there is not enough space, it is enough= :) For the storing JSON twice - long description is in LUKS2 doc https://nam02.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fgitlab.= com%2Fcryptsetup%2FLUKS2-docs&data=3D02%7C01%7Chualing.yu%40jci.com%7Ca= 0a4359785fc4219625508d75b92b889%7Ca1f1e2147ded45b681a19e8ae3459641%7C0%7C0%= 7C637078558030607535&sdata=3DDH0mLc05InQUjUqMfNUp%2Fzck%2F4esepLUtMSI9p= %2ByZig%3D&reserved=3D0 It is not backup! We store it twice because LUKS2 expects more frequent mod= ification of metadata, so we can recover in the case one area is corrupted = (power fail or so). Also, it increases reliability in the case one area is corrupted by some ot= her tool (it automatically updates from the second copy). Note that BINARY area (binary stored keyslot content) is stored only once (= duplication would undermine anti-forensic filter). > > 2. If we have full filesystem redundancy, do we still need to > use /luksHeaderBackup/ and /luksHeaderRestore/ are for > entire 16 M header backup? Any suggestion on what to check to ensure > that the standby (inactivate) luks partition is in good condition? RAID is not a backup. The same applies to redundant LUKS headers. It increases availability (you can quickly recover if possible), but you sh= ould have offline/offsite backup, The luksHeaderBackup is in principle just copy of the area with whole LUKS = header (so it contains even unused reserved space, this space is filled wit= h random data - if it is not conversion of old header). I hope this helps. Thanks, Milan --_000_CH2P132MB0187418DB7BD6C9DF85EC5C587660CH2P132MB0187NAMP_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi Milan,

Thank you very much for the detailed reply. = This is again very helpful to us! It's not a problem at all. I= appreciate it very very much for you using your family time helping us!

I am sorry that I cannot resist asking more quest= ions as your answer indicate more opportunities 8-) If they are very = simple to you to answer, thank you for just drop a few lines; if not, you c= an simply ignore.

1. You said “…if you have no extra user JS= ON data stored there”. Can we use that area to store additional= user data? How?

2. To check if a LUKS is in good condition, can we jus= t use isLuks command? Does this cmd trigger some internal sanitary ch= ecking?

Thank you,

Hualing

-----Original Message-----
From: Milan Broz [mailto:gmazyland@gmail.com]
Sent: Monday, October 28, 2019 6:37 AM
To: Hualing Yu <hualing.yu@jci.com>; dm-crypt@saout.de
Subject: Re: [dm-crypt] 10 M Luks2 header size?

Hi,

sorry for the late reply, I have a lot of persona= l issues these days, so this mail was just stuck in the queue - thanks for = the reminder.

On 27/10/2019 14:15, Hualing Yu wrote:> Could = you please answer my last two questions below?

> 1. I'm using linux kernel keyring as token f= or passphrase (likely one

> passphrase per LUKS partition). Do I n= eed to enlarge JSON? (BTW, Why

> JSON area is stored twice, for backup only t= hat

> area?)

Token (JSON) configuration takes some extra space= , but if you are limited to a few keyslots and few keyring tokens, default = JSON area size should be enough.

You can, of course, increase it during format, bu= t I do not suggest to use big JSON areas (>1MB).

IOW increasing to 64k should be more than enough = if you have no extra user JSON data stored there.)

The best is if you create the most complicated co= nfiguration for your setup (used all slots + all tokens) and try to con= figure it.

If cryptsetup doesn't complain that there is not = enough space, it is enough :)

For the storing JSON twice - long description is = in LUKS2 doc

https://nam02.safe= links.protection.outlook.com/?url=3Dhttps%3A%2F%2Fgitlab.com%2Fcryptsetup%2= FLUKS2-docs&data=3D02%7C01%7Chualing.yu%40jci.com%7Ca0a4359785fc421= 9625508d75b92b889%7Ca1f1e2147ded45b681a19e8ae3459641%7C0%7C0%7C637078558030= 607535&sdata=3DDH0mLc05InQUjUqMfNUp%2Fzck%2F4esepLUtMSI9p%2ByZig%3D= &reserved=3D0

It is not backup! We store it twice because LUKS2= expects more frequent modification of metadata, so we can recover in the c= ase one area is corrupted (power fail or so).

Also, it increases reliability in the case one ar= ea is corrupted by some other tool (it automatically updates from the secon= d copy).

Note that BINARY area (binary stored keyslot cont= ent) is stored only once (duplication would undermine anti-forensic filter)= .

> 2. If we have = full filesystem redundancy, do we still need to

> use /luksHeaderBackup/<device> and /lu= ksHeaderRestore/<device> are for

> entire 16 M header backup? Any suggest= ion on what to check to ensure

> that the standby (inactivate) luks partition= is in good condition?

RAID is not a backup. The same applies to redunda= nt LUKS headers.

It increases availability (you can quickly recove= r if possible), but you should have offline/offsite backup,

The luksHeaderBackup is in principle just copy of= the area with whole LUKS header (so it contains even unused reserved space= , this space is filled with random data - if it is not conversion of old he= ader).

I hope this helps.

Thanks,

Milan

--_000_CH2P132MB0187418DB7BD6C9DF85EC5C587660CH2P132MB0187NAMP_-- From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wm1-x329.google.com (mail-wm1-x329.google.com [IPv6:2a00:1450:4864:20::329]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Tue, 29 Oct 2019 14:07:46 +0100 (CET) Received: by mail-wm1-x329.google.com with SMTP id g7so2494497wmk.4 for ; Tue, 29 Oct 2019 06:07:45 -0700 (PDT) References:

<4eea62ab-e121-d069-9be2-048b09cf301e@gmail.com>

From: Milan Broz Message-ID: <4fd9084a-e78d-6c16-edb7-2dec936023dc@gmail.com> Date: Tue, 29 Oct 2019 14:07:43 +0100 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="windows-1252" Content-Language: en-US Content-Transfer-Encoding: quoted-printable Subject: Re: [dm-crypt] 10 M Luks2 header size? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Hualing Yu , "dm-crypt@saout.de" On 28/10/2019 14:50, Hualing Yu wrote: > I am sorry that I cannot resist asking more questions as your answer > indicate more opportunities 8-) If they are very simple to you to > answer, thank you for just drop a few lines; if not, you can simply > ignore. >=20 > 1. You said =93=85if you have no extra user JSON data stored there= =94. > Can we use that area to store additional user data? How? You can create custom token type and import directly JSON through cryptsetup token import command. There is just mandatory type object, otherwise it can= be arbitrary valid JSON. (I plan to write some article about it but I promised this months ago ... := -) =20 > 2. To check if a LUKS is in good condition, can we just use > isLuks command? Does this cmd trigger some internal sanitary > checking? Hm, in theory yes (it calls functions that will do autorecovery), so side effect is that it validates JSON areas. But note that any LUKS load will recover invalid JSON area if there is one area valid (it requires access to cryptsetup locks directory and of course write access rights to the image/device). IOW it should "autorepair". If not possible, commands starts to fail as there is no LUKS2 header. Milan From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-eopbgr820089.outbound.protection.outlook.com [40.107.82.89]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Tue, 29 Oct 2019 16:03:06 +0100 (CET) From: Hualing Yu Date: Tue, 29 Oct 2019 15:03:03 +0000 Message-ID: References:

<4eea62ab-e121-d069-9be2-048b09cf301e@gmail.com>

<4fd9084a-e78d-6c16-edb7-2dec936023dc@gmail.com> In-Reply-To: <4fd9084a-e78d-6c16-edb7-2dec936023dc@gmail.com> Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [dm-crypt] 10 M Luks2 header size? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Milan Broz , "dm-crypt@saout.de" Hi Milan, Great! This helps a lot! I'm going to design our redundant file systems a= round this. I'm looking forward for your article on better using JSON area. No more question now, at this moment 8-) We definitely will encounter somethings later when implementing this. Will= bother you again then. And I'll let you know how we make it here no matte= r what. Again, very appreciate all you helps, your time and expertise! Best regard, Hualing -----Original Message----- From: Milan Broz [mailto:gmazyland@gmail.com]=20 Sent: Tuesday, October 29, 2019 9:08 AM To: Hualing Yu ; dm-crypt@saout.de Subject: Re: [dm-crypt] 10 M Luks2 header size? On 28/10/2019 14:50, Hualing Yu wrote: > I am sorry that I cannot resist asking more questions as your answer=20 > indicate more opportunities 8-) If they are very simple to you to=20 > answer, thank you for just drop a few lines; if not, you can simply=20 > ignore. >=20 > 1. You said "...if you have no extra user JSON data stored there". > Can we use that area to store additional user data? How? You can create custom token type and import directly JSON through cryptsetu= p token import command. There is just mandatory type object, otherwise it c= an be arbitrary valid JSON. (I plan to write some article about it but I promised this months ago ... := -) =20 > 2. To check if a LUKS is in good condition, can we just use > isLuks command? Does this cmd trigger some internal sanitary=20 > checking? Hm, in theory yes (it calls functions that will do autorecovery), so side e= ffect is that it validates JSON areas. But note that any LUKS load will recover invalid JSON area if there is one = area valid (it requires access to cryptsetup locks directory and of course = write access rights to the image/device). IOW it should "autorepair". If not possible, commands starts to fail as the= re is no LUKS2 header. Milan From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-eopbgr770045.outbound.protection.outlook.com [40.107.77.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Sun, 3 Nov 2019 04:33:48 +0100 (CET) From: Hualing Yu Date: Sun, 3 Nov 2019 03:33:45 +0000 Message-ID: References:

<4eea62ab-e121-d069-9be2-048b09cf301e@gmail.com>

<4fd9084a-e78d-6c16-edb7-2dec936023dc@gmail.com> In-Reply-To: Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_CH2P132MB01871CF42C7DFEC7368F774F877C0CH2P132MB0187NAMP_" MIME-Version: 1.0 Subject: Re: [dm-crypt] 10 M Luks2 header size? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Milan Broz , "dm-crypt@saout.de" --_000_CH2P132MB01871CF42C7DFEC7368F774F877C0CH2P132MB0187NAMP_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Milan We have problem now 8-) I did 'cryptsetup format' at initramfs, where I also 'add token' to luks pa= ssphrase slot 0. It seems to work as expected in later luksOpen (without asking me passphras= e) when still in initramfs. Even next run after power cycle reboot. Howev= er after it runs to normal rootfs, then when I try to do luksOpen still as = root user, it ask for passphrase. I can see my passphrases are both in @u and @us keyring both at initramfs t= ime and when run as root in normal linux. However, in initramfs, my passph= rasses are also in @s, which probably is why in initramfs time, I can auto = activate (open) my luks partitions. Cryptsetup man page says: token Adds a new keyring token to enable auto-activation of the dev= ice. For the auto- activation, the passphrase must be stored in keyring= with the specified description. Usually, the passphrase should be stored in = user or user-session keyring. The token command is supported only for LUKS2. My passphrases are in both user and user-session keyrings, maybe I just ran= into some unusual case where passphrases also need to be in session keyrin= g. Do you know what's the reason? Thank you! Hualing -----Original Message----- From: Hualing Yu Sent: Tuesday, October 29, 2019 11:03 AM To: Milan Broz ; dm-crypt@saout.de Subject: RE: [dm-crypt] 10 M Luks2 header size? Hi Milan, Great! This helps a lot! I'm going to design our redundant file systems a= round this. I'm looking forward for your article on better using JSON area. No more question now, at this moment 8-) We definitely will encounter somethings later when implementing this. Will= bother you again then. And I'll let you know how we make it here no matte= r what. Again, very appreciate all you helps, your time and expertise! Best regard, Hualing -----Original Message----- From: Milan Broz [mailto:gmazyland@gmail.com] Sent: Tuesday, October 29, 2019 9:08 AM To: Hualing Yu >; dm-crypt@sa= out.de Subject: Re: [dm-crypt] 10 M Luks2 header size? On 28/10/2019 14:50, Hualing Yu wrote: > I am sorry that I cannot resist asking more questions as your answer > indicate more opportunities 8-) If they are very simple to you to > answer, thank you for just drop a few lines; if not, you can simply > ignore. > > 1. You said "...if you have no extra user JSON data stored there". > Can we use that area to store additional user data? How? You can create custom token type and import directly JSON through cryptsetu= p token import command. There is just mandatory type object, otherwise it c= an be arbitrary valid JSON. (I plan to write some article about it but I promised this months ago ... := -) > 2. To check if a LUKS is in good condition, can we just use > isLuks command? Does this cmd trigger some internal sanitary > checking? Hm, in theory yes (it calls functions that will do autorecovery), so side e= ffect is that it validates JSON areas. But note that any LUKS load will recover invalid JSON area if there is one = area valid (it requires access to cryptsetup locks directory and of course = write access rights to the image/device). IOW it should "autorepair". If not possible, commands starts to fail as the= re is no LUKS2 header. Milan --_000_CH2P132MB01871CF42C7DFEC7368F774F877C0CH2P132MB0187NAMP_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi Milan

We have problem now 8-)

I did 'cryptsetup format' at initramfs, where I a= lso 'add token' to luks passphrase slot 0.

It seems to work as expected in later luksOpen (w= ithout asking me passphrase) when still in initramfs. Even next run a= fter power cycle reboot. However after it runs to normal rootfs, then= when I try to do luksOpen still as root user, it ask for passphrase.

I can see my passphrases are both in @u and @us k= eyring both at initramfs time and when run as root in normal linux. H= owever, in initramfs, my passphrasses are also in @s, which probably is why= in initramfs time, I can auto activate (open) my luks partitions.

Cryptsetup man page says:

token <add|remove> <device>

&= nbsp; Adds a new keyring token to enable auto-activ= ation of the device. For the auto-

&= nbsp; activation, the passp= hrase must be stored in keyring with&nb= sp; the specified

&= nbsp; description. Usually, the passphrase should be stored in user&nb= sp; or user-session

&nb= sp; keyring. The token command is supported only for LUK= S2.

My passphrases are in both user and user-session = keyrings, maybe I just ran into some unusual case where passphrases also ne= ed to be in session keyring. Do you know what’s the reason?

Thank you!

Hualing

-----Original Message-----
From: Hualing Yu
Sent: Tuesday, October 29, 2019 11:03 AM
To: Milan Broz <gmazyland@gmail.com>; dm-crypt@saout.de
Subject: RE: [dm-crypt] 10 M Luks2 header size?

Hi Milan,

Great! This helps a lot! I'm going to= design our redundant file systems around this.

I'm looking forward for your article on better us= ing JSON area.

No more question now, at this moment 8-)

We definitely will encounter somethings later whe= n implementing this. Will bother you again then. And I'll let y= ou know how we make it here no matter what.

Again, very appreciate all you helps, your time a= nd expertise!

Best regard,

Hualing

-----Original Message-----

From: Milan Broz [mailto:gmazyl= and@gmail.com]

Sent: Tuesday, October 29, 2019 9:08 AM

To: Hualing Yu <hualing.yu@jc= i.com>; dm-crypt@saout.de

Subject: Re: [dm-crypt] 10 M Luks2 header size?

On 28/10/2019 14:50, Hualing Yu wrote:=

> I am sorry that I cannot resist asking more = questions as your answer

> indicate more opportunities 8-) If the= y are very simple to you to

> answer, thank you for just drop a few lines;= if not, you can simply

> ignore.

> 1. You said &#= 8220;…if you have no extra user JSON data stored there”.

> Can we use that area to store additional use= r data? How?

You can create custom token type and import direc= tly JSON through cryptsetup token import command. There is just mandatory t= ype object, otherwise it can be arbitrary valid JSON.

(I plan to write some article about it but I prom= ised this months ago ... :-)

> 2. To check if= a LUKS is in good condition, can we just use

> isLuks command? Does this cmd trigger = some internal sanitary

> checking?

Hm, in theory yes (it calls functions that will d= o autorecovery), so side effect is that it validates JSON areas.=

But note that any LUKS load will recover invalid = JSON area if there is one area valid (it requires access to cryptsetup lock= s directory and of course write access rights to the image/device).

IOW it should "autorepair". If not poss= ible, commands starts to fail as there is no LUKS2 header.

Milan

--_000_CH2P132MB01871CF42C7DFEC7368F774F877C0CH2P132MB0187NAMP_-- From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Mon, 4 Nov 2019 11:40:12 +0100 (CET) References:

<4eea62ab-e121-d069-9be2-048b09cf301e@gmail.com>

<4fd9084a-e78d-6c16-edb7-2dec936023dc@gmail.com> From: Ondrej Kozina Message-ID: Date: Mon, 4 Nov 2019 11:33:39 +0100 MIME-Version: 1.0 In-Reply-To: Content-Language: en-US Content-Type: text/plain; charset=WINDOWS-1252; format=flowed Content-Transfer-Encoding: quoted-printable Subject: Re: [dm-crypt] 10 M Luks2 header size? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de Cc: hualing.yu@jci.com On 11/3/19 4:33 AM, Hualing Yu wrote: > Hi Milan >=20 > We have problem now 8-) >=20 > I did 'cryptsetup format' at initramfs, where I also 'add token' to luks= =20 > passphrase slot 0. >=20 > It seems to work as expected in later luksOpen (without asking me=20 > passphrase) when still in initramfs.=A0 Even next run after power cycle= =20 > reboot.=A0 However after it runs to normal rootfs, then when I try to do= =20 > luksOpen still as root user, it ask for passphrase. >=20 > I can see my passphrases are both in @u and @us keyring both at=20 > initramfs time and when run as root in normal linux.=A0 However, in=20 > initramfs, my passphrasses are also in @s, which probably is why in=20 > initramfs time, I can auto activate (open) my luks partitions. >=20 > Cryptsetup man page says: >=20 > token >=20 > =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 Adds a new keyring token to enab= le auto-activation of the=20 > device.=A0=A0 For=A0 the=A0 auto- >=20 > =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 activation,=A0=A0 the=A0=A0 pass= phrase=A0 must=A0 be=A0 stored=A0 in =20 > keyring=A0 with=A0 the=A0 specified >=20 > =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 description. Usually, the passph= rase should=A0 be=A0 stored =20 > in=A0 user=A0 or=A0 user-session >=20 > =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 keyring.=A0 The token command is= supported only for LUKS2. >=20 > My passphrases are in both user and user-session keyrings, maybe I just= =20 > ran into some unusual case where passphrases also need to be in session= =20 > keyring.=A0 Do you know what=92s the reason? Maybe the key is unreachable from your current session after switching=20 out from initramfs. Can you read the key payload with "keyctl read=20 " command? Regards O. From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-eopbgr820075.outbound.protection.outlook.com [40.107.82.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Mon, 4 Nov 2019 15:59:20 +0100 (CET) From: Hualing Yu Date: Mon, 4 Nov 2019 14:59:18 +0000 Message-ID: References:

<4eea62ab-e121-d069-9be2-048b09cf301e@gmail.com>

<4fd9084a-e78d-6c16-edb7-2dec936023dc@gmail.com>

In-Reply-To: Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_CH2P132MB0187684C805E914A8A4F67F1877F0CH2P132MB0187NAMP_" MIME-Version: 1.0 Subject: Re: [dm-crypt] 10 M Luks2 header size? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Ondrej Kozina , "dm-crypt@saout.de" --_000_CH2P132MB0187684C805E914A8A4F67F1877F0CH2P132MB0187NAMP_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Ondrej, Yes, I can read the key content when it seems not automatically used to act= ivate (open) the luks partition it assigned to. However, after I did 'keyctl link @us @s' Then 'cryptsetup luksOpen' didn't prompt for passphrase but directly activa= ted the partition (show up under /dev/mapper/) It seem the auto-activation need to have the key in session keyring, not ju= st user session keyring, while as the man page said it only need to be in e= ither @u or @us. I can add this keyring link command every time try to open luks, but I want= to know if we are supposed to do so or this indicated something wrong. Thanks, Hualing -----Original Message----- From: Ondrej Kozina [mailto:okozina@redhat.com] Sent: Monday, November 04, 2019 5:34 AM To: dm-crypt@saout.de Cc: Hualing Yu Subject: Re: [dm-crypt] 10 M Luks2 header size? On 11/3/19 4:33 AM, Hualing Yu wrote: > Hi Milan > > We have problem now 8-) > > I did 'cryptsetup format' at initramfs, where I also 'add token' to > luks passphrase slot 0. > > It seems to work as expected in later luksOpen (without asking me > passphrase) when still in initramfs. Even next run after power cycle > reboot. However after it runs to normal rootfs, then when I try to do > luksOpen still as root user, it ask for passphrase. > > I can see my passphrases are both in @u and @us keyring both at > initramfs time and when run as root in normal linux. However, in > initramfs, my passphrasses are also in @s, which probably is why in > initramfs time, I can auto activate (open) my luks partitions. > > Cryptsetup man page says: > > token > > Adds a new keyring token to enable auto-activation of > the device. For the auto- > > activation, the passphrase must be stored in > keyring with the specified > > description. Usually, the passphrase should be stored > in user or user-session > > keyring. The token command is supported only for LUKS2. > > My passphrases are in both user and user-session keyrings, maybe I > just ran into some unusual case where passphrases also need to be in > session keyring. Do you know what's the reason? Maybe the key is unreachable from your current session after switching out = from initramfs. Can you read the key payload with "keyctl read " = command? Regards O. --_000_CH2P132MB0187684C805E914A8A4F67F1877F0CH2P132MB0187NAMP_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi Ondrej,

Yes, I can read the key content when it seems not= automatically used to activate (open) the luks partition it assigned to.

However, after I did ‘keyctl link @us= @s’

Then ‘cryptsetup luksOpen’ didn’= ;t prompt for passphrase but directly activated the partition (show up unde= r /dev/mapper/)

It seem the auto-activation need to have the key = in session keyring, not just user session keyring, while as the man page sa= id it only need to be in either @u or @us.

I can add this keyring link command every time tr= y to open luks, but I want to know if we are supposed to do so or this indi= cated something wrong.

Thanks,

Hualing

-----Original Message-----
From: Ondrej Kozina [mailto:okozina@redhat.com]
Sent: Monday, November 04, 2019 5:34 AM
To: dm-crypt@saout.de
Cc: Hualing Yu <hualing.yu@jci.com>
Subject: Re: [dm-crypt] 10 M Luks2 header size?

On 11/3/19 4:33 AM, Hualing Yu wrote:<= /p>

> Hi Milan

> We have problem now 8-)

> I did 'cryptsetup format' at initramfs, wher= e I also 'add token' to

> luks passphrase slot 0.

> It seems to work as expected in later luksOp= en (without asking me

> passphrase) when still in initramfs. E= ven next run after power cycle

> reboot. However after it runs to norma= l rootfs, then when I try to do

> luksOpen still as root user, it ask for pass= phrase.

> I can see my passphrases are both in @u and = @us keyring both at

> initramfs time and when run as root in norma= l linux. However, in

> initramfs, my passphrasses are also in @s, w= hich probably is why in

> initramfs time, I can auto activate (open) m= y luks partitions.

> Cryptsetup man page says:

> token <add|remove> <device>=

> &n= bsp; Adds a new keyring token to enable= auto-activation of

> the device. For the = auto-

> &n= bsp; activation, the &= nbsp; passphrase must be stored in

> keyring with the specified=

> &n= bsp; description. Usually, the passphra= se should be stored

> in user or user-session

> &n= bsp; keyring. The token command i= s supported only for LUKS2.

> My passphrases are in both user and user-ses= sion keyrings, maybe I

> just ran into some unusual case where passph= rases also need to be in

> session keyring. Do you know what̵= 7;s the reason?

Maybe the key is unreachable from your current se= ssion after switching out from initramfs. Can you read the key payload with= "keyctl read <your_key>" command?

Regards O.

--_000_CH2P132MB0187684C805E914A8A4F67F1877F0CH2P132MB0187NAMP_--