Hello,

 

I have a question on Luks2 header size.  I created luck2 partition with out one passphrase slot enabled.  But it seems to take really 10 M space.  Here is the luks dump:

sh-4.4# cryptsetup luksDump /dev/mmcblk2gp0p2
LUKS header information
Version: 2
Epoch: 3
Metadata area: 16384 [bytes]
Keyslots area: 16744448 [bytes] <<<<<<<<<<<<<<<<<<<<<< why keyslots take so much space?
UUID: 9037890e-0f2b-4d73-b93b-e2bb53579492
Label: (no label)
Subsystem: (no subsystem)
Flags: (no flags)

Data segments:
0: crypt
offset: 16777216 [bytes] <<<<<<<<<<<<<<<<<<<<<<< so this means the space available to user data is after keylots
length: (whole device)
cipher: aes-xts-plain64
sector: 512 [bytes]

I check in the internet and found all luks2 header dumps show the same values for those two commented entries.
I actually also looked into my device content using dd command, and see indeed the space before 16777216 bytes (10 M) is all scatted filled with something, only after that point, it is all '0'. I zeroed out entire device before doing cryptsetup luksFormat.

Also checked the mapped device size from /dev/mapper/<mapped dev>, and from dev/<device> :

sh-4.4# fdisk -l /dev/mmcblk2gp0p2

Disk /dev/mmcblk2gp0p2: 392 MB, 411041792 bytes, 802816 sectors

12544 cylinders, 4 heads, 16 sectors/track

Units: sectors of 1 * 512 = 512 bytes

 

Disk /dev/mmcblk2gp0p2 doesn't contain a valid partition table

sh-4.4#

sh-4.4# fdisk -l /dev/mapper/gp0p2

Disk /dev/mapper/gp0p2: 376 MB, 394264576 bytes, 770048 sectors

47 cylinders, 255 heads, 63 sectors/track

Units: sectors of 1 * 512 = 512 bytes

 

411041792 – 394264576 = 16777216 (10M)

 

Is there anything wrong?  Should luks has so much overhead?

I appreciate it greatly if you could share you thinking on this.

 

Thank you,

 

 

Hualing

 

_____________________________________________
From: Hualing Yu
Sent: Friday, October 18, 2019 10:22 AM
To: dm-crypt@saout.de
Subject: question on LUKS2

 

 

Hello,

 

Is this mailing list still active?

May I still ask questions here?

 

Thanks,

 

 

Hualing

Yu

 

Firmware Engineering

Security Products

Johnson Controls

6 Technology Park Drive

Westford, MA 01886

USA

+1 978 577 4171 direct