[yocto] What kernel configs are needed for using DM_CRYPT with cryptsetup?
Maxim Radugin
maxim.radugin at gmail.com
Thu Jul 24 01:55:38 PDT 2014
Hello Brian,
You have to enable CONFIG_DM_CRYPT and CONFIG_BLK_DEV_DM in kernel;
Also make sure you have corresponding CONFIG_CRYPTO* enabled. And, if
compiled as modules, make sure that modules are loaded before running
cryptsetup during runtime
See https://code.google.com/p/cryptsetup/wiki for more info.
BR,
Maxim.
On Fri, Jul 18, 2014 at 11:31 PM, Wenholz, Brian (GE Healthcare) <
Brian.Wenholz at med.ge.com> wrote:
> All,
>
>
>
> I have been struggling to get this working. I intend to use an encrypted
> loop device during runtime (not at boot time). I have included the meta-oe
> cryptsetup recipe (V1.6.2) and am trying to “create” (or open) the loop
> file on my Yocto system.
>
>
>
> The basic attempt is:
>
>
>
> head -c 100M /dev/zero > test
>
> cryptsetup create t1 test
>
>
>
> The passphrase is requested and then cryptsetup hangs. Strace reveals that
> cryptsetup is hanging on a kernel semaphore that never returns, but I have
> been unable to decipher (pun intended) what the meaning of the strace log
> is.
>
>
>
> Any help would be appreciated.
>
>
>
> Brian Wenholz
>
>
>
> The strace log follows and kernel config is attached:
>
>
>
> execve("/usr/sbin/cryptsetup", ["cryptsetup", "create", "t1", "test"], [/*
> 15 vars */]) = 0
>
> brk(0) = 0x8056000
>
> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
> = 0xb77ca000
>
> access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or
> directory)
>
> open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
>
> fstat64(3, {st_mode=S_IFREG|0644, st_size=43040, ...}) = 0
>
> mmap2(NULL, 43040, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb77bf000
>
> close(3) = 0
>
> open("/usr/lib/libcryptsetup.so.4", O_RDONLY|O_CLOEXEC) = 3
>
> read(3,
> "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\220\320\207H4\0\0\0"...,
> 512) = 512
>
> fstat64(3, {st_mode=S_IFREG|0755, st_size=158244, ...}) = 0
>
> mmap2(0x4887a000, 155620, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE,
> 3, 0) = 0x4887a000
>
> mmap2(0x4889f000, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x25) = 0x4889f000
>
> close(3) = 0
>
> open("/usr/lib/libpopt.so.0", O_RDONLY|O_CLOEXEC) = 3
>
> read(3,
> "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P:\213H4\0\0\0"..., 512) =
> 512
>
> fstat64(3, {st_mode=S_IFREG|0755, st_size=47060, ...}) = 0
>
> mmap2(0x488b2000, 48332, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE,
> 3, 0) = 0x488b2000
>
> mmap2(0x488bd000, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xa) = 0x488bd000
>
> close(3) = 0
>
> open("/lib/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
>
> read(3,
> "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0p6\272I4\0\0\0"..., 512) =
> 512
>
> fstat64(3, {st_mode=S_IFREG|0755, st_size=1527200, ...}) = 0
>
> mmap2(0x49b8a000, 1534652, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE,
> 3, 0) = 0x49b8a000
>
> mmap2(0x49cfb000, 12288, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x171) = 0x49cfb000
>
> mmap2(0x49cfe000, 10940, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x49cfe000
>
> close(3) = 0
>
> open("/lib/libuuid.so.1", O_RDONLY|O_CLOEXEC) = 3
>
> read(3,
> "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320N{H4\0\0\0"..., 512) =
> 512
>
> fstat64(3, {st_mode=S_IFREG|0755, st_size=15820, ...}) = 0
>
> mmap2(0x487b4000, 12776, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE,
> 3, 0) = 0x487b4000
>
> mmap2(0x487b7000, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3) = 0x487b7000
>
> close(3) = 0
>
> open("/usr/lib/libdevmapper.so.1.02", O_RDONLY|O_CLOEXEC) = 3
>
> read(3,
> "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300\361{H4\0\0\0"..., 512)
> = 512
>
> fstat64(3, {st_mode=S_IFREG|0555, st_size=242320, ...}) = 0
>
> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
> = 0xb77be000
>
> mmap2(0x487ba000, 243612, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE,
> 3, 0) = 0x487ba000
>
> mmap2(0x487f2000, 12288, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x38) = 0x487f2000
>
> mmap2(0x487f5000, 1948, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x487f5000
>
> close(3) = 0
>
> open("/usr/lib/libssl.so.1.0.0", O_RDONLY|O_CLOEXEC) = 3
>
> read(3,
> "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\220a\202H4\0\0\0"..., 512)
> = 512
>
> fstat64(3, {st_mode=S_IFREG|0755, st_size=387880, ...}) = 0
>
> mmap2(0x4881a000, 385004, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE,
> 3, 0) = 0x4881a000
>
> mmap2(0x48873000, 20480, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x59) = 0x48873000
>
> close(3) = 0
>
> open("/lib/libcrypto.so.1.0.0", O_RDONLY|O_CLOEXEC) = 3
>
> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0@\211\222H4\0\0\0"...,
> 512) = 512
>
> fstat64(3, {st_mode=S_IFREG|0755, st_size=1798156, ...}) = 0
>
> mmap2(0x488e6000, 1808880, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE,
> 3, 0) = 0x488e6000
>
> mmap2(0x48a85000, 98304, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x19f) = 0x48a85000
>
> mmap2(0x48a9d000, 10736, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x48a9d000
>
> close(3) = 0
>
> open("/lib/libudev.so.0", O_RDONLY|O_CLOEXEC) = 3
>
> read(3,
> "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`\264\200H4\0\0\0"..., 512)
> = 512
>
> fstat64(3, {st_mode=S_IFREG|0755, st_size=56976, ...}) = 0
>
> mmap2(0x48809000, 58164, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE,
> 3, 0) = 0x48809000
>
> mmap2(0x48817000, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xd) = 0x48817000
>
> close(3) = 0
>
> open("/lib/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
>
> read(3,
> "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\260:\320I4\0\0\0"..., 512)
> = 512
>
> fstat64(3, {st_mode=S_IFREG|0755, st_size=15576, ...}) = 0
>
> mmap2(0x49d03000, 16516, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE,
> 3, 0) = 0x49d03000
>
> mmap2(0x49d06000, 8192, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2) = 0x49d06000
>
> close(3) = 0
>
> open("/lib/librt.so.1", O_RDONLY|O_CLOEXEC) = 3
>
> read(3,
> "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\220)\327I4\0\0\0"..., 512)
> = 512
>
> fstat64(3, {st_mode=S_IFREG|0755, st_size=32476, ...}) = 0
>
> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
> = 0xb77bd000
>
> mmap2(0x49d71000, 33356, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE,
> 3, 0) = 0x49d71000
>
> mmap2(0x49d78000, 8192, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6) = 0x49d78000
>
> close(3) = 0
>
> open("/lib/libpthread.so.0", O_RDONLY|O_CLOEXEC) = 3
>
> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0@\372\320I4\0\0\0"...,
> 512) = 512
>
> fstat64(3, {st_mode=S_IFREG|0755, st_size=93860, ...}) = 0
>
> mmap2(0x49d0a000, 102920, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE,
> 3, 0) = 0x49d0a000
>
> mmap2(0x49d20000, 8192, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x15) = 0x49d20000
>
> mmap2(0x49d22000, 4616, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x49d22000
>
> close(3) = 0
>
> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
> = 0xb77bc000
>
> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
> = 0xb77bb000
>
> set_thread_area({entry_number:-1 -> 6, base_addr:0xb77bcac0,
> limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1,
> seg_not_present:0, useable:1}) = 0
>
> mprotect(0x49cfb000, 8192, PROT_READ) = 0
>
> mprotect(0x487b0000, 4096, PROT_READ) = 0
>
> mprotect(0x49d06000, 4096, PROT_READ) = 0
>
> mprotect(0x49d78000, 4096, PROT_READ) = 0
>
> mprotect(0x49d20000, 4096, PROT_READ) = 0
>
> munmap(0xb77bf000, 43040) = 0
>
> set_tid_address(0xb77bcb28) = 1310
>
> set_robust_list(0xb77bcb30, 12) = 0
>
> futex(0xbfc4f218, FUTEX_WAKE_PRIVATE, 1) = 0
>
> futex(0xbfc4f214, FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME, 1, NULL,
> b77bcac0) = -1 EAGAIN (Resource temporarily unavailable)
>
> rt_sigaction(SIGRTMIN, {0x49d0f460, [], SA_SIGINFO}, NULL, 8) = 0
>
> rt_sigaction(SIGRT_1, {0x49d0f4f0, [], SA_RESTART|SA_SIGINFO}, NULL, 8) = 0
>
> rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
>
> getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM_INFINITY}) = 0
>
> uname({sys="Linux", node="lintest", ...}) = 0
>
> brk(0) = 0x8056000
>
> brk(0x8077000) = 0x8077000
>
> mlockall(MCL_CURRENT|MCL_FUTURE) = 0
>
> getpriority(PRIO_PROCESS, 0) = 20
>
> setpriority(PRIO_PROCESS, 0, -18) = 0
>
> rt_sigaction(SIGINT, {0x804c2d0, [], 0}, NULL, 8) = 0
>
> rt_sigaction(SIGTERM, {0x804c2d0, [], 0}, NULL, 8) = 0
>
> rt_sigprocmask(SIG_UNBLOCK, [INT TERM], NULL, 8) = 0
>
> open("test", O_RDONLY|O_LARGEFILE) = 3
>
> fstat64(3, {st_mode=S_IFREG|0644, st_size=104857600, ...}) = 0
>
> close(3) = 0
>
> open("/dev/urandom", O_RDONLY|O_LARGEFILE) = 3
>
> open("/dev/random", O_RDONLY|O_NONBLOCK|O_LARGEFILE) = 4
>
> open("/dev/crypto", O_RDWR) = -1 ENOENT (No such file or
> directory)
>
> ioctl(0, SNDCTL_TMR_TIMEBASE or SNDRV_TIMER_IOCTL_NEXT_DEVICE or TCGETS,
> {B115200 opost isig icanon echo ...}) = 0
>
> open("/dev/tty", O_RDWR|O_LARGEFILE) = 5
>
> ioctl(5, SNDCTL_TMR_TIMEBASE or SNDRV_TIMER_IOCTL_NEXT_DEVICE or TCGETS,
> {B115200 opost isig icanon echo ...}) = 0
>
> write(5, "Enter passphrase: ", 18Enter passphrase: ) = 18
>
> ioctl(5, SNDCTL_TMR_CONTINUE or SNDRV_TIMER_IOCTL_GPARAMS or TCSETSF,
> {B115200 opost isig icanon -echo ...}) = 0
>
> read(5, "gehc-mic\n", 512) = 9
>
> ioctl(5, SNDCTL_TMR_CONTINUE or SNDRV_TIMER_IOCTL_GPARAMS or TCSETSF,
> {B115200 opost isig icanon echo ...}) = 0
>
> write(5, "\n", 1
>
> ) = 1
>
> close(5) = 0
>
> uname({sys="Linux", node="sunrise", ...}) = 0
>
> uname({sys="Linux", node="sunrise", ...}) = 0
>
> stat64("/dev/mapper/control", {st_mode=S_IFCHR|0600, st_rdev=makedev(10,
> 236), ...}) = 0
>
> open("/dev/mapper/control", O_RDWR|O_LARGEFILE) = 5
>
> open("/proc/devices", O_RDONLY|O_LARGEFILE) = 6
>
> fstat64(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
>
> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
> = 0xb77c9000
>
> read(6, "Character devices:\n 1 mem\n 2 p"..., 1024) = 513
>
> close(6) = 0
>
> munmap(0xb77c9000, 4096) = 0
>
> ioctl(5, DM_VERSION, 0x8059ba8) = 0
>
> ioctl(5, DM_LIST_VERSIONS, 0x8059b10) = 0
>
> semctl(0, 0, IPC_64|SEM_INFO, 0xbfc4f0a8) = 0
>
> open("/etc/udev/udev.conf", O_RDONLY|O_LARGEFILE|O_CLOEXEC) = 6
>
> fcntl64(6, F_GETFD) = 0x1 (flags FD_CLOEXEC)
>
> fstat64(6, {st_mode=S_IFREG|0644, st_size=69, ...}) = 0
>
> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
> = 0xb77c9000
>
> read(6, "# see udev(7) for details\n\n#udev"..., 1024) = 69
>
> read(6, "", 1024) = 0
>
> close(6) = 0
>
> munmap(0xb77c9000, 4096) = 0
>
> open("/var/run/udev/queue.bin", O_RDONLY|O_LARGEFILE|O_CLOEXEC) = 6
>
> fstat64(6, {st_mode=S_IFREG|0644, st_size=8, ...}) = 0
>
> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
> = 0xb77c9000
>
> read(6, "\337\5\0\0\0\0\0\0", 4096) = 8
>
> close(6) = 0
>
> munmap(0xb77c9000, 4096) = 0
>
> ioctl(5, DM_TABLE_STATUS, 0x8059a40) = -1 ENXIO (No such device or
> address)
>
> open("/dev/loop-control", O_RDONLY|O_LARGEFILE) = 6
>
> ioctl(6, LOOP_CTL_GET_FREE) = 1
>
> close(6) = 0
>
> stat64("/dev/loop1", {st_mode=S_IFBLK|0660, st_rdev=makedev(7, 1), ...}) =
> 0
>
> open("test", O_RDWR|O_EXCL|O_LARGEFILE) = 6
>
> open("/dev/loop1", O_RDWR|O_LARGEFILE) = 7
>
> ioctl(7, LOOP_SET_FD, 0x6) = 0
>
> ioctl(7, LOOP_SET_STATUS64, {offset=0, number=0, flags=LO_FLAGS_AUTOCLEAR,
> file_name="test", ...}) = 0
>
> ioctl(7, LOOP_GET_STATUS64, {offset=0, number=1, flags=LO_FLAGS_AUTOCLEAR,
> file_name="test", ...}) = 0
>
> close(6) = 0
>
> open("/dev/loop1", O_RDONLY|O_LARGEFILE) = 6
>
> fstat64(6, {st_mode=S_IFBLK|0660, st_rdev=makedev(7, 1), ...}) = 0
>
> close(6) = 0
>
> stat64("/dev/loop1", {st_mode=S_IFBLK|0660, st_rdev=makedev(7, 1), ...}) =
> 0
>
> open("/dev/loop1", O_RDWR|O_EXCL|O_LARGEFILE) = 6
>
> ioctl(6, BLKROGET, 0) = 0
>
> ioctl(6, BLKGETSIZE64, 104857600) = 0
>
> close(6) = 0
>
> open("/dev/urandom", O_RDONLY|O_LARGEFILE) = 6
>
> read(6, "L|", 2) = 2
>
> semget(0xd4d7c4c, 1, IPC_CREAT|IPC_EXCL|0600) = 0
>
> semctl(0, 0, IPC_64|SETVAL, 0xbfc4efa8) = 0
>
> semctl(0, 0, IPC_64|GETVAL, 0xbfc4efa8) = 1
>
> close(6) = 0
>
> semop(0, {{0, 1, 0}}, 1) = 0
>
> semctl(0, 0, IPC_64|GETVAL, 0xbfc4f008) = 2
>
> open("/dev/loop1", O_RDONLY|O_LARGEFILE) = 6
>
> ioctl(6, BLKRAGET, 256) = 0
>
> close(6) = 0
>
> ioctl(5, DM_DEV_CREATE, 0x805dad8) = 0
>
> ioctl(5, DM_TABLE_LOAD, 0x805dad8) = 0
>
> ioctl(5, DM_DEV_SUSPEND, 0x805dad8) = 0
>
> semget(0xd4d7c4c, 1, 0) = 0
>
> semctl(0, 0, IPC_64|GETVAL, 0xbfc4eff8) = 2
>
> semop(0, {{0, -1, IPC_NOWAIT}}, 1) = 0
>
> semop(0, {{0, 0, 0}}, 1
>
>
>
>
>
> --
> _______________________________________________
> yocto mailing list
> yocto at yoctoproject.org
> https://lists.yoctoproject.org/listinfo/yocto
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/yocto/attachments/20140724/a7babc16/attachment.html>
More information about the yocto
mailing list