dm-crypt tests

Some tests I did to understand how to work with dm-crypt.

Create

slap steph # dd if=/dev/urandom bs=1M count=2 >> crypttest
2+0 records in
2+0 records out
2097152 bytes (2.1 MB) copied, 0.673763 s, 3.1 MB/s
slap steph # ls -l crypttest 
-rw-r--r-- 1 steph users 2097152 May 30 14:13 crypttest
slap steph # losetup -f
/dev/loop3
slap steph # losetup /dev/loop3 crypttest
slap steph # cryptsetup -y -c serpent -s 256 create mycrypt /dev/loop3
Enter passphrase: 
Verify passphrase:
slap steph # dmsetup ls
mycrypt (254, 4)
crypt-steph     (254, 3)
crypt-swap      (254, 0)
crypt-bn        (254, 2)
crypt-tmp       (254, 1)
slap steph # mkreiserfs /dev/mapper/mycrypt 
mkreiserfs 3.6.19 (2003 www.namesys.com)

A pair of credits:
Yury Umanets  (aka Umka)  developed  libreiser4,  userspace  plugins,  and  all
userspace tools (reiser4progs) except of fsck.

Vladimir Saveliev started as the most junior programmer on the team, and became
the lead programmer.  He is now an experienced highly productive programmer. He
wrote the extent  handling code for Reiser4,  plus parts of  the balancing code 
and file write and file read.


Guessing about desired format.. Kernel 2.6.18-gentoo-r6 is running.
reiserfs_create_journal: cannot create a journal of 8193 blocks with 18 offset on 512 blocks

Too small! Recreate at over 32M (521/2 = 256. 8193/256 ~= 32). I’ll do 100M

slap steph # cryptsetup remove mycrypt
slap steph # dmsetup ls
crypt-steph     (254, 3)
crypt-swap      (254, 0)
crypt-bn        (254, 2)
crypt-tmp       (254, 1)
slap steph # losetup -d /dev/loop3
slap steph # losetup -f
/dev/loop3
slap steph # dd if=/dev/urandom bs=1M count=100 > crypttest
100+0 records in
100+0 records out
104857600 bytes (105 MB) copied, 34.2838 s, 3.1 MB/s
slap steph # ls -l crypttest 
-rw-r--r-- 1 steph users 104857600 May 30 14:38 crypttest
slap steph # losetup /dev/loop3 crypttest
slap steph # cryptsetup -y -c serpent -s 256 create mycrypt /dev/loop3
Enter passphrase: 
Verify passphrase: 
slap steph # dmsetup ls
mycrypt (254, 4)
crypt-steph     (254, 3)
crypt-swap      (254, 0)
crypt-bn        (254, 2)
crypt-tmp       (254, 1)
slap steph # mkreiserfs /dev/mapper/mycrypt 
mkreiserfs 3.6.19 (2003 www.namesys.com)

A pair of credits:
Oleg Drokin was the debugger for  V3 during most of the time that  V4 was under
development,  and was quite  skilled and fast at it.  He wrote  the large write
optimization of V3.

Jeremy  Fitzhardinge  wrote  the  teahash.c  code  for  V3.  Colin  Plumb  also
contributed to that.


Guessing about desired format.. Kernel 2.6.18-gentoo-r6 is running.
Format 3.6 with standard journal
Count of blocks on the device: 25600
Number of blocks consumed by mkreiserfs formatting process: 8212
Blocksize: 4096
Hash function used to sort names: "r5"
Journal Size 8193 blocks (first block 18)
Journal Max transaction length 1024
inode generation number: 0
UUID: da6a44e2-f7f8-4e69-a5d3-7c9c70b8adaf
ATTENTION: YOU SHOULD REBOOT AFTER FDISK!
        ALL DATA WILL BE LOST ON '/dev/mapper/mycrypt'!
Continue (y/n):y
Initializing journal - 0%....20%....40%....60%....80%....100%
Syncing..ok

Tell your friends to use a kernel based on 2.4.18 or later, and especially not a
kernel based on 2.4.9, when you use reiserFS. Have fun.

ReiserFS is successfully created on /dev/mapper/mycrypt.
slap steph # mount /dev/mapper/mycrypt cryptmount

Create test files

slap steph # echo "testing testing 123" > cryptmount/test1.txt
slap steph # mkdir cryptmount/testdir
slap steph # echo "testing testing 234" > cryptmount/testdir/test2.txt
slap steph # echo "testing testing 345" > cryptmount/testdir/test3.txt
slap steph # cat cryptmount/test1.txt         
testing testing 123
slap steph # cat cryptmount/testdir/test2.txt 
testing testing 234
slap steph # cat cryptmount/testdir/test3.txt 
testing testing 345

Test unmount

slap steph # umount cryptmount
slap steph # cryptsetup remove mycrypt
slap steph # losetup -d /dev/loop3
slap steph # losetup -f
/dev/loop3
slap steph # dmsetup ls
crypt-steph     (254, 3)
crypt-swap      (254, 0)
crypt-bn        (254, 2)
crypt-tmp       (254, 1)

Test remount

slap steph # losetup /dev/loop3 crypttest
slap steph # cryptsetup -y -c serpent -s 256 create mycrypt /dev/loop3
Enter passphrase: 
Verify passphrase: 
slap steph # mount /dev/mapper/mycrypt cryptmount 
slap steph # ls cryptmount/
test1.txt  testdir
slap steph # cat cryptmount/test1.txt 
testing testing 123
slap steph # cat cryptmount/testdir/test2.txt 
testing testing 234
slap steph # cat cryptmount/testdir/test3.txt 
testing testing 345

Test resize

slap steph # umount cryptmount
slap steph # cryptsetup remove mycrypt
slap steph # losetup -d /dev/loop3
slap steph # losetup -f
/dev/loop3
slap steph # dmsetup ls
crypt-steph     (254, 3)
crypt-swap      (254, 0)
crypt-bn        (254, 2)
crypt-tmp       (254, 1)
slap steph # dd if=/dev/urandom bs=1M count=50 >> crypttest
50+0 records in
50+0 records out
52428800 bytes (52 MB) copied, 15.263 s, 3.4 MB/s
slap steph # ls -l crypttest
-rw-r--r-- 1 steph users 157286400 May 30 14:56 crypttest
slap steph # losetup /dev/loop3 crypttest
slap steph # cryptsetup -y -c serpent -s 256 create mycrypt /dev/loop3
Enter passphrase: 
Verify passphrase: 
slap steph # resize_reiserfs /dev/mapper/mycrypt 
resize_reiserfs 3.6.19 (2003 www.namesys.com)

ReiserFS report:
blocksize             4096
block count           38400 (25600)
free blocks           30187 (17388)
bitmap block count    2 (1)

Syncing..done


resize_reiserfs: Resizing finished successfully.

 slap steph # mount /dev/mapper/mycrypt cryptmount 
slap steph # ls cryptmount/
test1.txt  testdir
slap steph # df cryptmount 
Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/mapper/mycrypt     153588     32840    120748  22% /home/steph/cryptmount
slap steph # df -h cryptmount
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/mycrypt   150M   33M  118M  22% /home/steph/cryptmount
slap steph # cat cryptmount/test1.txt 
testing testing 123
slap steph # cat cryptmount/testdir/test2.txt 
testing testing 234
slap steph # cat cryptmount/testdir/test3.txt 
testing testing 345

Test password

slap steph # losetup /dev/loop3 crypttest 
slap steph # cryptsetup -c serpent -s 256 create mycrypt /dev/loop3 
Enter passphrase: (incorrect password entered)
slap steph # mount /dev/mapper/mycrypt cryptmount/
mount: you must specify the filesystem type

References

  • http://gentoo-wiki.com/SECURITY_dmcrypt
  • http://forums.gentoo.org/viewtopic-t-274651-highlight-encryption+pam.html
  • http://forums.gentoo.org/viewtopic-t-364612-highlight-cryptsetup+resize.html
  • http://forums.gentoo.org/viewtopic-t-454329-highlight-cryptsetup+resize.html
  • http://www.nabble.com/Encrypting-a-user-home-folder-on-a-laptop-td15512217.html
  • http://h3g3m0n.wordpress.com/2007/04/16/quick-simple-encrypted-loopback-filesystem/

Questions

What is ‘cryptsetup resize’ for?

Perhaps for resizing a block device that has changed size whilst mapped. See http://thread.gmane.org/gmane.linux.kernel.device-mapper.dm-crypt/145

Test ‘cryptsetup resize’

Clean start

slap steph # cryptsetup remove mycrypt
slap steph # losetup -d /dev/loop3
slap steph # dd if=/dev/urandom bs=1M count=100 > crypttest 
100+0 records in
100+0 records out
104857600 bytes (105 MB) copied, 33.7287 s, 3.1 MB/s
slap steph # losetup /dev/loop3 crypttest
slap steph # cryptsetup -y -c serpent -s 256 create mycrypt /dev/loop3
Enter passphrase: 
Verify passphrase: 
slap steph # mkreiserfs /dev/mapper/mycrypt 
mkreiserfs 3.6.19 (2003 www.namesys.com)

A pair of credits:
The  Defense  Advanced  Research  Projects Agency (DARPA, www.darpa.mil) is the
primary sponsor of Reiser4.  DARPA  does  not  endorse  this project; it merely 
sponsors it.

Vitaly Fertman wrote  fsck for V3 and  maintains the reiserfsprogs package now.
He wrote librepair,  userspace plugins repair code, fsck for V4,  and worked on
developing libreiser4 and userspace plugins with Umka.


Guessing about desired format.. Kernel 2.6.18-gentoo-r6 is running.
Format 3.6 with standard journal
Count of blocks on the device: 25600
Number of blocks consumed by mkreiserfs formatting process: 8212
Blocksize: 4096
Hash function used to sort names: "r5"
Journal Size 8193 blocks (first block 18)
Journal Max transaction length 1024
inode generation number: 0
UUID: 2e1b01ea-8376-4f07-8e95-7470abb4bc6d
ATTENTION: YOU SHOULD REBOOT AFTER FDISK!
        ALL DATA WILL BE LOST ON '/dev/mapper/mycrypt'!
Continue (y/n):y
Initializing journal - 0%....20%....40%....60%....80%....100%
Syncing..ok

Tell your friends to use a kernel based on 2.4.18 or later, and especially not a
kernel based on 2.4.9, when you use reiserFS. Have fun.

ReiserFS is successfully created on /dev/mapper/mycrypt.
slap steph # mount /dev/mapper/mycrypt cryptmount 
slap steph # dd if=/dev/zero > cryptmount/zeroes
dd: writing to `standard output': No space left on device
138961+0 records in
138960+0 records out
71147520 bytes (71 MB) copied, 2.78217 s, 25.6 MB/s
slap steph # ls -l cryptmount/zeroes 
-rw-r--r-- 1 root root 71147520 Jun  2 00:19 cryptmount/zeroes
slap steph # df cryptmount
Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/mapper/mycrypt     102392    102392         0 100% /home/steph/cryptmount

Resize crypttest

slap steph # dd if=/dev/urandom bs=1M count=100 >> crypttest 
100+0 records in
100+0 records out
104857600 bytes (105 MB) copied, 30.4674 s, 3.4 MB/s
slap steph # cryptsetup resize mycrypt
slap steph # resize_reiserfs /dev/mapper/mycrypt
resize_reiserfs 3.6.19 (2003 www.namesys.com)

/dev/mapper/mycrypt already is of the needed size. Nothing to be done

Reiserfs doesn’t think crypt size has changed. Perhaps ‘cryptsetup resize’ already resized the reiserfs filesystem…

slap steph # umount cryptmount
slap steph # mount /dev/mapper/mycrypt cryptmount
slap steph # dd if=/dev/zero >> cryptmount/zeroes
dd: writing to `standard output': No space left on device
1+0 records in
0+0 records out
0 bytes (0 B) copied, 0.0295515 s, 0.0 kB/s
slap steph # ls -l cryptmount/zeroes 
-rw-r--r-- 1 root root 71147520 Jun  2 00:22 cryptmount/zeroes
slap steph # df cryptmount
Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/mapper/mycrypt     102392    102392         0 100% /home/steph/cryptmount

It didn’t. Recreate crypt and try again…

slap steph # umount cryptmount 
slap steph # cryptsetup remove mycrypt
slap steph # cryptsetup -c serpent -s 256 create mycrypt /dev/loop3
Enter passphrase: 
slap steph # mount /dev/mapper/mycrypt cryptmount 
slap steph # dd if=/dev/zero >> cryptmount/zeroes
dd: writing to `standard output': No space left on device
1+0 records in
0+0 records out
0 bytes (0 B) copied, 0.0294059 s, 0.0 kB/s
slap steph # ls -l cryptmount/zeroes 
-rw-r--r-- 1 root root 71147520 Jun  2 00:24 cryptmount/zeroes
slap steph # resize_reiserfs /dev/mapper/mycrypt
resize_reiserfs 3.6.19 (2003 www.namesys.com)

/dev/mapper/mycrypt already is of the needed size. Nothing to be done

Reiserfs still doesn’t think crypt size has changed. Need to reset loop?…

slap steph # umount cryptmount 
slap steph # cryptsetup remove mycrypt
slap steph # losetup -d /dev/loop3 
slap steph # losetup /dev/loop3 crypttest
slap steph # cryptsetup -c serpent -s 256 create mycrypt /dev/loop3
Enter passphrase: 
slap steph # mount /dev/mapper/mycrypt cryptmount
slap steph # dd if=/dev/zero >> cryptmount/zeroes
dd: writing to `standard output': No space left on device
1+0 records in
0+0 records out
0 bytes (0 B) copied, 0.00282065 s, 0.0 kB/s
slap steph # ls -l cryptmount/zeroes 
-rw-r--r-- 1 root root 71147520 Jun  2 00:27 cryptmount/zeroes
slap steph # umount cryptmount
slap steph # resize_reiserfs /dev/mapper/mycrypt
resize_reiserfs 3.6.19 (2003 www.namesys.com)

ReiserFS report:
blocksize             4096
block count           51200 (25600)
free blocks           25599 (0)
bitmap block count    2 (1)

Syncing..done


resize_reiserfs: Resizing finished successfully.

slap steph # mount /dev/mapper/mycrypt cryptmounts
slap steph # dd if=/dev/zero >> cryptmount/zeroes
dd: writing to `standard output': No space left on device
204593+0 records in
204592+0 records out
104751104 bytes (105 MB) copied, 4.85683 s, 21.6 MB/s
slap steph # ls -l cryptmount/zeroes 
-rw-r--r-- 1 root root 175898624 Jun  2 00:27 cryptmount/zeroes
slap steph # df cryptmount        
Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/mapper/mycrypt     204788    204788         0 100% /home/steph/cryptmount

Resetting loop works, as expected - no new information discovered.

Resize /dev/loop3

slap steph # umount cryptmount         
slap steph # dd if=/dev/urandom bs=1M count=100 >> /dev/loop3
100+0 records in
100+0 records out
104857600 bytes (105 MB) copied, 28.5788 s, 3.7 MB/s
slap steph # cryptsetup resize mycrypt
slap steph # resize_reiserfs /dev/mapper/mycrypt 
resize_reiserfs 3.6.19 (2003 www.namesys.com)


reiserfs_open: the reiserfs superblock cannot be found on /dev/mapper/mycrypt.

Reiserfs can’t find filesystem. Recreate crypt and try again…

slap steph # cryptsetup remove mycrypt
slap steph # cryptsetup -c serpent -s 256 create mycrypt /dev/loop3
Enter passphrase: 
slap steph # mount /dev/mapper/mycrypt cryptmount 
mount: you must specify the filesystem type
slap steph # resize_reiserfs /dev/mapper/mycrypt 
resize_reiserfs 3.6.19 (2003 www.namesys.com)


reiserfs_open: the reiserfs superblock cannot be found on /dev/mapper/mycrypt.

Filesystem lost. Resizing /dev/loop3 while active is a desctructive action.

Conclusion

Can’t find any discernible changes made by ‘cryptsetup resize’. Can’t find way of resizing block device without recreateing loop hence recreating crypt (and we already know that resizing via this method already works). Must assume that ‘cryptsetup resize’ applies to block devices that can change size whilst being mapped. Perhaps partitions rather than files?

Resizing reiserfs crypt mounted with dm-crypt

Restart computer and enter incorrect password for crypt-bn.
Back up image bn.img!
Then…

slap home # umount /home/bn
umount: /home/bn: not mounted
slap home # dmsetup ls
crypt-steph     (254, 3)
crypt-swap      (254, 0)
crypt-bn        (254, 2)
crypt-tmp       (254, 1)
slap home # cryptsetup remove crypt-bn
slap home # dmsetup ls
crypt-steph     (254, 3)
crypt-swap      (254, 0)
crypt-tmp       (254, 1)
slap home # losetup -a
/dev/loop0: [0808]:942290 (/tmp.img)
/dev/loop1: [0808]:946234 (/home/bn.img)
/dev/loop2: [0808]:344097 (/home/steph.img)
/dev/loop/0: [0808]:942290 (/tmp.img)
/dev/loop/1: [0808]:946234 (/home/bn.img)
/dev/loop/2: [0808]:344097 (/home/steph.img)
slap home # losetup -d /dev/loop1
slap home # losetup -a
/dev/loop0: [0808]:942290 (/tmp.img)
/dev/loop2: [0808]:344097 (/home/steph.img)
/dev/loop/0: [0808]:942290 (/tmp.img)
/dev/loop/2: [0808]:344097 (/home/steph.img)
slap home # losetup -f
/dev/loop1
slap home # losetup /dev/loop1 /home/bn.img
slap home # cryptsetup -y -c serpent -s 256 create crypt-bn /dev/loop1
Enter passphrase: 
Verify passphrase: 
slap home # resize_reiserfs /dev/mapper/crypt-bn 
resize_reiserfs 3.6.19 (2003 www.namesys.com)

ReiserFS report:
blocksize             4096
block count           2066432 (1280000)
free blocks           803801 (17393)
bitmap block count    64 (40)

Syncing..done


resize_reiserfs: Resizing finished successfully.

slap home # mount /dev/mapper/crypt-bn /home/bn
slap home # df -lh /home/bn
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/crypt-bn  7.9G  4.9G  3.1G  62% /home/bn

Last modified: 01/06/2008 Tags:

This website is a personal resource. Nothing here is guaranteed correct or complete, so use at your own risk and try not to delete the Internet. -Stephan

Site Info

mindspill.net © Stephan Dale.

Privacy policy

Go to top