On 12/13/2017 12:35 AM, Andrius Štikonas wrote:
I was testing how well KDE Partition Manager works on LUKS2 partitions. Apparently, it fails to resize them. It seems that now cryptsetup resize asks for passphrase before resizing the container.
Yes, cryptsetup utility asks for passphrase if it detects volume key was previously passed to dm-crypt via kernel keyring service. VK is passed to kernel keyring by default for LUKS2 devices.
Unfortunately, I wasn't able to find any documentation on this. So, the passphrase is now required to resize the container? When I tried entering wrong passphrase, cryptsetup silently returns exit code 2, not 0. I guess cryptsetup refused to resize. Am I right?
Unfortunately we forgot to regenerate doxygen API documentation together with 2.0.0 final release. But we fixed the mistake recently.
See note at bottom of crypt_resize() description: https://gitlab.com/cryptsetup/cryptsetup/wikis/API/group__crypt-actions.html#ga168bcd5097cdf64774540fdeaacefbc0
On libcryptsetup API level, you can either query active device (crypt_get_active_device()) and check for CRYPT_ACTIVATE_KEYRING_KEY flag. The flag raised means you should load volume key to keyring before crypt_resize(). Or, you can detect return value from crypt_resize. The -EPERM hints you basically the same.
Thank you for the report. I'll check the silent failure with cryptsetup utility. Yes, in general exit status != 0 says the operation was not performed.
Regards Ondrej _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
