On Thu, Sep 26, 2019 at 09:41:39 CEST, Milan Broz wrote: > On 25/09/2019 21:40, .. ink .. wrote: > > I just added an ability to create an authenticated luks2 device in > > zuluCrypt[1] and i am > > wondering why these volumes need to be wiped when created. I made it work by > > looking at how cryptsetup does it but i don't understand why because i > > have so far > > failed to find any documentation about it. > > I think it is explained in the referenced paper, we should add a FAQ about > it. > > Initial wipe recalculates integrity tags - so you can read the device afterward. > > If you skip initialization (wipe), integrity tags for all sectors is > incorrect and read will return integrity failure (EILSEQ errno). > > In theory, it is not a problem ("do not read what you did not write"). > > But it reality it cases many programs to fail because it can access device > through page cache. If the *write* is not aligned to a page, page cache tries > to first read content, then update content, and write it back to the device. > > But as said above, all read fails because integrity tags are not > initialized, thus even page-unaligned writes can fail. (I have seen this > problem even in programs like mkfs, where it is apparent bug.) This is a specific problem with anything authenticated: Even non-data needs to be authenticated, because there is no way to distinguish it from data on that level. Hence expecting to have to do a full "initialization" pass at the start on authenticated storage is perfectly reasonable. I can add an FAQ secion on authenticated encryption fpr this. Do you have a link to the reference paper? Regards, Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- A good decision is based on knowledge and not on numbers. -- Plato If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx https://www.saout.de/mailman/listinfo/dm-crypt