To answer my own issue, i will point out this lovely code in the MTK kernel which makes it so dmcrypt _only_ works on android https://github.com/GS290-dev/android_kernel_gigaset_mt6763/blame/lineage-18.1/drivers/md/dm-crypt.c#L1238 Patched with the following fixes it :) Adam credit to https://forums.ubports.com/topic/6076/device-mapper-crypto-not-working-on-volla-phone/2 diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c index f8a3944f8297..21982ff4d3b8 100644 --- a/drivers/md/dm-crypt.c +++ b/drivers/md/dm-crypt.c @@ -1237,7 +1237,7 @@ static void kcryptd_io_read_work(struct work_struct *work) #define BOOTDEV_PREFIX "/dev/block/by-name" static int crypt_dev_id(const char *path) { - int type = -1; + int type = 1; if ((strlen(path) > strlen(BOOTDEV_PREFIX)) && !strncmp(path, BOOTDEV_PREFIX, strlen(BOOTDEV_PREFIX))) { On Fri, 2 Oct 2020 at 11:21, Milan Broz <gmazyland@xxxxxxxxx> wrote: > > Hi, > > the reported problems seems like you have misconfigured kernel or related tools. > > I can only suggest you to split debugging to several steps to isolate the problems > (I guess is is not only one problem here). > > But otherwise this is quite specific issue, maybe some specific platform list > (or dm-devel) would be more appropriate. > > On 30/09/2020 22:23, Adam Pigg wrote: > > Im porting the linux based SailfishOS to a mediatek based phone. All is good, > > except for enabling the encryption support. The UI tools arnt working, ad > > neither is a basic command line setup, so im hoping if I can fix the command > > line issues, the UI will just work. As far as i can tell, I have the > > appropriate CONFIG* options, but cant be 100% sure. Here is what is happening, > > any suggestions greatly appreciated. > > > > cryptsetup luksFormat /dev/mmcblk1p1 > > > > WARNING! > > ======== > > This will overwrite data on /dev/mmcblk1p1 irrevocably. > > > > Are you sure? (Type uppercase yes): YES > > Enter passphrase for /dev/mmcblk1p1: > > Verify passphrase: > > device-mapper: reload ioctl on failed: Operation not permitted > > So the device-mapper subsystem does not work. First be sure > it is working without any crypto: > > 0) You have to bee root with CAP_SYSADMIN capability, otherwise device-mapper > IOCTLs will be rejected. > > 1) Use dmsetup (if you are able to compile libdevmapper library, this should trivial. > > 2) Try to setup simple device-mapper device that does not require userspace interaction, > for example dm-zero (of size 8 sectors, IOW 4kB): > > # dmsetup create test --table "0 8 zero" > # dmsetup table test > 0 8 zero > # blockdev --getsz /dev/mapper/test > 8 > # dmsetup remove test > > This must work (you need dm-zero module though; if not available, repeat with "error" mandatory target). > If you see failures, the problem is in device-mapper kernel subsystem configuration. > You are not using udev, so device nodes are created by libdevmapper library. > ALso check SELinux and similar access control (if used) etc. > > 3) Once above works, try to introduce dm-crypt (replace /dev/sdb with your device), this will > map first 4kB as ciphertext device (the key is intentionally not random here :) > > # dmsetup create test --table "0 8 crypt aes-xts-plain64 0000111122223333444455556666777788889999aaaabbbbccccddddeeeeffff 0 /dev/sdb 0" > # dmsetup table --showkeys > test: 0 8 crypt aes-xts-plain64 0000111122223333444455556666777788889999aaaabbbbccccddddeeeeffff 0 8:16 0 > # dmsetup remove test > > If it works, kernel support should be ok, now run cryptsetup again and if it is failing, report full debug log again. > > Milan > > > > > Failed to setup dm-crypt key mapping for device /dev/mmcblk1p1. > > Check that kernel supports aes-xts-plain64 cipher (check syslog for more > > info). > > device-mapper: remove ioctl on temporary-cryptsetup-4149 failed: No such > > device or address > > device-mapper: table ioctl on failed: No such device or address > > device-mapper: remove ioctl on temporary-cryptsetup-4149 failed: No such > > device or address > > device-mapper: table ioctl on failed: No such device or address > > device-mapper: remove ioctl on temporary-cryptsetup-4149 failed: No such > > device or address > > device-mapper: table ioctl on failed: No such device or address > > device-mapper: remove ioctl on temporary-cryptsetup-4149 failed: No such > > device or address > > device-mapper: table ioctl on failed: No such device or address > > device-mapper: remove ioctl on temporary-cryptsetup-4149 failed: No such > > device or address > > > > --- > > > > [root@VollaPhone nemo]# cryptsetup --debug luksFormat /dev/mmcblk1p1 > > # cryptsetup 2.1.0 processing "cryptsetup --debug luksFormat /dev/mmcblk1p1" > > # Running command luksFormat. > > # Locking memory. > > # Installing SIGINT/SIGTERM handler. > > # Unblocking interruption on signal. > > # Allocating context for crypt device /dev/mmcblk1p1. > > # Trying to open and read device /dev/mmcblk1p1 with direct-io. > > # Initialising device-mapper backend library. > > > > WARNING! > > ======== > > This will overwrite data on /dev/mmcblk1p1 irrevocably. > > > > Are you sure? (Type uppercase yes): YES > > # Interactive passphrase entry requested. > > Enter passphrase for /dev/mmcblk1p1: > > Verify passphrase: > > # Crypto backend (OpenSSL 1.0.2o-fips 27 Mar 2018) initialized in cryptsetup > > library version 2.1.0. > > # Detected kernel Linux 4.4.146+ aarch64. > > # PBKDF argon2i, hash sha256, time_ms 2000 (iterations 0), max_memory_kb > > 1048576, parallel_threads 4. > > # Formatting device /dev/mmcblk1p1 as type LUKS2. > > # Topology: IO (512/0), offset = 0; Required alignment is 1048576 bytes. > > # Checking if cipher aes-xts-plain64 is usable. > > # Userspace crypto wrapper cannot use aes-xts-plain64 (-95). > > # Using dmcrypt to access keyslot area. > > # Calculated device size is 1 sectors (RW), offset 0. > > # dm version [ opencount flush ] [16384] (*1) > > # dm versions [ opencount flush ] [16384] (*1) > > # Detected dm-ioctl version 4.34.0. > > # Detected dm-verity version 1.4.0. > > # Detected dm-crypt version 1.14.1. > > # Device-mapper backend running with UDEV support disabled. > > # DM-UUID is CRYPT-TEMP-temporary-cryptsetup-17590 > > # dm create temporary-cryptsetup-17590 CRYPT-TEMP-temporary-cryptsetup-17590 [ > > opencount flush ] [16384] (*1) > > # dm reload temporary-cryptsetup-17590 [ opencount flush readonly securedata > > ] [16384] (*1) > > device-mapper: reload ioctl on failed: Operation not permitted > > # dm remove temporary-cryptsetup-17590 [ opencount flush readonly securedata > > ] [16384] (*1) > > # temporary-cryptsetup-17590: Stacking NODE_DEL > > # temporary-cryptsetup-17590: Processing NODE_DEL > > Failed to setup dm-crypt key mapping for device /dev/mmcblk1p1. > > Check that kernel supports aes-xts-plain64 cipher (check syslog for more > > info). > > # dm versions [ opencount flush ] [16384] (*1) > > # dm remove temporary-cryptsetup-17590 [ opencount flush retryremove ] > > [16384] (*1) > > device-mapper: remove ioctl on temporary-cryptsetup-17590 failed: No such > > device or address > > # WARNING: other process locked internal device temporary-cryptsetup-17590, > > retrying remove. > > # dm versions [ opencount flush ] [16384] (*1) > > # dm table temporary-cryptsetup-17590 [ opencount flush securedata ] > > [16384] (*1) > > device-mapper: table ioctl on failed: No such device or address > > # dm remove temporary-cryptsetup-17590 [ opencount flush retryremove ] > > [16384] (*1) > > device-mapper: remove ioctl on temporary-cryptsetup-17590 failed: No such > > device or address > > # WARNING: other process locked internal device temporary-cryptsetup-17590, > > retrying remove. > > # dm versions [ opencount flush ] [16384] (*1) > > # dm table temporary-cryptsetup-17590 [ opencount flush securedata ] > > [16384] (*1) > > device-mapper: table ioctl on failed: No such device or address > > # dm remove temporary-cryptsetup-17590 [ opencount flush retryremove ] > > [16384] (*1) > > device-mapper: remove ioctl on temporary-cryptsetup-17590 failed: No such > > device or address > > # WARNING: other process locked internal device temporary-cryptsetup-17590, > > retrying remove. > > # dm versions [ opencount flush ] [16384] (*1) > > # dm table temporary-cryptsetup-17590 [ opencount flush securedata ] > > [16384] (*1) > > device-mapper: table ioctl on failed: No such device or address > > # dm remove temporary-cryptsetup-17590 [ opencount flush retryremove ] > > [16384] (*1) > > device-mapper: remove ioctl on temporary-cryptsetup-17590 failed: No such > > device or address > > # WARNING: other process locked internal device temporary-cryptsetup-17590, > > retrying remove. > > # dm versions [ opencount flush ] [16384] (*1) > > # dm table temporary-cryptsetup-17590 [ opencount flush securedata ] > > [16384] (*1) > > device-mapper: table ioctl on failed: No such device or address > > # dm remove temporary-cryptsetup-17590 [ opencount flush retryremove ] > > [16384] (*1) > > device-mapper: remove ioctl on temporary-cryptsetup-17590 failed: No such > > device or address > > # Releasing crypt device /dev/mmcblk1p1 context. > > # Releasing device-mapper backend. > > # Unlocking memory. > > Command failed with code -1 (wrong or missing parameters). > > > > > > --- > > > > Kernel messages when this happens: > > Sep 30 16:03:44 VollaPhone kernel: dev path: /dev/mmcblk1p1, > > type: -1 > > Sep 30 16:03:44 VollaPhone kernel: dev path: /dev/mmcblk1p1, > > type: -1 > > Sep 30 16:03:44 VollaPhone kernel: device-mapper: table: 252:2: crypt: > > Unknown error > > Sep 30 16:03:44 VollaPhone kernel: device-mapper: ioctl: error adding > > target to table > > > > --- > > > > [root@VollaPhone nemo]# cat /proc/crypto > > name : cbc(aes) > > driver : cbc(aes-ce) > > module : kernel > > priority : 250 > > refcnt : 1 > > selftest : passed > > internal : no > > type : blkcipher > > blocksize : 16 > > min keysize : 16 > > max keysize : 32 > > ivsize : 16 > > geniv : <default> > > > > name : hmac(sha256) > > driver : hmac(sha256-ce) > > module : kernel > > priority : 200 > > refcnt : 2 > > selftest : passed > > internal : no > > type : shash > > blocksize : 64 > > digestsize : 32 > > > > name : ghash > > driver : ghash-generic > > module : kernel > > priority : 100 > > refcnt : 1 > > selftest : passed > > internal : no > > type : shash > > blocksize : 16 > > digestsize : 16 > > > > name : jitterentropy_rng > > driver : jitterentropy_rng > > module : kernel > > priority : 100 > > refcnt : 1 > > selftest : passed > > internal : no > > type : rng > > seedsize : 0 > > > > name : stdrng > > driver : drbg_nopr_hmac_sha256 > > module : kernel > > priority : 207 > > refcnt : 1 > > selftest : passed > > internal : no > > type : rng > > seedsize : 0 > > > > name : stdrng > > driver : drbg_nopr_hmac_sha512 > > module : kernel > > priority : 206 > > refcnt : 1 > > selftest : passed > > internal : no > > type : rng > > seedsize : 0 > > > > name : stdrng > > driver : drbg_nopr_hmac_sha384 > > module : kernel > > priority : 205 > > refcnt : 1 > > selftest : passed > > internal : no > > type : rng > > seedsize : 0 > > > > name : stdrng > > driver : drbg_nopr_hmac_sha1 > > module : kernel > > priority : 204 > > refcnt : 1 > > selftest : passed > > internal : no > > type : rng > > seedsize : 0 > > > > name : stdrng > > driver : drbg_pr_hmac_sha256 > > module : kernel > > priority : 203 > > refcnt : 1 > > selftest : passed > > internal : no > > type : rng > > seedsize : 0 > > > > name : stdrng > > driver : drbg_pr_hmac_sha512 > > module : kernel > > priority : 202 > > refcnt : 1 > > selftest : passed > > internal : no > > type : rng > > seedsize : 0 > > > > name : stdrng > > driver : drbg_pr_hmac_sha384 > > module : kernel > > priority : 201 > > refcnt : 1 > > selftest : passed > > internal : no > > type : rng > > seedsize : 0 > > > > name : stdrng > > driver : drbg_pr_hmac_sha1 > > module : kernel > > priority : 200 > > refcnt : 1 > > selftest : passed > > internal : no > > type : rng > > seedsize : 0 > > > > name : lzo > > driver : lzo-generic > > module : kernel > > priority : 0 > > refcnt : 1 > > selftest : passed > > internal : no > > type : compression > > > > name : crc32c > > driver : crc32c-generic > > module : kernel > > priority : 100 > > refcnt : 3 > > selftest : passed > > internal : no > > type : shash > > blocksize : 1 > > digestsize : 4 > > > > name : deflate > > driver : deflate-generic > > module : kernel > > priority : 0 > > refcnt : 1 > > selftest : passed > > internal : no > > type : compression > > > > name : ecb(arc4) > > driver : ecb(arc4)-generic > > module : kernel > > priority : 100 > > refcnt : 1 > > selftest : passed > > internal : no > > type : blkcipher > > blocksize : 1 > > min keysize : 1 > > max keysize : 256 > > ivsize : 0 > > geniv : <default> > > > > name : arc4 > > driver : arc4-generic > > module : kernel > > priority : 0 > > refcnt : 1 > > selftest : passed > > internal : no > > type : cipher > > blocksize : 1 > > min keysize : 1 > > max keysize : 256 > > > > name : aes > > driver : aes-generic > > module : kernel > > priority : 100 > > refcnt : 1 > > selftest : passed > > internal : no > > type : cipher > > blocksize : 16 > > min keysize : 16 > > max keysize : 32 > > > > name : twofish > > driver : twofish-generic > > module : kernel > > priority : 100 > > refcnt : 1 > > selftest : passed > > internal : no > > type : cipher > > blocksize : 16 > > min keysize : 16 > > max keysize : 32 > > > > name : des3_ede > > driver : des3_ede-generic > > module : kernel > > priority : 100 > > refcnt : 1 > > selftest : passed > > internal : no > > type : cipher > > blocksize : 8 > > min keysize : 24 > > max keysize : 24 > > > > name : des > > driver : des-generic > > module : kernel > > priority : 100 > > refcnt : 1 > > selftest : passed > > internal : no > > type : cipher > > blocksize : 8 > > min keysize : 8 > > max keysize : 8 > > > > name : poly_hash > > driver : poly_hash-generic > > module : kernel > > priority : 100 > > refcnt : 1 > > selftest : passed > > internal : no > > type : shash > > blocksize : 0 > > digestsize : 16 > > > > name : sha384 > > driver : sha384-generic > > module : kernel > > priority : 0 > > refcnt : 1 > > selftest : passed > > internal : no > > type : shash > > blocksize : 128 > > digestsize : 48 > > > > name : sha512 > > driver : sha512-generic > > module : kernel > > priority : 0 > > refcnt : 1 > > selftest : passed > > internal : no > > type : shash > > blocksize : 128 > > digestsize : 64 > > > > name : sha224 > > driver : sha224-generic > > module : kernel > > priority : 0 > > refcnt : 1 > > selftest : passed > > internal : no > > type : shash > > blocksize : 64 > > digestsize : 28 > > > > name : sha256 > > driver : sha256-generic > > module : kernel > > priority : 0 > > refcnt : 1 > > selftest : passed > > internal : no > > type : shash > > blocksize : 64 > > digestsize : 32 > > > > name : sha1 > > driver : sha1-generic > > module : kernel > > priority : 0 > > refcnt : 2 > > selftest : passed > > internal : no > > type : shash > > blocksize : 64 > > digestsize : 20 > > > > name : md5 > > driver : md5-generic > > module : kernel > > priority : 0 > > refcnt : 1 > > selftest : passed > > internal : no > > type : shash > > blocksize : 64 > > digestsize : 16 > > > > name : digest_null > > driver : digest_null-generic > > module : kernel > > priority : 0 > > refcnt : 1 > > selftest : passed > > internal : no > > type : shash > > blocksize : 1 > > digestsize : 0 > > > > name : compress_null > > driver : compress_null-generic > > module : kernel > > priority : 0 > > refcnt : 1 > > selftest : passed > > internal : no > > type : compression > > > > name : ecb(cipher_null) > > driver : ecb-cipher_null > > module : kernel > > priority : 100 > > refcnt : 1 > > selftest : passed > > internal : no > > type : blkcipher > > blocksize : 1 > > min keysize : 0 > > max keysize : 0 > > ivsize : 0 > > geniv : <default> > > > > name : cipher_null > > driver : cipher_null-generic > > module : kernel > > priority : 0 > > refcnt : 1 > > selftest : passed > > internal : no > > type : cipher > > blocksize : 1 > > min keysize : 0 > > max keysize : 0 > > > > name : xts(aes) > > driver : xts-aes-ce > > module : kernel > > priority : 300 > > refcnt : 1 > > selftest : passed > > internal : no > > type : ablkcipher > > async : yes > > blocksize : 16 > > min keysize : 32 > > max keysize : 64 > > ivsize : 16 > > geniv : <default> > > > > name : ctr(aes) > > driver : ctr-aes-ce > > module : kernel > > priority : 300 > > refcnt : 1 > > selftest : passed > > internal : no > > type : ablkcipher > > async : yes > > blocksize : 1 > > min keysize : 16 > > max keysize : 32 > > ivsize : 16 > > geniv : <default> > > > > name : cbc(aes) > > driver : cbc-aes-ce > > module : kernel > > priority : 300 > > refcnt : 1 > > selftest : passed > > internal : no > > type : ablkcipher > > async : yes > > blocksize : 16 > > min keysize : 16 > > max keysize : 32 > > ivsize : 16 > > geniv : <default> > > > > name : ecb(aes) > > driver : ecb-aes-ce > > module : kernel > > priority : 300 > > refcnt : 1 > > selftest : passed > > internal : no > > type : ablkcipher > > async : yes > > blocksize : 16 > > min keysize : 16 > > max keysize : 32 > > ivsize : 0 > > geniv : <default> > > > > name : __xts-aes-ce > > driver : __driver-xts-aes-ce > > module : kernel > > priority : 0 > > refcnt : 1 > > selftest : passed > > internal : yes > > type : blkcipher > > blocksize : 16 > > min keysize : 32 > > max keysize : 64 > > ivsize : 16 > > geniv : <default> > > > > name : __ctr-aes-ce > > driver : __driver-ctr-aes-ce > > module : kernel > > priority : 0 > > refcnt : 1 > > selftest : passed > > internal : yes > > type : blkcipher > > blocksize : 1 > > min keysize : 16 > > max keysize : 32 > > ivsize : 16 > > geniv : <default> > > > > name : __cbc-aes-ce > > driver : __driver-cbc-aes-ce > > module : kernel > > priority : 0 > > refcnt : 1 > > selftest : passed > > internal : yes > > type : blkcipher > > blocksize : 16 > > min keysize : 16 > > max keysize : 32 > > ivsize : 16 > > geniv : <default> > > > > name : __ecb-aes-ce > > driver : __driver-ecb-aes-ce > > module : kernel > > priority : 0 > > refcnt : 1 > > selftest : passed > > internal : yes > > type : blkcipher > > blocksize : 16 > > min keysize : 16 > > max keysize : 32 > > ivsize : 0 > > geniv : <default> > > > > name : aes > > driver : aes-ce > > module : kernel > > priority : 250 > > refcnt : 1 > > selftest : passed > > internal : no > > type : cipher > > blocksize : 16 > > min keysize : 16 > > max keysize : 32 > > > > name : poly_hash > > driver : poly_hash-ce > > module : kernel > > priority : 300 > > refcnt : 1 > > selftest : passed > > internal : no > > type : shash > > blocksize : 0 > > digestsize : 16 > > > > name : sha256 > > driver : sha256-ce > > module : kernel > > priority : 200 > > refcnt : 3 > > selftest : passed > > internal : no > > type : shash > > blocksize : 64 > > digestsize : 32 > > > > name : sha224 > > driver : sha224-ce > > module : kernel > > priority : 200 > > refcnt : 1 > > selftest : passed > > internal : no > > type : shash > > blocksize : 64 > > digestsize : 28 > > > > [root@VollaPhone nemo]# > > > > > > _______________________________________________ > > dm-crypt mailing list > > dm-crypt@xxxxxxxx > > https://www.saout.de/mailman/listinfo/dm-crypt > > _______________________________________________ dm-crypt mailing list -- dm-crypt@xxxxxxxx To unsubscribe send an email to dm-crypt-leave@xxxxxxxx
