Hi dm-crypt uses the function kstrtou8 to decode the encryption key. kstrtou8 calls kstrtoull and kstrtoull skips the first character if it is '+'. Consequently, it is possible to load keys with '+' in it. For example, this is possible: dmsetup create cr --table "0 131072 crypt aes-cbc-essiv:sha256 +0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0+0 0 /dev/debian/tmptest 0" Should this be fixed in dm-crypt or in kstrtou8? A fix in kstrtou8 could be more appropriate, but we don't know how many other kernel parts depend on this "skip plus" behavior... Mikulas -- dm-devel mailing list dm-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/dm-devel
