Ubuntu
cryptsetup package

Correctly detect and use FIPS mode

Bug #2032659 reported by Dimitri John Ledkov
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
cryptsetup (Ubuntu)
Fix Released
Undecided
Unassigned
Jammy
Fix Released
Undecided
Unassigned
Lunar
Won't Fix
Undecided
Unassigned
Mantic
Fix Released
Undecided
Unassigned

Bug Description

[ Impact ]

 * Crytpsetup has some fips awareness

 * Ubuntu provides fips certified kernels & openssl

 * When vanilla cryptsetup observes fips kernel & openssl it fails to operate, at all

 * It appears the fips awareness in cryptsetup package is obsolete and out of date - i.e. if none of the checks were present, it would actually behaved in a fips compliant way, but it currently instead fails.

[ Test Plan ]

 * cherry-pick updated patches to cryptsetup to ensure it has correct modern fips mode detection

 * observe that cryptsetup can create new encrypted volume successfully / unchanged behaviour on vanilla ubuntu

 * observe that cryptsetup can create new encrypted volume successfully on fips ubuntu (jammy fips-preview is already available internally and to select external customers, also will be on esm.ubuntu.com/fips-preview "soon" packages are there, but the auth is not)

[ Where problems could occur ]

 * The change is confined to cryptsetup backend usage (typically openssl) and is related to detecting kernel & openssl modes. There is no other functional changes. But for example strace calls will look slightly different - as possibly observable with strace it will try to open /proc/sys/crypto/fips and call into additional openssl apis.

 * Note the pbkdf automatic benchmark is changed slightly, and thus will produce slightly different results for newly created volumes. This should not affect interoperability at the target resource usage / caps remain the same.

[ Other Info ]

 * Detected during FIPS certification of Jammy

[ Release Target Rationale ]

 * Fix in Mantic to ensure that next LTS is capable of doing cryptsetup in fips mode, when backend (openssl) is in fips mode

 * Fix in Lunar is not needed, as Canonical does not provide FIPS certification for Lunar releases. And it doesn't matter if cryptsetup is or isn't FIPS capable in Lunar.

 * Fix in Jammy is desired, to ensure that Jammy FIPS certified systems can automatically create cryptsetup enabled devices

See original description

Related branches

~mkukri/ubuntu/+source/cryptsetup:merge-2.7.0-1
Mate Kukri: Pending requested
git-ubuntu import: Pending requested
Diff: 2740 lines (+2092/-27)
14 files modified
debian/changelog (+1962/-0)
debian/control (+7/-5)
debian/functions (+9/-1)
debian/initramfs/cryptroot-unlock (+12/-6)
debian/initramfs/hooks/cryptroot (+5/-3)
debian/rules (+3/-0)
debian/tests/control (+3/-2)
debian/tests/cryptroot-lvm.d/mock (+7/-2)
debian/tests/cryptroot-nested.d/config (+7/-0)
debian/tests/cryptroot-sysvinit.d/config (+7/-2)
debian/tests/initramfs-hook (+16/-2)
debian/tests/utils/cryptroot-common (+27/-3)
debian/tests/utils/mkinitramfs (+2/-0)
debian/tests/utils/mock.pm (+25/-1)
~mkukri/ubuntu/+source/cryptsetup:merge
Lukas Märdian (community): Approve
Simon Quigley: Pending requested
Diff: 2709 lines (+2061/-27)
14 files modified
debian/changelog (+1931/-0)
debian/control (+7/-5)
debian/functions (+9/-1)
debian/initramfs/cryptroot-unlock (+12/-6)
debian/initramfs/hooks/cryptroot (+5/-3)
debian/rules (+3/-0)
debian/tests/control (+3/-2)
debian/tests/cryptroot-lvm.d/mock (+7/-2)
debian/tests/cryptroot-nested.d/config (+7/-0)
debian/tests/cryptroot-sysvinit.d/config (+7/-2)
debian/tests/initramfs-hook (+16/-2)
debian/tests/utils/cryptroot-common (+27/-3)
debian/tests/utils/mkinitramfs (+2/-0)
debian/tests/utils/mock.pm (+25/-1)
~mkukri/ubuntu/+source/cryptsetup:merge
Simon Quigley (community): Needs Fixing
Diff: 119 lines (+55/-9) (has conflicts)
5 files modified
debian/changelog (+47/-0)
debian/initramfs/hooks/cryptroot (+2/-2)
debian/tests/cryptroot-legacy.d/mock (+1/-1)
debian/tests/utils/init (+1/-1)
debian/tests/utils/mkinitramfs (+4/-5)
~mkukri/ubuntu/+source/cryptsetup:merge
Simon Quigley (community): Approve
Diff: 2671 lines (+2030/-27)
14 files modified
debian/changelog (+1900/-0)
debian/control (+7/-5)
debian/functions (+9/-1)
debian/initramfs/cryptroot-unlock (+12/-6)
debian/initramfs/hooks/cryptroot (+5/-3)
debian/rules (+3/-0)
debian/tests/control (+3/-2)
debian/tests/cryptroot-lvm.d/mock (+7/-2)
debian/tests/cryptroot-nested.d/config (+7/-0)
debian/tests/cryptroot-sysvinit.d/config (+7/-2)
debian/tests/initramfs-hook (+16/-2)
debian/tests/utils/cryptroot-common (+27/-3)
debian/tests/utils/mkinitramfs (+2/-0)
debian/tests/utils/mock.pm (+25/-1)
Dimitri John Ledkov (xnox)
Changed in cryptsetup (Ubuntu Lunar):
status: New → Won't Fix
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cryptsetup - 2:2.6.1-4ubuntu2

---------------
cryptsetup (2:2.6.1-4ubuntu2) mantic; urgency=medium

  * Compile-in support for a FIPS mode. LP: #2032659

 -- Dimitri John Ledkov <email address hidden> Tue, 22 Aug 2023 16:06:53 +0100

Changed in cryptsetup (Ubuntu Mantic):
status: New → Fix Released
Dimitri John Ledkov (xnox)
description: updated
Dimitri John Ledkov (xnox)
description: updated
Revision history for this message
Brian Murray (brian-murray) wrote : Please test proposed package

Hello Dimitri, or anyone else affected,

Accepted cryptsetup into jammy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cryptsetup/2:2.4.3-1ubuntu1.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-jammy to verification-done-jammy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-jammy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

description: updated
description: updated
Changed in cryptsetup (Ubuntu Jammy):
status: New → Fix Committed
tags: added: verification-needed verification-needed-jammy
Revision history for this message
Dimitri John Ledkov (xnox) wrote :

Using jammy daily iso built with proposed packages 20231018

cryptsetup 2:2.4.3-1ubuntu1.2
cryptsetup-bin 2:2.4.3-1ubuntu1.2
cryptsetup-initramfs 2:2.4.3-1ubuntu1.2
libcryptsetup12:amd64 2:2.4.3-1ubuntu1.2

Install and booted encrypted system were fine.

Running cryptsetup luksFormat on sample disks with that version versus 1.1 (previous sru) yielded identical or statistically insignificant results for the benchmarks, meaning same minimal security guarantees are preserved. In default vanilla install.

This complete vanilla Ubuntu tests. Will do FIPS tests next.

Revision history for this message
Dimitri John Ledkov (xnox) wrote :

core22 snap is not using cryptsetup from the ubuntu archive and instead uses a forked crytpsetup with ICE feature enabled.

which is inline enabled in https://launchpad.net/~ubuntu-security/+archive/ubuntu/fde-ice

that build of cryptsetup should be redone on not of this SRU update.

Also I am questioning why Ubuntu Core 22 supports cryptsetup with ICE features, and Ubuntu 22.04 classic does not, given such enablement is likely benefitial on classic systems too.

Revision history for this message
Dimitri John Ledkov (xnox) wrote :

cryptsetup is refreshed in snappy-dev/image superseding what was done in ~ubuntu-security/fde-ice which should not have been ever used for core22 builds. It can be left unchanged now for archival purposes.

Revision history for this message
Dimitri John Ledkov (xnox) wrote (last edit ):

Fips tests completed, and cryptsetup now completes correctly with FIPS enabled on both classic and core systems.

Using 2:2.4.3-1ubuntu1.2 and also the fde-ice version 2:2.4.3-1ubuntu1.2+ice1

This update can now be released; and it will not regress: Ubuntu, Ubuntu Pro Fips, Ubuntu Core, Ubuntu Core Fips products.

Revision history for this message
Tobias Heider (tobhe) wrote :

Can confirm that this fixes cryptsetup on 22.04 fips-updates. Thanks xnox!

Dimitri John Ledkov (xnox)
tags: added: verification-done verification-done-jammy
removed: verification-needed verification-needed-jammy
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cryptsetup - 2:2.4.3-1ubuntu1.2

---------------
cryptsetup (2:2.4.3-1ubuntu1.2) jammy; urgency=medium

  * Cherry-pick modern support for FIPS enabled backends. LP: #2032659
    - cherry-pick v2.6.0 change to correct FIPS mode detection, and
    correctly use OpenSSL backend in FIPS-compliant way, if OpenSSL is in
    FIPS mode.
    - cherry-pick v2.6.0 fixes to benchmark function that works with
    OpenSSL in 140-3 FIPS mode.
    - Enable the optional runtime FIPS codepath

 -- Dimitri John Ledkov <email address hidden> Tue, 22 Aug 2023 18:16:42 +0100

Changed in cryptsetup (Ubuntu Jammy):
status: Fix Committed → Fix Released
Revision history for this message
Chris Halse Rogers (raof) wrote : Update Released

The verification of the Stable Release Update for cryptsetup has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.