Ubuntu
cryptsetup package

Partial interactive password read on Focal

Bug #1942003 reported by Aaron Thompson
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
cryptsetup (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

Upstream bug: https://gitlab.com/cryptsetup/cryptsetup/-/issues/627

This is a latent bug in cryptsetup versions before 2.3.5 that surfaced due to a change in the behavior of the kernel's TTY driver. The bug was not triggered on Focal's 5.8 kernels, but it is on the 5.11 kernel that was recently released, so this bug is now occurring on up-to-date Focal systems.

This bug only occurs, at least in my testing, for interactively-entered passphrases with lengths that are a multiple of 64. In that case, cryptsetup reads one byte less than it should. (A test tool is attached.) I would guess this bug won't be triggered for many people, but for those who do happen to hit it, it's pretty bad. Volumes created without the bug cannot be unlocked interactively with the bug. cryptsetup will only read the passphrase correctly using a non-TTY stdin or a key file. Also, volumes created interactively with the bug can be unlocked without the bug, but only if the last byte of the passphrase is omitted.

For example, on a current Focal host:

$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.3 LTS
Release: 20.04
Codename: focal

$ uname -a
Linux ip-172-31-9-241 5.11.0-1016-aws #17~20.04.1-Ubuntu SMP Thu Aug 12 05:39:36 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

$ dpkg-query --no-pager -l cryptsetup-bin
ii cryptsetup-bin 2:2.2.2-3ubuntu2.3 amd64 disk encryption support - command line tools

$ perl -pe chomp > test-passphrase
1234567891123456789212345678931234567894123456789512345678961234

$ wc test-passphrase
 0 1 64 test-passphrase

$ dd if=/dev/zero of=test-block-dev bs=32M count=1
$ sudo cryptsetup luksFormat test-block-dev test-passphrase

WARNING!
========
This will overwrite data on test-block-dev irrevocably.

Are you sure? (Type uppercase yes): YES

$ sudo cryptsetup --tries 1 open test-block-dev testing
Enter passphrase for test-block-dev: 1234567891123456789212345678931234567894123456789512345678961234
No key available with this passphrase.

$ dd if=/dev/zero of=test-block-dev bs=32M count=1
$ sudo cryptsetup luksFormat test-block-dev

WARNING!
========
This will overwrite data on test-block-dev irrevocably.

Are you sure? (Type uppercase yes): YES
Enter passphrase for test-block-dev: 1234567891123456789212345678931234567894123456789512345678961234
Verify passphrase: 1234567891123456789212345678931234567894123456789512345678961234

$ sudo cryptsetup --key-file test-passphrase open test-block-dev testing
No key available with this passphrase.

In contrast, both of the cryptsetup open commands succeed if running on a 5.8 kernel.

Fortunately the fix is straightforward so I hope we can get it released to Focal. I'll send a merge request.

Revision history for this message
Aaron Thompson (dev-aaront-org) wrote :
Aaron Thompson (dev-aaront-org)
Changed in cryptsetup (Ubuntu):
status: New → Incomplete
status: Incomplete → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.