2018-04-09 09:20:02 |
bugproxy |
bug |
|
|
added bug |
2018-04-09 09:20:04 |
bugproxy |
tags |
|
architecture-s39031.64 bugnameltc-163909 severity-high targetmilestone-inin1804 |
|
2018-04-09 09:20:05 |
bugproxy |
attachment added |
|
Adjust s390 aes and paes cipher priorities https://bugs.launchpad.net/bugs/1762353/+attachment/5107658/+files/0001-s390-crypto-Adjust-s390-aes-and-paes-cipher-prioriti.patch |
|
2018-04-09 09:20:07 |
bugproxy |
ubuntu: assignee |
|
Skipper Bug Screeners (skipper-screen-team) |
|
2018-04-09 09:20:09 |
bugproxy |
affects |
ubuntu |
linux (Ubuntu) |
|
2018-04-09 10:31:58 |
Frank Heimes |
description |
Description will follow |
Problem Description:
Environment: z14 VM Guest system with one CEX6C CCA coprocessor
in toleration mode (i.e. CEX6 HW presented as CEX5)
OS: Ubuntu 18.04 Prerelease
Setting up a second dm-crypt device using protected CCA paes-xts keys fails.
The problem is reproducible.
Details
=======
Setting up two or more plain end-to-end encrypted disks using 'cryptsetup'
fails when using a cipher based on the protected key mechanism.
The setup needs the paes and pkey modules loaded, the former providing the
paes-xts-plain64 cipher (cat /proc/crpyto |grep paes).
A second attempt to establish an end-to-end encrypted disk fails
with : "device-mapper: reload ioctl on failed: No such file or directory."
The problem is independent of the second encrypted disk being based on a second DASD or second partition on one DASD.
---uname output---
Linux s3514004 4.13.0-25-generic #29-Ubuntu SMP Mon Jan 8 21:15:56 UTC 2018 s390x s390x s390x GNU/Linux
---Steps to Reproduce---
1.) The following cryptsetup statement works, and is the first one I issued.
cryptsetup plainOpen --key-file securekey.bin --key-size 1024 --cipher paes-xts-plain64 /dev/disk/by-path/ccw-0.0.NNNN-part1 enc-pv1
2.) After this successful statement, I issued the following:
cryptsetup plainOpen --key-file securekey.bin --key-size 1024 --cipher paes-xts-plain64 /dev/disk/by-path/ccw-0.0.NNNN-part2 enc-pv2
device-mapper: reload ioctl on failed: No such file or directory.
See attached patch (comment #1) as fix. |
|
2018-04-09 10:32:35 |
Frank Heimes |
bug task added |
|
ubuntu-z-systems |
|
2018-04-09 10:32:50 |
Frank Heimes |
ubuntu-z-systems: status |
New |
Triaged |
|
2018-04-09 10:32:55 |
Frank Heimes |
ubuntu-z-systems: importance |
Undecided |
High |
|
2018-04-09 10:33:12 |
Frank Heimes |
ubuntu-z-systems: assignee |
|
Canonical Kernel Team (canonical-kernel-team) |
|
2018-04-09 10:38:44 |
Heinz-Werner Seeck |
summary |
cryptsetup: 'device-mapper: reload ioctl on failed' when setting up a second end-to-end encrypted disk |
[Ubuntu 18.04] cryptsetup: 'device-mapper: reload ioctl on failed' when setting up a second end-to-end encrypted disk |
|
2018-04-09 15:13:31 |
Joseph Salisbury |
linux (Ubuntu): importance |
Undecided |
High |
|
2018-04-09 15:13:34 |
Joseph Salisbury |
linux (Ubuntu): status |
New |
Triaged |
|
2018-04-10 08:04:07 |
Frank Heimes |
tags |
architecture-s39031.64 bugnameltc-163909 severity-high targetmilestone-inin1804 |
architecture-s39031.64 bugnameltc-163909 kernel-da-key severity-high targetmilestone-inin1804 |
|
2018-04-10 14:37:11 |
Seth Forshee |
linux (Ubuntu): status |
Triaged |
Fix Committed |
|
2018-04-10 14:43:02 |
Frank Heimes |
ubuntu-z-systems: status |
Triaged |
Fix Committed |
|
2018-04-23 23:51:27 |
Launchpad Janitor |
linux (Ubuntu): status |
Fix Committed |
Fix Released |
|
2018-04-23 23:51:27 |
Launchpad Janitor |
cve linked |
|
2017-5715 |
|
2018-04-23 23:51:27 |
Launchpad Janitor |
cve linked |
|
2017-5753 |
|
2018-04-23 23:51:27 |
Launchpad Janitor |
cve linked |
|
2017-5754 |
|
2018-04-24 05:33:35 |
Frank Heimes |
ubuntu-z-systems: status |
Fix Committed |
Fix Released |
|
2019-01-16 09:29:36 |
bugproxy |
tags |
architecture-s39031.64 bugnameltc-163909 kernel-da-key severity-high targetmilestone-inin1804 |
architecture-s39064 bugnameltc-163909 kernel-da-key severity-high targetmilestone-inin1804 |
|
2019-02-14 14:08:31 |
Brad Figg |
tags |
architecture-s39064 bugnameltc-163909 kernel-da-key severity-high targetmilestone-inin1804 |
architecture-s39064 bugnameltc-163909 kernel-da-key severity-high targetmilestone-inin1804 verification-needed-bionic |
|
2019-02-14 14:22:33 |
Frank Heimes |
tags |
architecture-s39064 bugnameltc-163909 kernel-da-key severity-high targetmilestone-inin1804 verification-needed-bionic |
architecture-s39064 bugnameltc-163909 kernel-da-key severity-high targetmilestone-inin1804 verification-done-bionic |
|
2019-07-24 21:03:07 |
Brad Figg |
tags |
architecture-s39064 bugnameltc-163909 kernel-da-key severity-high targetmilestone-inin1804 verification-done-bionic |
architecture-s39064 bugnameltc-163909 cscc kernel-da-key severity-high targetmilestone-inin1804 verification-done-bionic |
|