No support for iv_offset parameter (crypt target mapping table) in cryptsetup plain mode

[GoogleCodeExporter]

What steps will reproduce the problem?
Not applicable

What is the expected output? What do you see instead?
Ability to specify iv_offset for plain mode encryption (not available)

What version of the product are you using? On what operating system?
1.6.3

Please provide any additional information below.
From the wiki: http://code.google.com/p/cryptsetup/wiki/DMCrypt
<quote>
The mapping table specification for crypt target:

<cipher[:keycount]-chainmode-ivmode[:ivopts]> <key> <iv_offset> <device path> 
<offset> [<#opt_params> <opt_params>]

iv_offset: The IV offset is a sector count that is added to the sector number 
before creating the IV.
It can be used to create a map that starts after the first encrypted sector.
Usually you'll set it to zero except your device is only partially available or 
you need to configure some mode compatible with other encryption system. 
</quote>

Certain encryption systems using tweakable cipher modes for disk encryption use 
the absolute LBA as the tweak value. This means that the first sector of a 
partition (sector 0) will get encrypted with a tweak value corresponding to the 
partition start address, instead of 0. In such cases, iv_offset is required to 
be set to the partition start address to ensure compatibility, however, it's 
not currently possible with cryptsetup.

Since cryptsetup is the preferred way to set up disk encryption with dm-crypt, 
it would be nice to be able to specify this parameter with cryptsetup. It's 
worth pointing out that cryptsetup does support --skip option, which is a very 
specific case of iv_offset being equal to offset. However, it would be prudent 
to implement the more general --iv_offset option and drop --skip in its favor, 
since: 
cryptsetup --skip x <=> cryptsetup --offset=x --iv_offset=x

Original issue reported on code.google.com by y...@indiatimes.com on 11 Dec 2013 at 4:31

[GoogleCodeExporter]

> drop --skip in its favor, since: 
> cryptsetup --skip x <=> cryptsetup --offset=x --iv_offset=x

I think this is not correct. --skip is not dependent on --offset, it is n fact 
directly <iv_offset> in dmcrypt mapping table. (yes, it is stupid name but 
that's for historic reason)

See:
# echo "blah"| cryptsetup create x /dev/sdb --skip 34 --offset 56
# dmsetup table --showkeys
x: 0 417736 crypt aes-cbc-essiv:sha256 b9d....16 34 8:16 56

So do not understand what is missing here... 

Original comment by gmazyl...@gmail.com on 11 Dec 2013 at 8:24

[GoogleCodeExporter]

You are right: "skip" really is the "iv_offset" option that I was looking for.
I hadn't tested this and was going solely by the documentation in the man 
pages. 
And I have to say it's a bit misleading...

<quote>
--offset, -o <number of 512 byte sectors>
    Start  offset  in  the  backend device in 512-byte sectors.  This option is only
    relevant for the open action with plain or loopaes device types.

--skip, -p <number of 512 byte sectors>
    How many sectors of the encrypted data to skip at the beginning.  This option is
    only relevant for the open action with plain or loopaes device types.

    This  is  different from the --offset options with respect to the sector numbers
    used in IV calculation.  Using --offset will shift the  IV  calculation  by  the
    same  negative  amount.  Hence, if --offset n, sector n will get a sector number
    of 0 for the IV calculation.  Using --skip causes sector n to also be the  first
    sector of the mapped device, but with its number for IV generation is n.
</quote>

Especially the last sentence... "--skip n" option by itself does not cause 
sector n to be the first sector of the mapped device ("--offset n" option is 
still required for that). However, in combination with "--offset n", it does 
alter the IV calculation, as described.

Thanks for the clarification and please consider updating the above description.

Original comment by y...@indiatimes.com on 11 Dec 2013 at 9:48

[GoogleCodeExporter]

Yes, man page was misleading. I tried to describe it better now, in commit

http://code.google.com/p/cryptsetup/source/detail?r=79956a4d47cd6a5811b41a0edd53
4bb091662fb9

Thanks.

Original comment by gmazyl...@gmail.com on 11 Dec 2013 at 10:24

• Changed state: Fixed