Open GoogleCodeExporter opened 9 years ago
GoogleCodeExporter
commented
9 years ago Again, this looks like kernel problem. Can you test more recent kernel here?
Also please always add debug output of veritysetup command (add --debug).
Not sure if I can reproduce it, but I think this should be reported to
dm-devel@redhat.com (it looks like veritysetup properly configures dm-verity
kernel module here.)Original comment by gmazyl...@gmail.com on 26 Jan 2014 at 9:08
GoogleCodeExporter
commented
9 years ago # veritysetup --debug format /dev/mtdblock5 /dev/mtdblock6
# cryptsetup 1.6.2 processing "veritysetup --debug format /dev/mtdblock5
/dev/mtdblock6"
# Running command format.
# Allocating crypt device /dev/mtdblock6 context.
# Trying to open and read device /dev/mtdblock6.
# Initialising device-mapper backend library.
# Formatting device /dev/mtdblock6 as type VERITY.
# Crypto backend (gcrypt 1.5.3) initialized.
# Setting ciphertext data device to /dev/mtdblock5.
# Trying to open and read device /dev/mtdblock5.
# Hash creation sha256, data device /dev/mtdblock5, data blocks 12800,
hash_device /dev/mtdblock6, offset 1.
# Using 2 hash levels.
# Data device size required: 52428800 bytes.
# Hash device size required: 417792 bytes.
# Updating VERITY header of size 512 on device /dev/mtdblock6, offset 0.
VERITY header information for /dev/mtdblock6
UUID: 0c815957-0e03-4497-80fb-666df9b1ea30
Hash type: 1
Data blocks: 12800
Data block size: 4096
Hash block size: 4096
Hash algorithm: sha256
Salt:
2bba53d029240fe3d5d8806f60236d55debb59f310cdafadf00496a51b854479
Root hash:
f56752b95561166a12b300e6a59f77a8dc9a15b0d4d703cf1e47672313938322
# Releasing crypt device /dev/mtdblock6 context.
# Releasing device-mapper backend.
Command successful.
# veritysetup --debug create dm-romfs /dev/mtdblock5 /dev/mtdblock6 f56752b95561
166a12b300e6a59f77a8dc9a15b0d4d703cf1e47672313938322
# cryptsetup 1.6.2 processing "veritysetup --debug create dm-romfs
/dev/mtdblock5 /dev/mtdblock6
f56752b95561166a12b300e6a59f77a8dc9a15b0d4d703cf1e47672313938322"
# Running command create.
# Allocating crypt device /dev/mtdblock6 context.
# Trying to open and read device /dev/mtdblock6.
# Initialising device-mapper backend library.
# Trying to load VERITY crypt type from device /dev/mtdblock6.
# Crypto backend (gcrypt 1.5.3) initialized.
# Reading VERITY header of size 512 on device /dev/mtdblock6, offset 0.
# Setting ciphertext data device to /dev/mtdblock5.
# Trying to open and read device /dev/mtdblock5.
# Activating volume dm-romfs by volume key.
# Detected kernel Linux 3.4.67_s40 armv7l.
# dm version OF [16384] (*1)
# dm versions OF [16384] (*1)
# Detected dm-verity version 1.0.0.
# Detected dm-crypt version 1.11.0, dm-ioctl version 4.22.0.
# Device-mapper backend running with UDEV support disabled.
# dm status dm-romfs OF [16384] (*1)
# Trying to activate VERITY device dm-romfs using hash sha256.
# Calculated device size is 102400 sectors (RW), offset 0.
# DM-UUID is CRYPT-VERITY-0c8159570e03449780fb666df9b1ea30-dm-romfs
# dm create dm-romfs CRYPT-VERITY-0c8159570e03449780fb666df9b1ea30-dm-romfs OF
[16384] (*1)
# dm reload dm-romfs OFRW [16384] (*1)
# dm resume dm-romfs OFRW [16384] (*1)
# dm-romfs: Stacking NODE_ADD (252,0) 0:0 0600
# dm-romfs: Stacking NODE_READ_AHEAD 256 (flags=1)
# dm-romfs: Processing NODE_ADD (252,0) 0:0 0600
# dm-romfs: Processing NODE_READ_AHEAD 256 (flags=1)
# dm-romfs (252:0): read ahead is 256
# dm-romfs: retaining kernel read ahead of 256 (requested 256)
# dm status dm-romfs OF [16384] (*1)
# Verity volume dm-romfs status is V.
# Releasing crypt device /dev/mtdblock6 context.
# Releasing device-mapper backend.
Command successful.Original comment by askxia...@gmail.com on 26 Jan 2014 at 9:34
GoogleCodeExporter
commented
9 years ago The romfs is succeed to dmsetup. The process of operation is:
# dmsetup create test-romfs --table "0 2048000 81920 /dev/mtdblock6 0"
device-mapper: table: 252:0: 81920: unknown target type
device-mapper: ioctl: error adding target to table
device-mapper: reload ioctl on test-romfs failed: Invalid argument
Command failed
# dmsetup create test-romfs --table "0 81920 linear /dev/mtdblock6 0"
# mount /dev/mapper/test-romfs tmp/
# cd tmp/
# ls
blkone blktwo
# hexdump blkone
0000000 0000 0000 0000 0000 0000 0000 0000 0000
*
0200000
# hexdump blkone
0000000 0000 0000 0000 0000 0000 0000 0000 0000
*
0200000Original comment by askxia...@gmail.com on 26 Jan 2014 at 9:56
GoogleCodeExporter
commented
9 years ago # Verity volume dm-romfs status is V.
Ok, so veritysetup works properly (dm-verity reports verified status). So it is
kernel problem.Original comment by gmazyl...@gmail.com on 26 Jan 2014 at 10:02
GoogleCodeExporter
commented
9 years ago I has use the kernel3.0 to test, and the dm-verity drive has been transplanted
into kernel3.0. I test these on nand flash and U-disk on kernel3.0. The result
is same.
The squashfs and ext2 filesystem is succeed on nand flash and U-disk, the romfs
is failed.Original comment by askxia...@gmail.com on 26 Jan 2014 at 10:05
GoogleCodeExporter
commented
9 years ago I tried romfs in kernel 3.13 (with normal sata disk partitions) and it works
with veritysetup.
Can you try use e.g. loopback to check that the problem is in MTD device
mapping? IOW create both data and verity hash as file images and mount them
directly using veritysetup (no mtd device in stack).Original comment by gmazyl...@gmail.com on 26 Jan 2014 at 11:01
GoogleCodeExporter
commented
9 years ago Can you try use e.g. loopback to check that the problem is in MTD device
mapping? IOW create both data and verity hash as file images and mount them
directly using veritysetup (no mtd device in stack).
I don't know,how to use e.g. loopback to check, how to mount them directly
using veritysetupOriginal comment by askxia...@gmail.com on 27 Jan 2014 at 3:06
Original issue reported on code.google.com by
askxia...@gmail.comon 26 Jan 2014 at 8:27