[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 0/2] Have LUKS2 cryptomounts be useable with grub-probe
|
From: |
Glenn Washburn |
|
Subject: |
Re: [PATCH 0/2] Have LUKS2 cryptomounts be useable with grub-probe |
|
Date: |
Thu, 9 Dec 2021 14:15:50 -0600 |
On Thu, 9 Dec 2021 18:38:51 +0100
Josselin Poiret via Grub-devel <grub-devel@gnu.org> wrote:
> Hello,
>
> These two draft patches make devmapper set up LUKS2 cryptomount
> properties when pulling, as well as report LUKS2 cryptomounts as
> having GRUB_DEV_ABSTRACTION_LUKS. This makes grub-probe and
> grub-install behave properly wrt. LUKS2 drives: `grub-probe -t
> abstraction /` reports all the needed modules for the GRUB image, and
> grub-install leads to a working GRUB without manually adding modules.
>
> One small part that I am unsure about, although I have tested it and
> it does seem to work properly: if I understand correctly, all dm
> devices have a 512 sector size, however LUKS2 lets one choose up to
> 4096 for the encryption sector size. Which of these two should be
> used as cryptodisk->sector_size? I put 512 here since we're reading
> through a cheated mount, but I'm not so sure.
Its not clear to me, did you test a LUKS2 device with sector size 4096
with this change? I believe DM does use 512-byte sectors internally,
but it can create block devices that report and use other sector sizes.
You can verfiy this by creating a 4096 sector size LUKS2 devices, open
it with cryptsetup, and then run "blockdev --getbsz /dev/mapper/<dm name>".
When having a 4096 byte sector size LUKS2 device opened via cyptsetup,
here's what dmsetup table --show returns "sector_size:4096" as part of
the output for the device. I'm not familiar with this code, but I'm
thinking tht might show up in the "params" variable for you to use when
setting log_sector_size.
I have a feeling that this is not going to work as is with non-512-byte
sector size LUKS2 devices.
Glenn