From patchwork Fri Jan 3 01:56:33 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Trudgian X-Patchwork-Id: 19543 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id DF0F4179E7; Fri, 3 Jan 2020 02:08:09 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTP id A1245179E5 for ; Fri, 3 Jan 2020 02:08:09 +0000 (GMT) Received: from localhost ([::1]:47820 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1inCNl-0007di-1d for patchwork@mira.cbaines.net; Thu, 02 Jan 2020 21:08:09 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:51316) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1inCNf-0007dc-Lb for guix-patches@gnu.org; Thu, 02 Jan 2020 21:08:04 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1inCNe-00060r-F9 for guix-patches@gnu.org; Thu, 02 Jan 2020 21:08:03 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:34309) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1inCNe-00060j-AB for guix-patches@gnu.org; Thu, 02 Jan 2020 21:08:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1inCNe-0000hG-6W for guix-patches@gnu.org; Thu, 02 Jan 2020 21:08:02 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#38826] doc: Mention no LUKS2 for luks-device-mapping Resent-From: David Trudgian Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Fri, 03 Jan 2020 02:08:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 38826 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: To: Tobias Geerinckx-Rice Cc: David Trudgian , Danny Milosavljevic , 38826@debbugs.gnu.org Received: via spool by 38826-submit@debbugs.gnu.org id=B38826.15780172572631 (code B ref 38826); Fri, 03 Jan 2020 02:08:02 +0000 Received: (at 38826) by debbugs.gnu.org; 3 Jan 2020 02:07:37 +0000 Received: from localhost ([127.0.0.1]:40282 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1inCNF-0000gN-6H for submit@debbugs.gnu.org; Thu, 02 Jan 2020 21:07:37 -0500 Received: from sender4-op-o19.zoho.com ([136.143.188.19]:17905) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1inCCf-0000In-Ud for 38826@debbugs.gnu.org; Thu, 02 Jan 2020 20:56:42 -0500 ARC-Seal: i=1; a=rsa-sha256; t=1578016597; cv=none; d=zohomail.com; s=zohoarc; b=GuUm5zEM2xVhj/zd75/cQaeBnPwTHeFp2ZBWTfOOaUF4iydvLi2lYqE0PQouefgrl3j19Lw6pP0uA01SWQCCNUurvjnB6ik8ZS9o+C4yYjhb5oAeHeemPIetJnZjReyGB7LtkUpnJaPHN0K25RRJbM3Rtd1MnCg1u7XxyLGeR1k= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1578016597; h=Content-Type:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To; bh=+9eHFeQotHkYjqYMuve+mE2hGjeM0Q9WJjqdgHd5Jyc=; b=WVtXUL7xaaT1oodDc8dmudkuKGpip23MH23KyDubftLAYi2HIMPFob1tk9wdcSQqAUwM5s/0mU+5mE5B9CQJafHUowdeYAqk5z450pQOeZMYDsmQhWHFz50pC+u12+6p0QUm4+S2pOij5J6u6CbwBv3Jxry+9sVREkvJUZ8eGgc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=trudgian.net; spf=pass smtp.mailfrom=dave@trudgian.net; dmarc=pass header.from= header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1578016597; s=main; d=trudgian.net; i=dave@trudgian.net; h=References:From:To:Cc:Subject:In-reply-to:Date:Message-ID:MIME-Version:Content-Type; bh=+9eHFeQotHkYjqYMuve+mE2hGjeM0Q9WJjqdgHd5Jyc=; b=WeFxHZeZpjHI8vHLiD3CwpUvf1y13LOZ6V5DlsOkNnG9/ACIUhDxRc9dJ4DulR4z xKSDV2BO5rvtGl8gyF0xIj676PafiFY9uuLgLroX8hfxhBTre3Mz46wxD167LdtXwzM YPrB4VTabhbmgj0JJ5EyVZNKoZw+0pmRFLFddI2A= Received: from lappy.randomroad.net (cpe-70-119-131-248.tx.res.rr.com [70.119.131.248]) by mx.zohomail.com with SMTPS id 157801659425545.19962718370573; Thu, 2 Jan 2020 17:56:34 -0800 (PST) References: <20191231034701.GA10716@lappy> <20200102233256.4250ec30@scratchpost.org> <87png18o7d.fsf@nckx> User-agent: mu4e 1.2.0; emacs 26.3 From: David Trudgian In-reply-to: <87png18o7d.fsf@nckx> Date: Thu, 02 Jan 2020 19:56:33 -0600 Message-ID: <8736cxl2um.fsf@lappy.randomroad.net> MIME-Version: 1.0 X-Zoho-Virus-Status: 1 X-ZohoMailClient: External X-Mailman-Approved-At: Thu, 02 Jan 2020 21:07:36 -0500 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.51.188.43 X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches Hi Danny, Tobias, >>> A mention LUKS2 is not supported in the docs might be nice. >> >> I agree. > > Same. Would you consider submitting a patch, David? Or writing the > text? My original email had a patch attached (or should have). Apologies - there was no [PATCH] on the subject. Attaching here in case. >> But better yet would be to implement LUKS2 in the uuid code. I intend to take a look at this when I get time in the next week or so. > Has LUKS2 support[0] been added to GRUB yet? Last I checked it > hadn't. I don't believe GRUB has LUKS2 support for booting from an encrypted partition merged yet. The last I saw there was a patch for LUKS2 but it didn't support the Argon 2i PBKDF which is the default you get when you use LUKS2 in distros where a separate `/boot` is kept unencrypted, so it wouldn't be useful yet. It would still be good to be able to boot from LUKS1 but mount non-boot LUKS2 partitions, so people like me coming from other distros can mount their encrypted `/home` or similar without having to convert to LUKS1. I have actually converted to LUKS1, which requires converting the key to pbkdf2 first... cryptsetup luksConvertKey --pbkdf=pbkdf2 /dev/sdc1 cryptsetup convert /dev/sdc1 --type luks1 ...but I can easily create LUKS2 things to work on the UUID code. Cheers, DT From 97ed4c1859e797adf4ba813ac7db3d1b8261a569 Mon Sep 17 00:00:00 2001 From: David Trudgian Date: Mon, 30 Dec 2019 21:37:35 -0600 Subject: [PATCH] Mention no LUKS2 in luks-device-mapping doc --- doc/guix.texi | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/doc/guix.texi b/doc/guix.texi index 70e3dfea6a..232d99d508 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -69,6 +69,7 @@ Copyright @copyright{} 2019 Jakob L. Kreuze@* Copyright @copyright{} 2019 Kyle Andrews@* Copyright @copyright{} 2019 Alex Griffin@* Copyright @copyright{} 2019 Guillaume Le Vaillant@* +Copyright @copyright{} 2019 David C. Trudgian@* Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or @@ -11470,6 +11471,10 @@ This must be a @code{mapped-device-kind} object, which specifies how This defines LUKS block device encryption using the @command{cryptsetup} command from the package with the same name. It relies on the @code{dm-crypt} Linux kernel module. + +Note that currently only LUKS1 encrypted devices are supported. Existing +LUKS2 devices can be opened and mounted after boot, using +@code{cryptsetup luksOpen}. @end defvr @defvr {Scheme Variable} raid-device-mapping -- 2.24.1