[Bug 1781912] Re: Upgrade cryptsetup >= 2.0.3
Frank Heimes
1781912 at bugs.launchpad.net
Wed Jul 25 17:27:06 UTC 2018
That seems to be a pretty long list of commit IDs, which is probably close to the entire diff between 2.0.2 and 2.0.3.
So please let me ask which *features* of cryptsetup 2.0.3 (and their corresponding commit IDs) are really required by IBM and 'Pervasive Encryption' for 18.04/bionic.
While looking into this again, please also keeping in mind that not all 2.0.3 features can simply be used and exploited by such an updated cryptsetup on bionic, because further needed infrastructure or components might be missing (like some tools that are only available in newer s390-tools versions).
We are obviously looking for a smaller set of commit IDs (actually for the smallest possible set).
Thx
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1781912
Title:
Upgrade cryptsetup >= 2.0.3
Status in Ubuntu on IBM z Systems:
Fix Released
Status in cryptsetup package in Ubuntu:
Fix Released
Bug description:
Cryptsetup is utility used to conveniently setup disk encryption based
on DMCrypt kernel module.
These include plain dm-crypt volumes, LUKS volumes, loop-AES
and TrueCrypt (including VeraCrypt extension) format.
Project also includes veritysetup utility used to conveniently setup
DMVerity block integrity checking kernel module
and, since version 2.0, integritysetup to setup
DMIntegrity block integrity kernel module.
Version 2.0.3 include all z code for dm-crypt with protected keys
Without cryptsetup 2.0.3 (the 3 is important) we won't be able to use
secure key encryption with LUKS2 and the paes cipher. Only plain mode
will be usable with cryptsetup version 2.0.1.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1781912/+subscriptions
More information about the foundations-bugs
mailing list