[Bug 1942003] Re: Partial interactive password read on Focal
Launchpad Bug Tracker
1942003 at bugs.launchpad.net
Sun Aug 29 19:08:08 UTC 2021
** Merge proposal linked:
https://code.launchpad.net/~dev-aaront-org/ubuntu/+source/cryptsetup/+git/cryptsetup/+merge/407807
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1942003
Title:
Partial interactive password read on Focal
Status in cryptsetup package in Ubuntu:
New
Bug description:
Upstream bug: https://gitlab.com/cryptsetup/cryptsetup/-/issues/627
This is a latent bug in cryptsetup versions before 2.3.5 that surfaced
due to a change in the behavior of the kernel's TTY driver. The bug
was not triggered on Focal's 5.8 kernels, but it is on the 5.11 kernel
that was recently released, so this bug is now occurring on up-to-date
Focal systems.
This bug only occurs, at least in my testing, for interactively-
entered passphrases with lengths that are a multiple of 64. In that
case, cryptsetup reads one byte less than it should. (A test tool is
attached.) I would guess this bug won't be triggered for many people,
but for those who do happen to hit it, it's pretty bad. Volumes
created without the bug cannot be unlocked interactively with the bug.
cryptsetup will only read the passphrase correctly using a non-TTY
stdin or a key file. Also, volumes created interactively with the bug
can be unlocked without the bug, but only if the last byte of the
passphrase is omitted.
For example, on a current Focal host:
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.3 LTS
Release: 20.04
Codename: focal
$ uname -a
Linux ip-172-31-9-241 5.11.0-1016-aws #17~20.04.1-Ubuntu SMP Thu Aug 12 05:39:36 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
$ dpkg-query --no-pager -l cryptsetup-bin
ii cryptsetup-bin 2:2.2.2-3ubuntu2.3 amd64 disk encryption support - command line tools
$ perl -pe chomp > test-passphrase
1234567891123456789212345678931234567894123456789512345678961234
$ wc test-passphrase
0 1 64 test-passphrase
$ dd if=/dev/zero of=test-block-dev bs=32M count=1
$ sudo cryptsetup luksFormat test-block-dev test-passphrase
WARNING!
========
This will overwrite data on test-block-dev irrevocably.
Are you sure? (Type uppercase yes): YES
$ sudo cryptsetup --tries 1 open test-block-dev testing
Enter passphrase for test-block-dev: 1234567891123456789212345678931234567894123456789512345678961234
No key available with this passphrase.
$ dd if=/dev/zero of=test-block-dev bs=32M count=1
$ sudo cryptsetup luksFormat test-block-dev
WARNING!
========
This will overwrite data on test-block-dev irrevocably.
Are you sure? (Type uppercase yes): YES
Enter passphrase for test-block-dev: 1234567891123456789212345678931234567894123456789512345678961234
Verify passphrase: 1234567891123456789212345678931234567894123456789512345678961234
$ sudo cryptsetup --key-file test-passphrase open test-block-dev testing
No key available with this passphrase.
In contrast, both of the cryptsetup open commands succeed if running on a 5.8 kernel.
Fortunately the fix is straightforward so I hope we can get it
released to Focal. I'll send a merge request.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1942003/+subscriptions
More information about the foundations-bugs
mailing list