Opened 4 years ago

Last modified 4 years ago

#16459 new defect

cryptsetup destroys encrypted volume when trying to add a key

Reported by: anonymous Owned by: developers
Priority: normal Milestone: Barrier Breaker 14.07
Component: packages Version: Attitude Adjustment 12.09
Keywords: cryptsetup LUKS ar71xx Cc:


I use OpenWrt version AA on TP-Link TL-MR3020. This device is powerful enough to handle LUKS encrypted external disks with a speed of about 1MB/s (which is quite suitable for, e.g., downloading and local sharing of rare torrents). Most of the packages are fresh builds installed via opkg, the only intentionally broken dependency is lvm2 (because it needs about 500Kb of internal flash memory, and is not very much needed).

But the LUKS support in this version of OpenWrt is too buggy. Here's the bug which is dangerous and easy to reproduce: when using cryptsetup (with cipher "aes-xts-plain" and hash "sha1" having all needed packages except lvm2), you may open and use LUKS encrypted volume (though it may fail after minutes of activity), but when you try to add a passkey with "luksAddKey", it results in destroying all the LUKS keyslots and thus losing all the data on the volume. This option definitely needs to be either fixed or blocked.

Attachments (0)

Change History (1)

comment:1 Changed 4 years ago by jow

  • Milestone changed from Attitude Adjustment 12.09 to Barrier Breaker 14.07

Milestone Attitude Adjustment 12.09 deleted

Add Comment

Modify Ticket

as new .

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.