Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-115314

[RHEL9.8] OPAL support is disabled in libcryptsetup since cryptsetup rebase to 2.8

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Not a Bug
    • Icon: Undefined Undefined
    • None
    • rhel-9.8
    • cryptsetup
    • None
    • No
    • None
    • rhel-storage-crs
    • None
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      What were you trying to do that didn't work?

      What is the impact of this issue to you?

      Please provide the package NVR for which the bug is seen:

      How reproducible is this bug?:

      Steps to reproduce

      1. # echo e WEJXQ81EZ6Y69N0T15RLB3XASZ92VWKP | cryptsetup  erase /dev/nvme0n1   -q  -hw-opal-factory-reset 
        OPAL support is disabled in libcryptsetup.
      2.  
      3.  

      Expected results

      Actual results

      [root@storageqe-64 libblockdev]# echo -e WEJXQ81EZ6Y69N0T15RLB3XASZ92VWKP | cryptsetup  erase /dev/nvme0n1   -q  --hw-opal-factory-reset  --debug 
# cryptsetup 2.8.1 processing "cryptsetup erase /dev/nvme0n1 -q --hw-opal-factory-reset --debug"
# Verifying parameters for command erase.
# Running command erase.
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.
# Allocating context for crypt device /dev/nvme0n1.
# Trying to open device /dev/nvme0n1 with direct-io.
# Initialising device-mapper backend library.
# Limiting PSID keyfile size to 32 characters.
# STDIN descriptor passphrase entry requested.
OPAL support is disabled in libcryptsetup.
# Releasing crypt device /dev/nvme0n1 context.
# Releasing device-mapper backend.
Command failed with code -1 (wrong or missing parameters).


[root@storageqe-64 libblockdev]# grep -rni 'opal' /boot/config-5.14.0-613.el9.x86_64 
988:CONFIG_BLK_SED_OPAL=y

[root@storageqe-64 libblockdev]# cryptsetup --help |grep -i opal
      --hw-opal                           Use HW OPAL encryption together with
      --hw-opal-factory-reset             Wipe WHOLE OPAL disk on luksErase
      --hw-opal-only                      Use only HW OPAL encryption
[root@storageqe-64 libblockdev]# 
[root@storageqe-64 libblockdev]# rpm -qa| grep cryptsetup
cryptsetup-libs-2.8.1-2.el9.x86_64
cryptsetup-debugsource-2.8.1-2.el9.x86_64
cryptsetup-debuginfo-2.8.1-2.el9.x86_64
cryptsetup-devel-2.8.1-2.el9.x86_64
cryptsetup-libs-debuginfo-2.8.1-2.el9.x86_64
cryptsetup-2.8.1-2.el9.x86_64
[root@storageqe-64 libblockdev]# 

              okozina@redhat.com Ondrej Kozina
              guazhang@redhat.com Guangwu Zhang
              Ondrej Kozina Ondrej Kozina
              storage-qe storage-qe
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: