On Tue, 9 Sep 2025, Ingo Franzki wrote:
> However, combined encryption and integrity seems to have problems. Not
> sure if this is related to your changes in dm-integrity, or if there is
> still something missing in dm-crypt, or the interface between the two:
>
> I did:
>
> # cryptsetup luksFormat --type luks2 --master-key-file '<key-file>'
> --key-size <size-of-encryption-key-in-bits> --cipher paes-xts-plain64
> --pbkdf argon2i --pbkdf-memory 32 --pbkdf-force-iterations 4 --integrity
> phmac-sha256 --integrity-key-size <size-of-integrity-key-in-bits>
> /dev/loop0
>
> # cryptsetup luksOpen /dev/loop0 int-loop
>
> The open step succeeds, but the following errors are shown in the journal:
>
> Sep 09 04:54:50 fedora kernel: crypt_convert_block_aead: 12 callbacks
> suppressed
> Sep 09 04:54:50 fedora kernel: trusted_key: device-mapper: crypt: dm-0:
> INTEGRITY AEAD ERROR, sector 350976
> Sep 09 04:54:50 fedora kernel: trusted_key: device-mapper: crypt: dm-0:
> INTEGRITY AEAD ERROR, sector 350976
> Sep 09 04:54:50 fedora kernel: buffer_io_error: 3 callbacks suppressed
> Sep 09 04:54:50 fedora kernel: Buffer I/O error on dev dm-1, logical block
> 43872, async page read
> Sep 09 04:54:50 fedora 55-scsi-sg3_id.rules[2378]: WARNING: SCSI device dm-1
> has no device ID, consider changing .SCSI_ID_SERIAL_SRC in
> 00-scsi-sg3_config.rules
In this mode, the encryption, decryption and authentication is done by
dm-crypt, not dm-integrity. dm-integrity just passes the tags around.
So, it looks like a dm-crypt bug.
Please, revert my patches and run the same test on a clean 6.17.0-rc5 just
to verify that the patches do not introduce the bug.
Mikulas
