** Description changed:

- Description will follow
+ Problem Description:
+ Environment: z14 VM Guest system with one CEX6C CCA coprocessor
+ in toleration mode (i.e. CEX6 HW presented as CEX5)
+ OS: Ubuntu 18.04 Prerelease
+ Setting up a second dm-crypt device using protected CCA paes-xts keys fails.
+ The problem is reproducible.
+ Details
+ =======
+ Setting up two or more plain end-to-end encrypted disks using 'cryptsetup'
+ fails when using a cipher based on the protected key mechanism.
+ The setup needs the paes and pkey modules loaded, the former providing the
+ paes-xts-plain64 cipher (cat /proc/crpyto |grep paes).
+ A second attempt to establish an end-to-end encrypted disk fails
+ with : "device-mapper: reload ioctl on failed: No such file or directory."
+ The problem is independent of the second encrypted disk being based on a
+ second DASD or second partition on one DASD.
+ ---uname output---
+ Linux s3514004 4.13.0-25-generic #29-Ubuntu SMP Mon Jan 8 21:15:56 UTC 2018 
s390x s390x s390x GNU/Linux
+ ---Steps to Reproduce---
+ 1.) The following cryptsetup statement works, and is the first one I issued.
+ cryptsetup plainOpen --key-file securekey.bin --key-size 1024 --cipher 
paes-xts-plain64 /dev/disk/by-path/ccw-0.0.NNNN-part1 enc-pv1
+ 2.) After this successful statement, I issued the following:
+ cryptsetup plainOpen --key-file securekey.bin --key-size 1024 --cipher 
paes-xts-plain64 /dev/disk/by-path/ccw-0.0.NNNN-part2 enc-pv2
+ device-mapper: reload ioctl on failed: No such file or directory.
+ See attached patch (comment #1) as fix.

** Also affects: ubuntu-z-systems
   Importance: Undecided
       Status: New

** Changed in: ubuntu-z-systems
       Status: New => Triaged

** Changed in: ubuntu-z-systems
   Importance: Undecided => High

** Changed in: ubuntu-z-systems
     Assignee: (unassigned) => Canonical Kernel Team (canonical-kernel-team)

You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

  [Ubuntu 18.04] cryptsetup: 'device-mapper: reload ioctl on  failed'
  when setting up a second end-to-end encrypted disk

To manage notifications about this bug go to:

ubuntu-bugs mailing list

Reply via email to