Re: A 2.4.[57] kernel crypto problem

To: debian-security@lists.debian.org, Pavel Minev Penev <kal_pav@sz.techno-link.com>
Subject: Re: A 2.4.[57] kernel crypto problem
From: Stefan Srdic <linuxbox@telusplanet.net>
Date: Sun, 6 Jan 2002 04:10:12 -0700
Message-id: <[🔎] 02010604101200.00374@NodeFilter>
In-reply-to: <[🔎] 20020106230028.A1812@sz.techno-link.com>
References: <[🔎] 20020106230028.A1812@sz.techno-link.com>

On January 6, 2002 02:00 pm, Pavel Minev Penev wrote:
>
> Hello.
>
> I had a peculiar experience with a password (forgot it). It is the
> password for an AE
> S-encrypted partition on my HDD. I am using the loop
> device and the international kernel patch. I wrote a brute-forcer
> (didn't find docs and stole a lot of code from mount and losetup).
>
> The problem is that when I leave the brute-forcer working for a longer
> time (about 5 seconds on my 750 MHz Duron) when I press Ctrl-C (the
> brute-forcer catches the signal and tries to save the session) the
> kernel seems to deadlock. It is most probably the loop device driver.
> There are about 3304 proceses with sequential PIDs and names of
> "[loop7 <defunct>]", and are all zombies. If I try to start an app. as
> root I get something like "fork: resource temporarily unavailable", or
> "INIT: cannot fork; retrying...". Also, I can't `losetup /dev/loop7`,
> since it pauses, issuing nothing. As a normal user I seem to be able to
> work as usual. After a short period of time `init` seems to start
> functioning and switch the run-level. The brute-forcer works as follows:
> 	1. Generate billions of passwords.
> 	For each of them:
> 		1. Setup a loop device.
> 		2. Read the block after the 1024-th byte and check it
> 		for Ext2/Ext3's magic ID.
> 		If the ID matches:
> 			1. Print the password.
> 		3. Deconfigure the loop device.
> The brute-forcer works fine for short periods of time.
>
> I've tried this on kernels 2.4.15 and 2.4.17, it's all the same
> (although the 2.4.17 Changelog says about a number of bug-fixes in the
> loop-back driver).
>
> I was wonder
> ing if you could tell me about any known or unknown problems
> with the kernel crypto, or help me realise my stupidity.
>
> Comment: Sorry if this is too off-topic, I could post it to the Linux
> kernel mailing list if you prefer.

There's a warning in announce.txt in the testing directory that you might not 
have seen:

*WARNING* this is meant for the brave ones (read beta-testers ;), which
want to do some tests, and hopefully report back any problems they
encounter!

Perhaps just using the standalone loop-aes module would be better in your 
case:

http://loop-aes.sourceforge.net/

It's worth a try.

Stef

Reply to:

Follow-Ups:
- Re: A 2.4.[57] kernel crypto problem
  - From: Pavel Minev Penev <kal_pav@sz.techno-link.com>

References:
- A 2.4.[57] kernel crypto problem
  - From: Pavel Minev Penev <kal_pav@sz.techno-link.com>

Prev by Date: A 2.4.[57] kernel crypto problem
Next by Date: RE: Secure Finger Daemon
Previous by thread: A 2.4.[57] kernel crypto problem
Next by thread: Re: A 2.4.[57] kernel crypto problem
Index(es):
- Date
- Thread