help on mipsel needed
Hi there, I think I got stuck on ecryptfs after attempting different ways to make it work.
I'm using a 2.6.31 kernel on a mipsel architecture. Kernel compiles fine, ecryptfs module insmod is ok too.
I'm also using keyutils 1.4. (can't compile any higher version due to my cross system oldness)
I've copied a file and encrypted it on a ext3 fs, using my PC, and got the signature key from ecryptfs.
Now the problems are on my mips box, which refuses to authenticate my signature.
- first of all I mount a USB hard disk where I've got my encrypted file
- insmod of ecryptfs
- add the signature to the kernel keyring with this command:
./keyctl add user 6780c1827fb61d62 "new ecryptfs user:test 16" @u
- mount ecryptfs over ext3 overlaying the folder
mount -t ecryptfs -o ecryptfs_
(please keep in mind that I've got busybox and not a full bash shell, so I'm not even sure I can have the mount interactive mode)
It says: "mount: mounting /mnt/pendrive on /mnt/pendrive failed: Invalid argument"
Tailing dmesg I read this:
[ 3538.955000] auth_tok version : 0x656e
[ 3538.959000] ecryptfs_
[ 3538.968000] Data structure version mismatch. Userspace tools must match eCryptfs kernel module with major version [0] and minor version [4]
[ 3538.980000] Could not find valid key in user session keyring for sig specified in mount option: [6780c1827fb61d62]
[ 3538.991000] One or more global auth toks could not properly register; rc = [-22]
[ 3538.998000] Error parsing options; rc = [-22]
The first printk is mine. That is the auth_tok version that ecryptfs_
This would be the first question I've got. What is the correct way to have a signature working just using mount and keyutils ? I read lot of documentation all over, but it seems there are a bunch of different commands that changed in time, and I can't understand what were those supported by 2.6.31.
After this I thought of using ecryptfs-utils, to add the key with ecryptfs-
No luck at all ! I just need AES to do my purpose, so basically just openssl.
The package configure script allows you to disable pam, nss, pkcs11 and so on, but then in the source code I found #includes that are not conditioned by those flags. For example in main.c of libecryptfs you find
#include <nss.h>
#include <pk11func.h>
So it's impossible for me to compile the tool on mips without dragging in Mozilla stuff which I don't need at all !
Is there any patch as far as you know that fixes this lack ?
If you need any further info to help me get this working I would be very happy to provide it.
Thank you very much in advance !
Massimo
Question information
- Language:
- English Edit question
- Status:
- Open
- For:
- eCryptfs Edit question
- Assignee:
- No assignee Edit question
- Last query:
- Last reply:
Can you help with this problem?
Provide an answer of your own, or ask mcallegari for more information if necessary.