[CipherShed Devs] Setup fails to upgrade boot loader

Rocki Hack rocki.hack at gmail.com
Tue Jan 6 06:02:46 CST 2015


I compiled ciphershed based on my last commit
(d79fb95128a8bd46e66d05fd8e540b474bc634f0)
and the serpent bootloader is 13.222 bytes in size.

Maybe jason's crc changes increased the bootloader size...

2015-01-04 8:39 GMT+01:00 Jason Pyeron <jpyeron at pdinc.us>:

>
> > -----Original Message-----
> > From: Rocki Hack
> > Sent: Saturday, January 03, 2015 21:15
> >
> > The bootloader must not exceed 26 sectors (26 * 512byte) in size,
> > otherwise the backup loader doesn't fit and it fails.
> >
> > This problem only occurs when serpent is used.
> >
> > ---
> >
> >
> > size + TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT *
> > TC_SECTOR_SIZE_BIOS <= TC_BOOT_LOADER_BACKUP_SECTOR_COUNT *
> > TC_SECTOR_SIZE_BIOS
> >
> > TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT = 4
> > TC_BOOT_LOADER_BACKUP_SECTOR_COUNT = 30
> >
> > -> size + 4 * TC_SECTOR_SIZE_BIOS <= 30 * TC_SECTOR_SIZE_BIOS
> > -> size <= 26 * TC_SECTOR_SIZE_BIOS (-> FALSE)
> >
> > CipherShed Serpent BootLoader.com.gz = 14.426 Bytes
> > -> 14.426 Bytes / 512 BytesPerSector = ~28.1757 -> 29 sectors
> >
> > TrueCrypt Serpent BootLoader.com.gz = 13.218 Bytes
> > -> 13.218 Bytes / 512 BytesPerSector = ~25,8164 -> 26 sectors
>
> Well I have a reproducable test to confirm this.
>
> >
> > ---
> >
> >
> > 2015-01-04 1:10 GMT+01:00 compul <compul at coletteral.net>:
> >
> >
> >       On Sat, 3 Jan 2015 19:05:26 -0500
> >
> >       "Jason Pyeron" <jpyeron at pdinc.us> wrote:
> >
> >       > > -----Original Message-----
> >       > > From: compul
> >       > > Sent: Saturday, January 03, 2015 18:50
> >       > >
> >       > > On Sat, 3 Jan 2015 12:49:32 -0500
> >       > > "Jason Pyeron" <jpyeron at pdinc.us> wrote:
> >       > >
> >       > > > > -----Original Message-----
> >       > > > > From: jpyeron
> >       > > > > Sent: Saturday, January 03, 2015 10:36
> >       > > > > To: 'CipherShed Developers List'
> >       > > > > Subject: [CipherShed Devs] Setup fails to
> > upgrade boot loader
> >       > > > >
> >       > > > > > -----Original Message-----
> >       > > > > > From: Niklas Lemcke
> >       > > > > > Sent: Saturday, January 03, 2015 6:49
> >       > > > > >
> >       > > > > >
> >       > > > > > So I tried to upgrade using the new
> > installer, and things
> >       > > > > got funky. [1]
> >       > > > > >
> >       > > > > > 1:
> >       > > > >
> > http://lists.ciphershed.org/pipermail/devs/attachments/2015010
> >       > > > > 3/79bd32a9/attachment-0001.pdf
> >       > > > >
> >       > > > > There are a few items to address here:
> >       > > > >
> >       > > > > 1: The boot loader failed to upgrade
> >       > > > >
> >       > > > > BootEncryption.cpp:1072:
> >       > > > >                 // Backup of decompressor and
> > boot loader
> >       > > > >                 if (size +
> >       > > > > TC_BOOT_LOADER_DECOMPRESSOR_SECTOR_COUNT *
> >       > > > > TC_SECTOR_SIZE_BIOS <=
> > TC_BOOT_LOADER_BACKUP_SECTOR_COUNT *
> >       > > > > TC_SECTOR_SIZE_BIOS)
> >       > > > >                 {
> >       > > > >                         memcpy (buffer +
> > TC_SECTOR_SIZE_BIOS +
> >       > > > > TC_BOOT_LOADER_BACKUP_SECTOR_COUNT *
> > TC_SECTOR_SIZE_BIOS,
> >       > > > >                                 buffer +
> > TC_SECTOR_SIZE_BIOS,
> >       > > > > TC_BOOT_LOADER_BACKUP_SECTOR_COUNT *
> > TC_SECTOR_SIZE_BIOS);
> >       > > > >
> >       > > > >
> > buffer[TC_BOOT_SECTOR_CONFIG_OFFSET] |=
> >       > > > > TC_BOOT_CFG_FLAG_BACKUP_LOADER_AVAILABLE;
> >       > > > >                 }
> >       > > > >                 else if (!rescueDisk &&
> > bootLoaderId != IDR_BOOT_LOADER)
> >       > > > >                 {
> >       > > > >                         throw
> > ParameterIncorrect (SRC_POS);
> >       > > > >                 }
> >       > > > >
> >       > > > > What I see here is that bootLoaderId is not the
> > right id for
> >       > > > > "Boot\\Windows\\Release\\BootLoader.com.gz"
> >       > > > >
> >       > > > > 2: The error message is not that useful
> >       > > > >
> >       > > > > 2.1: cannot copy / paste this
> >       > > > >
> >       > > > > Parameter Incorrect
> >       > > > > (If you report a bug in connection with this,
> > please include
> >       > > > > the following technical informationin the bug report:
> >       > > > >
> > CipherShed::BootEncryption::CreateBootLoaderInMemory:1082)
> >       > > > >
> >       > > > > 2.2: does not say why.
> >       > > > >
> >       > > > > Failed to upgrade the CipherShed Boot Loader.
> >       > > > >
> >       > > > > 3: The installation failed as a whole but the
> > last message
> >       > > > > (from windows?) say lets reboot because all is well
> >       > > > >
> >       > > > > Is the installer reporting a wrong exit code?
> >       > > > >
> >       > > > > 4: Need more details to reproduce.
> >       > > > >
> >       > > > > Assuming Win 7 64 bit, latest patches, TC71a
> > installed with
> >       > > > > encrypted system disk? Which setup did you run,
> > Debug or Release?
> >       > >
> >       > > As before, Win 7 64bit enterprise, SP 1, latest patches.
> >       > > TC7.1a installed with encrypted system disk (Serpent). I ran
> >       > > the Release setup.
> >       >
> >       > Hmmm, in your case it should be
> > IDR_BOOT_LOADER_SERPENT, but why does the code not allow that?
> >       >
> >       > Quote: else if (!rescueDisk && bootLoaderId !=
> > IDR_BOOT_LOADER)
> >       >
> >       > Saving my speculation on the issues of TC71a.
> >       >
> >       > Off to reproduce it.
> >       >
> >       > >
> >       > > > >
> >       > > >
> >       > > > Using the release build, on win 7 x64 with TC71a installed
> >       > > on encrypted disk, I cannot reproduce. Need more data.
> >       > > >
> >       > > > What crypto is used for the disk?
> >       > > >
> >       > > > > 5: Did using system restore fix it? Did
> > reinstalling fix it?
> >       > > > > By fix, mean that you can reboot and have a
> > useable system.
> >       > >
> >       > > Yes, I did _not_ reboot, but run the system restore
> > which had
> >       > > been created during the setup, and the system is
> > still useable.
> >       >
> >       > I would be curious if after reboot the system still
> > works when doint the system restore.
> >
> >
> >       As I said, I immediately did a system restore, and
> > tried rebooting, which went fine.
> >
> >       >
> >       > -Jason
> >       >
> >       > _______________________________________________
> >       > devs mailing list
> >       > devs at lists.ciphershed.org
> >       > https://lists.ciphershed.org/mailman/listinfo/devs
> >
> >
> >
> >       --
> >       Niklas Lemcke - 林樂寬
> >
> >
> >       _______________________________________________
> >       devs mailing list
> >       devs at lists.ciphershed.org
> >       https://lists.ciphershed.org/mailman/listinfo/devs
> >
> >
> >
> >
> >
>
> --
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> -                                                               -
> - Jason Pyeron                      PD Inc. http://www.pdinc.us -
> - Principal Consultant              10 West 24th Street #100    -
> - +1 (443) 269-1555 x333            Baltimore, Maryland 21218   -
> -                                                               -
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> This message is copyright PD Inc, subject to license 20080407P00.
>
>
> _______________________________________________
> devs mailing list
> devs at lists.ciphershed.org
> https://lists.ciphershed.org/mailman/listinfo/devs
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ciphershed.org/pipermail/devs/attachments/20150105/e7190a82/attachment-0001.html>


More information about the devs mailing list