Truecrypt 4.2a and Kernel 2.6.18 and 2.6.19 support

Posted by jaalto on Wed 20 Dec 2006 at 09:13

Truerypt is Open Source disk encryption software which uses concept of containers to store encrypted data. It can also encrypt whole partitions. The nice thing with Truecrypt is that the containers (or volumes) can be read transparently under Linux and Windows.

Truecrypt is primarily developed as a Windows software and newest Linux support may be lagging behind. Communicating with the TrueCrypt development team which is difficult because it seems to consider patches and fixes "unsolicited" [1]: 

> Version 4.2a does not compile under Kernel 2.6.19.
> Here is patch to fix it.

This is a feature request tracker, not a patch/bug tracker.
File deleted (unsolicited/irrelevant).

Btw, truecrypt project does not have patch, bug or support tracker, so the response was a little surprising.

SUPPORT FOR NEW KERNELS

Latest truecrypt 4.2a was released 2006-07-03. Since then kernel 2.6.18 was released (2006-09-19) and 2.6.19 (2006-11-29). The following patch may interest those who want to upgrade their kernels and keep Truecrypt working.

1. Download appropriate kernel 

   apt-get install linux-source-2.6.x

2. unpack and make symlink 

   cd /usr/src
   tar -zxvf linux-source-2.6.x*.gz
   # Delete old symlink
   rm -f linux
   ln -s linux-source-2.6.x linux

3. Download 4.2a source code from http://www.truecrypt.org/

4. Unpack archive and apply patch[2] 

   cd truecrypt-4.2a/
   patch -p1 < truecrypt-4.2a-*.patch

5. Go to unpacked Linux/ directory and run make 

   cd  Linux/Kernel
   make KERNEL_SRC=/usr/src/linux NO_WARNINGS=1

6. Dismount all truecrypt volumes 

   truecrypt -d

7. Install kernel module 

    cd ..      (that is: truecrypt-4.2a/Linux)
    sh install.sh

8. Reboot; just in case

[1] https://sourceforge.net/tracker/?func=detail&atid=686838&aid=1613242&group_id=120388

[2] The Patch. In case you have trouble copy pasting from here, you can get the patch at http://cante.net/~jaalto/tmp/bug/truecrypt/ 

--- truecrypt-4.2a/Linux/Kernel/Dm-target.c     2006-12-11 17:50:46.000000000 +0200
+++ truecrypt-4.2a.new/Linux/Kernel/Dm-target.c 2006-12-10 19:32:43.000000000 +0200
@@ -22,6 +22,35 @@
 #include "Tests.h"
 #include "Dm-target.h"

+/* http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.17-rc1
+ *
+ * commit 4ee218cd67b385759993a6c840ea45f0ee0a8b30
+ * Author: Andrew Morton 
+ * Date: Mon Mar 27 01:17:48 2006 -0800
+ *
+ * [PATCH] dm: remove SECTOR_FORMAT
+ *
+ * We don't know what type sector_t has. Sometimes it's unsigned long, sometimes
+ * it's unsigned long long. For example on ppc64 it's unsigned long with
+ * CONFIG_LBD=n and on x86_64 it's unsigned long long with CONFIG_LBD=n.
+ *
+ * The way to handle all of this is to always use unsigned long long and to
+ * always typecast the sector_t when printing it.
+ *
+ * Acked-by: Alasdair G Kergon 
+ * Signed-off-by: Andrew Morton 
+ * Signed-off-by: Linus Torvalds 
+ *
+ */
+
+#ifndef SECTOR_FORMAT
+#   ifndef CONFIG_LBD /* Large Block Device defined*/
+#     define SECTOR_FORMAT "%lu" /* No 32Bit uint */
+#   else
+#     define SECTOR_FORMAT "%llu" /* Yes 64Bit uint */
+#   endif
+#endif
+
 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,5)
 #error Linux kernel 2.6.5 or later required
 #endif
@@ -29,6 +58,11 @@+
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,18)
+#  define DM_MSG_PREFIX MSG_PREFIX
+#endif
+
 #define error(fmt, args...) printk(KERN_ERR MSG_PREFIX fmt, ## args)
 #define trace(level, fmt, args...) level <= trace_level && printk(KERN_DEBUG MSG_PREFIX fmt, ## args)
 #define dbg(fmt, args...) printk(KERN_DEBUG MSG_PREFIX fmt, ## args)
@@ -125,7 +159,11 @@
                        return p;

                trace (3, "blk_congestion_wait\n");
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,19)
+               congestion_wait (direction, HZ / 50);
+#else
                blk_congestion_wait (direction, HZ / 50);
+#endif
        }
 }

@@ -497,7 +535,11 @@
        while (!(bion = bio_alloc (GFP_NOIO | __GFP_NOMEMALLOC, bio_segments (bio))))
        {
                trace (3, "blk_congestion_wait\n");
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,19)
+               congestion_wait (bio_data_dir (bio), HZ / 50);
+#else
                blk_congestion_wait (bio_data_dir (bio), HZ / 50);
+#endif
        }

        bion->bi_bdev = tc->dev->bdev;
@@ -699,6 +741,12 @@
 module_param_named(trace, trace_level, int, 0);

 MODULE_AUTHOR("TrueCrypt Foundation");
+
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,18)
+MODULE_DESCRIPTION(DM_MSG_PREFIX " target for encryption and decryption of TrueCrypt volumes");
+#else
 MODULE_DESCRIPTION(DM_NAME " target for encryption and decryption of TrueCrypt volumes");
+#endif
+
 MODULE_PARM_DESC(trace, "Trace level");
 MODULE_LICENSE("GPL and additional rights"); // Kernel thinks only GPL/BSD/MPL != closed-source code

 int trace_level = 0;

 #define MSG_PREFIX "truecrypt: "

This article can be found online at the Debian Administration website at the following bookmarkable URL:

This article is copyright 2006 jaalto - please ask for permission to republish or translate.