Full-Disk-Encryption

@nioncode, would be great if you could have a look at below.

I’ve cryptesetup with all libs as reported by strace put in what I export as LD_LIBRARY_PATH=/flash/crypt/lib

The /flash/crypt/sbin/cryptsetup exists too though everytime I try to run it error says "not found". This is rather weird message and smells like something is missing on busybox side to start.
Insmod is done, there is no such string in cryptsetup.
The cryptsetup I’ve is one retrieved using opkg install cryptsetup. It is 2.1.0-2.

I’m getting a bit clueless for the moment.

Content of /flash/crypt/ is:
./dm-mod.ko
./sbin
./sbin/cryptsetup
./dm-crypt.ko
./lib
./lib/libpopt.so.0
./lib/libgcrypt.so.20
./lib/libuuid.so.1
./lib/libcryptsetup.so.12
./lib/libm.so.6
./lib/libdevmapper.so.1.02
./lib/libblkid.so.1
./lib/libcrypto.so.1.1
./lib/libgcc_s.so.1
./lib/libpthread.so.0
./lib/libc.so.6
./lib/libssl.so.1.1
./lib/libjson-c.so.4
./lib/libdl.so.2

Thanks in advance.

#UPDATE:
Managed to get statically linked strace from (as later trail&error shows - some basic libraries are missing still):

Using it I’m getting this:
execve("/flash/crypt/sbin/cryptsetup", ["/flash/crypt/sbin/cryptsetup", “–version”], [/* 19 vars */]) = -1 ENOENT (No such file or directory)
write(2, "/flash/bin/strace_static: exec: "…, 58/flash/bin/strace_static: exec: No such file or directory
) = 58
mprotect(0x7f7d109000, 4096, PROT_READ|PROT_WRITE) = 0
mprotect(0x7f7d109000, 4096, PROT_READ) = 0
mprotect(0x7f7d109000, 4096, PROT_READ|PROT_WRITE) = 0
mprotect(0x7f7d109000, 4096, PROT_READ) = 0
munmap(0x7f7d109000, 4096) = 0
exit_group(1) = ?
+++ exited with 1 +++

UPDATE2:

with trail&error approach I’ve figured out that the list of libraries I’d need to put on the flash is much longer though even if this list it doesn’t work:
ld-2.27.so
ld-linux-aarch64.so.1 -> ld-2.27.so
libblkid.so.1 -> libblkid.so.1.1.0
libblkid.so.1.1.0
libc-2.27.so
libc.so.6 -> libc-2.27.so
libcrypto.so.1.1
libcryptsetup.so.12 -> libcryptsetup.so.12.4.0
libcryptsetup.so.12.4.0
libdevmapper.so.1.02
libdl-2.27.so
libdl.so.2 -> libdl-2.27.so
libgcc_s.so.1
libjson-c.so.4 -> libjson-c.so.4.0.0
libjson-c.so.4.0.0
libm-2.27.so
libm.so.6 -> libm-2.27.so
libpopt.so.0 -> libpopt.so.0.0.0
libpopt.so.0.0.0
libpthread-2.27.so
libpthread.so.0 -> libpthread-2.27.so
librt-2.27.so
librt.so.1 -> librt-2.27.so
libssl.so.1.1
libuuid.so.1 -> libuuid.so.1.3.0
libuuid.so.1.3.0

Sorry, haven’t been active in the forum for quite a while and only saw your response just now. Did you figure it out by now? Something is definitely a bit wrong in your setup, since you should not have to add all these libraries to your /flash/crypt/lib directory (especially things like libc), because they should be picked up from the regular initramfs.

Do you use the N2 or another device? Can you post your mount-storage.sh script and possibly the error output from a boot session?

N2 and for the interim switched over to hdd storage encryption.
Will pick up a fresh sdcard for tests to be able to post some more details (might take days, as N2 became a core device in network and everybody is at home all days long - hence no time to take the system down).
I might pick a route of testing it via qemu.

Many thanks for your reply. I’ll return to it.