Fix crypto backend to properly handle ECB mode.

Despite it should be never used, it should still work :)

Bug introduced in version 2.3.2.

lib/crypto_backend/crypto_storage.c

@@ -64,7 +64,7 @@ static int crypt_sector_iv_init(struct crypt_sector_iv *ctx,
 	memset(ctx, 0, sizeof(*ctx));
 
 	ctx->iv_size = crypt_cipher_ivsize(cipher_name, mode_name);
-	if (ctx->iv_size < 8)
+	if (ctx->iv_size < 0 || (strcmp(mode_name, "ecb") && ctx->iv_size < 8))
 		return -ENOENT;
 
 	if (!strcmp(cipher_name, "cipher_null") ||

tests/compat-test2

@@ -1023,5 +1023,14 @@ echo $PWD3 | $CRYPTSETUP luksConvertKey --key-slot 22 $LOOPDEV --keyslot-cipher
 [ "$($CRYPTSETUP luksDump $IMG | grep -A8 -m1 "22: luks2" | grep "Cipher:"    | sed -e 's/[[:space:]]\+Cipher:\ \+//g')" = $KEYSLOT_CIPHER ] || fail
 [ "$($CRYPTSETUP luksDump $IMG | grep -A8 -m1 "22: luks2" | grep "Cipher key:"| sed -e 's/[[:space:]]\+Cipher\ key:\ \+//g')" = "128 bits" ] || fail
 
+prepare "[42] Some encryption compatibility mode tests" wipe
+CIPHERS="aes-ecb aes-cbc-null aes-cbc-plain64 aes-cbc-essiv:sha256 aes-xts-plain64"
+key_size=256
+for cipher in $CIPHERS ; do
+	echo -n "[$cipher/$key_size]"
+	$CRYPTSETUP -q luksFormat --type luks2 $LOOPDEV $KEY1 $FAST_PBKDF_OPT --cipher $cipher --key-size $key_size || fail
+done
+echo
+
 remove_mapping
 exit 0