diff --git a/lib/luks2/luks2_json_metadata.c b/lib/luks2/luks2_json_metadata.c
index 8a7f1e31..38bfefca 100644
--- a/lib/luks2/luks2_json_metadata.c
+++ b/lib/luks2/luks2_json_metadata.c
@@ -1263,9 +1263,11 @@ int LUKS2_config_set_flags(struct crypt_device *cd, struct luks2_hdr *hdr, uint3
 	jobj_flags = json_object_new_array();
 
 	for (i = 0; persistent_flags[i].description; i++) {
-		if (flags & persistent_flags[i].flag)
+		if (flags & persistent_flags[i].flag) {
+			log_dbg("Setting persistent flag: %s.", persistent_flags[i].description);
 			json_object_array_add(jobj_flags,
 				json_object_new_string(persistent_flags[i].description));
+		}
 	}
 
 	/* Replace or add new flags array */
@@ -1912,7 +1914,7 @@ int LUKS2_activate(struct crypt_device *cd,
 		}
 
 		snprintf(dm_int_name, sizeof(dm_int_name), "%s_dif", name);
-		r = INTEGRITY_activate(cd, dm_int_name, NULL, NULL, NULL, NULL, flags);
+		r = INTEGRITY_activate(cd, dm_int_name, NULL, NULL, NULL, NULL, dmd.flags);
 		if (r)
 			return r;
 
diff --git a/lib/setup.c b/lib/setup.c
index ef4d4539..5321a30d 100644
--- a/lib/setup.c
+++ b/lib/setup.c
@@ -3337,13 +3337,14 @@ int crypt_deactivate(struct crypt_device *cd, const char *name)
 int crypt_get_active_device(struct crypt_device *cd, const char *name,
 			    struct crypt_active_device *cad)
 {
-	struct crypt_dm_active_device dmd;
+	struct crypt_dm_active_device dmd = {}, dmdi = {};
+	const char *namei = NULL;
 	int r;
 
 	if (!cd || !name || !cad)
 		return -EINVAL;
 
-	r = dm_query_device(cd, name, 0, &dmd);
+	r = dm_query_device(cd, name, DM_ACTIVE_DEVICE, &dmd);
 	if (r < 0)
 		return r;
 
@@ -3352,6 +3353,14 @@ int crypt_get_active_device(struct crypt_device *cd, const char *name,
 	    dmd.target != DM_INTEGRITY)
 		return -ENOTSUP;
 
+	/* For LUKS2 with integrity we need flags from underlying dm-integrity */
+	if (isLUKS2(cd->type) && crypt_get_integrity_tag_size(cd)) {
+		namei = device_dm_name(dmd.data_device);
+		if (namei && dm_query_device(cd, namei, 0, &dmdi) >= 0)
+			dmd.flags |= dmdi.flags;
+	}
+	device_free(dmd.data_device);
+
 	if (cd && isTCRYPT(cd->type)) {
 		cad->offset	= TCRYPT_get_data_offset(cd, &cd->u.tcrypt.hdr, &cd->u.tcrypt.params);
 		cad->iv_offset	= TCRYPT_get_iv_offset(cd, &cd->u.tcrypt.hdr, &cd->u.tcrypt.params);