diff --git a/0002-Let-cryptsetup-autodect-encryption-sector-size.patch b/0002-Let-cryptsetup-autodect-encryption-sector-size.patch
new file mode 100644
index 0000000..2b3d50c
--- /dev/null
+++ b/0002-Let-cryptsetup-autodect-encryption-sector-size.patch
@@ -0,0 +1,163 @@
+From 9ae286f69df95235fa2534fbb08e0f8c399ac6a5 Mon Sep 17 00:00:00 2001
+From: Vojtech Trefny <vtrefny@redhat.com>
+Date: Wed, 16 Jun 2021 16:15:38 +0200
+Subject: [PATCH] crypto: Let cryptsetup autodect encryption sector size when
+ not specified
+
+Thanks to this 4k sector size will be used on 4k drives.
+---
+ configure.ac         |  2 +
+ src/plugins/crypto.h |  6 +++
+ tests/crypto_test.py | 93 ++++++++++++++++++++++++++++++++++++++------
+ 3 files changed, 89 insertions(+), 12 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index abe1412f..ad71a46d 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -211,6 +211,8 @@ AS_IF([test "x$with_crypto" != "xno"],
+             [AC_DEFINE([LIBCRYPTSETUP_2])], [])
+       AS_IF([$PKG_CONFIG --atleast-version=2.3.0 libcryptsetup],
+             [AC_DEFINE([LIBCRYPTSETUP_BITLK])], [])
++      AS_IF([$PKG_CONFIG --atleast-version=2.4.0 libcryptsetup],
++            [AC_DEFINE([LIBCRYPTSETUP_24])], [])
+       AS_IF([test "x$with_escrow" != "xno"],
+             [LIBBLOCKDEV_PKG_CHECK_MODULES([NSS], [nss >= 3.18.0])
+              LIBBLOCKDEV_CHECK_HEADER([volume_key/libvolume_key.h], [$GLIB_CFLAGS $NSS_CFLAGS], [libvolume_key.h not available])],
+diff --git a/src/plugins/crypto.h b/src/plugins/crypto.h
+index a38724d9..1c8f47ea 100644
+--- a/src/plugins/crypto.h
++++ b/src/plugins/crypto.h
+@@ -38,7 +38,13 @@ typedef enum {
+ 
+ #define DEFAULT_LUKS_KEYSIZE_BITS 256
+ #define DEFAULT_LUKS_CIPHER "aes-xts-plain64"
++
++#ifdef LIBCRYPTSETUP_24
++/* 0 for autodetect since 2.4.0 */
++#define DEFAULT_LUKS2_SECTOR_SIZE 0
++#else
+ #define DEFAULT_LUKS2_SECTOR_SIZE 512
++#endif
+ 
+ typedef enum {
+     BD_CRYPTO_TECH_LUKS = 0,
+diff --git a/tests/crypto_test.py b/tests/crypto_test.py
+index 0aecc032..66934505 100644
+--- a/tests/crypto_test.py
++++ b/tests/crypto_test.py
+@@ -16,26 +16,18 @@
+ PASSWD2 = "myshinylittlepassword2"
+ PASSWD3 = "myshinylittlepassword3"
+ 
+-def have_luks2():
+-    try:
+-        succ = BlockDev.utils_check_util_version("cryptsetup", "2.0.3", "--version", r"cryptsetup ([0-9+\.]+)")
+-    except GLib.GError:
+-        return False
+-    else:
+-        return succ
+-
+ 
+-def have_bitlk():
++def check_cryptsetup_version(version):
+     try:
+-        succ = BlockDev.utils_check_util_version("cryptsetup", "2.3.0", "--version", r"cryptsetup ([0-9+\.]+)")
++        succ = BlockDev.utils_check_util_version("cryptsetup", version, "--version", r"cryptsetup ([0-9+\.]+)")
+     except GLib.GError:
+         return False
+     else:
+         return succ
+ 
+ 
+-HAVE_LUKS2 = have_luks2()
+-HAVE_BITLK = have_bitlk()
++HAVE_LUKS2 = check_cryptsetup_version("2.0.3")
++HAVE_BITLK = check_cryptsetup_version("2.3.0")
+ 
+ 
+ class CryptoTestCase(unittest.TestCase):
+@@ -964,6 +956,83 @@ def test_luks2_format(self):
+         succ = BlockDev.crypto_luks_close("libblockdevTestLUKS")
+         self.assertTrue(succ)
+ 
++
++class CryptoTestLuksSectorSize(CryptoTestCase):
++    def setUp(self):
++        if not check_cryptsetup_version("2.4.0"):
++            self.skipTest("cryptsetup encryption sector size not available, skipping.")
++
++        # we need a loop devices for this test case
++        self.addCleanup(self._clean_up)
++        self.dev_file = create_sparse_tempfile("crypto_test", 1024**3)
++        self.dev_file2 = create_sparse_tempfile("crypto_test", 1024**3)
++
++        succ, loop = BlockDev.loop_setup(self.dev_file)
++        if not succ:
++            raise RuntimeError("Failed to setup loop device for testing")
++        self.loop_dev = "/dev/%s" % loop
++
++        succ, loop = BlockDev.loop_setup(self.dev_file)
++        if not succ:
++            raise RuntimeError("Failed to setup loop device for testing")
++        self.loop_dev2 = "/dev/%s" % loop
++
++        # set sector size of the loop device to 4k
++        ret, _out, _err = run_command("losetup --sector-size 4096 %s" % self.loop_dev)
++        self.assertEqual(ret, 0)
++
++    def _clean_up(self):
++        try:
++            BlockDev.crypto_luks_close("libblockdevTestLUKS")
++        except:
++            pass
++
++        BlockDev.loop_teardown(self.loop_dev)
++        os.unlink(self.dev_file)
++
++        BlockDev.loop_teardown(self.loop_dev2)
++        os.unlink(self.dev_file2)
++
++    @tag_test(TestTags.SLOW)
++    @unittest.skipUnless(HAVE_LUKS2, "LUKS 2 not supported")
++    def test_luks2_sector_size_autodetect(self):
++        """Verify that we can autodetect 4k drives and set 4k sector size for them"""
++
++        # format the 4k loop device, encryption sector size should default to 4096
++        succ = BlockDev.crypto_luks_format(self.loop_dev, "aes-cbc-essiv:sha256", 256, PASSWD, None, 0,
++                                           BlockDev.CryptoLUKSVersion.LUKS2)
++        self.assertTrue(succ)
++
++        succ = BlockDev.crypto_luks_open(self.loop_dev, "libblockdevTestLUKS", PASSWD, None, False)
++        self.assertTrue(succ)
++
++        info = BlockDev.crypto_luks_info("libblockdevTestLUKS")
++        self.assertIsNotNone(info)
++
++        self.assertEqual(info.version, BlockDev.CryptoLUKSVersion.LUKS2)
++        self.assertEqual(info.sector_size, 4096)
++
++        succ = BlockDev.crypto_luks_close("libblockdevTestLUKS")
++        self.assertTrue(succ)
++
++        # with the 512 loop device, we should still get 512
++        succ = BlockDev.crypto_luks_format(self.loop_dev2, "aes-cbc-essiv:sha256", 256, PASSWD, None, 0,
++                                           BlockDev.CryptoLUKSVersion.LUKS2)
++        self.assertTrue(succ)
++
++        succ = BlockDev.crypto_luks_open(self.loop_dev2, "libblockdevTestLUKS", PASSWD, None, False)
++        self.assertTrue(succ)
++
++        info = BlockDev.crypto_luks_info("libblockdevTestLUKS")
++        self.assertIsNotNone(info)
++
++        self.assertEqual(info.version, BlockDev.CryptoLUKSVersion.LUKS2)
++        self.assertEqual(info.sector_size, 512)
++
++        succ = BlockDev.crypto_luks_close("libblockdevTestLUKS")
++        self.assertTrue(succ)
++
++
+ class CryptoTestIntegrity(CryptoTestCase):
+     @tag_test(TestTags.SLOW)
+     @unittest.skipUnless(HAVE_LUKS2, "LUKS 2 not supported")
diff --git a/libblockdev.spec b/libblockdev.spec
index f94dd92..5d6304c 100644
--- a/libblockdev.spec
+++ b/libblockdev.spec
@@ -125,13 +125,14 @@
 
 Name:        libblockdev
 Version:     2.25
-Release:     3%{?dist}
+Release:     4%{?dist}
 Summary:     A library for low-level manipulation with block devices
 License:     LGPLv2+
 URL:         https://github.com/storaged-project/libblockdev
 Source0:     https://github.com/storaged-project/libblockdev/releases/download/%{version}-%{release}/%{name}-%{version}.tar.gz
 Patch0:      libblockdev-gcc11.patch
 Patch1:      0001-Fix-comparing-DM-RAID-member-devices-UUID.patch
+Patch2:      0002-Let-cryptsetup-autodect-encryption-sector-size.patch
 
 BuildRequires: make
 BuildRequires: glib2-devel
@@ -685,6 +686,7 @@ A meta-package that pulls all the libblockdev plugins as dependencies.
 %setup -q -n %{name}-%{version}
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1
 
 %build
 autoreconf -ivf
@@ -988,6 +990,9 @@ find %{buildroot} -type f -name "*.la" | xargs %{__rm}
 %files plugins-all
 
 %changelog
+* Mon Jul 19 2021 Vojtech Trefny <vtrefny@redhat.com> - 2.25-4
+- crypto: Let cryptsetup autodect encryption sector size
+
 * Thu Jun 03 2021 Python Maint <python-maint@redhat.com> - 2.25-3
 - Rebuilt for Python 3.10