Bug#948921: linux-image-5.4.0-2-amd64: decrypting root partition does not work on 5.4.0 (works on 5.3.0) with decrypt_keyctl

To: Luc Maisonobe <luc@spaceroots.org>, 948921@bugs.debian.org
Subject: Bug#948921: linux-image-5.4.0-2-amd64: decrypting root partition does not work on 5.4.0 (works on 5.3.0) with decrypt_keyctl
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 15 Jan 2020 21:24:44 +0100
Message-id: <[🔎] 20200115202444.GB991629@eldamar.local>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 948921@bugs.debian.org
In-reply-to: <[🔎] af5ab640-9800-e5cf-ae0f-fe3069145762@spaceroots.org>
References: <[🔎] 157903105094.2380.3930152496779778070.reportbug@marislae.si.c-s.fr> <[🔎] 157903105094.2380.3930152496779778070.reportbug@marislae.si.c-s.fr> <[🔎] af5ab640-9800-e5cf-ae0f-fe3069145762@spaceroots.org> <[🔎] 157903105094.2380.3930152496779778070.reportbug@marislae.si.c-s.fr>

Hi Luc,

On Wed, Jan 15, 2020 at 09:22:05AM +0100, Luc Maisonobe wrote:
> Here are some additional informations about the problem.
> 
> I rechecked it was not a keyboard layout problem by setting up
> an additional luks key, a very short one that used only keys that
> were at the same position in both qwerty and azerty. It does
> not work, so it's definitely not a keyboard problem.
> 
> The error I get on boot is as follows:
> 
>   Caching passphrase for sdb1_crypt:***********************
>   [  15.212421] device-mapper: table: 253:0: crypt: Error allocating
> crypto tfm
>   device-mapper: reload ioctl on   failed: No such file or directory
>   cryptsetup: ERROR: sdb1_crypt: cryptsetup failed, bad password or options?
> 
>   Caching passphrase for sdb1_crypt:
> 
> I tried to use a key file instead of a key typed by user just
> like I did on the other laptop. I do not want to use this method
> for  this specific machine for security reasons (it should not be
> abel to boot unattended), but tried it temporarily. I regenerated
> the initramfs after changing the /etc/crypttab file, but it didn't
> work either. When generating initramfs, I got the following warning,
> so it may explain why it didn't work.
> 
>   cryptsetup: WARNING: Skipping root target sdb1_crypt: uses a key file
> 
> In this case (booting with a key file), the error was different:
> 
>   Volume group "vg-ssd" not found
>   Cannot process volume group vg-ssd
>   Volume group "vg-hdd" not found
>   Cannot process volume group vg-hdd
>   Volume group "vg-hdd" not found
>   Cannot process volume group vg-hdd
>   Volume group "vg-hdd" not found
>   ...
>   Cannot process volume group vg-hdd
>   Volume group "vg-hdd" not found
>   Cannot process volume group vg-hdd
>   mdadm: error opening /dev/md?*: No such file or directory
>   Cannot process volume group vg-hdd
>   Volume group "vg-hdd" not found
> 
> then the boot process drops to initramfs shell. Exploring the filesystem
> at this stage, I didn't find the key file.

Your issue sounds like #948593. In case yes, we should reassign and
merge it with that bug.

Regards,
Salvatore

Reply to:

Follow-Ups:
- Bug#948921: linux-image-5.4.0-2-amd64: decrypting root partition does not work on 5.4.0 (works on 5.3.0) with decrypt_keyctl
  - From: luc <luc@spaceroots.org>

References:
- Bug#948921: linux-image-5.4.0-2-amd64: decrypting root partition does not work on 5.4.0 (works on 5.3.0) with decrypt_keyctl
  - From: Luc Maisonobe <luc@apache.org>
- Bug#948921: linux-image-5.4.0-2-amd64: decrypting root partition does not work on 5.4.0 (works on 5.3.0) with decrypt_keyctl
  - From: Luc Maisonobe <luc@spaceroots.org>

Prev by Date: Bug#943398: linux-perf-5.2: perf report segmentation fault
Next by Date: Bug#949012: Error generating boot image
Previous by thread: Bug#948921: linux-image-5.4.0-2-amd64: decrypting root partition does not work on 5.4.0 (works on 5.3.0) with decrypt_keyctl
Next by thread: Bug#948921: linux-image-5.4.0-2-amd64: decrypting root partition does not work on 5.4.0 (works on 5.3.0) with decrypt_keyctl
Index(es):
- Date
- Thread