[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1034810: marked as done (bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u1)

Your message dated Thu, 27 Apr 2023 00:33:47 +0200
with message-id <20230426223347.jalmgpnovtlhhafp@mraw.org>
and subject line Re: Bug#1034810: bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u1
has caused the Debian Bug report #1034810,
regarding bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1034810: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034810
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian.org@packages.debian.org
Usertags: pu
Control: affects -1 + src:cryptsetup

Dear Release Team,

[ Reason ]

It was discovered that the upstream patch mitigating #1028250 was
incomplete: `cryptsetup luksFormat` still caused OOM on some memory
constrained systems.  This was fixed upstream in a new MR, which is
backported in sid in 2:2.6.1-4.

Unfortunately the version (like -3) is barred from entering testing due
to a dependency on libargon2-1-udeb ≥0~20190702+dfsg, hence the request
to go via t-p-u instead.  See https://bugs.debian.org/1032235#107 .

[ Impact ]

Running `cryptsetup luksFormat` might OOM on systems with ≤1G RAM when
the memory pressure exceeds 50%.  Concretely, that means one might not
be able to relying use the “encrypted LVM” partitioning scheme from the
graphical installer on such systems.

[ Tests ]

 * DEP-8 tests, incl. full upstream test suite and cryptroot tests.
 * Comparison of memory costs between releases from d-i depending on the
   amount of RAM: https://bugs.debian.org/1028250#78 .

[ Risks ]

The change only affets systems with <2G RAM, and among those only the
ones without swap area.  That includes low-memory rescue systems and
d-i, but not “normal systems”.

[ Checklist ]

  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing
  [x] the issue is verified as fixed in unstable

[ Changes ]

Backport upstream MR https://gitlab.com/cryptsetup/cryptsetup/-/merge_requests/498 :

  + 7893c33d: Check for physical memory available also in PBKDF benchmark.
  + 6721d3a8: Use only half of detected free memory on systems without swap.

[ Other info ]

CC'ing kibi for d-i-ack.

-- 
Guilhem.

diffstat for cryptsetup-2.6.1 cryptsetup-2.6.1

 changelog                                                               |   14 +
 patches/Check-for-physical-memory-available-also-in-PBKDF-benchma.patch |   74 ++++++++++
 patches/Use-only-half-of-detected-free-memory-on-systems-without-.patch |   43 +++++
 patches/series                                                          |    2 
 4 files changed, 133 insertions(+)

diff -Nru cryptsetup-2.6.1/debian/changelog cryptsetup-2.6.1/debian/changelog
--- cryptsetup-2.6.1/debian/changelog	2023-03-26 19:18:59.000000000 +0200
+++ cryptsetup-2.6.1/debian/changelog	2023-04-21 00:54:29.000000000 +0200
@@ -1,3 +1,17 @@
+cryptsetup (2:2.6.1-4~deb12u1) bookworm; urgency=medium
+
+  * Rebuild for Bookworm.
+
+ -- Guilhem Moulin <guilhem@debian.org>  Fri, 21 Apr 2023 00:54:29 +0200
+
+cryptsetup (2:2.6.1-4) unstable; urgency=medium
+
+  * Backport upstream MR !498, see #1028250:
+    + 7893c33d: Check for physical memory available also in PBKDF benchmark.
+    + 6721d3a8: Use only half of detected free memory on systems without swap.
+
+ -- Guilhem Moulin <guilhem@debian.org>  Thu, 20 Apr 2023 23:46:08 +0200
+
 cryptsetup (2:2.6.1-3~deb12u1) bookworm; urgency=medium
 
   * Rebuild for Bookworm.
diff -Nru cryptsetup-2.6.1/debian/patches/Check-for-physical-memory-available-also-in-PBKDF-benchma.patch cryptsetup-2.6.1/debian/patches/Check-for-physical-memory-available-also-in-PBKDF-benchma.patch
--- cryptsetup-2.6.1/debian/patches/Check-for-physical-memory-available-also-in-PBKDF-benchma.patch	1970-01-01 01:00:00.000000000 +0100
+++ cryptsetup-2.6.1/debian/patches/Check-for-physical-memory-available-also-in-PBKDF-benchma.patch	2023-04-21 00:54:29.000000000 +0200
@@ -0,0 +1,74 @@
+From: Milan Broz <gmazyland@gmail.com>
+Date: Mon, 3 Apr 2023 13:31:16 +0200
+Subject: Check for physical memory available also in PBKDF benchmark.
+
+Origin: https://gitlab.com/cryptsetup/cryptsetup/-/commit/7893c33d71cde09e240234c484c6c468f22c2fe7
+Bug: https://gitlab.com/cryptsetup/cryptsetup/-/issues/802#note_1328592911
+Bug-Debian: https://bugs.debian.org/1028250
+---
+ lib/internal.h        | 1 +
+ lib/utils_benchmark.c | 9 +++++++++
+ lib/utils_pbkdf.c     | 4 ++--
+ 3 files changed, 12 insertions(+), 2 deletions(-)
+
+diff --git a/lib/internal.h b/lib/internal.h
+index 98095fa..f261cae 100644
+--- a/lib/internal.h
++++ b/lib/internal.h
+@@ -89,6 +89,7 @@ int crypt_benchmark_pbkdf_internal(struct crypt_device *cd,
+ 				   struct crypt_pbkdf_type *pbkdf,
+ 				   size_t volume_key_size);
+ const char *crypt_get_cipher_spec(struct crypt_device *cd);
++uint32_t pbkdf_adjusted_phys_memory_kb(void);
+ 
+ /* Device backend */
+ struct device;
+diff --git a/lib/utils_benchmark.c b/lib/utils_benchmark.c
+index 728e4df..a0326ce 100644
+--- a/lib/utils_benchmark.c
++++ b/lib/utils_benchmark.c
+@@ -101,6 +101,7 @@ int crypt_benchmark_pbkdf(struct crypt_device *cd,
+ {
+ 	int r, priority;
+ 	const char *kdf_opt;
++	uint32_t memory_kb;
+ 
+ 	if (!pbkdf || (!password && password_size))
+ 		return -EINVAL;
+@@ -113,6 +114,14 @@ int crypt_benchmark_pbkdf(struct crypt_device *cd,
+ 
+ 	log_dbg(cd, "Running %s(%s) benchmark.", pbkdf->type, kdf_opt);
+ 
++	memory_kb = pbkdf_adjusted_phys_memory_kb();
++	if (memory_kb < pbkdf->max_memory_kb) {
++		log_dbg(cd, "Not enough physical memory detected, "
++			"PBKDF max memory decreased from %dkB to %dkB.",
++			pbkdf->max_memory_kb, memory_kb);
++		pbkdf->max_memory_kb = memory_kb;
++	}
++
+ 	crypt_process_priority(cd, &priority, true);
+ 	r = crypt_pbkdf_perf(pbkdf->type, pbkdf->hash, password, password_size,
+ 			     salt, salt_size, volume_key_size, pbkdf->time_ms,
+diff --git a/lib/utils_pbkdf.c b/lib/utils_pbkdf.c
+index d8f41c7..b2d4fa0 100644
+--- a/lib/utils_pbkdf.c
++++ b/lib/utils_pbkdf.c
+@@ -61,7 +61,7 @@ const struct crypt_pbkdf_type *crypt_get_pbkdf_type_params(const char *pbkdf_typ
+ 	return NULL;
+ }
+ 
+-static uint32_t adjusted_phys_memory(void)
++uint32_t pbkdf_adjusted_phys_memory_kb(void)
+ {
+ 	uint64_t free_kb, memory_kb = crypt_getphysmemory_kb();
+ 
+@@ -258,7 +258,7 @@ int init_pbkdf_type(struct crypt_device *cd,
+ 	}
+ 
+ 	if (cd_pbkdf->max_memory_kb) {
+-		memory_kb = adjusted_phys_memory();
++		memory_kb = pbkdf_adjusted_phys_memory_kb();
+ 		if (cd_pbkdf->max_memory_kb > memory_kb) {
+ 			log_dbg(cd, "Not enough physical memory detected, "
+ 				"PBKDF max memory decreased from %dkB to %dkB.",
diff -Nru cryptsetup-2.6.1/debian/patches/series cryptsetup-2.6.1/debian/patches/series
--- cryptsetup-2.6.1/debian/patches/series	2023-03-26 19:18:59.000000000 +0200
+++ cryptsetup-2.6.1/debian/patches/series	2023-04-21 00:54:29.000000000 +0200
@@ -1,2 +1,4 @@
 Try-to-avoid-OOM-killer-on-low-memory-systems-without-swa.patch
 Print-warning-when-keyslot-requires-more-memory-than-avai.patch
+Check-for-physical-memory-available-also-in-PBKDF-benchma.patch
+Use-only-half-of-detected-free-memory-on-systems-without-.patch
diff -Nru cryptsetup-2.6.1/debian/patches/Use-only-half-of-detected-free-memory-on-systems-without-.patch cryptsetup-2.6.1/debian/patches/Use-only-half-of-detected-free-memory-on-systems-without-.patch
--- cryptsetup-2.6.1/debian/patches/Use-only-half-of-detected-free-memory-on-systems-without-.patch	1970-01-01 01:00:00.000000000 +0100
+++ cryptsetup-2.6.1/debian/patches/Use-only-half-of-detected-free-memory-on-systems-without-.patch	2023-04-21 00:54:29.000000000 +0200
@@ -0,0 +1,43 @@
+From: Milan Broz <gmazyland@gmail.com>
+Date: Mon, 17 Apr 2023 13:41:17 +0200
+Subject: Use only half of detected free memory on systems without swap.
+
+As tests shows, limiting used Argon2 memory to free memory on
+systems without swap is still not enough.
+Use just half of it, this should bring needed margin while
+still use Argon2.
+
+Note, for very-low memory constrained systems user should
+avoid memory-hard PBKDF (IOW manually select PBKDF2), we
+do not do this automatically.
+
+Origin: https://gitlab.com/cryptsetup/cryptsetup/-/commit/6721d3a8b29b13fe88aeeaefe09d457e99d1c6fa
+Bug: https://gitlab.com/cryptsetup/cryptsetup/-/issues/802#note_1328592911
+Bug-Debian: https://bugs.debian.org/1028250
+---
+ lib/utils_pbkdf.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/lib/utils_pbkdf.c b/lib/utils_pbkdf.c
+index b2d4fa0..7399bd2 100644
+--- a/lib/utils_pbkdf.c
++++ b/lib/utils_pbkdf.c
+@@ -76,10 +76,17 @@ uint32_t pbkdf_adjusted_phys_memory_kb(void)
+ 	memory_kb /= 2;
+ 
+ 	/*
+-	 * Never use more that available free space on system without swap.
++	 * Never use more that half of available free memory on system without swap.
+ 	 */
+ 	if (!crypt_swapavailable()) {
+ 		free_kb = crypt_getphysmemoryfree_kb();
++
++		/*
++		 * Using exactly free memory causes OOM too, use only half of the value.
++		 * Ignore small values (< 64MB), user should use PBKDF2 in such environment.
++		 */
++		free_kb /= 2;
++
+ 		if (free_kb > (64 * 1024) && free_kb < memory_kb)
+ 			return free_kb;
+ 	}

Attachment: signature.asc
Description: PGP signature


--- End Message ---
--- Begin Message --- 
Guilhem Moulin <guilhem@debian.org> (2023-04-25):
> [ Reason ]
> 
> It was discovered that the upstream patch mitigating #1028250 was
> incomplete: `cryptsetup luksFormat` still caused OOM on some memory
> constrained systems.  This was fixed upstream in a new MR, which is
> backported in sid in 2:2.6.1-4.
> 
> Unfortunately the version (like -3) is barred from entering testing due
> to a dependency on libargon2-1-udeb ≥0~20190702+dfsg, hence the request
> to go via t-p-u instead.  See https://bugs.debian.org/1032235#107 .

Approved from tpu:

    cryptsetup | 2:2.6.1-4~deb12u1         | testing                         | source, amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x

Thanks again!


Cheers,
-- 
Cyril Brulebois (kibi@debian.org)            <https://debamax.com/>
D-I release manager -- Release team member -- Freelance Consultant

Attachment: signature.asc
Description: PGP signature


--- End Message ---
Reply to: