Bug 1729888

Summary: Anaconda can not make use of AEAD prepared LUKS partitions
Product: [Fedora] Fedora Reporter: Vojtech Trefny <vtrefny>
Component: blivet-guiAssignee: Vojtech Trefny <vtrefny>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: low Docs Contact:
Priority: unspecified    
Version: 30CC: anaconda-maint-list, extras-qa, jonathan, kellin, mkolman, vanmeeuwen+fedora, vponcova, vtrefny, waffshappen, wwoods
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: blivet-gui-2.1.11-1.fc30 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1729768 Environment:
Last Closed: 2019-08-15 18:08:59 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1729768    
Bug Blocks:    

Description Vojtech Trefny 2019-07-15 08:46:39 UTC 
Tracking copy for blivet-gui, because this problem exists in both Anaconda and blivet-gui.


+++ This bug was initially created as a clone of Bug #1729768 +++

Description of problem:
The anaconda storage selection offers to unlock AEAD luks partitions, but after that step just fails to do anything with them and just shows them as not editable or manageable. Even blivet-gui fails to make use of them.

This also affects rawhide.


Version-Release number of selected component (if applicable):


How reproducible:
Always.

Steps to Reproduce:
1. Prepare a drive for installation with /boot partition, and another you manually setup as whatever.
2. The second partition should be formatted with:
cryptsetup luksFormat --type luks2 --key-size 256 --sector-size 4096 --cipher chacha20-random --integrity poly1305 --pbkdf argon2id --hash sha512 --pbkdf-memory 16384 --pbkdf-parallel 4 --verify-passphrase --iter-time 5000 /dev/sdX
OR
cryptsetup luksFormat --type luks2 --key-size 256 --sector-size 4096 --cipher xchacha20,aes-adiantum-plain64 --integrity hmac-sha512 --pbkdf argon2id --hash sha512 --pbkdf-memory 16384 --pbkdf-parallel 4 --verify-passphrase --iter-time 5000 /dev/sdX
3. Unlock the luks container in anaconda trying to use it as / for the install. Observe it fail do to so.

Actual results:
Anaconda should be able to handle dm-integrity using luks2 containers.

Expected results:
Anaconda cannot make use of the container.

Additional info:
Comment 1 Vojtech Trefny 2019-07-15 08:57:27 UTC 
upstream PR: https://github.com/storaged-project/blivet-gui/pull/122

updates image: https://vtrefny.fedorapeople.org/img/rhbz1729888.img
Comment 2 Fedora Update System 2019-07-31 10:21:21 UTC 
FEDORA-2019-4d0ed4a458 has been submitted as an update to Fedora 30. https://bodhi.fedoraproject.org/updates/FEDORA-2019-4d0ed4a458
Comment 3 Fedora Update System 2019-07-31 10:29:38 UTC 
FEDORA-2019-47796fdd2d has been submitted as an update to Fedora 29. https://bodhi.fedoraproject.org/updates/FEDORA-2019-47796fdd2d
Comment 4 Fedora Update System 2019-08-01 03:28:28 UTC 
blivet-gui-2.1.11-1.fc30 has been pushed to the Fedora 30 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-4d0ed4a458
Comment 5 Fedora Update System 2019-08-01 05:33:40 UTC 
blivet-gui-2.1.11-1.fc29 has been pushed to the Fedora 29 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-47796fdd2d
Comment 6 Fedora Update System 2019-08-15 18:08:59 UTC 
blivet-gui-2.1.11-1.fc30 has been pushed to the Fedora 30 stable repository. If problems still persist, please make note of it in this bug report.
Comment 7 Fedora Update System 2019-08-15 18:51:32 UTC 
blivet-gui-2.1.11-1.fc29 has been pushed to the Fedora 29 stable repository. If problems still persist, please make note of it in this bug report.