Bug 657234

Summary: dep loop when using encrypted non-luks swap
Product: [Fedora] Fedora Reporter: Matěj Cepl <mcepl>
Component: systemdAssignee: Lennart Poettering <lpoetter>
Status: CLOSED UPSTREAM QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: rawhideCC: lpoetter, mbroz, mcepl, metherid, mschmidt, notting, plautrba
Target Milestone: ---Keywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 657328 (view as bug list) Environment:
Last Closed: 2011-01-21 02:30:40 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 657328    
Attachments:
Description Flags
stdout of dmesg
none
updated stdout of dmesg none

Description Matěj Cepl 2010-11-25 09:47:20 UTC 
Created attachment 462860 [details]
stdout of dmesg

Description of problem:
I have yum-upgraded to Rawhide from fully upgraded F14/updates-testing and one of the breakages is that I don't have swap anymore. F15 kernel doesn't boot for me, so I have started with the latest F14 kernel.


In F14 I had it working with this /etc/crypttab:
jakoubek:~ $ sudo cat /etc/crypttab
home /dev/vg_bradford/lv_home none 
swap /dev/vg_bradford/lv_swap /dev/urandom swap 
jakoubek:~ $ 
Now on boot something fails (see attached output of dmesg).

Version-Release number of selected component (if applicable):
jakoubek:~ $ rpm -q kernel systemd
kernel-2.6.35.6-45.fc14.x86_64
kernel-2.6.35.6-48.fc14.x86_64
kernel-2.6.36.1-7.rc1.fc15.x86_64
systemd-13-1.fc15.x86_64
jakoubek:~ $ uname -a
Linux jakoubek 2.6.35.6-48.fc14.x86_64 #1 SMP Fri Oct 22 15:36:08 UTC 2010 x86_64 x86_64 x86_64 GNU/Linux
jakoubek:~ $
Comment 1 Matěj Cepl 2010-11-25 10:42:41 UTC 
Created attachment 462870 [details]
updated stdout of dmesg

When I removed all junk some unknown benefactor put in my /etc/grub.conf I get startup working again, except still no swap. See updated output of dmesg for fresh details.
Comment 2 Lennart Poettering 2010-11-25 13:21:25 UTC 
Ah, there's a dep loop there because we try to order the swap partition after the random seed loading. I guess this is easy to fix.
Comment 3 Milan Broz 2010-11-25 13:32:38 UTC 
The real problem here is that crypt_activate_by_keyfile() is not implemented for PLAIN device.

So wee need another clone for this bug I think ;-)
Comment 4 Matěj Cepl 2010-11-25 13:39:15 UTC 
(In reply to comment #3)
> The real problem here is that crypt_activate_by_keyfile() is not implemented
> for PLAIN device.
> 
> So wee need another clone for this bug I think ;-)

done
Comment 5 Milan Broz 2010-11-25 16:37:31 UTC 
and another problem related to this (from irc):

<asalor> mezcalero, are you sure that you run mkswap (if swap keyword in crypttab) on the crypto device and not on the underlying device? (I see it wrong in status display after libcryptsetup fix)
<asalor> mezcalero, imho it is wrong and generator should use: fprintf(f, "ExecStartPost=/sbin/mkswap '/dev/mapper/%s'", name) (the same for tmp/mkfs)
<mezcalero> asalor: oh, hmm, you might be right
Comment 6 Matěj Cepl 2010-11-26 11:57:45 UTC 
Problem is that this breaks suspend/resume as well ... suspend fails when it cannot work with swap properly.
Comment 7 Lennart Poettering 2011-01-04 01:14:05 UTC 
Hmm, so the isue from comment #5 regarding the mkswap command line is fixed now in git, which leaves the dep loop. While this is easy to fix I am a bit uncertain which way to do this is best...
Comment 8 Matěj Cepl 2011-01-13 15:38:39 UTC 
Just to say, that this is very much still alive and kicking with systemd-16-1.fc15.x86_64:

[   50.823333] systemd-cryptsetup[938]: Set cipher aes, mode cbc-essiv:sha256, key size 256 bits for device /dev/vg_bradford/lv_swap.
[   50.894570] padlock: VIA PadLock Hash Engine not detected.
[   50.911138] modprobe[959]: FATAL: Error inserting padlock_sha (/lib/modules/2.6.37-2.fc15.x86_64/kernel/drivers/crypto/padlock-sha.ko): No such device
[   51.169670] systemd-tmpfiles[929]: Two or more conflicting lines for /var/run/console configured, ignoring.
[   51.293252] systemd[1]: dev-mapper-swap.swap swap process exited, code=exited status=255
[   51.301380] systemd[1]: Unit dev-mapper-swap.swap entered failed state.
Comment 9 Milan Broz 2011-01-13 19:20:22 UTC 
Just FYI: I tried swap with urandom key, seems crypt sevice is activated, even swap signature created on it, but is is not yet activated as swap device.

So at least one problem is fixed here.
Comment 10 Lennart Poettering 2011-01-21 02:30:40 UTC 
Fixed now in git. Upload to rawhide follows shortly.