Bug 1729888 - Anaconda can not make use of AEAD prepared LUKS partitions
Summary: Anaconda can not make use of AEAD prepared LUKS partitions
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: blivet-gui
Version: 30
Hardware: All
OS: All
unspecified
low
Target Milestone: ---
Assignee: Vojtech Trefny
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On: 1729768
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-07-15 08:46 UTC by Vojtech Trefny
Modified: 2019-08-15 18:51 UTC (History)
10 users (show)

Fixed In Version: blivet-gui-2.1.11-1.fc30
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1729768
Environment:
Last Closed: 2019-08-15 18:08:59 UTC


Attachments (Terms of Use)

Description Vojtech Trefny 2019-07-15 08:46:39 UTC
Tracking copy for blivet-gui, because this problem exists in both Anaconda and blivet-gui.


+++ This bug was initially created as a clone of Bug #1729768 +++

Description of problem:
The anaconda storage selection offers to unlock AEAD luks partitions, but after that step just fails to do anything with them and just shows them as not editable or manageable. Even blivet-gui fails to make use of them.

This also affects rawhide.


Version-Release number of selected component (if applicable):


How reproducible:
Always.

Steps to Reproduce:
1. Prepare a drive for installation with /boot partition, and another you manually setup as whatever.
2. The second partition should be formatted with:
cryptsetup luksFormat --type luks2 --key-size 256 --sector-size 4096 --cipher chacha20-random --integrity poly1305 --pbkdf argon2id --hash sha512 --pbkdf-memory 16384 --pbkdf-parallel 4 --verify-passphrase --iter-time 5000 /dev/sdX
OR
cryptsetup luksFormat --type luks2 --key-size 256 --sector-size 4096 --cipher xchacha20,aes-adiantum-plain64 --integrity hmac-sha512 --pbkdf argon2id --hash sha512 --pbkdf-memory 16384 --pbkdf-parallel 4 --verify-passphrase --iter-time 5000 /dev/sdX
3. Unlock the luks container in anaconda trying to use it as / for the install. Observe it fail do to so.

Actual results:
Anaconda should be able to handle dm-integrity using luks2 containers.

Expected results:
Anaconda cannot make use of the container.

Additional info:

Comment 2 Fedora Update System 2019-07-31 10:21:21 UTC
FEDORA-2019-4d0ed4a458 has been submitted as an update to Fedora 30. https://bodhi.fedoraproject.org/updates/FEDORA-2019-4d0ed4a458

Comment 3 Fedora Update System 2019-07-31 10:29:38 UTC
FEDORA-2019-47796fdd2d has been submitted as an update to Fedora 29. https://bodhi.fedoraproject.org/updates/FEDORA-2019-47796fdd2d

Comment 4 Fedora Update System 2019-08-01 03:28:28 UTC
blivet-gui-2.1.11-1.fc30 has been pushed to the Fedora 30 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-4d0ed4a458

Comment 5 Fedora Update System 2019-08-01 05:33:40 UTC
blivet-gui-2.1.11-1.fc29 has been pushed to the Fedora 29 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-47796fdd2d

Comment 6 Fedora Update System 2019-08-15 18:08:59 UTC
blivet-gui-2.1.11-1.fc30 has been pushed to the Fedora 30 stable repository. If problems still persist, please make note of it in this bug report.

Comment 7 Fedora Update System 2019-08-15 18:51:32 UTC
blivet-gui-2.1.11-1.fc29 has been pushed to the Fedora 29 stable repository. If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.