Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1959739

Summary: virt-v2v fails to open BitLocker disk with: BITLK devices with type 'encrypt-on-write' cannot be activated. (0)
Product: Red Hat Enterprise Linux Advanced Virtualization Reporter: mxie <mxie>
Component: virt-v2vAssignee: Richard W.M. Jones <rjones>
Status: CLOSED CANTFIX QA Contact: tingting zheng <tzheng>
Severity: medium Docs Contact:
Priority: medium    
Version: 8.5CC: chhu, jsuchane, juzhou, mzhan, rjones, tyan, tzheng, virt-bugs, virt-maint, vwu, xiaodwan
Target Milestone: rcKeywords: Triaged
Target Release: 8.4Flags: pm-rhel: mirror+
Hardware: x86_64   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1959055 Environment:
Last Closed: 2021-08-17 10:10:30 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1959055    
Bug Blocks:    

Description mxie@redhat.com 2021-05-12 09:12:33 UTC 
Clone the bug because can reproduce it on rhel8.5

Packcage versions:
virt-v2v-1.42.0-12.module+el8.5.0+10976+d40a93e9.x86_64
libguestfs-1.44.0-3.module+el8.5.0+10681+17a9b157.x86_64
libvirt-client-7.0.0-13.module+el8.4.0+10604+5608c2b4.x86_64
qemu-kvm-6.0.0-16.module+el8.5.0+10848+2dccc46d.x86_64
nbdkit-1.24.0-1.module+el8.4.0+9341+96cf2672.x86_64


+++ This bug was initially created as a clone of Bug #1959055 +++

Description of problem:
Virt-v2v can't find key when convert windows BitLocker guest on rhel9

Version-Release number of selected component (if applicable):
virt-v2v-1.44.0-1.el9.x86_64
libguestfs-1.45.2-4.el9.x86_64
guestfs-tools-1.46.0-1.el9.x86_64
nbdkit-1.25.4-2.el9.x86_64

How reproducible:
100%

Steps to Reproduce:
1.Prepare a windows guest whose disk is encrypted by Bitblocker on VMware, then convert the guest from VMware to rhv4.4 by v2v
#  virt-v2v -ic vpx://root.198.169/data/10.73.199.217/?no_verify=1 -it vddk -io vddk-libdir=/home/vddk7.0 -io  vddk-thumbprint=B5:52:1F:B4:21:09:45:24:51:32:56:F6:63:6A:93:5D:54:08:2D:78 -ip /home/passwd -o rhv-upload -of qcow2 -oc https://dell-per740-22.lab.eng.pek2.redhat.com/ovirt-engine/api -op /home/rhvpasswd  -os nfs_data -b ovirtmgmt esx7.0-win2019-ntfs-3g-bitblocker --key "/dev/sda2":file:windows-key 
[   0.8] Opening the source -i libvirt -ic vpx://root.198.169/data/10.73.199.217/?no_verify=1 esx7.0-win2019-ntfs-3g-bitblocker -it vddk  -io vddk-libdir=/home/vddk7.0 -io vddk-thumbprint=B5:52:1F:B4:21:09:45:24:51:32:56:F6:63:6A:93:5D:54:08:2D:78
[   3.6] Creating an overlay to protect the source from being modified
[   5.2] Opening the overlay
virt-v2v: could not find key to open LUKS encrypted /dev/sda2.

Try using --key on the command line.

Original error: cryptsetup_open: cryptsetup exited with status 1: BITLK devices with type 'encrypt-on-write' cannot be activated. (0)



Actual results:
As above description

Expected results:
Virt-v2v should can convert windows BitLocker guest since bug1808977 has been fixed

Additional info:

--- Additional comment from Richard W.M. Jones on 2021-05-10 16:40:46 UTC ---

We correctly run:

  cryptsetup -d /tmp/cryptabc37c.key open /dev/sda2 cryptsda2 --type bitlk

which fails with:

  BITLK devices with type 'encrypt-on-write' cannot be activated. (0)

This seems to be a problem with support for this guest by cryptsetup.
I think when you created the guest or set up BitLocker in the guest,
you may have selected the "Encrypt on Write" option.  (There is another
option to encrypt the whole disk).  Apparently cryptsetup or the kernel
does not support Encrypt on Write.  This may not be something that we
are able to solve.

https://gitlab.com/cryptsetup/cryptsetup/-/blob/c40be6cc7a830f95cbea336693bbcabd101df135/lib/bitlk/bitlk.c#L1209
Comment 1 Richard W.M. Jones 2021-05-12 09:57:57 UTC 
This is unfortunately not supported by the kernel/cryptsetup.
Comment 3 mxie@redhat.com 2021-08-17 07:34:25 UTC 
The error info has changed

Packages version:
virt-v2v-1.42.0-14.module+el8.5.0+11846+77888a74.x86_64
libguestfs-1.44.0-3.module+el8.5.0+10681+17a9b157.x86_64
libvirt-libs-7.6.0-1.module+el8.5.0+12097+2c77910b.x86_64
qemu-img-6.0.0-26.module+el8.5.0+12044+525f0ebc.x86_64
kernel-4.18.0-322.el8.x86_64


#  virt-v2v -ic vpx://root.198.169/data/10.73.199.217/?no_verify=1 -it vddk -io vddk-libdir=/home/vddk7.0 -io  vddk-thumbprint=B5:52:1F:B4:21:09:45:24:51:32:56:F6:63:6A:93:5D:54:08:2D:78 -ip /home/passwd -o rhv-upload -of qcow2 -oc https://dell-per740-22.lab.eng.pek2.redhat.com/ovirt-engine/api -op /home/rhvpasswd  -os nfs_data -b ovirtmgmt esx7.0-win2019-ntfs-3g-bitblocker --key "/dev/sda2":file:windows-key 
[   1.1] Opening the source -i libvirt -ic vpx://root.198.169/data/10.73.199.217/?no_verify=1 esx7.0-win2019-ntfs-3g-bitblocker -it vddk  -io vddk-libdir=/home/vddk7.0 -io vddk-thumbprint=B5:52:1F:B4:21:09:45:24:51:32:56:F6:63:6A:93:5D:54:08:2D:78
[   3.9] Creating an overlay to protect the source from being modified
[   5.7] Opening the overlay
[  22.4] Inspecting the overlay
[  29.5] Checking for sufficient free disk space in the guest
[  29.5] Estimating space required on target for each disk
[  29.5] Converting Windows Server 2019 Standard to run on KVM
virt-v2v: error: libguestfs error: blockdev_getsize64: 
blockdev_getsize64_stub: /dev/mapper/cryptsda: No such file or directory

If reporting bugs, run virt-v2v with debugging enabled and include the 
complete output:

  virt-v2v -v -x [...]
Comment 4 Richard W.M. Jones 2021-08-17 10:10:30 UTC 
This is a different issue.  Can you clone this or open a new bug
for RHEL AV please.

I'm closing the current bug as CLOSED CANTFIX because encrypt on write
requires kernel or cryptsetup changes to support and is out of scope
of what we can reasonably do.