Quick summary: on i386, 4 modules are aliased to 'aes': padlock-aes, geode-aes, aes-i586, and aes_generic. I need at least one of those to decrypt my root filesystem. In kernel 2.6.25-rc1 padlock-aes now returns an error when you attempt to insert it, so modprobe gives up on the other 3, leaving me without AES (and thus unable to boot). The long version: My rawhide machine - which is using a LUKS encrypted LVM PV for its root - is unbootable with any 2.6.25 kernel. It requests the key and then fails to unlock the device: device-mapper: table: 253:0: crypt: Error allocating crypto tfm device-mapper: ioctl: error adding target to table device-mapper: ioctl: device doesn't appear to be in the dev hash table. Failed to setup dm-crypt key mapping. Check kernel for support for the aes-cbc-essiv:sha256 cipher spec and verify that /dev/sda2 contains at least 133 sectors. So it would seem we've failed to load the cipher module(s). Scrolling back up, I see: padlock: VIA PadLock not detected. WARNING: Error inserting padlock_aes ($modpath/padlock-aes.ko): No such device padlock: VIA PadLock Hash Engine not detected. WARNING: Error inserting padlock_sha ($modpath/padlock-sha.ko): No such device With kernel 2.6.24.1-31 and 2.6.24-2 (which work), these error messages don't appear, and the system boots normally. LUKS needs at least one AES module to decrypt my root filesystem. 'modprobe aes', in the 2.6.24 kernels, installs all the modules which are aliased to 'aes': padlock-aes, geode-aes, aes-i586, aes_generic. In 2.6.24 kernels they all probe successfully. With 2.6.25-rc1, inserting the padlock-aes module now returns an error if you don't have that hardware. I'm guessing that modprobe gives up at that point, and that's why the message indicating missing support for aes-cbc-essiv:sha256 appears - no AES modules were loaded
I'll look at it :)
Is this the same problem as 432813?
Looks the same to me. Check the scrollback for error messages loading padlock-{aes,sha}. Until this is fixed, we'll need a workaround to get 2.6.25 kernels booting - either stop building padlock-aes, remove it from the initrd, or modify it so it fails silently rather than causing errors.
*** Bug 432813 has been marked as a duplicate of this bug. ***
Blarg! I fail at debugging! I rebuilt my initrd with no padlock-aes, and it still doesn't boot. For confirmation of my wrongness, I went to a non-LUKS system and did: modprobe aes Which attempted to insert all 4 AES modules, even after giving me the error message about padlock_aes. In short: modprobe is fine, something in the kernel is busted, and I'm a dope. *** This bug has been marked as a duplicate of 432813 ***