Bug 598602 - Dracut does not honor rd_LUKS_UUID= for encrypted partition containing swap -- resume after hibernation fails
Dracut does not honor rd_LUKS_UUID= for encrypted partition containing swap -...
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: dracut (Show other bugs)
13
All Linux
low Severity high
: ---
: ---
Assigned To: Harald Hoyer
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-06-01 13:27 EDT by Veit Wahlich
Modified: 2010-09-22 08:31 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-09-22 08:31:35 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Veit Wahlich 2010-06-01 13:27:07 EDT
Description of problem:
After creating an encrypted swap partition during installation of F13 to ensure no sensitive data is being recoverable from swapped-out pages or hibernation data, resuming from hibernate image fails as dracut does not unlock the partition although listed rd_LUKS_UUID= in kernel command line and crypttab with corrent UUID.

Version-Release number of selected component (if applicable):
005-3.fc13

How reproducible:
Always.

Steps to Reproduce:
1. Boot from Fedora 13 installation media.
2. Create a custom harddisk partition layout including a partition for swap and check the "encrypt" box.
3. Boot F13 and install all updates and reboot.
4. Hibernate using GNOME or /usr/sbin/pm-hibernate.
5. Power-on the system again.

Actual results:
Dracut does not unlock the swap partition. The system does not resume and performs an ordinary boot instead. After switching to the system root fs, /etc/rc.d/rc.sysinit asks for the password for the swap partition and unlocks it. When the swap is being activated, a message appears stating that the swap contains suspend data and is being reset to a swap signature.

Expected results:
Dracut should unlock the swap partition and the kernel should resume from software suspend image in swap.

Additional info:
A LVM setup is not reasonable in my case as I need Ext4 discard/TRIM support for SSD hardware and LVM/devicemapper does still not support it.
Comment 1 Jan Kratochvil 2010-06-06 15:33:56 EDT
I believe a related problem is that swap never gets LUKS-opened after regular boot.  This problem was present even in pre-dracut mkinitrd.
I always have to do cryptsetup luksOpen + swapon after new boot.
Confirming hibernate also does not resume for me.
Comment 2 Harald Hoyer 2010-06-10 06:57:40 EDT
does it work, if you add

resume=/dev/...
or
resume=UUID=..

to the kernel command line?
Comment 3 Veit Wahlich 2010-06-21 05:18:56 EDT
Hi Harald,

thanks for your suggestions, it helped.

The following worked well for me:
  resume=/dev/mapper/luks-$UUID

These both did NOT work:
  resume=UUID=luks-$UUID
  resume=UUID=$UUID

Using the latter, the device gets also unlocked by the initrd/initramfs, but does not resume. After a while "Could not open root filesystem" or similar appeared and system remains in sleep loop.

I think, anaconda should at least add resume= to the kernel command line if the problem cannot be fixed otherways.

Best regards,
// Veit
Comment 4 Harald Hoyer 2010-06-21 06:07:58 EDT
(In reply to comment #3)
> Hi Harald,
> 
> thanks for your suggestions, it helped.
> 
> The following worked well for me:
>   resume=/dev/mapper/luks-$UUID
> 

luks-UUID != filesystem-UUID

$ udevadm info --query=all --name=/dev/mapper/luks-d1b7e28f-bbdf-4e27-a51f-e61c0b56bbc6 
...
E: DM_UUID=CRYPT-LUKS1-d1b7e28fbbdf4e27a51fe61c0b56bbc6-luks-d1b7e28f-bbdf-4e27-a51f-e61c0b56bbc6

E: ID_FS_UUID=0a2bd0df-fb5f-4f00-ae87-3ae6287f9ad5

So, here UUID is 0a2bd0df-fb5f-4f00-ae87-3ae6287f9ad5 and not d1b7e28f-bbdf-4e27-a51f-e61c0b56bbc6

Note You need to log in before you can comment on or make changes to this bug.