Bug 598602 - Dracut does not honor rd_LUKS_UUID= for encrypted partition containing swap -- resume after hibernation fails
Summary: Dracut does not honor rd_LUKS_UUID= for encrypted partition containing swap -...
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: dracut
Version: 13
Hardware: All
OS: Linux
low
high
Target Milestone: ---
Assignee: Harald Hoyer
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-06-01 17:27 UTC by Veit Wahlich
Modified: 2010-09-22 12:31 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2010-09-22 12:31:35 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Veit Wahlich 2010-06-01 17:27:07 UTC 
Description of problem:
After creating an encrypted swap partition during installation of F13 to ensure no sensitive data is being recoverable from swapped-out pages or hibernation data, resuming from hibernate image fails as dracut does not unlock the partition although listed rd_LUKS_UUID= in kernel command line and crypttab with corrent UUID.

Version-Release number of selected component (if applicable):
005-3.fc13

How reproducible:
Always.

Steps to Reproduce:
1. Boot from Fedora 13 installation media.
2. Create a custom harddisk partition layout including a partition for swap and check the "encrypt" box.
3. Boot F13 and install all updates and reboot.
4. Hibernate using GNOME or /usr/sbin/pm-hibernate.
5. Power-on the system again.

Actual results:
Dracut does not unlock the swap partition. The system does not resume and performs an ordinary boot instead. After switching to the system root fs, /etc/rc.d/rc.sysinit asks for the password for the swap partition and unlocks it. When the swap is being activated, a message appears stating that the swap contains suspend data and is being reset to a swap signature.

Expected results:
Dracut should unlock the swap partition and the kernel should resume from software suspend image in swap.

Additional info:
A LVM setup is not reasonable in my case as I need Ext4 discard/TRIM support for SSD hardware and LVM/devicemapper does still not support it.
Comment 1 Jan Kratochvil 2010-06-06 19:33:56 UTC 
I believe a related problem is that swap never gets LUKS-opened after regular boot.  This problem was present even in pre-dracut mkinitrd.
I always have to do cryptsetup luksOpen + swapon after new boot.
Confirming hibernate also does not resume for me.
Comment 2 Harald Hoyer 2010-06-10 10:57:40 UTC 
does it work, if you add

resume=/dev/...
or
resume=UUID=..

to the kernel command line?
Comment 3 Veit Wahlich 2010-06-21 09:18:56 UTC 
Hi Harald,

thanks for your suggestions, it helped.

The following worked well for me:
  resume=/dev/mapper/luks-$UUID

These both did NOT work:
  resume=UUID=luks-$UUID
  resume=UUID=$UUID

Using the latter, the device gets also unlocked by the initrd/initramfs, but does not resume. After a while "Could not open root filesystem" or similar appeared and system remains in sleep loop.

I think, anaconda should at least add resume= to the kernel command line if the problem cannot be fixed otherways.

Best regards,
// Veit
Comment 4 Harald Hoyer 2010-06-21 10:07:58 UTC 
(In reply to comment #3)
> Hi Harald,
> 
> thanks for your suggestions, it helped.
> 
> The following worked well for me:
>   resume=/dev/mapper/luks-$UUID
> 

luks-UUID != filesystem-UUID

$ udevadm info --query=all --name=/dev/mapper/luks-d1b7e28f-bbdf-4e27-a51f-e61c0b56bbc6 
...
E: DM_UUID=CRYPT-LUKS1-d1b7e28fbbdf4e27a51fe61c0b56bbc6-luks-d1b7e28f-bbdf-4e27-a51f-e61c0b56bbc6

E: ID_FS_UUID=0a2bd0df-fb5f-4f00-ae87-3ae6287f9ad5

So, here UUID is 0a2bd0df-fb5f-4f00-ae87-3ae6287f9ad5 and not d1b7e28f-bbdf-4e27-a51f-e61c0b56bbc6
Note You need to log in before you can comment on or make changes to this bug.