Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be unavailable on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 657234 - dep loop when using encrypted non-luks swap
Summary: dep loop when using encrypted non-luks swap
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: Fedora
Classification: Fedora
Component: systemd
Version: rawhide
Hardware: Unspecified
OS: Unspecified
low
medium
Target Milestone: ---
Assignee: Lennart Poettering
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: 657328
TreeView+ depends on / blocked
 
Reported: 2010-11-25 09:47 UTC by Matěj Cepl
Modified: 2018-04-11 14:51 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 657328 (view as bug list)
Environment:
Last Closed: 2011-01-21 02:30:40 UTC
Type: ---


Attachments (Terms of Use)
stdout of dmesg (89.58 KB, text/plain)
2010-11-25 09:47 UTC, Matěj Cepl
no flags Details
updated stdout of dmesg (85.82 KB, text/plain)
2010-11-25 10:42 UTC, Matěj Cepl
no flags Details

Description Matěj Cepl 2010-11-25 09:47:20 UTC
Created attachment 462860 [details]
stdout of dmesg

Description of problem:
I have yum-upgraded to Rawhide from fully upgraded F14/updates-testing and one of the breakages is that I don't have swap anymore. F15 kernel doesn't boot for me, so I have started with the latest F14 kernel.


In F14 I had it working with this /etc/crypttab:
jakoubek:~ $ sudo cat /etc/crypttab
home /dev/vg_bradford/lv_home none 
swap /dev/vg_bradford/lv_swap /dev/urandom swap 
jakoubek:~ $ 
Now on boot something fails (see attached output of dmesg).

Version-Release number of selected component (if applicable):
jakoubek:~ $ rpm -q kernel systemd
kernel-2.6.35.6-45.fc14.x86_64
kernel-2.6.35.6-48.fc14.x86_64
kernel-2.6.36.1-7.rc1.fc15.x86_64
systemd-13-1.fc15.x86_64
jakoubek:~ $ uname -a
Linux jakoubek 2.6.35.6-48.fc14.x86_64 #1 SMP Fri Oct 22 15:36:08 UTC 2010 x86_64 x86_64 x86_64 GNU/Linux
jakoubek:~ $

Comment 1 Matěj Cepl 2010-11-25 10:42:41 UTC
Created attachment 462870 [details]
updated stdout of dmesg

When I removed all junk some unknown benefactor put in my /etc/grub.conf I get startup working again, except still no swap. See updated output of dmesg for fresh details.

Comment 2 Lennart Poettering 2010-11-25 13:21:25 UTC
Ah, there's a dep loop there because we try to order the swap partition after the random seed loading. I guess this is easy to fix.

Comment 3 Milan Broz 2010-11-25 13:32:38 UTC
The real problem here is that crypt_activate_by_keyfile() is not implemented for PLAIN device.

So wee need another clone for this bug I think ;-)

Comment 4 Matěj Cepl 2010-11-25 13:39:15 UTC
(In reply to comment #3)
> The real problem here is that crypt_activate_by_keyfile() is not implemented
> for PLAIN device.
> 
> So wee need another clone for this bug I think ;-)

done

Comment 5 Milan Broz 2010-11-25 16:37:31 UTC
and another problem related to this (from irc):

<asalor> mezcalero, are you sure that you run mkswap (if swap keyword in crypttab) on the crypto device and not on the underlying device? (I see it wrong in status display after libcryptsetup fix)
<asalor> mezcalero, imho it is wrong and generator should use: fprintf(f, "ExecStartPost=/sbin/mkswap '/dev/mapper/%s'", name) (the same for tmp/mkfs)
<mezcalero> asalor: oh, hmm, you might be right

Comment 6 Matěj Cepl 2010-11-26 11:57:45 UTC
Problem is that this breaks suspend/resume as well ... suspend fails when it cannot work with swap properly.

Comment 7 Lennart Poettering 2011-01-04 01:14:05 UTC
Hmm, so the isue from comment #5 regarding the mkswap command line is fixed now in git, which leaves the dep loop. While this is easy to fix I am a bit uncertain which way to do this is best...

Comment 8 Matěj Cepl 2011-01-13 15:38:39 UTC
Just to say, that this is very much still alive and kicking with systemd-16-1.fc15.x86_64:

[   50.823333] systemd-cryptsetup[938]: Set cipher aes, mode cbc-essiv:sha256, key size 256 bits for device /dev/vg_bradford/lv_swap.
[   50.894570] padlock: VIA PadLock Hash Engine not detected.
[   50.911138] modprobe[959]: FATAL: Error inserting padlock_sha (/lib/modules/2.6.37-2.fc15.x86_64/kernel/drivers/crypto/padlock-sha.ko): No such device
[   51.169670] systemd-tmpfiles[929]: Two or more conflicting lines for /var/run/console configured, ignoring.
[   51.293252] systemd[1]: dev-mapper-swap.swap swap process exited, code=exited status=255
[   51.301380] systemd[1]: Unit dev-mapper-swap.swap entered failed state.

Comment 9 Milan Broz 2011-01-13 19:20:22 UTC
Just FYI: I tried swap with urandom key, seems crypt sevice is activated, even swap signature created on it, but is is not yet activated as swap device.

So at least one problem is fixed here.

Comment 10 Lennart Poettering 2011-01-21 02:30:40 UTC
Fixed now in git. Upload to rawhide follows shortly.


Note You need to log in before you can comment on or make changes to this bug.