Does not use encrypted swap when using GPT partitioning + encrypted home directory (ecryptfs)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
eCryptfs |
Fix Committed
|
High
|
Dustin Kirkland | ||
ecryptfs-utils (Ubuntu) |
Fix Released
|
High
|
Tyler Hicks | ||
Vivid |
Fix Released
|
High
|
Martin Pitt | ||
Xenial |
Fix Released
|
High
|
Unassigned | ||
Yakkety |
Fix Released
|
High
|
Tyler Hicks |
Bug Description
CVE Request: http://
I'm still sorting out the details and eliminating variables, but as far as I can tell:
Steps to reproduce
===============
1) Install Ubuntu using GPT partitioning for the OS drive[*]
2) Choose "require my password to login", and check "encrypt my home directory"
Expected behavior
===============
No special user interaction should be required to initialized the crytposwap other than normally logging in
Actual behavior
============
Prior to lightdm coming up, you will be prompted to enter your passphrase to unlock the cryptoswap, similar to how you would be prompted to unlock the OS drive when using full disk encryption (see attached photo).
When lightdm comes up, you have to enter your password/passphrase again to login.
Work-arounds
===========
1) This only seems to happen when using GTP partitioning, not MBR... so use MBR if you can
2) Even with GTP partitioning, booting with init=/sbin/upstart seems to reliably fix the problem, so it certainly seems systemd related
Notes
=====
* As far as I can tell, there isn't a way to force Ubiquity to create a GPT partition table when the OS drive is < 2TB, but it will automatically use GPT partitioning when the OS drive is >= 2TB. My particular test was done using the System76 imaging server, which by default uses GPT partitioning even when the OS drive is < 2TB.
SRU INFORMATION
================
Regression potential:
This is delicate as we need to fix existing installations with a post-install script. This needs to happen as defensively as possible, but errors in this can still potentially completely break your partition information. Apart from testing that in the above scenario the unencrypted swap partition is marked as "no-auto" and thus after a new boot you are actually using the cryptswap1 one, we also need to verify that it does not destroy working systems.
Test case:
(1) Install an EFI system with "encrypt my home directory" (You can do this in QEMU with -bios OVMF.fd); after booting the first time you will be asked to enter a passprase for the swap partition, just press enter. "sudo swapon -s" will say something like /dev/sda3, i. e. using unencrypted swap. After installing this update and rebooting, the bogus passphrase prompt on boot should be gone, and "sudo swapon -s" should say /dev/dm-0, i. e. using encrypted swap.
In all these other cases the update should not do anything and booting continues to work:
(2) In the above system, "sudo apt-get install --reinstall ecryptfs-utils" should not change partitions again, but say something like "is already marked as no-auto".
(3) Install an EFI system without home dir encryption
(4) Install an MBR system with home dir encryption
(5) Install an MBR system without home dir encryption
ProblemType: Bug
DistroRelease: Ubuntu 15.04
Package: systemd 219-7ubuntu3
ProcVersionSign
Uname: Linux 3.19.0-15-generic x86_64
ApportVersion: 2.17.2-0ubuntu1
Architecture: amd64
CurrentDesktop: Unity
Date: Wed Apr 22 11:40:29 2015
EcryptfsInUse: Yes
MachineType: System76, Inc. Kudu Professional
ProcKernelCmdLine: BOOT_IMAGE=
SourcePackage: systemd
UdevLog: Error: [Errno 2] No such file or directory: '/var/log/udev'
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 01/15/2014
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: 1.03.03RS76
dmi.board.
dmi.board.name: Kudu Professional
dmi.board.vendor: System76, Inc.
dmi.board.version: kudp1
dmi.chassis.
dmi.chassis.type: 9
dmi.chassis.vendor: System76, Inc.
dmi.chassis.
dmi.modalias: dmi:bvnAmerican
dmi.product.name: Kudu Professional
dmi.product.
dmi.sys.vendor: System76, Inc.
Related branches
- Martin Pitt (community): Approve
- Jason Gerard DeRose (community): Approve
- eCryptfs: Pending requested
-
Diff: 84 lines (+52/-0)3 files modifieddebian/changelog (+6/-0)
debian/ecryptfs-utils.postinst (+42/-0)
src/utils/ecryptfs-setup-swap (+4/-0)
CVE References
summary: |
Prompted for cryptoswap passphrase when using GPT partitioning + - encrypted home directory (ecrptfs) + encrypted home directory (ecryptfs) |
description: | updated |
tags: | added: patch |
Changed in ecryptfs-utils (Ubuntu Vivid): | |
status: | In Progress → Fix Committed |
no longer affects: | systemd (Ubuntu Vivid) |
no longer affects: | systemd (Ubuntu) |
Changed in ecryptfs-utils: | |
importance: | Undecided → High |
affects: | ecryptfs-utils → ecryptfs |
Changed in ecryptfs: | |
status: | New → Confirmed |
status: | Confirmed → Fix Committed |
assignee: | nobody → Dustin Kirkland (kirkland) |
Changed in ecryptfs-utils (Ubuntu Xenial): | |
importance: | Undecided → High |
Changed in ecryptfs-utils (Ubuntu Xenial): | |
status: | In Progress → Triaged |
Changed in ecryptfs-utils (Ubuntu Yakkety): | |
status: | In Progress → Triaged |
Changed in ecryptfs-utils (Ubuntu Yakkety): | |
assignee: | Martin Pitt (pitti) → Tyler Hicks (tyhicks) |
description: | updated |
Info from fstab, crypttab, and journalctl:
$cat /etc/fstab
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# <file system> <mount point> <type> <options> <dump> <pass>
# /dev/sda2 d57c-410d- abce-66e96175e9 46 / ext4 noatime, errors= remount- ro 0 1
UUID=e6c5aea5-
# /dev/sda3 a96d-4230- 9844-cf08107d73 f0 none swap sw 0 0
#UUID=8fcddb3d-
$ cat /etc/crypttab a96d-4230- 9844-cf08107d73 f0 /dev/urandom swap,offset= 1024,cipher= aes-xts- plain64
cryptswap1 UUID=8fcddb3d-
$ journalctl | grep -i swap Professional systemd[1]: Activating swap Swap Partition... Professional systemd[1]: Activated swap Swap Partition. Professional kernel: Adding 4194300k swap on /dev/sda3. Priority:-1 extents:1 across:4194300k SSFS Professional systemd[1]: Starting Cryptography Setup for cryptswap1... Professional systemd[1]: <email address hidden>: main process exited, code=exited, status=1/FAILURE Professional systemd[1]: Failed to start Cryptography Setup for cryptswap1. Professional systemd[1]: Dependency failed for dev-mapper- cryptswap1. device. Professional systemd[1]: Dependency failed for /dev/mapper/ cryptswap1. Professional systemd[1]: Dependency failed for Swap. Professional systemd[1]: Job swap.target/start failed with result 'dependency'. Professional systemd[1]: Job dev-mapper- cryptswap1. swap/start failed with result 'dependency'. Professional systemd[1]: Job dev-mapper- cryptswap1. device/ start failed with result 'dependency'. Professional systemd[1]: Unit <email address hidden> entered failed state. Professional systemd[1]: <email address hidden> failed. Professional systemd[1]: Starting Cryptography Setup for cryptswap1...
Apr 22 11:34:38 jason-Kudu-
Apr 22 11:34:38 jason-Kudu-
Apr 22 11:34:38 jason-Kudu-
Apr 22 11:34:38 jason-Kudu-
Apr 22 11:38:31 jason-Kudu-
Apr 22 11:38:31 jason-Kudu-
Apr 22 11:38:31 jason-Kudu-
Apr 22 11:38:31 jason-Kudu-
Apr 22 11:38:31 jason-Kudu-
Apr 22 11:38:31 jason-Kudu-
Apr 22 11:38:31 jason-Kudu-
Apr 22 11:38:31 jason-Kudu-
Apr 22 11:38:31 jason-Kudu-
Apr 22 11:38:31 jason-Kudu-
Apr 22 11:38:31 jason-Kudu-