[18.10 FEAT] Support 4k sectors for fast clear key dm-crypt - crypttab part
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| | Ubuntu on IBM z Systems |
High
|
Canonical Foundations Team | ||
| | cryptsetup (Ubuntu) |
Undecided
|
Unassigned | ||
| | Bionic |
Undecided
|
Unassigned | ||
| | systemd (Ubuntu) |
Undecided
|
Skipper Bug Screeners | ||
| | Bionic |
Undecided
|
Unassigned | ||
Bug Description
[Impact]
* cryptsetup in bionic supports creating luks volumes with a non-standard sector-size option, and thus this option also needs to be used when activating the LUKS volumes. Add sector-size= option support to /etc/crypttab.
[Test Case]
* Create a plain LUKS volume with sector-size 4096
* Specify sector-size=4096 option in /etc/crypttab
* reload systemd, start systemd-
* check the journal, to ensure that `sector-size` option was recognized and is active. (i.e. there is not error messages about unrecognized option `sector-size` from systemd-cryptsetup)
[Regression Potential]
* This is an optional argument, not used by default. Currently custom sector-size crypttab does not work correctly, and thus cannot regress.
[Other Info]
* Original bug report
Support fast clear key dm-crypt with 4k support
Extend /etc/crypttab to enable 4k sector support in plain mode
The proposed enhancements are posted on github, see
https:/
| tags: | added: architecture-s39064 bugnameltc-168839 severity-high targetmilestone-inin1810 |
| Changed in ubuntu: | |
| assignee: | nobody → Skipper Bug Screeners (skipper-screen-team) |
| affects: | ubuntu → systemd (Ubuntu) |
| Changed in ubuntu-z-systems: | |
| importance: | Undecided → High |
| assignee: | nobody → Canonical Foundations Team (canonical-foundations) |
| Dimitri John Ledkov (xnox) wrote : | #1 |
------- Comment From <email address hidden> 2018-06-13 07:55 EDT-------
Cryptsetup should already have support for this, see https:/
| Dimitri John Ledkov (xnox) wrote : | #3 |
I do not mean upstream cryptsetup option =)
I mean that Debian/Ubuntu crypttab parser shipped in the cryptsetup package will also need a sector-size option support, just like the one requested to be supported by systemd's crypttab parser.
See https:/
| Changed in ubuntu-z-systems: | |
| status: | New → Triaged |
| bugproxy (bugproxy) wrote : | #4 |
------- Comment From <email address hidden> 2018-07-26 09:43 EDT-------
OK, I see. I assume you will update the Debian/Ubuntu crypttab parser on your own?
| Dimitri John Ledkov (xnox) wrote : | #5 |
well =) i would love for somebody else to write the patch too.... =) it's not like i will say no, to free patches =)))))
| Dimitri John Ledkov (xnox) wrote : | #6 |
systemd-cryptsetup: https:/
initramfs-tools crypttab: https:/
| Changed in systemd (Ubuntu): | |
| status: | New → In Progress |
| Changed in cryptsetup (Ubuntu): | |
| status: | New → In Progress |
| Changed in ubuntu-z-systems: | |
| status: | Triaged → In Progress |
| Dimitri John Ledkov (xnox) wrote : | #7 |
My implementation of https:/
| Changed in systemd (Ubuntu): | |
| status: | In Progress → Fix Committed |
| information type: | Private → Public |
| Changed in cryptsetup (Ubuntu): | |
| status: | In Progress → Fix Committed |
| tags: | added: id-5b59f569271dc3d96ea29d30 |
| Changed in ubuntu-z-systems: | |
| status: | In Progress → Fix Committed |
| Launchpad Janitor (janitor) wrote : | #8 |
This bug was fixed in the package cryptsetup - 2:2.0.4-2ubuntu2
---------------
cryptsetup (2:2.0.4-2ubuntu2) cosmic; urgency=medium
* Implement support for --sector-size cryptsetup plain mode option in
crypttab. Matching support is also proposed to systemd-cryptsetup as
well. LP: #1776626
-- Dimitri John Ledkov <email address hidden> Fri, 31 Aug 2018 17:00:07 +0100
| Changed in cryptsetup (Ubuntu): | |
| status: | Fix Committed → Fix Released |
| Launchpad Janitor (janitor) wrote : | #9 |
This bug was fixed in the package systemd - 239-7ubuntu7
---------------
systemd (239-7ubuntu7) cosmic; urgency=medium
* boot-and-services: skip gdm test, when gdm-x-session fails.
Across all architectures, gdm fails to come up reliably since cosmic.
(LP: #1790478)
-- Dimitri John Ledkov <email address hidden> Mon, 03 Sep 2018 16:33:00 +0100
| Changed in systemd (Ubuntu): | |
| status: | Fix Committed → Fix Released |
| Dimitri John Ledkov (xnox) wrote : | #10 |
systemd (239-7ubuntu7) cosmic; urgency=medium
* boot-and-services: skip gdm test, when gdm-x-session fails.
Across all architectures, gdm fails to come up reliably since cosmic.
(LP: #1790478)
systemd (239-7ubuntu6) cosmic; urgency=medium
[ Dimitri John Ledkov ]
* debian/control: strengthen dependencies.
Make systemd-sysv depend on matching version of systemd. Autopkgtests at times
upgrade systemd-sysv without upgrading systemd. However, upgrading systemd-sysv
alone makes little sense.
Make systemd conflict, rather than just break, systemd-shim. As there are
upgrade failures cause by systemd-shim presence whilst upgrading to new
systemd.
* Correct gdm3 exclution on arm64, in boot-and-services test.
[ Christian Ehrhardt ]
* Improve autopkgtest success rate, by bumping up timeouts. (LP: #1789841)
systemd (239-7ubuntu5) cosmic; urgency=medium
[ Michael Biebl ]
* Clean up dbus-org.
(Closes: #904290)
[ Martin Pitt ]
* timedated: Fix wrong PropertyChanged values and refcounting
[ Dimitri John Ledkov ]
* autopkgtest: drop gdm3 on arm64 as well.
The cloud instances are configured without a graphics card, and thus X fails to
start, hence the gdm test fails.
* Revert "Workaround broken meson copying symlinked data files, as dangling symlinks."
This reverts commit 059bfb5349123fa
* Cherrypick v239-stable patches.
* cryptsetup: add support for sector-size= option (LP: #1776626)
* Cherrypick upstrem patches to fix ftbfs with new glibc.
[ Michael Vogt ]
* Re-add support for /etc/writable for core18. (LP: #1778936)
| Dimitri John Ledkov (xnox) wrote : | #11 |
It should be possible to specify sector-size option in crypttab now, in ubuntu. And it should be supported by both initramfs-tools and systemd, depending on which one does the mount. Please test this, and let me know if everything is alright. It did work for me... but I used non-4k hardware.
| Changed in ubuntu-z-systems: | |
| status: | Fix Committed → Fix Released |
| Dimitri John Ledkov (xnox) wrote : | #12 |
Note that there is no UI to set sector-size in the installer, and the installer does not generate sector-size option in the crypttab either. I kind of wish sector-size could just be autodetected, and e.g. used by default on 4k native drives. But I'll check if this option can be added to partman-crypto.
| Changed in systemd (Ubuntu Bionic): | |
| status: | New → In Progress |
| description: | updated |
Hello bugproxy, or anyone else affected,
Accepted systemd into bionic-proposed. The package will build now and be available at https:/
Please help us by testing this new package. See https:/
If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-
Further information regarding the verification process can be found at https:/
N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.
| Changed in systemd (Ubuntu Bionic): | |
| status: | In Progress → Fix Committed |
| tags: | added: verification-needed verification-needed-bionic |
| Changed in ubuntu-z-systems: | |
| status: | Fix Released → In Progress |
| Łukasz Zemczak (sil2100) wrote : | #14 |
Hello bugproxy, or anyone else affected,
Accepted systemd into bionic-proposed. The package will build now and be available at https:/
Please help us by testing this new package. See https:/
If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-
Further information regarding the verification process can be found at https:/
N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.
------- Comment From <email address hidden> 2018-11-20 07:38 EDT-------
This function was verified by IBM on
https:/
| Frank Heimes (frank-heimes) wrote : | #16 |
Adjusting tags according to comment #15.
| tags: |
added: verification-done verification-done-bionic removed: verification-needed verification-needed-bionic |
| Dimitri John Ledkov (xnox) wrote : | #17 |
@hws
Thank you. However 10.8 got trumped by security upload 10.9, hence we are re-doing the upload with 10.10. Sorry about the noise, but -security uploads always trump the inflight -proposed uploads.
This potentially needs implementation in cryptsetup package as well, since systemd cryptsetup support is not used by Debian's initramfs-tools to mount the rootfs for example.