Ubuntu

cryptsetup luks commands randomly fail

Reported by David MacKinnon on 2007-08-14
22
Affects Status Importance Assigned to Milestone
cryptsetup (Suse)
Fix Released
Medium
cryptsetup (Ubuntu)
Undecided
Reinhard Tartler
Gutsy
Undecided
Reinhard Tartler
udev (Ubuntu)
High
Unassigned
Gutsy
Undecided
Unassigned

Bug Description

Binary package hint: cryptsetup

This is on gutsy 2:1.0.4+svn29-1ubuntu4

luksAdd/luksDel can randomly fail with errors such as

"Failed to setup dm-crypt key mapping
Check kernel for support for the aes-cbc-essiv:sha256 cipher spec and verify that /dev/sda5 contains at least 261 sectors.
Failed to read from key storage
No key available with this passphrase.
Command failed."

See http://article.gmane.org/gmane.linux.kernel.device-mapper.dm-crypt/2236 for discussion about this bug, and a patch that appears to fix it. The patch is against 1.0.5 but cleanly applies to the source in the repository.

David MacKinnon (blaedd) wrote :

Patch that appears to fix this by calling UDEVSETTLE

Reinhard Tartler (siretart) wrote :

so we seem to have indeed another udev race here. The patch from suse looks quite hackish to me (calling udevsettle() with system() to calm things down), which is a workaround in cryptsetup but not a real fix.

udev maintainers, what do you think about this bug? can this be fixed in udev, or shall we take suse's patch?

Changed in cryptsetup:
status: Unknown → Fix Released
David MacKinnon (blaedd) wrote :

Just pinging on this, it's a fairly serious bug for anyone trying to do anything automated with cryptsetup.

-David

What causes the race, do we know?

Changed in udev:
importance: Undecided → High
status: New → Incomplete
David MacKinnon (blaedd) wrote :

So are we pushing a gutsy release next without this patched anywhere?

Scott Beamer (angrykeyboarder) wrote :

That is correct.

Reinhard Tartler (siretart) wrote :

as per discussion with Keybuk, we will apply that patch to cryptsetup. Working on it soon.

Changed in cryptsetup:
assignee: nobody → siretart
status: New → In Progress
Reinhard Tartler (siretart) wrote :

as per discussion with Keybuk, this is a candidate for an SRU.

Changed in cryptsetup:
assignee: nobody → siretart
status: New → Confirmed
Reinhard Tartler (siretart) wrote :

proposed fix

Martin Pitt (pitti) wrote :

Patch looks good for gutsy, please upload. How will we fix this in Hardy, with the same workaround, or with an udev fix? Please update the task states appropriately. Thank you, Reinhard!

Reinhard Tartler (siretart) wrote :

cryptsetup (2:1.0.5-2ubuntu3) hardy; urgency=low

  * RELIABILY FIX: lib/libdevmapper.c: Ensure that pending device creation
    events are being processed by calling /sbin/udevsettle. Patch based on
    OpenSUSE bug #285478, LP: #132373.
  * Based on the change above, the patch from LP #85640 is no longer needed.
    dropping the relevant parts.
  * Fix debian/rules to not fail to build if autom4te.cache is left behind
    from a previous incomplete build.

 -- Reinhard Tartler <email address hidden> Fri, 02 Nov 2007 20:53:31 +0100

Changed in cryptsetup:
status: In Progress → Fix Released
Reinhard Tartler (siretart) wrote :

fix is to call udevsettle from /sbin/cryptsetup. udev rules cannot help here much with syncronisation

Changed in udev:
status: Incomplete → Invalid
Reinhard Tartler (siretart) wrote :

see above

Changed in udev:
status: New → Invalid
Reinhard Tartler (siretart) wrote :

fix uploaded (as dpatch, to match the packaging). Waiting for approval by archive admins

Changed in cryptsetup:
status: Confirmed → Fix Committed
Martin Pitt (pitti) wrote :

Accepted into gutsy-proposed, please test.

With the fix my root partition doesnt get recognized anymore. It waits for the root device indefinitely.
This notification of waiting appears before the sata devices are initialized - all the relevant stuff is printed after the "waiting for ...".
Readding udevsettle to scripts/local-top/cryptroot makes everything work as before.
Anything I should test?

Reinhard Tartler (siretart) wrote :

looks like I was overagressive with removing the udevsettle calls. Will readd them to the hardy package.

They have not been removed from the package I uploaded to gutsy-proposed!

Changed in cryptsetup:
status: Fix Released → In Progress

Thank you.

On 11/8/07, Reinhard Tartler <email address hidden> wrote:
>
> looks like I was overagressive with removing the udevsettle calls. Will
> readd them to the hardy package.
>
> They have not been removed from the package I uploaded to gutsy-
> proposed!
>
> ** Changed in: cryptsetup (Ubuntu)
> Status: Fix Released => In Progress
>
> --
> cryptsetup luks commands randomly fail
> https://bugs.launchpad.net/bugs/132373
> You received this bug notification because you are a direct subscriber
> of a duplicate bug.
>

Reinhard Tartler (siretart) wrote :

cryptsetup (2:1.0.5-2ubuntu5) hardy; urgency=low

  * reenable additional udevsettle calls in cryptroot hook from
    https://launchpad.net/bugs/85640, LP: #132373.
  * change maintainer to ubuntu-core-dev.
  * use Vcs-Bzr instead of XSCB-Vcs-Bzr header in debian/control.

 -- Reinhard Tartler <email address hidden> Thu, 08 Nov 2007 23:52:19 +0100

Changed in cryptsetup:
status: In Progress → Fix Released
Serge (serge-de-souza) wrote :

Tested several times, no issues

Looks good to me

Master One (masterone) wrote :

I am sorry, but is this the issue I am experiencing here: http://ubuntuforums.org/showthread.php?t=615001 ?

Serge (serge-de-souza) wrote :

On 17/11/2007, Master One <email address hidden> wrote:
> I am sorry, but is this the issue I am experiencing here:
> http://ubuntuforums.org/showthread.php?t=615001 ?

Possibly, try installing
http://archive.ubuntu.com/ubuntu/pool/main/c/cryptsetup/cryptsetup_1.0.5-2ubuntu5_i386.deb
and see if that fixes it.

Serge

Master One (masterone) wrote :

Yes, that new version of cryptsetup fixed the issue. Thanks a lot. :)

Brian Murray (brian-murray) wrote :

I test cryptsetup version 1.0.5-2ubuntu2 on gutsy and did experience some errors just adding and removing keys to a luks formatted partition. After installing 1.0.5-2ubuntu2.1 from gutsy-proposed I no longer experienced those errors.

Martin Pitt (pitti) wrote :

Copied to gutsy-updates.

Changed in cryptsetup:
status: Fix Committed → Fix Released
Changed in cryptsetup (Suse):
importance: Unknown → Medium
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.