[pkg-cryptsetup-devel] Bug#724463: cryptsetup: cryptroot does not understand UUID=... syntax for decrypt_derived swap partition

Carlo Contavalli ccontavalli at gmail.com
Mon Sep 23 19:08:36 UTC 2013 

Package: cryptsetup
Version: 2:1.6.1-1
Severity: important


I have swap setup using decrypt_derived, as you can see below.

The initramfs generated by the '/usr/share/initramfs-tools/hooks/cryptroot' script in 'cryptsetup' is unable to resume from this partition.

I don't use uswsusp, the problem seems to be the:

  resume=UUID=....

line in /proc/cmdline, it looks like cryptroot does not understand the
UUID=... syntax.

If I use /dev/disk/by-uuid/f5be3a07-d075-4d33-a894-5a2b43f6e878,
cryptroot seems to put the right things in the initramfs instead.

I have not tried yet to see that it actually works, but at least the
generatd code is correct.

Two things to fix:
1) cryptroot should understand the UUID=... syntax supported everywhere
else, or should loudly fail if it does not (and the problem be
documented somewhere)

2) cryptroot code use /proc/cmdline to find the resume= device. This
means that after configuring suspend to disk, I actually have to reboot
at least once and regenerate the initramfs to see it work. If I just
regenerate the initramfs after installing pm-utils, like normal, the
initramfs does not support resume. This made things more confusing
and harder to debug.

Thanks,
Carlo


-- Package-specific info:
-- /proc/cmdline
BOOT_IMAGE=/vmlinuz-3.10-2-amd64 root=/dev/mapper/cleartext-root ro quiet resume=UUID=bc1b334d-fe82-4f9e-ae46-c2d4d4e2c2fb

-- /etc/crypttab
# <target name>	<source device>		<key file>	<options>
[...]
cleartext-swap /dev/system/encrypted-swap cleartext-root keyscript=/lib/cryptsetup/scripts/decrypt_derived,hash=ripemd160,swap

-- /etc/fstab
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# <file system> <mount point>   <type>  <options>       <dump>  <pass>
# / was on /dev/sda1 during installation
[...]

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (995, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.10-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash

Versions of packages cryptsetup depends on:
ii  cryptsetup-bin         2:1.6.1-1
ii  debconf [debconf-2.0]  1.5.51
ii  dmsetup                2:1.02.77-6
ii  libc6                  2.17-92+b1
ii  sysv-rc                2.88dsf-43

Versions of packages cryptsetup recommends:
ii  busybox                                 1:1.20.0-9
ii  console-setup                           1.95
ii  initramfs-tools [linux-initramfs-tool]  0.113
ii  kbd                                     1.15.5-1

Versions of packages cryptsetup suggests:
pn  dosfstools              <none>
ii  liblocale-gettext-perl  1.05-7+b2

-- debconf information excluded

More information about the pkg-cryptsetup-devel mailing list