[pkg-cryptsetup-devel] Bug#799469: password prompt invisible with kdump or kexec
chrysn
chrysn at fsfe.org
Sat Sep 19 13:55:26 UTC 2015
Package: cryptsetup
Version: 2:1.6.6-5
Severity: normal
when using password encrypted root and swap partitions (where a prompt
is shown in initramfs stage), and the system kexecs as prepared by the
kdump utility (the way i have tested it is enabling kdump, going into
single-user mode and injecting a 'c' sysrq into /proc/sysrq-trigger),
the password prompt is not shown, and a partial kernel panic message
stays on the screen.
if one is aware that the passwords are due several seconds after the
kexec, the user can enter them blindly; then, the system starts up and
in the course of that makes the display usable again -- but unless
guessing luckily[1], it appears as if the combination of cryptsetup and
kdump were completely broken.
best regards
chrysn
[1] depending on the user's undstanding of the whole situation, it might
just as well be completely obvious, but i dare say that the average user
has slim chances of guessing what to do.
-- Package-specific info:
-- /proc/cmdline
BOOT_IMAGE=/vmlinuz-4.2.0-trunk-amd64 root=/dev/mapper/root ro verbose no_console_suspend thinkpad_acpi.fan_control=1 psmouse.resync_time=60 crashkernel=256M
-- /etc/crypttab
# <target name> <source device> <key file> <options>
root /dev/mapper/hephaistos-debian--sid2 none luks
swap /dev/mapper/hephaistos-swap none luks,swap
-- /etc/fstab
/dev/mapper/root / btrfs defaults 0 1
/dev/hephaistos/boot /boot ext4 defaults 0 2
UUID=961E-2909 /boot/efi vfat defaults 0 2
/dev/mapper/swap swap swap sw 0 0
proc /proc proc defaults 0 0
-- lsmod
Module Size Used by
rfcomm 69632 2
pci_stub 16384 1
vboxpci 24576 0
vboxnetadp 28672 0
vboxnetflt 28672 0
vboxdrv 446464 3 vboxnetadp,vboxnetflt,vboxpci
ipt_REJECT 16384 2
nf_reject_ipv4 16384 1 ipt_REJECT
xt_tcpudp 16384 5
bridge 110592 0
stp 16384 1 bridge
llc 16384 2 stp,bridge
ebtable_filter 16384 0
ebtables 36864 1 ebtable_filter
ip6table_filter 16384 0
ip6_tables 28672 1 ip6table_filter
iptable_filter 16384 1
ip_tables 28672 1 iptable_filter
x_tables 36864 7 ip6table_filter,ip_tables,xt_tcpudp,iptable_filter,ebtables,ipt_REJECT,ip6_tables
ctr 16384 2
ccm 20480 2
tun 28672 3
bnep 20480 2
cpufreq_userspace 16384 0
cpufreq_stats 16384 0
cpufreq_powersave 16384 0
cpufreq_conservative 16384 0
toshiba_acpi 40960 0
sparse_keymap 16384 1 toshiba_acpi
toshiba_haps 16384 0
hp_accel 28672 0
lis3lv02d 20480 1 hp_accel
input_polldev 16384 1 lis3lv02d
binfmt_misc 20480 1
nls_utf8 16384 1
nls_cp437 20480 1
vfat 20480 1
fat 69632 1 vfat
ext4 552960 1
mbcache 20480 1 ext4
jbd2 102400 1 ext4
cuse 16384 5
fuse 94208 4 cuse
parport_pc 28672 0
ppdev 20480 0
lp 20480 0
parport 49152 3 lp,ppdev,parport_pc
hid_sensor_gyro_3d 16384 0
hid_sensor_rotation 16384 0
hid_sensor_incl_3d 16384 0
hid_sensor_accel_3d 16384 0
hid_sensor_als 16384 0
hid_sensor_magn_3d 16384 0
hid_sensor_trigger 16384 12 hid_sensor_gyro_3d,hid_sensor_incl_3d,hid_sensor_accel_3d,hid_sensor_rotation,hid_sensor_als,hid_sensor_magn_3d
hid_sensor_iio_common 16384 7 hid_sensor_trigger,hid_sensor_gyro_3d,hid_sensor_incl_3d,hid_sensor_accel_3d,hid_sensor_rotation,hid_sensor_als,hid_sensor_magn_3d
industrialio_triggered_buffer 16384 6 hid_sensor_gyro_3d,hid_sensor_incl_3d,hid_sensor_accel_3d,hid_sensor_rotation,hid_sensor_als,hid_sensor_magn_3d
kfifo_buf 16384 1 industrialio_triggered_buffer
industrialio 57344 9 hid_sensor_trigger,hid_sensor_gyro_3d,industrialio_triggered_buffer,hid_sensor_incl_3d,hid_sensor_accel_3d,hid_sensor_rotation,hid_sensor_als,kfifo_buf,hid_sensor_magn_3d
uvcvideo 90112 0
videobuf2_vmalloc 16384 1 uvcvideo
videobuf2_memops 16384 1 videobuf2_vmalloc
videobuf2_core 49152 1 uvcvideo
v4l2_common 16384 1 videobuf2_core
btusb 45056 0
btrtl 16384 1 btusb
hid_sensor_hub 20480 8 hid_sensor_trigger,hid_sensor_gyro_3d,hid_sensor_incl_3d,hid_sensor_accel_3d,hid_sensor_rotation,hid_sensor_als,hid_sensor_magn_3d,hid_sensor_iio_common
videodev 167936 3 uvcvideo,v4l2_common,videobuf2_core
media 24576 2 uvcvideo,videodev
btbcm 16384 1 btusb
hid_multitouch 20480 0
btintel 16384 1 btusb
msr 16384 0
bluetooth 499712 29 bnep,btbcm,btrtl,btusb,rfcomm,btintel
crc16 16384 2 ext4,bluetooth
acpi_call 16384 0
x86_pkg_temp_thermal 16384 0
joydev 20480 0
intel_powerclamp 16384 0
intel_rapl 20480 0
iTCO_wdt 16384 0
iTCO_vendor_support 16384 1 iTCO_wdt
iosf_mbi 16384 1 intel_rapl
arc4 16384 2
iwlmvm 192512 0
mac80211 630784 1 iwlmvm
coretemp 16384 0
kvm_intel 163840 0
rtsx_pci_ms 20480 0
kvm 495616 1 kvm_intel
iwlwifi 118784 1 iwlmvm
evdev 20480 15
memstick 20480 1 rtsx_pci_ms
efi_pstore 16384 1
psmouse 122880 0
pcspkr 16384 0
serio_raw 16384 0
cfg80211 532480 3 iwlwifi,mac80211,iwlmvm
efivars 20480 1 efi_pstore
tpm_tis 20480 0
thinkpad_acpi 81920 1
sg 32768 0
snd_hda_codec_hdmi 49152 1
wmi 20480 1 toshiba_acpi
lpc_ich 24576 0
nvram 16384 1 thinkpad_acpi
i915 1097728 3
rfkill 24576 5 cfg80211,thinkpad_acpi,bluetooth
tpm 40960 1 tpm_tis
drm_kms_helper 126976 1 i915
drm 352256 4 i915,drm_kms_helper
i2c_algo_bit 16384 1 i915
shpchp 36864 0
battery 16384 0
snd_hda_codec_conexant 24576 1
snd_hda_codec_generic 73728 1 snd_hda_codec_conexant
ac 16384 0
i2c_i801 20480 0
video 36864 3 i915,toshiba_acpi,thinkpad_acpi
button 16384 1 i915
snd_hda_intel 36864 7
snd_hda_codec 131072 4 snd_hda_codec_hdmi,snd_hda_codec_conexant,snd_hda_codec_generic,snd_hda_intel
snd_hda_core 65536 5 snd_hda_codec_hdmi,snd_hda_codec_conexant,snd_hda_codec_generic,snd_hda_codec,snd_hda_intel
processor 36864 0
intel_smartconnect 16384 0
mei_me 24576 0
mei 86016 1 mei_me
snd_hwdep 16384 1 snd_hda_codec
snd_pcm 102400 4 snd_hda_codec_hdmi,snd_hda_codec,snd_hda_intel,snd_hda_core
snd_timer 32768 1 snd_pcm
snd 86016 23 snd_hwdep,snd_timer,snd_hda_codec_hdmi,snd_hda_codec_conexant,snd_pcm,snd_hda_codec_generic,snd_hda_codec,snd_hda_intel,thinkpad_acpi
soundcore 16384 1 snd
btrfs 933888 2
xor 24576 1 btrfs
raid6_pq 102400 1 btrfs
algif_skcipher 20480 0
af_alg 16384 1 algif_skcipher
dm_crypt 24576 3
dm_mod 106496 26 dm_crypt
md_mod 131072 0
wacom 81920 0
usbhid 49152 0
hid 114688 4 hid_multitouch,wacom,hid_sensor_hub,usbhid
sd_mod 40960 3
crct10dif_pclmul 16384 0
crc32_pclmul 16384 0
crc32c_intel 24576 1
ghash_clmulni_intel 16384 0
jitterentropy_rng 16384 0
sha256_ssse3 28672 1
sha256_generic 24576 1 sha256_ssse3
hmac 16384 1
drbg 24576 1
rtsx_pci_sdmmc 24576 0
ansi_cprng 16384 0
mmc_core 126976 1 rtsx_pci_sdmmc
ahci 36864 3
xhci_pci 16384 0
libahci 32768 1 ahci
aesni_intel 167936 10
xhci_hcd 167936 1 xhci_pci
aes_x86_64 20480 1 aesni_intel
lrw 16384 1 aesni_intel
gf128mul 16384 1 lrw
glue_helper 16384 1 aesni_intel
ablk_helper 16384 1 aesni_intel
libata 233472 2 ahci,libahci
cryptd 20480 6 ghash_clmulni_intel,aesni_intel,ablk_helper
scsi_mod 225280 3 sg,libata,sd_mod
rtsx_pci 53248 2 rtsx_pci_ms,rtsx_pci_sdmmc
mfd_core 16384 3 lpc_ich,rtsx_pci,hid_sensor_hub
usbcore 233472 5 btusb,uvcvideo,usbhid,xhci_hcd,xhci_pci
thermal 20480 0
usb_common 16384 1 usbcore
thermal_sys 49152 5 video,intel_powerclamp,thermal,processor,x86_pkg_temp_thermal
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.2.0-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages cryptsetup depends on:
ii cryptsetup-bin 2:1.6.6-5
ii debconf [debconf-2.0] 1.5.57
ii dmsetup 2:1.02.104-1
ii libc6 2.19-20
Versions of packages cryptsetup recommends:
ii busybox-static [busybox] 1:1.22.0-15
ii console-setup 1.132
ii initramfs-tools [linux-initramfs-tool] 0.120
ii kbd 1.15.5-2
Versions of packages cryptsetup suggests:
ii dosfstools 3.0.28-2
ii keyutils 1.5.9-7
ii liblocale-gettext-perl 1.05-9
-- debconf information:
cryptsetup/prerm_active_mappings: true
--
To use raw power is to make yourself infinitely vulnerable to greater powers.
-- Bene Gesserit axiom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-cryptsetup-devel/attachments/20150919/ac8ac15d/attachment.sig>
More information about the pkg-cryptsetup-devel
mailing list