[pkg-cryptsetup-devel] Bug#1032734: OOM when unlocking encrypted root in initramfs
Guilhem Moulin
guilhem at debian.org
Sat Mar 11 13:56:42 GMT 2023
Control: reassign -1 cryptsetup-bin 2:2.6.1-2
Control: severity -1 important
Control: tag -1 upstream
Control: forwarded -1 https://gitlab.com/cryptsetup/cryptsetup/-/issues/802#note_1287298872
Hi,
On Sat, 11 Mar 2023 at 08:26:27 -0500, Jérôme Charaoui wrote:
> Today I upgraded a small KVM machine with a LUKS2 encrypted root and 1GiB of
> RAM to bookworm, and was very surprised to be confronted with an OOM
> immediately upon entering my LUKS password in the initramfs prompt:
> […]
> The problem appears to be perhaps related to #924560, but in this instance,
> the issue causing an unbootable system post-upgrade.
No, this is related to #1028250 and https://gitlab.com/cryptsetup/cryptsetup/-/issues/802#note_1287298872 .
Don't think we can do anything in src:cryptsetup for existing volumes
unfortunately. You might need to manually lower the parameters of your
PBKDF.
Lowering the severity, because this shouldn't block the transition of -2
into bookworm (which fixes an unrelated and arguably much more severe RC
bug). See also the d-i errata for Bookworm Alpha 2. I'm also not
certain that #-1 is RC, after all Debian's memory requirements have
consistently increased since the start of the project, so IMHO one has
to accept that hardware might need to be dusted up on upgrade. Compare
https://www.debian.org/releases/potato/i386/ch-hardware-req.en.html §2.3 with
https://www.debian.org/releases/bullseye/amd64/ch03s04.en.html §3.4
Either way the issue definitely needs to be mentioned in Bookworm's
release notes.
cheers
--
Guilhem.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-cryptsetup-devel/attachments/20230311/49216f90/attachment.sig>
More information about the pkg-cryptsetup-devel
mailing list