FS#24750 - [mkinitcpio] systems becomes unbootable if use non-luks root encryption.

Attached to Project: Arch Linux
Opened by Mikhail Burakov (Pyromaniac) - Friday, 17 June 2011, 04:37 GMT
Last edited by Dave Reisner (falconindy) - Saturday, 21 April 2012, 17:30 GMT
Task Type Bug Report
Category Packages: Core
Status Closed
Assigned To Thomas Bächler (brain0)
Dave Reisner (falconindy)
Architecture All
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
Systems becomes unbootable if use non-luks drive encryption due to error in encrypt initcpio hook. The following message appears at each boot:
Verify parameter format: crypto=hash:cipher:keysize:offset:skip
Non-LUKS decryption not attempted...
even if valid encrypt arguments are provided.

Additional info:
* cryptsetup version is: 1.3.1-1
* kernel encrypt arguments are: cryptdevice=/dev/sda:hdd crypto=::::

Steps to reproduce:
Use non-luks encryption on root partition, use mkinitcpio to generate ramdisk with encrypt hook included, specify valid encrypt arguments in /boot/grub/menu.lst. Try to boot resultant system. Removing of the following code (line numbers included) from /lib/initcpio/hooks/encrypt resolves the problem:
87 if [ $# -ne 5 ]; then
88 err "Verify parameter format: crypto=hash:cipher:keysize:offset:skip"
89 err "Non-LUKS decryption not attempted..."
90 return 1
91 fi
This task depends upon

Closed by  Dave Reisner (falconindy)
Saturday, 21 April 2012, 17:30 GMT
Reason for closing:  Fixed
Additional comments about closing:  Fixed in SVN.
Comment by Thomas Bächler (brain0) - Sunday, 19 June 2011, 10:07 GMT Comment by Mikhail Burakov (Pyromaniac) - Monday, 20 June 2011, 09:22 GMT
  • Field changed: Percent Complete (100% → 0%)
Whats wrong? Article https://wiki.archlinux.org/index.php/Mkinitcpio#Using_legacy_cryptsetup_volumes clearly states i can use crypt=:::: for default values. Moreover, encrypt hook would fail even if fully qualify all the arguments.
Comment by Thomas Bächler (brain0) - Monday, 20 June 2011, 09:28 GMT
Ah, right, didn't see that. This used to work though, I'll need to investigate.
Comment by Dave Reisner (falconindy) - Wednesday, 11 April 2012, 00:34 GMT
Yay for old bug reports. I have no idea how this was ever supposed to work, as run_hook() doesn't take arguments and I don't see any call to "set" to replace positional parameters. Seems to me like we need to be counting the fields... does the attached patch help?

Loading...