FS#62678 - [kernel] [ecryptfs] module not loading in Kernel 5.1.2
Attached to Project:
Arch Linux
Opened by SK (skos) - Sunday, 19 May 2019, 09:42 GMT
Last edited by freswa (frederik) - Thursday, 20 February 2020, 21:25 GMT
Opened by SK (skos) - Sunday, 19 May 2019, 09:42 GMT
Last edited by freswa (frederik) - Thursday, 20 February 2020, 21:25 GMT
|
Details
Description:
ecryptfs not working, unable to load kernel module Additional info: * package version(s) Linux 5.1.2-arch1-1-AR * reproduce: user@Zelos ~]# ecryptfs-mount-private mount: No such device [root@Zelos ~]# modprobe ecryptfs modprobe: ERROR: could not insert 'ecryptfs': Bad address see also: https://bbs.archlinux.org/viewtopic.php?id=246447 workaround: use Kernel 4.19.43-1-lts |
This task depends upon
Closed by freswa (frederik)
Thursday, 20 February 2020, 21:25 GMT
Reason for closing: Fixed
Additional comments about closing: 5.2.10
Thursday, 20 February 2020, 21:25 GMT
Reason for closing: Fixed
Additional comments about closing: 5.2.10
Also I'm not the only one who has this issue - see link to the forum
[user@ ~]$ ecryptfs-mount-private
Enter your login passphrase:
Inserted auth tok with sig [ ] into the user session keyring
mount: No such device
[user@ ~]$ su -
[root@ ~]# modprobe ecryptfs
modprobe: ERROR: could not insert 'ecryptfs': Bad address
[root@ ~]# uname -r
5.1.3-arch1-1-ARCH
[root@Zelos ~]#
why is is bug still unconfirmed? we now have 3 people (see also forum) with the same problem. Is there some information missing?
Problem is that the dependend modul "trusted" can not be loaded.
Reason for this seems to be an invalid handling if the bios-setting TPM(Trusted Platform Module) is inactive.
Setting it to disabled instead solves the problem.
I have no idea why "inactive" seems to be the default, since it just makes the module visible to the operating system.
But the module is not working under this state.
But i guess the trusted-module makes no difference between active and inactive and thats the source for the problem.
in that order can you then load the trusted module with the TPM set to inactive?
But i'm already 90% shure that the following new line (line 1251):
https://github.com/torvalds/linux/commit/0b6cf6b97b7ef1fa3c7fefab0cac897a1c4a3400#diff-c01228e6d386afb29df6aac17d9dd7abR1251
causes the problem.
Because there should be a check if the TPM-module is inactive.
Else it would probably just return a fault-code at line 1229 or 1231.
(wich explains why init_module returns EFAULT wich later gets returned as "Bad Address")
@CrazyT could you please contact upstream about the issue, from
perl scripts/get_maintainer.pl security/keys/trusted.c
James Bottomley <jejb@linux.ibm.com> (supporter:KEYS-TRUSTED)
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> (supporter:KEYS-TRUSTED)
Mimi Zohar <zohar@linux.ibm.com> (supporter:KEYS-TRUSTED)
David Howells <dhowells@redhat.com> (maintainer:KEYS/KEYRINGS:)
James Morris <jmorris@namei.org> (supporter:SECURITY SUBSYSTEM)
"Serge E. Hallyn" <serge@hallyn.com> (supporter:SECURITY SUBSYSTEM)
linux-integrity@vger.kernel.org (open list:KEYS-TRUSTED)
keyrings@vger.kernel.org (open list:KEYS-TRUSTED)
linux-security-module@vger.kernel.org (open list:SECURITY SUBSYSTEM)
linux-kernel@vger.kernel.org (open list)
I would suggest the keyrings@vger.kernel.org mailing list with a CC to roberto.sassu@huawei.com the commit author with CC's also to the supporters listed for keys-trusted
src.tar.gz included for easier testing.
Build tested only.
Currently building, will report back (I'm juphu2Va over at the forum)
Your fix is nice, but probably not perfect.
The chip-object will still stay in memory for example.
But as a workaround it should not matter much, since you won't load/unload the module several times during a session.
Queued for 5.2.10
The fix seems to work :)