[Bug 2085817] [NEW] [24.10] Partitions with same pasword not unlocked durning boot

Tony762 2085817 at bugs.launchpad.net
Tue Oct 29 09:12:23 UTC 2024 

Public bug reported:

Description:	Ubuntu 24.10
Release:	24.10
Kernel: 6.11.0-9-generic
cryptsetup: 2.7.2 flags: UDEV BLKID KEYRING FIPS KERNEL_CAPI HW_OPAL
grub: 2.12-5ubuntu5

Ubuntu upgrade path: 23.10 (legacy installer) > 24.04 > 24.10


`/etc/crypttab`
```
boot_crypt UUID=2b740859-92df-4fb4-8e00-384a02ff0ee2 none discard
ubuntu_crypt UUID=92b2a6ef-3c87-4cbc-9e99-2e0a1a98857c none discard
data_crypt UUID=2e49eea8-130c-4c99-a011-80f7accfe8bd none discard

```
```
nvme1n1          259:0    0   1,8T  0 disk  
├─nvme1n1p1      259:2    0   300M  0 part  
├─nvme1n1p2      259:3    0    16M  0 part  
├─nvme1n1p3      259:4    0 299,5G  0 part  
├─nvme1n1p4      259:6    0   769M  0 part  
├─nvme1n1p5      259:8    0     1G  0 part  
└─nvme1n1p6      259:10   0   1,5T  0 part
  └──data_crypt  252:5    0   1,5T  0 crypt /data  
nvme0n1          259:1    0   1,8T  0 disk  
├─nvme0n1p1      259:5    0   256M  0 part  /boot/efi
├─nvme0n1p2      259:7    0     3G  0 part  
│ └─boot_crypt   252:4    0     3G  0 crypt /boot
└─nvme0n1p3      259:9    0   1,8T  0 part  
  └─ubuntu_crypt 252:0    0   1,8T  0 crypt 
    ├─LVM-swap   252:1    0    64G  0 lvm   [SWAP]
    ├─LVM-root   252:2    0   300G  0 lvm   /
    └─LVM-home   252:3    0   1,3T  0 lvm   /home
```


All three partitions have a same password. Grub ask for password for `boot_crypt` and unlock it and pass to kernel. Then Kernel ask for password for `ubuntu_crypt` and unlock `data_crypt` with one password entry (cache it). Before upgrading to 24.10, this worked flawlessly. 

Now Grub ask for password and unlock boot, but password is not handed to
kernel. Kernel ask for password but only unlock `ubuntu_crypt` (won't
cache password) so I end up without mounted `boot` and `data` partition
which mean I have to unlock and mount them manually (If I made it trough
emergency shell).

```
nvme1n1          259:0    0   1,8T  0 disk  
├─nvme1n1p1      259:2    0   300M  0 part  
├─nvme1n1p2      259:3    0    16M  0 part  
├─nvme1n1p3      259:4    0 299,5G  0 part  
├─nvme1n1p4      259:6    0   769M  0 part  
├─nvme1n1p5      259:8    0     1G  0 part  
└─nvme1n1p6      259:10   0   1,5T  0 part  
nvme0n1          259:1    0   1,8T  0 disk  
├─nvme0n1p1      259:5    0   256M  0 part  
├─nvme0n1p2      259:7    0     3G  0 part  
└─nvme0n1p3      259:9    0   1,8T  0 part  
  └─ubuntu_crypt 252:0    0   1,8T  0 crypt 
    ├─LVM-swap   252:1    0    64G  0 lvm   [SWAP]
    ├─LVM-root   252:2    0   300G  0 lvm   /
    └─LVM-home   252:3    0   1,3T  0 lvm   /home
```

** Affects: cryptsetup (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/2085817

Title:
  [24.10] Partitions with same pasword not unlocked durning boot

Status in cryptsetup package in Ubuntu:
  New

Bug description:
  Description:	Ubuntu 24.10
  Release:	24.10
  Kernel: 6.11.0-9-generic
  cryptsetup: 2.7.2 flags: UDEV BLKID KEYRING FIPS KERNEL_CAPI HW_OPAL
  grub: 2.12-5ubuntu5

  Ubuntu upgrade path: 23.10 (legacy installer) > 24.04 > 24.10

  
  `/etc/crypttab`
  ```
  boot_crypt UUID=2b740859-92df-4fb4-8e00-384a02ff0ee2 none discard
  ubuntu_crypt UUID=92b2a6ef-3c87-4cbc-9e99-2e0a1a98857c none discard
  data_crypt UUID=2e49eea8-130c-4c99-a011-80f7accfe8bd none discard

  ```
  ```
  nvme1n1          259:0    0   1,8T  0 disk  
  ├─nvme1n1p1      259:2    0   300M  0 part  
  ├─nvme1n1p2      259:3    0    16M  0 part  
  ├─nvme1n1p3      259:4    0 299,5G  0 part  
  ├─nvme1n1p4      259:6    0   769M  0 part  
  ├─nvme1n1p5      259:8    0     1G  0 part  
  └─nvme1n1p6      259:10   0   1,5T  0 part
    └──data_crypt  252:5    0   1,5T  0 crypt /data  
  nvme0n1          259:1    0   1,8T  0 disk  
  ├─nvme0n1p1      259:5    0   256M  0 part  /boot/efi
  ├─nvme0n1p2      259:7    0     3G  0 part  
  │ └─boot_crypt   252:4    0     3G  0 crypt /boot
  └─nvme0n1p3      259:9    0   1,8T  0 part  
    └─ubuntu_crypt 252:0    0   1,8T  0 crypt 
      ├─LVM-swap   252:1    0    64G  0 lvm   [SWAP]
      ├─LVM-root   252:2    0   300G  0 lvm   /
      └─LVM-home   252:3    0   1,3T  0 lvm   /home
  ```

  
  All three partitions have a same password. Grub ask for password for `boot_crypt` and unlock it and pass to kernel. Then Kernel ask for password for `ubuntu_crypt` and unlock `data_crypt` with one password entry (cache it). Before upgrading to 24.10, this worked flawlessly. 

  Now Grub ask for password and unlock boot, but password is not handed
  to kernel. Kernel ask for password but only unlock `ubuntu_crypt`
  (won't cache password) so I end up without mounted `boot` and `data`
  partition which mean I have to unlock and mount them manually (If I
  made it trough emergency shell).

  ```
  nvme1n1          259:0    0   1,8T  0 disk  
  ├─nvme1n1p1      259:2    0   300M  0 part  
  ├─nvme1n1p2      259:3    0    16M  0 part  
  ├─nvme1n1p3      259:4    0 299,5G  0 part  
  ├─nvme1n1p4      259:6    0   769M  0 part  
  ├─nvme1n1p5      259:8    0     1G  0 part  
  └─nvme1n1p6      259:10   0   1,5T  0 part  
  nvme0n1          259:1    0   1,8T  0 disk  
  ├─nvme0n1p1      259:5    0   256M  0 part  
  ├─nvme0n1p2      259:7    0     3G  0 part  
  └─nvme0n1p3      259:9    0   1,8T  0 part  
    └─ubuntu_crypt 252:0    0   1,8T  0 crypt 
      ├─LVM-swap   252:1    0    64G  0 lvm   [SWAP]
      ├─LVM-root   252:2    0   300G  0 lvm   /
      └─LVM-home   252:3    0   1,3T  0 lvm   /home
  ```

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/2085817/+subscriptions

More information about the foundations-bugs mailing list