[Bug 2081700] Re: Can't boot from encrypted volume after initramfs-tools=0.142ubuntu25.3 update

Benjamin Drung 2081700 at bugs.launchpad.net
Tue Sep 24 10:13:29 UTC 2024 

Fix: https://git.launchpad.net/~ubuntu-core-
dev/ubuntu/+source/initramfs-
tools/commit/?id=c9487c3b689e481c0ad5c4088dfe207c4fe1aafb

This change is already part of initramfs-tools in oracular.

** Also affects: initramfs-tools (Ubuntu Noble)
   Importance: Undecided
       Status: New

** Changed in: initramfs-tools (Ubuntu)
       Status: New => Fix Released

** Changed in: initramfs-tools (Ubuntu Noble)
   Importance: Undecided => High

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/2081700

Title:
  Can't boot from encrypted volume after initramfs-tools=0.142ubuntu25.3
  update

Status in initramfs-tools package in Ubuntu:
  Fix Released
Status in initramfs-tools source package in Noble:
  New

Bug description:
  # Expected
  After an update to `initramfs-tools` from 0.142ubuntu25.2 to 0.142ubuntu25.3 I can boot my system from an encrypted root volume.

  # What happened instead
  After an update to `initramfs-tools` from 0.142ubuntu25.2 to 0.142ubuntu25.3, I could no longer boot my system.

  The error I was getting is this after entering the correct password:

  ```
  device-mapper: table: 252:0: crypt: unknown target type
  device-mapper: ioctl: error adding target to table
  device-mapper: reload ioctl on test (252:0) failed: Invalid argument
  ```

  I managed to add set -x to the initramfs scripts, which showed me the
  command it uses that leads to this error:

  ```
  /sbin/cryptsetup -T1 --allow-discards '--type=luks' '--key-file=-' open -- /dev/nvme0n1p3 test
  ```

  And my `/etc/crypttab` looks like this:

  ```
  test UUID=9a6218aa-6e36-4f0d-8567-770af1274240 none luks,discard
  ```

  I also tried to add "break" to the kernel line and set up luks
  manually via the initramfs shell, which led to the same error.

  After quite a significant amount of time randomly trying to load
  modules without success, I decided to check what had changed after my
  last successful boot in terms of packages. One of the few upgrades was
  the one mentioned at the beginning. So I downgraded `initramfs-tools`
  back to 0.142ubuntu25.2, it regenerated the image, and the system
  booted successfully.

  Below you can find additional data about my setup.

  I use an LVM setup on top of a luks-encrypted volume. Here is the
  overall layout:

  ```
  /dev/nvme0n1p2 on /boot type ext4
  /dev/nvme0n1p1 on /boot/efi type vfat
  ```

  Here is the data about my luks setup:

  ```
  # cryptsetup luksDump /dev/nvme0n1p3
  <...skipped...>
  Data segments:
    0: crypt
          offset: 16777216 [bytes]
          length: (whole device)
          cipher: aes-xts-plain64
          sector: 512 [bytes]

  Keyslots:
    0: luks2
          Key:        512 bits
          Priority:   normal
          Cipher:     aes-xts-plain64
          Cipher key: 512 bits
          PBKDF:      argon2id
  <...skipped...>
  ```

  Link to the changes in the broken version of the package:  
  https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/0.142ubuntu25.3

  Kernel versions I tried it with: 6.8.0-44-generic and 6.8.0-45-generic
  OS: Ubuntu 24.04.1 LTS

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/2081700/+subscriptions

More information about the foundations-bugs mailing list