ecryptfs-mount-private fails with "mount: No such device"

juphu2Va · 2019-05-16 12:34:25

Hey there!

I stumbled upon a problem where my encrypted .Private folder isn't mountet at login automatically, and when trying to mount it by hand with ecryptfs-mount-private it fails with

mount: No such device

When trying to mount manually with

sudo mount -t ecryptfs .Private Private

I get the following warning, suggesting that something is wrong:

Unable to get the version number of the kernel
module. Please make sure that you have the eCryptfs
kernel module loaded, you have sysfs mounted, and
the sysfs mount point is in /etc/mtab. This is
necessary so that the mount helper knows which 
kernel options are supported.

When trying to insert the ecryptfs module it says,

modprobe: ERROR: could not insert 'ecryptfs': Bad address

I suspect that this is because of the update of nss package (as there was already something like this in the past), but downgrading it didn't solve the problem, so I'm out of ideas now.

--

Juphu

loqs · 2019-05-16 17:28:07

Welcome to the arch linux forums juphu2Va
What is the output of the following

pacman -Q linux
uname -a
modinfo ecryptfs

juphu2Va · 2019-05-16 17:39:01

loqs wrote:

Welcome to the arch linux forums juphu2Va
What is the output of the following
pacman -Q linux
uname -a
modinfo ecryptfs

Hi, thank you!

pacman -Q linux

linux 5.1.2.arch1-1

uname -a

Linux myarch 5.1.2-arch1-1-ARCH #1 SMP PREEMPT Wed May 15 00:09:47 UTC 2019 x86_64 GNU/Linux

modinfo ecryptfs

filename:       /lib/modules/5.1.2-arch1-1-ARCH/kernel/fs/ecryptfs/ecryptfs.ko.xz
license:        GPL
description:    eCryptfs
author:         Michael A. Halcrow <mhalcrow@us.ibm.com>
alias:          fs-ecryptfs
srcversion:     37B8A9182C6E45FAA598494
depends:        encrypted-keys
retpoline:      Y
intree:         Y
name:           ecryptfs
vermagic:       5.1.2-arch1-1-ARCH SMP preempt mod_unload 
sig_id:         PKCS#7
signer:         Build time autogenerated kernel key
sig_key:        0C:24:F2:65:9A:5E:62:71:88:02:A3:06:5E:6B:DF:66:C6:68:84:C4
sig_hashalgo:   sha512
signature:      63:3F:27:88:37:54:38:A3:7A:FE:25:85:77:2E:6B:E6:0C:B8:48:57:
                6F:02:78:E6:99:71:C7:EA:A6:05:7E:34:0A:CA:70:12:79:21:50:CD:
                26:C6:05:E0:6A:2F:49:F0:6C:3D:34:C5:39:F6:9F:1B:F1:41:B6:8B:
                F8:AE:01:92:0C:B1:C3:C4:10:E6:32:48:FD:16:C9:04:32:3E:D1:2D:
                45:50:20:B9:C6:81:00:89:8E:53:20:39:DF:A5:C2:A4:3D:A0:DE:94:
                82:7C:27:FD:4D:EF:40:A4:EF:62:ED:79:C5:B5:01:E3:12:99:D2:77:
                54:0B:A0:E9:3E:B1:AA:4F:AC:29:31:49:ED:B1:93:93:57:2A:84:1C:
                54:F2:3D:34:F4:4C:87:1F:9B:68:BF:78:9F:BE:2F:50:5D:8C:ED:42:
                68:0A:E6:39:45:E9:D5:86:6A:27:91:CA:66:86:B0:88:21:81:8A:16:
                06:17:DA:71:9D:7A:13:9A:42:48:11:3D:CA:84:4D:3A:66:FF:CF:3E:
                18:1F:30:A0:DD:67:8D:01:0B:23:2D:FC:D7:1E:3A:FC:70:1C:FD:57:
                A7:F2:A0:19:55:06:BB:AB:E6:52:C0:0A:A2:A4:7A:93:DE:90:59:C0:
                FE:4F:71:30:D5:5A:E7:80:5A:2B:FF:FC:13:8B:8E:0D:3C:FD:05:50:
                7F:7C:8E:4B:CA:42:6F:76:82:6D:A6:7A:FF:68:3B:CC:34:E4:34:61:
                F8:49:68:70:DE:9D:2C:6B:68:F7:1B:D9:C9:7B:A7:C0:D2:63:AC:89:
                49:66:8C:23:50:97:E4:E6:6B:20:E5:9F:47:F8:C5:BD:0F:FA:1E:BE:
                5C:2C:E3:D7:C6:D9:06:32:4E:16:13:3F:6C:42:90:62:32:14:1B:89:
                9A:E7:B4:97:36:91:11:0F:FF:EB:D5:FC:80:EE:AF:29:54:43:91:7F:
                9E:7A:80:47:49:E9:33:62:0A:21:0A:E4:26:9B:C9:56:D4:74:F9:57:
                60:56:17:F0:6F:89:9D:2C:9C:70:0A:B0:B5:59:4F:AB:40:07:69:06:
                41:B4:69:0D:E8:B1:C6:3C:7A:58:5B:06:29:81:9D:28:B0:D4:DB:E8:
                2E:36:F8:18:B1:39:1F:A3:C5:BF:5A:C8:E4:34:DE:53:33:77:0E:2A:
                AB:DC:08:EB:80:7C:EE:0C:B8:6E:BC:29:A3:44:B7:DF:A3:3D:24:38:
                31:EF:55:21:61:D4:22:08:D3:2A:D9:E8:71:B6:96:FF:E4:4F:A4:3A:
                46:E9:4D:FF:1F:FC:FD:8A:42:5F:B7:CA:70:5D:97:19:C2:1B:11:8E:
                7E:4C:95:0E:43:70:70:14:40:62:5E:01
parm:           ecryptfs_verbosity:Initial verbosity level (0 or 1; defaults to 0, which is Quiet) (int)
parm:           ecryptfs_message_buf_len:Number of message buffer elements (uint)
parm:           ecryptfs_message_wait_timeout:Maximum number of seconds that an operation will sleep while waiting for a message response from userspace (long)
parm:           ecryptfs_number_of_users:An estimate of the number of concurrent users of eCryptfs (uint)

insmod /lib/modules/5.1.2-arch1-1-ARCH/kernel/fs/ecryptfs/ecryptfs.ko.xz

kernel: ecryptfs: Unknown symbol key_type_encrypted (err -2)

I also tried to build ecryptfs-utils on my own, which succeeded, but the problem persists.

loqs · 2019-05-16 17:54:45

Is the encrypted-keys kernel module successfully loaded?

juphu2Va · 2019-05-16 20:48:08

loqs wrote:

Is the encrypted-keys kernel module successfully loaded?

Well, I downgraded the Kernel to 5.0.8-arch1-1-ARCH, where the ecryptfs module loads perfectly fine and ecryptfs works like a charm. I think this is a bug/compatibility issue with newer Kernel versions?

loqs · 2019-05-16 21:17:57

Possibly https://lkml.org/lkml/2019/3/19/38 ?
Edit:
probably not the above as 5.1 contained https://github.com/torvalds/linux/commi … c36ae0119c

Last edited by loqs (2019-05-16 21:24:58)

psbleep · 2019-05-16 21:23:35

I had this problem after updating as well (updated last night). I also solved it by downgrading the kernel. Before downgrading I tried to see if the encrypted-keys module would load, based on loqs' question, and no luck with that either:

modprobe: ERROR: could not insert 'encrypted_keys': Bad address

loqs · 2019-05-16 21:53:06

A few options on how you could proceed:

You could bisect between 5.0 and 5.1 to try and find the causal commit
See if changing the kernel .config can produce a working configuration
Contact upstream ecryptfs@vger.kernel.org ( list archive is at https://www.spinics.net/lists/ecryptfs/ )

juphu2Va · 2019-05-16 22:09:51

I just want to add the point that on my Arch server with a 5.1.2 kernel the ecryptfs module loads fine (but I don't use ecryptfs actively there).

(that's why I doubt that it is a "faulty" commit, but rather some configuration my computer and @psbleep's share, but I'm absolutely not sure about that)

loqs · 2019-05-16 22:19:13

Just to rule out TPM involvement completely does the server have a TPM and the none server not have a TPM?

juphu2Va · 2019-05-16 22:26:34

loqs wrote:

Just to rule out TPM involvement completely does the server have a TPM and the none server not have a TPM?

The server has no TPM (as in no /dev/tpmX), the desktop computer has one at /dev/tpm0

carneeki · 2019-05-18 06:31:12

On a whim, I turned on TxT in my BIOS, and upon booting up, ecryptfs loads and my machine is working again.

juphu2Va · 2019-05-19 20:01:46

carneeki wrote:

On a whim, I turned on TxT in my BIOS, and upon booting up, ecryptfs loads and my machine is working again.

Unfortunately, this option is disabled (greyed out) in my BIOS...

Update: Even Linux 5.1.4-arch1-1 doesn't work with ecryptfs.

Update: I just contacted the mailinglist, we will see.

Last edited by juphu2Va (2019-05-25 20:04:58)

knedlyk · 2019-06-02 23:03:54

Same is for 5.1.6, released 02.05.2019. Linux-lts 4.19.47-1 works fine.

loqs · 2019-06-05 21:53:26

Would one of those affected be willing to bisect linux between 5.0 and 5.1 to try and find the causal commit?
Preferably on a system which does not use lvm and trim as there was a bug introduced with 5.1 which could cause data loss with that combination.

juphu2Va · 2019-06-23 11:29:00

loqs wrote:

Would one of those affected be willing to bisect linux between 5.0 and 5.1 to try and find the causal commit?
Preferably on a system which does not use lvm and trim as there was a bug introduced with 5.1 which could cause data loss with that combination.

I would do it, if someone can give me a quick start of what to do. (I have
some experience with the AUR, but never compiled the kernel myself)

With linux 5.0.9.arch1-1 ecryptfs works still as expected...

Last edited by juphu2Va (2019-06-23 11:52:54)

loqs · 2019-07-01 17:22:22

@juphu2Va could you please try the test.patch from https://bugs.archlinux.org/task/62678#comment180053

Download linux-5.1.15.arch1-1.src.tar.gz
Install the base-devel group on the system if needed (sudo pacman -S base-devel)
I recommend enabling Makepkg#Parallel_compilation to reduce build time it may still take a long time to build so you might want to leave it overnight.

bsdtar -xvf linux-5.1.15.arch1-1.src.tar.gz
cd linux
makepkg -rsi #to build and install the package

Arch Linux

#1 2019-05-16 12:34:25

ecryptfs-mount-private fails with "mount: No such device"

#2 2019-05-16 17:28:07

Re: ecryptfs-mount-private fails with "mount: No such device"

#3 2019-05-16 17:39:01

Re: ecryptfs-mount-private fails with "mount: No such device"

#4 2019-05-16 17:54:45

Re: ecryptfs-mount-private fails with "mount: No such device"

#5 2019-05-16 20:48:08

Re: ecryptfs-mount-private fails with "mount: No such device"

#6 2019-05-16 21:17:57

Re: ecryptfs-mount-private fails with "mount: No such device"

#7 2019-05-16 21:23:35

Re: ecryptfs-mount-private fails with "mount: No such device"

#8 2019-05-16 21:53:06

Re: ecryptfs-mount-private fails with "mount: No such device"

#9 2019-05-16 22:09:51

Re: ecryptfs-mount-private fails with "mount: No such device"

#10 2019-05-16 22:19:13

Re: ecryptfs-mount-private fails with "mount: No such device"

#11 2019-05-16 22:26:34

Re: ecryptfs-mount-private fails with "mount: No such device"

#12 2019-05-18 06:31:12

Re: ecryptfs-mount-private fails with "mount: No such device"

#13 2019-05-19 20:01:46

Re: ecryptfs-mount-private fails with "mount: No such device"

#14 2019-06-02 23:03:54

Re: ecryptfs-mount-private fails with "mount: No such device"

#15 2019-06-05 21:53:26

Re: ecryptfs-mount-private fails with "mount: No such device"

#16 2019-06-23 11:29:00

Re: ecryptfs-mount-private fails with "mount: No such device"

#17 2019-07-01 17:22:22

Re: ecryptfs-mount-private fails with "mount: No such device"

Board footer