You are not logged in.

#1 2020-07-23 14:06:27

nerfingen
Member
Registered: 2014-01-28
Posts: 8

cryptsetup freezes

Hi,
I have a problem using cryptsetup. If I use it for example like this:

sudo cryptsetup open /dev/sdc1 data

cryptsetup freezes before asking for a password. htop shows it is in disk sleep (D). If I ask it for a bit more output:

sudo cryptsetup --debug --verbose open /dev/sdc1 data

I get the following output:

# cryptsetup 2.3.3 processing "cryptsetup --debug --verbose open /dev/sdc1 data"
# Running command open.
# Locking memory.
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.
# Allocating context for crypt device /dev/sdc1.
# Trying to open and read device /dev/sdc1 with direct-io.
# Initialising device-mapper backend library.
# Trying to load any crypt type from device /dev/sdc1.
# Crypto backend (OpenSSL 1.1.1g  21 Apr 2020) initialized in cryptsetup library version 2.3.3.
# Detected kernel Linux 5.7.9-arch1-1 x86_64.
# Loading LUKS2 header (repair disabled).
# Acquiring read lock for device /dev/sdc1.
# Opening lock resource file /run/cryptsetup/L_8:33

The file /run/cryptsetup/L_8:33 exists and appears to be empty.
I tried to run cryptsetup inside strace to get more information, but surprisingly cryptsetup works
under these circumstances. (I tried multiple times, with and without strace, it always freezes outside of strace and
never in strace).

Also if I tried to run cryptsetup, the computer would not shut down properly. It hangs on a message that says that
cryptsetup didn't stop. This message appears relatively late and does not look like a normal systemd message.
I also can't find it in the journal.

Edit: the exact message is

systemd_shutdown[1]: Waiting for process: cryptsetup

I have absolutely no idea where to look next, to find the error, and it does not feel great to rely on software
that only runs in strace. The strace command I'm using is

sudo strace cryptsetup open /dev/sdc1 data

Edit2:
the main disk is encrypted as well, the systems unlocks and boots just normal.

Last edited by nerfingen (2020-07-23 14:19:30)

Offline

#2 2020-07-23 14:47:20

schard
Member
From: Hannover
Registered: 2016-05-06
Posts: 989
Website

Re: cryptsetup freezes

Please provide the output of

$ cat /proc/sys/kernel/random/entropy_avail

when cryptsetup hangs.

Offline

#3 2020-07-23 14:51:45

nerfingen
Member
Registered: 2014-01-28
Posts: 8

Re: cryptsetup freezes

directly after calling cryptsetup (while it hangs)

$ cat /proc/sys/kernel/random/entropy_avail 
3643

I don't think this is an entropy problem.

Offline

#4 2020-07-25 12:26:51

Omar007
Member
Registered: 2015-04-09
Posts: 357

Re: cryptsetup freezes

What CPU are you running with? If it is an Intel CPU with QAT (e.g. certain Atom models) you'll need to give unloading/blacklisting it a go. The modules to unload/blacklist are named 'intel_qat' and 'qat_*'.

If that solves it you may want to make it permanent using a file in /etc/modprobe.d

To give you and example, in the case of a 3000 series Atom:

blacklist qat_c3xxx
blacklist intel_qat

Last edited by Omar007 (2020-07-25 12:27:27)

Offline

#5 2020-07-25 16:52:36

nerfingen
Member
Registered: 2014-01-28
Posts: 8

Re: cryptsetup freezes

Here is an lscpu

Architecture:                    x86_64
CPU op-mode(s):                  32-bit, 64-bit
Byte Order:                      Little Endian
Address sizes:                   39 bits physical, 48 bits virtual
CPU(s):                          4
On-line CPU(s) list:             0-3
Thread(s) per core:              2
Core(s) per socket:              2
Socket(s):                       1
NUMA node(s):                    1
Vendor ID:                       GenuineIntel
CPU family:                      6
Model:                           69
Model name:                      Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Stepping:                        1
CPU MHz:                         848.898
CPU max MHz:                     3000.0000
CPU min MHz:                     800.0000
BogoMIPS:                        4790.43
Virtualization:                  VT-x
L1d cache:                       64 KiB
L1i cache:                       64 KiB
L2 cache:                        512 KiB
L3 cache:                        4 MiB
NUMA node0 CPU(s):               0-3
Vulnerability Itlb multihit:     KVM: Mitigation: Split huge pages
Vulnerability L1tf:              Mitigation; PTE Inversion; VMX conditional cache flushes, SMT vulnerable
Vulnerability Mds:               Mitigation; Clear CPU buffers; SMT vulnerable
Vulnerability Meltdown:          Mitigation; PTI
Vulnerability Spec store bypass: Mitigation; Speculative Store Bypass disabled via prctl and seccomp
Vulnerability Spectre v1:        Mitigation; usercopy/swapgs barriers and __user pointer sanitization
Vulnerability Spectre v2:        Mitigation; Full generic retpoline, IBPB conditional, IBRS_FW, STIBP conditional, RSB filling
Vulnerability Srbds:             Mitigation; Microcode
Vulnerability Tsx async abort:   Not affected
Flags:                           fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni
                                  pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flex
                                 priority ept vpid ept_ad fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid xsaveopt dtherm ida arat pln pts md_clear flush_l1d

I think these are a bit old for qat (but maybe I'm wrong about that). I also don't see any of those modules loaded.

lsmod | grep qat

returns nothing.

Last edited by nerfingen (2020-07-25 17:00:26)

Offline

Board footer

Powered by FluxBB