From ca003d11bbce34708b9ef3822b4b684beb7a1159 Mon Sep 17 00:00:00 2001 From: Jason Wessel Date: Tue, 29 Oct 2019 12:44:46 -0700 Subject: lvm2: Fix hanging dmcrypt volumes on boot The initrd takes care of starting the luks volumes and activing the dmcrypt udev rules. The udev rule required a modification to deal with volumes that had already been started, else the cold plug event that runs at user space startup puts the dmcrypt device into a state that systemd cannot manage it. [ Issue: LINUXEXEC-2450 ] Signed-off-by: Jason Wessel --- ....in-Fix-dmcrypt-hanging-on-hand-over-from.patch | 38 ++++++++++++++++++++++ .../recipes-support/lvm2/lvm2_%.bbappend | 7 ++++ 2 files changed, 45 insertions(+) create mode 100644 meta-encrypted-storage/recipes-support/lvm2/lvm2/0001-10-dm.rules.in-Fix-dmcrypt-hanging-on-hand-over-from.patch create mode 100644 meta-encrypted-storage/recipes-support/lvm2/lvm2_%.bbappend diff --git a/meta-encrypted-storage/recipes-support/lvm2/lvm2/0001-10-dm.rules.in-Fix-dmcrypt-hanging-on-hand-over-from.patch b/meta-encrypted-storage/recipes-support/lvm2/lvm2/0001-10-dm.rules.in-Fix-dmcrypt-hanging-on-hand-over-from.patch new file mode 100644 index 0000000..0ae4669 --- /dev/null +++ b/meta-encrypted-storage/recipes-support/lvm2/lvm2/0001-10-dm.rules.in-Fix-dmcrypt-hanging-on-hand-over-from.patch @@ -0,0 +1,38 @@ +From b655a26908ca170bf030d7bb8de6d6a96022375b Mon Sep 17 00:00:00 2001 +From: Jason Wessel +Date: Mon, 28 Oct 2019 17:43:57 -0700 +Subject: [PATCH] 10-dm.rules.in: Fix dmcrypt hanging on hand over from + initramfs + +If an encrypted volume has already been setup from the intiramfs, it +should not have the device nodes removed. The udevadm trigger +--action=add for the device was causing the dm managed udev rules to +fall throug to the dm_disable path, which knocks the device offline +and it is not possible to reactivate it because the initramfs shuts +down the path to obtain the key from the TPM after the boot sequence +is completed. + +Upstream-Status: Pending + +Signed-off-by: Jason Wessel +--- + udev/10-dm.rules.in | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/udev/10-dm.rules.in b/udev/10-dm.rules.in +index b4fa52a..ccaf863 100644 +--- a/udev/10-dm.rules.in ++++ b/udev/10-dm.rules.in +@@ -84,7 +84,8 @@ LABEL="dm_flags_done" + # script to not remove the existing udev database so we can reuse the information + # stored at the time of device activation in the initrd. + ACTION!="add", GOTO="dm_no_coldplug" +-ENV{DM_UDEV_RULES_VSN}!="1", ENV{DM_UDEV_PRIMARY_SOURCE_FLAG}!="1", GOTO="dm_disable" ++ENV{DM_UDEV_RULES_VSN}=="2",GOTO="dm_no_coldplug" ++#ENV{DM_UDEV_RULES_VSN}!="1", ENV{DM_UDEV_PRIMARY_SOURCE_FLAG}!="1", GOTO="dm_disable" + ENV{DM_ACTIVATION}="1" + LABEL="dm_no_coldplug" + +-- +2.23.0 + diff --git a/meta-encrypted-storage/recipes-support/lvm2/lvm2_%.bbappend b/meta-encrypted-storage/recipes-support/lvm2/lvm2_%.bbappend new file mode 100644 index 0000000..e2dd834 --- /dev/null +++ b/meta-encrypted-storage/recipes-support/lvm2/lvm2_%.bbappend @@ -0,0 +1,7 @@ +# +# Copyright (C) 2019 Wind River Systems, Inc. +# + +FILESEXTRAPATHS_prepend := "${THISDIR}/lvm2:" + +SRC_URI += "file://0001-10-dm.rules.in-Fix-dmcrypt-hanging-on-hand-over-from.patch" -- cgit v1.2.3-54-g00ecf