942821 – sys-fs/cryptsetup-2.7.5: dmcrypt asks confirmation for recreating LUKS partition on isLuks error on startup

Bug 942821 - sys-fs/cryptsetup-2.7.5: dmcrypt asks confirmation for recreating LUKS partition on isLuks error on startup

Summary: sys-fs/cryptsetup-2.7.5: dmcrypt asks confirmation for recreating LUKS partit...

Status:	UNCONFIRMED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	Gentoo's Team for Core System packages

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2024-11-03 15:24 UTC by Jaak Ristioja
Modified:	2024-11-03 15:52 UTC (History)
CC List:	0 users

See Also:	942823
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jaak Ristioja 2024-11-03 15:24:21 UTC

On startup I got an error message and prompt (twice, although dm-crypt is only active on the boot runlevel):

----- BEGIN TRANSCRIPTION OF TEXT FROM PHOTOGRAPH ----
 * Setting up dm-crypt mappings ...
/etc/init.d/dmcrypt: line 121:  2917 Floating point exceptioncryptsetup ${header_opt} isLuks ${source} 2> /dev/null
 *   <my target> using:    create <my target> /dev/disk/by-uuid/<long uuid> ...
WARNING: Using default options for cipher (aes-xts-plain64, key size 256 bits) that could be incompatible with older versions.
For plain mode, always use options --cipher, --key-size and if no keyfile is used, then also --hash.
WARNING: Devices /dev/disk/by-uuid/<long uuid> already contains a 'crypto_LUKS' superblock signature.

WARNING!
========
Detected device signature(s) on /dev/disk/by-uuid/<long uuid>. Proceeding further may damage existing data.

Are you sure? (Type 'yes' in capital letters): _
----- END TRANSCRIPTION OF TEXT FROM PHOTOGRAPH ----

I think this potentially dangerous prompt is caused by /etc/init.d/dmcrypt not properly checking the exit status of cryptsetup, e.g. in the following excerpt:

    # cryptsetup:                                                                
    # open   <device> <name>      # <device> is $source                          
    # create <name>   <device>    # <name>   is $target                          
    local arg1="create" arg2="${target}" arg3="${source}"                        
    if cryptsetup ${header_opt} isLuks ${source} 2>/dev/null ; then              
        arg1="open"                                                              
        arg2="${source}"                                                         
        arg3="${target}"                                                         
    fi

I assume that the exit status of `cryptsetup isLuks` should be 0 (true) or 1 (false) depending on the result, but if it exits due to a signal, the exit status is (128 + (number of signal)), e.g. 136 for SIGFPE:

    # cryptsetup isLuks /dev/nvme0n1; echo $?
    Floating point exception
    136

I will file a separate bug report about the cryptsetup SIGFPE issue. The essence of this bug report is that it is dangerous for /etc/init.d/dmcrypt to simply use `if somecommand; then` in cases where `somecommand` failures might end up causing my partitions being overwritten. Being in a hurry to boot my system and not yet having fully understood the full message, I had already typed "yes" (in lowercase) in response to the prompt, so this feels dangerously close to data loss.

The /etc/init.d/dmcrypt script should instead explicitly check for the exit statuses 0 and 1, and consider other exit statuses as errors.