[Bug 1837437] Re: disk content permanently lost when changing LUKS password
Sorry to add to an old issue, but I can confirm the issue persists under Ubuntu 18.04.5. I can reliably reproduce the issue when installing 18.04.5 on physical hardware, Lenovo ThinkPad P15 (20SUS5LJ00). The error message after changing the passphrase in gnome-disks is: Error changing passphrase Error changing passphrase on device /dev/nvme1n1p3: Failed to add the new passphrase: Invalid argument (udisks-error-quark, 0) [Close] -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1837437 Title: disk content permanently lost when changing LUKS password To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libblockdev/+bug/1837437/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1837437] Re: disk content permanently lost when changing LUKS password
** Changed in: libblockdev (Debian) Status: Unknown => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1837437 Title: disk content permanently lost when changing LUKS password To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libblockdev/+bug/1837437/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1837437] Re: disk content permanently lost when changing LUKS password
This bug was fixed in the package libblockdev - 2.20-7ubuntu0.1 --- libblockdev (2.20-7ubuntu0.1) disco; urgency=medium [ intrigeri ] * Use existing cryptsetup API for changing keyslot passphrase. Cherry-pick upstream fix to use existing cryptsetup API for atomically changing a keyslot passphrase, instead of deleting the old keyslot before adding the new one. This avoids data loss when attempting to change the passphrase of a LUKS2 device via udisks2, e.g. from GNOME Disks. Deleting a keyslot and then adding one is risky: if anything goes wrong before the new keyslot is successfully added, no usable keyslot is left and the device cannot be unlocked anymore. There's little chances this causes actual problems with LUKS1, but LUKS2 defaults to the memory-hard Argon2 key derivation algorithm, which is implemented in cryptsetup with the assumption that it runs as root with no MEMLOCK ulimit; this assumption is wrong when run by udisks2.service under LimitMEMLOCK=65536, which breaks adding the new keyslot, and makes us hit the problematic situation (user data loss) every time. With this change, changing a LUKS2 passphrase via udisks2 will still fail in some cases, until the MEMLOCK ulimit problem is solved in cryptsetup or workaround'ed in udisks2. But at least, if it fails, it will fail _atomically_ and the original passphrase will still work. (Closes: #928893) (LP: #1837437) -- Olivier Tilloy Thu, 25 Jul 2019 12:33:46 +0200 ** Changed in: libblockdev (Ubuntu Disco) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1837437 Title: disk content permanently lost when changing LUKS password To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libblockdev/+bug/1837437/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1837437] Re: disk content permanently lost when changing LUKS password
Successfully tested by running the test case in the bug description. Without the libblockdev update, changing the LUKS encryption passphrase from gnome-disks fails. With the updated package, it succeeds (and I verified that the new passphrase unlocks the encrypted disk at boot). I also verified that the updated package doesn't affect the normal operation of the cryptsetup CLI to change the passphrase (AFAICT cryptsetup doesn't depend on libblockdev anyway). ** Tags removed: verification-needed-disco ** Tags added: verification-done-disco -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1837437 Title: disk content permanently lost when changing LUKS password To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libblockdev/+bug/1837437/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1837437] Re: disk content permanently lost when changing LUKS password
Hello Will, or anyone else affected, Accepted libblockdev into disco-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/libblockdev/2.20-7ubuntu0.1 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-disco to verification-done-disco. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-disco. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: libblockdev (Ubuntu Disco) Status: Confirmed => Fix Committed ** Tags added: verification-needed verification-needed-disco -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1837437 Title: disk content permanently lost when changing LUKS password To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libblockdev/+bug/1837437/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1837437] Re: disk content permanently lost when changing LUKS password
** Package changed: gnome-disk-utility (Debian) => libblockdev (Debian) ** Changed in: libblockdev (Ubuntu) Importance: Undecided => High ** Changed in: libblockdev (Ubuntu Disco) Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1837437 Title: disk content permanently lost when changing LUKS password To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libblockdev/+bug/1837437/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1837437] Re: disk content permanently lost when changing LUKS password
I sponsored it, thanks! (Also, Scenarii, nice) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1837437 Title: disk content permanently lost when changing LUKS password To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libblockdev/+bug/1837437/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1837437] Re: disk content permanently lost when changing LUKS password
Attaching a debdiff for a disco SRU, as I don't have upload permission for libblockdev. Please sponsor! ** Patch added: "debdiff 2.20-7 -> 2.20-7ubuntu0.1" https://bugs.launchpad.net/ubuntu/+source/libblockdev/+bug/1837437/+attachment/5279177/+files/libblockdev.debdiff ** Description changed: - This is fixed upstream. Logging this bug to track the fix in to Ubuntu. + [Impact] + Users with full disk encryption trying to change the encryption + passphrase in gnome-disks will get an error message, and after rebooting + neither the old passphrase nor the new one can unlock their disk, + rendering the machine unusable. + + + [Test Case] + + (can be done in a virtual machine, for testing purposes) + 1. Download a 19.04 ISO, and install it, choosing the full disk encryption option + 2. When rebooting after the installation is complete, you are prompted for your passphrase to unlock the disk + 3. Once logged in, open gnome-disks, select the encrypted disk and click the contextual action to change the encryption passphrase + 4. Enter your old passphrase and the new one (twice), as prompted, then click OK + + Expected result: the passphrase is changed successfully, and when + rebooting the new passphrase can unlock the disk + + Current result: changing the passphrase fails, the user is presented + with an error message ("Error changing passphrase on device /dev/sda5: + Failed to add the new passphrase: Invalid argument (udisks-error-quark, + 0)"), and when rebooting neither the old passphrase nor the new one can + unlock the disk, which renders it unusable + + To test the fix, the updated libblockdev* packages need to be installed + on the machine before attempting to change the encryption passphrase in + gnome-disks. + + + [Regression Potential] + + The patch only touches code related to changing the LUKS encryption passphrase, so non-encrypted disk setups should not be affected. + Scenarii with full-disk encryption should be carefully tested, including changing an existing passphrase, adding and removing passphrases, both from the gnome-disks UI and using the cryptsetup CLI. + + + [Original Description] + + This is fixed upstream. Logging this bug to track the fix in to Ubuntu. From the upstream bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928893 Dear Maintainer, * What led up to the situation? Install system using normal full disk encryption LUKS+Ext4. After install open gnome-disk-utility and change encryption password. It gives some error dialog and now you are royally screwed. It deleted the only LUKS keyslot. Cannot add new keyslots because of that. All data will be lost after reboot. Here is output of luksdump: udo cryptsetup luksDump /dev/sda5 LUKS header information - Version:2 - Epoch: 4 - Metadata area: 16384 [bytes] - Keyslots area: 1678 [bytes] - UUID: 3c16ad4c-294c-4547-bf3e-bb8864ba5ea3 - Label: (no label) - Subsystem: (no subsystem) - Flags: (no flags) + Version: 2 + Epoch: 4 + Metadata area: 16384 [bytes] + Keyslots area: 1678 [bytes] + UUID: 3c16ad4c-294c-4547-bf3e-bb8864ba5ea3 + Label: (no label) + Subsystem: (no subsystem) + Flags: (no flags) Data segments: 0: crypt offset: 16777216 [bytes] length: (whole device) cipher: aes-xts-plain64 sector: 512 [bytes] Keyslots: Tokens: Digests: 0: pbkdf2 - Hash: sha256 + Hash: sha256 Iterations: 59904 - Salt: XX XX XX XX XX - Digest: XX XX XX XX XX ... + Salt: XX XX XX XX XX + Digest: XX XX XX XX XX ... I changed salt and digest. No Keyslots are present!!! I tried this 2 times in a row with new install, exactly same result. - -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.0.8-xanmod5 (SMP w/2 CPU cores; PREEMPT) Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8), LANGUAGE=ru_RU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages gnome-disk-utility depends on: - ii dconf-gsettings-backend [gsettings-backend] 0.30.1-2 - ii libatk1.0-0 2.30.0-2 - ii libc62.28-10 - ii libcairo21.16.0-4 - ii libcanberra-gtk3-0 0.30-7 - ii libdvdread4 6.0.1-1 - ii libgdk-pixbuf2.0-0 2.38.1+dfsg-1 - ii libglib2.0-0 2.58.3-1 - ii libgtk-3-0 3.24.5-1 - ii liblzma5
[Bug 1837437] Re: disk content permanently lost when changing LUKS password
I installed 19.04 in a VM with full disk encryption, then upgraded libblockdev from buster-proposed-updates (2.20-7+deb10u1), rebooted, and I was able to successfully change the passphrase in gnome-disks. ** Changed in: libblockdev (Ubuntu) Status: New => Fix Released ** Changed in: libblockdev (Ubuntu) Assignee: Olivier Tilloy (osomon) => (unassigned) ** Changed in: libblockdev (Ubuntu Disco) Assignee: (unassigned) => Olivier Tilloy (osomon) ** Changed in: libblockdev (Ubuntu Disco) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1837437 Title: disk content permanently lost when changing LUKS password To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libblockdev/+bug/1837437/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1837437] Re: disk content permanently lost when changing LUKS password
I can reliably reproduce the issue when installing 19.04 in a VM. The error message after changing the passphrase in gnome-disks is: Error changing passphrase Error changing passphrase on device /dev/sda5: Failed to add the new passphrase: Invalid argument (udisks-error-quark, 0) [Close] I cannot reproduce the issue when installing 18.04.2 in a VM, so version 2.16-2 of libblockdev doesn't appear to be affected. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1837437 Title: disk content permanently lost when changing LUKS password To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libblockdev/+bug/1837437/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1837437] Re: disk content permanently lost when changing LUKS password
** Changed in: libblockdev (Ubuntu) Assignee: (unassigned) => Olivier Tilloy (osomon) ** Also affects: libblockdev (Ubuntu Disco) Importance: Undecided Status: New ** Tags removed: rls-dd-incoming -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1837437 Title: disk content permanently lost when changing LUKS password To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libblockdev/+bug/1837437/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1837437] Re: disk content permanently lost when changing LUKS password
thanks for filing I'm guessing we should reproduce the problem, see if it happens on bionic & then backport libblockdev 2.20-7+deb10u1 ** Package changed: gnome-disk-utility (Ubuntu) => libblockdev (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1837437 Title: disk content permanently lost when changing LUKS password To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libblockdev/+bug/1837437/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1837437] Re: disk content permanently lost when changing LUKS password
Possible Workaround (untested): This only applies if you have not rebooted / closed the LUKS volume. Follow steps 7 to 9 of https://www.thegeekstuff.com/2016/03/cryptsetup-lukskey/ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1837437 Title: disk content permanently lost when changing LUKS password To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-disk-utility/+bug/1837437/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs