This bug was fixed in the package lvm2 - 2.03.16-3ubuntu2

lvm2 (2.03.16-3ubuntu2) noble; urgency=medium

  [ Luca Boccassi ]
  * Cherry-pick upstream change for libdm returning wrong error code when
    dm-verity key cannot be found (LP: #2054620)

 -- Gianfranco Costamagna <>  Wed, 06 Mar 2024
19:53:11 +0100

** Changed in: lvm2 (Ubuntu Noble)
       Status: Confirmed => Fix Released

You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lvm2 in Ubuntu.

  libdm returns wrong error code when dm-verity key cannot be found

Status in lvm2 package in Ubuntu:
  Fix Released
Status in lvm2 source package in Noble:
  Fix Released

Bug description:
  When libcryptsetup tries to activate a signed dm-verity volume, and
  the key is not in the kernel keyring, libdevicemapper does not return
  the appropriate ENOKEY, so the failure cannot be distinguished from
  other generic issues.

  This is a problem when software like systemd via libcryptsetup try to
  open a volume, and get an unrecognizable error out of it. With the fix
  in libdm and libcryptsetup, there is a clear ENOKEY returned when a
  key is missing and activation fails for that reason. This allows
  systemd (and other applications) to make the right decision depending
  on the failure case. Without this, the same generic error is returned
  in any case.

  For more details, see:

  libcryptsetup 2.7.0, now available in debian stable, and systemd v255,
  shipped in Noble, make use of this error code.

  This is fixed in the lvm2 version 2.03.23 upstream release.

  Please consider backporting this patch for Noble.

  Upstream PR:
  Upstream commit: 25ef7a7b1a876f491bd361369423d7309358f6c1

To manage notifications about this bug go to:

Mailing list:
Post to     :
Unsubscribe :
More help   :

Reply via email to