Public bug reported: This is affecting 18.04 and others where cryptsetup v2 is used and has created a LUKS v2 container.
If booting to a shell in initialramfs with "break=premount" and manually executing: cryptsetup --debug open /dev/sda3 LUKS_VG ... Userspace crypto wrapper cannot use aes-xts-plain64 (-95) ... -95 is -EOPNOTSUPP Critical modules required are missing from the initrd.img when /etc/initramfs-tools/initramfs.conf contains: MODULES=dep There is a similar bug in Debian but that is related to Debian not including the 'xts' module when the CPU doesn't support aesni. In Ubuntu 'xts' is built-in to the kernel image. "cryptsetup-initramfs: Unbootable initrd compiled with MODULES=dep on systems lacking AES-NI" https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901884 However the underlying Debian fix may solve this case too; I've yet to get to a state where I can test that. In the Ubuntu case it appears the modules required are the algorithm interface modules. I need to confirm which modules but currently it looks like af_alg, algif_skcipher, algif_hash. ** Affects: cryptsetup (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1813295 Title: initramfs-tools MODULES=dep causes LUKSv2 unlock to fail To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1813295/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
