[dm-crypt] Cryptsetup (>= 1.7.0) luksOpen/luksClose gets stuck after open/close

Guido Trentalancia guido at trentalancia.net
Thu Apr 7 20:47:56 CEST 2016


Hello.

My first message contains the debug information (last part of the
strace output).

I am now going to add the last part of the diff between the strace
output of the working (1.6.8) versus broken (1.7.1) cryptsetup
(luksOpen):

< open("/dev/mapper/vg_vortex-LogVol02", O_RDONLY) = 6
---
> open("/dev/mapper/vg_vortex-LogVol03", O_RDONLY) = 6
1239,1245c1284,1288
< ioctl(5, DM_DEV_CREATE, 0x9cc530)       = 0
< ioctl(5, DM_TABLE_LOAD, 0x9cc4d0)       = 0
< ioctl(5, DM_DEV_SUSPEND, 0x9cc3b0)      = 0
< stat("/dev/mapper/luks-c2fa768d-335c-4217-93ce-8c37e61c9d98", 0x7fff8deea600) = -1 ENOENT (No such file or directory)
< gettid()                                = 667
< open("/proc/self/task/667/attr/current", O_RDONLY) = 6
< read(6, "root:sysadm_r:lvm_t:s0-s0:c0.c10"..., 4095) = 35
---
> open("/dev/urandom", O_RDONLY)          = 6
> read(6, "NL", 2)                        = 2
> semget(0xd4d4c4e, 1, IPC_CREAT|IPC_EXCL|0600) = 229380
> semctl(229380, 0, SETVAL, 0x1)          = 0
> semctl(229380, 0, GETVAL, 0x7f7679730d4a) = 1
1247,1411c1290,1301
< open("/etc/selinux/config", O_RDONLY)   = 6
< fstat(6, {st_mode=S_IFREG|0644, st_size=715, ...}) = 0
< mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6421775000
< read(6, "# This file controls the state o"..., 4096) = 715
< read(6, "", 4096)                       = 0
< close(6)                                = 0
< munmap(0x7f6421775000, 4096)            = 0
< futex(0x7f64201e7640, FUTEX_WAKE_PRIVATE, 2147483647) = 0
< open("/etc/selinux/policy-new/contexts/files/file_contexts.subs_dist", O_RDONLY) = 6
< fstat(6, {st_mode=S_IFREG|0644, st_size=465, ...}) = 0
< mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6421775000
< read(6, "# This file can is used to confi"..., 4096) = 465
< read(6, "", 4096)                       = 0
< close(6)                                = 0
< munmap(0x7f6421775000, 4096)            = 0
< open("/etc/selinux/policy-new/contexts/files/file_contexts.subs", O_RDONLY) = -1 ENOENT (No such file or directory)
< open("/etc/selinux/policy-new/contexts/files/file_contexts", O_RDONLY) = 6
< fstat(6, {st_mode=S_IFREG|0644, st_size=172054, ...}) = 0
< open("/etc/selinux/policy-new/contexts/files/file_contexts.homedirs", O_RDONLY) = 7
< open("/etc/selinux/policy-new/contexts/files/file_contexts.local", O_RDONLY) = -1 ENOENT (No such file or directory)
< fstat(6, {st_mode=S_IFREG|0644, st_size=172054, ...}) = 0
< mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6421775000
< read(6, "/.*\tsystem_u:object_r:default_t:"..., 4096) = 4096
< read(6, "_shlib_t:s0\n/usr/(local/)?Adobe/"..., 4096) = 4096
< read(6, "tem_u:object_r:fixed_disk_device"..., 4096) = 4096
< read(6, "plugins/check_log\t--\tsystem_u:ob"..., 4096) = 4096
< read(6, "b(64)?/nagios/plugins/check_sens"..., 4096) = 4096
< read(6, "ject_r:bin_t:s0\n/var/log/(x)?ine"..., 4096) = 4096
< read(6, "_u:object_r:named_zone_t:s0\n/var"..., 4096) = 4096
< read(6, "(/.*)?\tsystem_u:object_r:httpd_c"..., 4096) = 4096
< read(6, "/raw/raw[0-9]+\t-c\tsystem_u:objec"..., 4096) = 4096
< read(6, "m_u:object_r:psad_var_run_t:s0\n/"..., 4096) = 4096
< read(6, "_u:object_r:crond_var_run_t:s0\n/"..., 4096) = 4096
< read(6, "c_t:s0\n/usr/X11R6/lib(64)?/X11/x"..., 4096) = 4096
< read(6, "p/\\.font-unix(/.*)?\tsystem_u:obj"..., 4096) = 4096
< read(6, "samba(/.*)?\tsystem_u:object_r:sa"..., 4096) = 4096
< read(6, "?bin(/.*)?\tsystem_u:object_r:lpr"..., 4096) = 4096
< read(6, "/]*)*\t--\tsystem_u:object_r:textr"..., 4096) = 4096
< read(6, "m_u:object_r:printer_device_t:s0"..., 4096) = 4096
< read(6, "tem_u:object_r:bin_t:s0\n/emul/ia"..., 4096) = 4096
< read(6, "l_shlib_t:s0\n/usr/lib/nx/libXcom"..., 4096) = 4096
< read(6, "\tsystem_u:object_r:cert_t:s0\n/va"..., 4096) = 4096
< read(6, "s/glesx\\.so(\\.[^/]*)*\t--\tsystem_"..., 4096) = 4096
< read(6, "/.*\t<<none>>\n/var/lib/likewise-o"..., 4096) = 4096
< read(6, "_r:ifconfig_exec_t:s0\n/sbin/tc\t-"..., 4096) = 4096
< read(6, "-\tsystem_u:object_r:mysqld_etc_t"..., 4096) = 4096
< read(6, "hot\t-c\tsystem_u:object_r:apm_bio"..., 4096) = 4096
< read(6, "ell_exec_t:s0\n/etc/mail/make\t--\t"..., 4096) = 4096
< read(6, "ject_r:sssd_exec_t:s0\n/usr/bin/k"..., 4096) = 4096
< read(6, "system_u:object_r:etc_aliases_t:"..., 4096) = 4096
< read(6, "t_r:rsync_etc_t:s0\n/sbin/restore"..., 4096) = 4096
< read(6, "u:object_r:checkpc_exec_t:s0\n/us"..., 4096) = 4096
< read(6, "eiser4\t--\tsystem_u:object_r:fsad"..., 4096) = 4096
< read(6, "/run/fcron\\.fifo\t-s\tsystem_u:obj"..., 4096) = 4096
< read(6, "root\t--\tsystem_u:object_r:sysadm"..., 4096) = 4096
< read(6, "tc/sysconfig/hwconf\t--\tsystem_u:"..., 4096) = 4096
< read(6, "ystem_u:object_r:afs_fsserver_ex"..., 4096) = 4096
< read(6, "0\n/usr/bin/partition_uuid\t--\tsys"..., 4096) = 4096
< read(6, "d\\.sock\t-s\tsystem_u:object_r:lvm"..., 4096) = 4096
< read(6, "ystem_u:object_r:textrel_shlib_t"..., 4096) = 4096
< read(6, ":object_r:httpd_cvs_script_exec_"..., 4096) = 4096
< read(6, "t_r:smbd_var_run_t:s0\n/usr/libex"..., 4096) = 4096
< read(6, "object_r:rpm_exec_t:s0\n/usr/shar"..., 4096) = 4096
< read(6, "itchdesk-gui\\.py\t--\tsystem_u:obj"..., 4096) = 4096
< read(6, "m_u:object_r:bin_t:s0\n", 4096) = 22
< read(6, "", 4096)                       = 0
< fstat(7, {st_mode=S_IFREG|0644, st_size=6873, ...}) = 0
< mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6421774000
< read(7, "#\n#\n# User-specific file context"..., 4096) = 4096
< read(7, "ntent_t:s0\n/root/.mozilla/plugin"..., 4096) = 2777
< read(7, "", 4096)                       = 0
< mmap(NULL, 376832, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f64216f3000
< lseek(6, 0, SEEK_SET)                   = 0
< lseek(7, 0, SEEK_SET)                   = 0
< read(6, "/.*\tsystem_u:object_r:default_t:"..., 4096) = 4096
< read(6, "_shlib_t:s0\n/usr/(local/)?Adobe/"..., 4096) = 4096
< read(6, "tem_u:object_r:fixed_disk_device"..., 4096) = 4096
< read(6, "plugins/check_log\t--\tsystem_u:ob"..., 4096) = 4096
< read(6, "b(64)?/nagios/plugins/check_sens"..., 4096) = 4096
< read(6, "ject_r:bin_t:s0\n/var/log/(x)?ine"..., 4096) = 4096
< brk(0xa0a000)                           = 0xa0a000
< read(6, "_u:object_r:named_zone_t:s0\n/var"..., 4096) = 4096
< read(6, "(/.*)?\tsystem_u:object_r:httpd_c"..., 4096) = 4096
< read(6, "/raw/raw[0-9]+\t-c\tsystem_u:objec"..., 4096) = 4096
< read(6, "m_u:object_r:psad_var_run_t:s0\n/"..., 4096) = 4096
< read(6, "_u:object_r:crond_var_run_t:s0\n/"..., 4096) = 4096
< read(6, "c_t:s0\n/usr/X11R6/lib(64)?/X11/x"..., 4096) = 4096
< read(6, "p/\\.font-unix(/.*)?\tsystem_u:obj"..., 4096) = 4096
< brk(0xa2b000)                           = 0xa2b000
< read(6, "samba(/.*)?\tsystem_u:object_r:sa"..., 4096) = 4096
< read(6, "?bin(/.*)?\tsystem_u:object_r:lpr"..., 4096) = 4096
< read(6, "/]*)*\t--\tsystem_u:object_r:textr"..., 4096) = 4096
< read(6, "m_u:object_r:printer_device_t:s0"..., 4096) = 4096
< read(6, "tem_u:object_r:bin_t:s0\n/emul/ia"..., 4096) = 4096
< read(6, "l_shlib_t:s0\n/usr/lib/nx/libXcom"..., 4096) = 4096
< read(6, "\tsystem_u:object_r:cert_t:s0\n/va"..., 4096) = 4096
< read(6, "s/glesx\\.so(\\.[^/]*)*\t--\tsystem_"..., 4096) = 4096
< brk(0xa4c000)                           = 0xa4c000
< read(6, "/.*\t<<none>>\n/var/lib/likewise-o"..., 4096) = 4096
< read(6, "_r:ifconfig_exec_t:s0\n/sbin/tc\t-"..., 4096) = 4096
< read(6, "-\tsystem_u:object_r:mysqld_etc_t"..., 4096) = 4096
< read(6, "hot\t-c\tsystem_u:object_r:apm_bio"..., 4096) = 4096
< read(6, "ell_exec_t:s0\n/etc/mail/make\t--\t"..., 4096) = 4096
< brk(0xa6d000)                           = 0xa6d000
< read(6, "ject_r:sssd_exec_t:s0\n/usr/bin/k"..., 4096) = 4096
< read(6, "system_u:object_r:etc_aliases_t:"..., 4096) = 4096
< read(6, "t_r:rsync_etc_t:s0\n/sbin/restore"..., 4096) = 4096
< read(6, "u:object_r:checkpc_exec_t:s0\n/us"..., 4096) = 4096
< read(6, "eiser4\t--\tsystem_u:object_r:fsad"..., 4096) = 4096
< read(6, "/run/fcron\\.fifo\t-s\tsystem_u:obj"..., 4096) = 4096
< brk(0xa8e000)                           = 0xa8e000
< read(6, "root\t--\tsystem_u:object_r:sysadm"..., 4096) = 4096
< read(6, "tc/sysconfig/hwconf\t--\tsystem_u:"..., 4096) = 4096
< read(6, "ystem_u:object_r:afs_fsserver_ex"..., 4096) = 4096
< read(6, "0\n/usr/bin/partition_uuid\t--\tsys"..., 4096) = 4096
< read(6, "d\\.sock\t-s\tsystem_u:object_r:lvm"..., 4096) = 4096
< read(6, "ystem_u:object_r:textrel_shlib_t"..., 4096) = 4096
< brk(0xaaf000)                           = 0xaaf000
< read(6, ":object_r:httpd_cvs_script_exec_"..., 4096) = 4096
< read(6, "t_r:smbd_var_run_t:s0\n/usr/libex"..., 4096) = 4096
< read(6, "object_r:rpm_exec_t:s0\n/usr/shar"..., 4096) = 4096
< read(6, "itchdesk-gui\\.py\t--\tsystem_u:obj"..., 4096) = 4096
< read(6, "m_u:object_r:bin_t:s0\n", 4096) = 22
< read(6, "", 4096)                       = 0
< read(7, "#\n#\n# User-specific file context"..., 4096) = 4096
< read(7, "ntent_t:s0\n/root/.mozilla/plugin"..., 4096) = 2777
< read(7, "", 4096)                       = 0
< mmap(NULL, 376832, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6421697000
< munmap(0x7f64216f3000, 376832)          = 0
< close(6)                                = 0
< munmap(0x7f6421775000, 4096)            = 0
< close(7)                                = 0
< munmap(0x7f6421774000, 4096)            = 0
< brk(0xad0000)                           = 0xad0000
< open("/sys/fs/selinux/mls", O_RDONLY)   = 6
< read(6, "1", 19)                        = 1
< close(6)                                = 0
< futex(0x7f64201e88d0, FUTEX_WAKE_PRIVATE, 2147483647) = 0
< socket(PF_LOCAL, SOCK_STREAM|SOCK_CLOEXEC, 0) = 6
< connect(6, {sa_family=AF_LOCAL, sun_path="/var/run/setrans/.setrans-unix"}, 110) = -1 ENOENT (No such file or directory)
< close(6)                                = 0
< socket(PF_LOCAL, SOCK_STREAM|SOCK_CLOEXEC, 0) = 6
< connect(6, {sa_family=AF_LOCAL, sun_path="/var/run/setrans/.setrans-unix"}, 110) = -1 ENOENT (No such file or directory)
< close(6)                                = 0
< gettid()                                = 667
< open("/proc/self/task/667/attr/fscreate", O_RDWR) = 6
< write(6, "system_u:object_r:fixed_disk_dev"..., 41) = 41
< close(6)                                = 0
< umask(0)                                = 022
< mknod("/dev/mapper/luks-c2fa768d-335c-4217-93ce-8c37e61c9d98", S_IFBLK|0600, makedev(253, 8)) = 0
< umask(022)                              = 0
< gettid()                                = 667
< open("/proc/self/task/667/attr/fscreate", O_RDWR) = 6
< write(6, NULL, 0)                       = 0
< close(6)                                = 0
< chown("/dev/mapper/luks-c2fa768d-335c-4217-93ce-8c37e61c9d98", 0, 0) = 0
< open("/sys/dev/block/253:8/bdi/read_ahead_kb", O_RDONLY) = 6
< read(6, "128\n", 23)                    = 4
< close(6)                                = 0
< close(5)                                = 0
< munlockall()                            = 0
< setpriority(PRIO_PROCESS, 0, 0)         = 0
< munmap(0x7f6421697000, 376832)          = 0
< exit_group(0)                           = ?
< +++ exited with 0 +++
---
> semop(229380, {{0, 1, 0}}, 1)           = 0
> semctl(229380, 0, GETVAL, 0x7f7679730ce7) = 2
> ioctl(5, DM_DEV_CREATE, 0x20dd820)      = 0
> ioctl(5, DM_TABLE_LOAD, 0x20dd560)      = 0
> ioctl(5, DM_DEV_SUSPEND, 0x20dd430)     = 0
> semget(0xd4d4c4e, 1, 0)                 = 229380
> semctl(229380, 0, GETVAL, 0x7f7679730d17) = 2
> semop(229380, {{0, -1, IPC_NOWAIT}}, 1) = 0
> semop(229380, {{0, 0, 0}}, 1)           = -1 EINTR (Interrupted system call)
> --- SIGINT {si_signo=SIGINT, si_code=SI_KERNEL} ---
> rt_sigreturn({mask=[]})                 = -1 EINTR (Interrupted system call)
> semop(229380, {{0, 0, 0}}, 1

The two versions show a different behaviour (the working version reads
SELinux configuration, the broken version opens /dev/urandom and gets
stuck), so the code must have changed.

If you need other information, please let me know. Obviously I cannot
post gdb output as the program does not crash, it simply gets stuck.
But it's a genuine bug...

Regards,

Guido

On Thu, 07/04/2016 alle 20.06 +0200, Milan Broz wrote:
> On 04/07/2016 07:49 PM, Guido Trentalancia wrote:
> > 
> > 
> > Any idea on how to fix it ?
> Please post requested relevant debug information first.
> You can start comparing debug output with working old package.
> 
> Milan





More information about the dm-crypt mailing list