From: George Hilliard <thirtythreeforty@gmail.com>
To: kent.overstreet@linux.dev
Cc: linux-bcachefs@vger.kernel.org, lkml@inml.grue.cc, martin@lichtvoll.de
Subject: Re: Error while unlocking encrypted BCacheFS: Required key not available
Date: Tue, 16 Jan 2024 11:59:08 -0600 [thread overview]
Message-ID: <CACmrr9gQeXccyS9ZRiR2KnTKnA6EVBCVz_YWcDC3p1mbGqgMSg@mail.gmail.com> (raw)
> The keyring stuff has been a perpetual utter headache.
>
> I've been debating rewriting that stuff to just pass a memfd handle as a
> mount option and rip out keyring usage...
>
> alternately - now that we're pretty much always mounting via the mount
> helper, perhaps it would be a little bit less fragile if the mount
> helper was adding the key to the keyring - that might be worth checking.
I am hitting this exact issue with the same exact baffling behavior (bcachefs
format, keyctl list, bcachefs mount -> fails). I'm on Arch with Linux
6.7.0-arch3-1
and bcachefs-tools 3:1.4.1-1.
Some other folks have found similar problems with other uses of keyctl, see [1].
It appears systemd segments each system service into its own kernel keyring.
Presumably the one bcachefs-tools is writing into, is not the one the kernel is
reading during mount.
The workaround for users is to run:
keyctl link @u @s
just before running `bcachefs mount`.
I am not enough of an expert with kernel keyrings to know whether the kernel
code, systemd, Arch's packaging, or something else is at fault here.
- George
[1]: https://github.com/NixOS/nixpkgs/issues/32279
next reply other threads:[~2024-01-16 17:59 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-16 17:59 George Hilliard [this message]
2024-01-16 18:20 ` Error while unlocking encrypted BCacheFS: Required key not available Martin Steigerwald
2024-02-10 18:34 ` Martin Steigerwald
-- strict thread matches above, loose matches on Subject: below --
2024-01-07 11:22 Martin Steigerwald
2024-01-07 11:27 ` Martin Steigerwald
2024-01-10 2:13 ` AP
2024-01-10 14:18 ` Martin Steigerwald
2024-01-10 19:13 ` Kent Overstreet
2024-01-11 11:58 ` Martin Steigerwald
2024-01-11 16:35 ` Kent Overstreet
2024-01-11 18:23 ` Martin Steigerwald
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CACmrr9gQeXccyS9ZRiR2KnTKnA6EVBCVz_YWcDC3p1mbGqgMSg@mail.gmail.com \
--to=thirtythreeforty@gmail.com \
--cc=kent.overstreet@linux.dev \
--cc=linux-bcachefs@vger.kernel.org \
--cc=lkml@inml.grue.cc \
--cc=martin@lichtvoll.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.