From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: ** X-Spam-Status: No, score=2.5 required=3.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,HTML_MESSAGE,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C2B2DC433DB for ; Wed, 20 Jan 2021 15:08:42 +0000 (UTC) Received: from mail.server123.net (mail.server123.net [78.46.64.186]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 2BB062336D for ; Wed, 20 Jan 2021 15:08:41 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 2BB062336D Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=gmx.ca Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=dm-crypt-bounces@saout.de X-Virus-Scanned: amavisd-new at saout.de Authentication-Results: mail.server123.net (amavisd-new); dkim=pass (1024-bit key) header.d=gmx.net Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=212.227.15.19; helo=mout.gmx.net; envelope-from=thomas123@gmx.ca; receiver= Received: from mout.gmx.net (mout.gmx.net [212.227.15.19]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Wed, 20 Jan 2021 16:07:50 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1611155269; bh=6O3D5GqWb6/MGZ/zEbM72gqK5jx7Q06eAAI+QBXW8z8=; h=X-UI-Sender-Class:From:To:Cc:Subject:Date:In-Reply-To:References; b=Q+9z8twPxbhO9J1bXvuhupL6s9pEK+NOJlUO1H6xE0J35MDf00u25ljQs2Md58YA9 MHMXnjRqlCkA+Ui4xViCAuExl09drWsk7f7k9DXSu0/GiCJTR0SZaRhRm8Yc2Ea5S5 WCUmgGx9CsDkF9uh/xG8nhqfwXUv1QmGSMiC9klE= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from [92.40.184.245] ([92.40.184.245]) by web-mail.gmx.net (3c-app-mailcom-bs01.server.lan [172.19.170.58]) (via HTTP); Wed, 20 Jan 2021 16:07:49 +0100 MIME-Version: 1.0 Message-ID: From: Frederick Gotham To: dm-crypt@saout.de Date: Wed, 20 Jan 2021 16:07:49 +0100 Importance: normal Sensitivity: Normal In-Reply-To: <2b6c0047-b72e-348e-741f-8b9328a4cc82@gmail.com> References: <2b6c0047-b72e-348e-741f-8b9328a4cc82@gmail.com> X-UI-Message-Type: mail X-Priority: 3 X-Provags-ID: V03:K1:AC3Wzx1CbHjqJ4D0BI1LmftWvMMgOIAGSuHK2fVRRRn7ZS5UdywxHicNjHlzTgj0YF/PT lITJj98Mp/RpLXnj5oJrFpWS0M975tcjiUw+hB4mRYkThmd7MDLbL8hP6tz3dcMzJQWzsf0Kpu6d JeDbeiEg/JUyxrotc9/an5FePMYGseMEJDDG2Ll0J6En47Ln8o0+eBCyBgPTHy7/4P5Jrm98M2WS ofM9JOJeFF7yDL98S1dh2d56V4gjOikksOnmft09BD6LerqeS3EXnjduupnWxZRyXIARBuwUrgOo KY= X-UI-Out-Filterresults: notjunk:1;V03:K0:LgbMZr7gSmI=:KQH3/+PeOG0AI2F+409KyB Fy9CMtbrpc4iHzYdIWMjsQZ1CUVrXD/8hIL4iahO3eyxhw1pN1j1Uo11OzvW3tPvYU6HNeVNr o8Ec9A+avHFP0591c3iGDRAJXo05HGrMaJpjdmRXgR4h3LRw+TdNrX0plZbAihMesO+najK6/ vHeLjd0hICleU8n2/A0XSA+fSLeWa4WlRVUZIsTPcaj6qoMmRLyjtLu+V24ZZVVzb9VGEZaZL bfzwE9F18aqqH9hocNUU7Zc0a4XDUzNX3TeNYvpyZpanJ3m4WP4PT50FiAQQxWbh6bPZrdhPq 9ev6KEVTRVb1K6GNuxBE+CTnDLzdSu4UofkLYejAAbx3TMdwOCuCJabHlFogA/Yo5BsmkY2a1 XRob+qiOgO4U/GhpKKNVYb26xs9C7oIVBZusDWrNjav7oM/hznunQodfmSr/jNDqm/qAKV4lL k0yxkkISv9u+6pwn8YX6YxxMDh54jsnpnMyXX9I9YOnFCgExaNpNe0StvbIC5cfLzR0MP+F96 uk0qeNmXxdNcU+gxi+SVS0ngPS08PvcnZQ1c/xaOkrlargxpvMbq5YMV+MEG55x7ZwjoYwMUe 7klqr5YXaxIZ0= Subject: Re: [dm-crypt] Recover from Spontaneous Ejection X-BeenThere: dm-crypt@saout.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: gmazyland@gmail.com Content-Type: multipart/mixed; boundary="===============8744777916478923465==" Errors-To: dm-crypt-bounces@saout.de Sender: "dm-crypt" --===============8744777916478923465== Content-Type: text/html; charset=UTF-8
 
 
In my UDEV script that handles the spontaneous ejection of SDcards, I have replaced "cryptsetup luksClose" with "dmsetup remove --force".
 
This solution worked, thanks Milan.
 
Of course ideally I don't want the user to spontaneously remove the SDcard from the slot without unmounting it first, but at least I can make a good attempt to recover from this scenario.
 
 
 
 
Sent: Wednesday, January 20, 2021 at 11:23 AM
From: "Milan Broz" <gmazyland@gmail.com>
To: "Frederick Gotham" <thomas123@gmx.ca>, dm-crypt@saout.de
Subject: Re: [dm-crypt] Recover from Spontaneous Ejection
On 20/01/2021 12:06, Frederick Gotham wrote:
>
> I'm developing a product running embedded Linux.
>
> We have an SDcard with one partition on it, and this partition is an
> encrypted LUKS volume.
>
> While the SDcard is mounted, the user can spontaneously eject the
> SDcard. I have successfully altered the UDEV script to handle this
> eventuality, as follows:
>
> umount /mnt/sdcard cryptsetup luksClose cryptocard
>
> Then when the user re-inserts the SDcard after a spontaneous
> ejection, I try to re-mount it again. So the entire process from
> start to finish goes as follows:
>
> echo -n password | cryptsetup luksOpen /dev/sdb1 cryptocard - mount
> /dev/mapper/cryptocard /mnt/sdcard [ User spontaneously ejects SDcard
> ] umount /mnt/sdcard cryptsetup luksClose cryptocard [ ... ... ... 1
> minute goes by ... ... ... ] [ User re-inserts SD card
> ] echo -n password | cryptsetup luksOpen /dev/sdb1 cryptocard - mount
> /dev/mapper/cryptocard /mnt/sdcard
>
> This appears to work just fine, however when I try to do more complex
> write operations, it starts to freak out a little (files that were
> previously visible are no longer visible). When I reboot the machine,
> everything's working fine again.
>
> So it seems that the system is not adequately recovering from the
> spontaneous ejection of the SDcard. Do I need to somehow "flush out"
> the LUKS system in order to successfully re-mount the volume? Is it
> possible to 'restart' the LUKS subsystem to get this to work properly
> again? I only ever have one LUKS volume open at a time so I don't
> have to worry about closing other volumes before 'flushing out'.

There is nothing like LUKS subsystem running - it is only kernel dm-crypt
configuration that need to be removed. Cryptsetup can only wait here for kernel.

What you see here is probably that something in kernel is blocking the dm-device
until some timeout expires (see lsblk; dmsetup info).

You can try to use "dmsetup remove --force <name>" instead of luksClose here
(that will try to replace dm-crypt with error target if there are active users,
that should fail more quickly).

For the flush - there is nothing to flush, underlying device already disappeared.
You should see the same problem even without LUKS/dmcrypt.

If you see this more often, perhaps report it to the distribution,
if it is your own distro, then you need to setup udev/kernel properly.

Milan
--===============8744777916478923465== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ dm-crypt mailing list dm-crypt@saout.de https://www.saout.de/mailman/listinfo/dm-crypt --===============8744777916478923465==--