Bug#516003: segfault caused by umount.crypt after libpam-mount update

Fri, 20 Feb 2009 03:12:28 -0800

Yesterday i continued looking for a solution to my problem. At first i changed my <volume> definition to
<volume fskeycipher="aes-256-cbc" fskeyhash="sha512" options="fsk_cipher=aes-256-cbc,fsk_hash=sha512,keyfile=/my/encrypted.key,fsck,noexec,nodev,nosuid,relatime,cipher=aes-cbc-essiv:sha256,keybits=256,hash=sha512" fskeypath="/my/encrypted.key" user="MYUSERNAME" mountpoint="/mnt" path="/my/encrypted.img" /> 

The next time when I logged on to tty2, I got this error message:

# LOGIN:

Feb 19 20:17:04 MYHOSTNAME login[4099]: pam_mount(pam_mount.c:312): 
pam_mount 1.9: entering auth stage
Feb 19 20:17:04 MYHOSTNAME login[4099]: pam_unix(login:session): session 
opened for user MYUSERNAME by LOGIN(uid=0)
Feb 19 20:17:04 MYHOSTNAME login[4099]: pam_mount(pam_mount.c:458): 
pam_mount 1.9: entering session stage
Feb 19 20:17:04 MYHOSTNAME login[4099]: pam_mount(pam_mount.c:479): back 
from global readconfig
Feb 19 20:17:04 MYHOSTNAME login[4099]: pam_mount(pam_mount.c:481): 
per-user configurations not allowed by pam_mount.conf.xml
Feb 19 20:17:04 MYHOSTNAME login[4099]: pam_mount(misc.c:38): Session 
open: (uid=0, euid=0, gid=1000, egid=1000)
Feb 19 20:17:04 MYHOSTNAME login[4099]: pam_mount(rdconf2.c:182): 
checking sanity of volume record (/my/encrypted.img)
Feb 19 20:17:04 MYHOSTNAME login[4099]: pam_mount(pam_mount.c:536): 
about to perform mount operations
Feb 19 20:17:04 MYHOSTNAME login[4099]: pam_mount(mount.c:181): Mount 
info: globalconf, user=MYUSERNAME <volume server="(null)" 
path="/my/encrypted.img" mountpoint="/mnt" cipher="(null)" 
fskeypath="/my/encrypted.key" fskeycipher="aes-256-cbc" 
fskeyhash="sha512" 
options="fsk_cipher=aes-256-cbc,fsk_hash=sha512,keyfile=/my/encrypted.key,fsck,noexec,nodev,nosuid,relatime,cipher=aes-cbc-essiv:sha256,keybits=256,hash=sha512" 
/> fstab=0
Feb 19 20:17:04 MYHOSTNAME login[4099]: pam_mount(mount-sysv.c:57): 
realpath of volume "/mnt" is "/mnt"
Feb 19 20:17:04 MYHOSTNAME login[4099]: pam_mount(mount-sysv.c:61): 
checking to see if /my/encrypted.img is already mounted at /mnt
Feb 19 20:17:04 MYHOSTNAME login[4099]: pam_mount(mount.c:494): checking 
for encrypted filesystem key configuration
Feb 19 20:17:04 MYHOSTNAME login[4099]: pam_mount(mount.c:497): about to 
start building mount command
Feb 19 20:17:04 MYHOSTNAME login[4099]: command: [mount] [-p0] [-o] 
[fsk_cipher=aes-256-cbc,fsk_hash=sha512,keyfile=/my/encrypted.key,fsck,noexec,nodev,nosuid,relatime,cipher=aes-cbc-essiv:sha256,keybits=256,hash=sha512] 
[-t] [auto] [/my/encrypted.img] [/mnt]
Feb 19 20:17:04 MYHOSTNAME login[4278]: pam_mount(misc.c:38): 
set_myuid<pre>: (uid=0, euid=0, gid=1000, egid=1000)
Feb 19 20:17:04 MYHOSTNAME login[4278]: pam_mount(misc.c:38): 
set_myuid<post>: (uid=0, euid=0, gid=1000, egid=1000)

Feb 19 20:17:04 MYHOSTNAME login[4099]: pam_mount(mount.c:75): mount errors:

Feb 19 20:17:04 MYHOSTNAME login[4099]: pam_mount(mount.c:78): 
mount.crypt_LUKS(mtcrypt.c:155): loop mount option ignored
Feb 19 20:17:06 MYHOSTNAME login[4099]: pam_mount(mount.c:78): Command 
successful.
Feb 19 20:17:06 MYHOSTNAME kernel: [  513.219718] kjournald starting.  
Commit interval 5 seconds
Feb 19 20:17:06 MYHOSTNAME kernel: [  513.220175] EXT3 FS on loop1, 
internal journal
Feb 19 20:17:06 MYHOSTNAME kernel: [  513.220273] EXT3-fs: mounted 
filesystem with ordered data mode.
Feb 19 20:17:06 MYHOSTNAME login[4099]: pam_mount(mount.c:539): waiting 
for mount
Feb 19 20:17:06 MYHOSTNAME login[4099]: command: [pmvarrun] [-u] 
[MYUSERNAME] [-o] [1]
Feb 19 20:17:06 MYHOSTNAME login[4328]: pam_mount(misc.c:38): 
set_myuid<pre>: (uid=0, euid=0, gid=1000, egid=1000)
Feb 19 20:17:06 MYHOSTNAME login[4328]: pam_mount(misc.c:38): 
set_myuid<post>: (uid=0, euid=0, gid=1000, egid=1000)
Feb 19 20:17:06 MYHOSTNAME login[4099]: pam_mount(pam_mount.c:418): 
pmvarrun says login count is 1
Feb 19 20:17:06 MYHOSTNAME login[4099]: pam_mount(pam_mount.c:550): done 
opening session (ret=0)


#LOGOUT:

Feb 19 20:17:17 MYHOSTNAME login[4099]: pam_unix(login:session): session 
closed for user MYUSERNAME
Feb 19 20:17:17 MYHOSTNAME login[4099]: pam_mount(pam_mount.c:592): 
received order to close things
Feb 19 20:17:17 MYHOSTNAME login[4099]: pam_mount(misc.c:38): Session 
close: (uid=0, euid=0, gid=1000, egid=1000)
Feb 19 20:17:17 MYHOSTNAME login[4099]: command: [pmvarrun] [-u] 
[MYUSERNAME] [-o] [-1]
Feb 19 20:17:17 MYHOSTNAME login[4352]: pam_mount(misc.c:38): 
set_myuid<pre>: (uid=0, euid=0, gid=1000, egid=1000)
Feb 19 20:17:17 MYHOSTNAME login[4352]: pam_mount(misc.c:38): 
set_myuid<post>: (uid=0, euid=0, gid=1000, egid=1000)
Feb 19 20:17:17 MYHOSTNAME login[4099]: pam_mount(pam_mount.c:418): 
pmvarrun says login count is 0
Feb 19 20:17:17 MYHOSTNAME login[4099]: pam_mount(mount.c:673): going to 
unmount
Feb 19 20:17:17 MYHOSTNAME login[4099]: pam_mount(mount.c:181): Mount 
info: globalconf, user=MYUSERNAME <volume server="(null)" 
path="/my/encrypted.img" mountpoint="/mnt" cipher="(null)" 
fskeypath="/my/encrypted.key" fskeycipher="aes-256-cbc" 
fskeyhash="sha512" 
options="fsk_cipher=aes-256-cbc,fsk_hash=sha512,keyfile=/my/encrypted.key,fsck,noexec,nodev,nosuid,relatime,cipher=aes-cbc-essiv:sha256,keybits=256,hash=sha512" 
/> fstab=0

Feb 19 20:17:17 MYHOSTNAME login[4099]: command: [umount] [/mnt]

Feb 19 20:17:17 MYHOSTNAME login[4353]: pam_mount(misc.c:38): 
set_myuid<pre>: (uid=0, euid=0, gid=1000, egid=1000)
Feb 19 20:17:17 MYHOSTNAME login[4353]: pam_mount(misc.c:38): 
set_myuid<post>: (uid=0, euid=0, gid=1000, egid=1000)
Feb 19 20:17:17 MYHOSTNAME login[4099]: pam_mount(mount.c:75): umount 
errors:
Feb 19 20:17:17 MYHOSTNAME login[4099]: pam_mount(mount.c:78): Command 
failed.
Feb 19 20:17:17 MYHOSTNAME kernel: [  524.336614] umount.crypt[4354]: 
segfault at ed ip b7e7f38b sp bfefbc88 error 4 in 
libc-2.7.so[b7e09000+155000]
Feb 19 20:17:17 MYHOSTNAME login[4099]: pam_mount(mount.c:78): /mnt not 
found in kmtab /proc/mounts
Feb 19 20:17:17 MYHOSTNAME login[4099]: pam_mount(mount.c:78): umount: 
/mnt: not mounted
Feb 19 20:17:17 MYHOSTNAME login[4099]: pam_mount(mount.c:78): umount 
/mnt failed with run_sync status 1
Feb 19 20:17:18 MYHOSTNAME login[4099]: pam_mount(mount.c:340): waiting 
for umount
Feb 19 20:17:18 MYHOSTNAME login[4099]: pam_mount(pam_mount.c:633): 
pam_mount execution complete
Feb 19 20:17:18 MYHOSTNAME login[4099]: pam_mount(pam_mount.c:115): 
Clean global config (0)
Feb 19 20:17:18 MYHOSTNAME login[4099]: pam_mount(pam_mount.c:132): 
clean system authtok=0x9771f70 (0)



After this unsatisfactory result i updated libpam-mount to version 1.18 
(libpam-mount_1.9-1.diff.gz + pam_mount-1.18.tar.bz2 => 
libpam-mount_1.18-1_i386.deb). Now the segfault from mount.crypt is 
gone, but the devices are still not properly detached:


#LOGIN:

Feb 19 20:21:47 MYHOSTNAME login[4568]: pam_mount(pam_mount.c:312): 
pam_mount 1.17: entering auth stage
Feb 19 20:21:47 MYHOSTNAME login[4568]: pam_unix(login:session): session 
opened for user MYUSERNAME by (uid=0)
Feb 19 20:21:47 MYHOSTNAME login[4568]: pam_mount(pam_mount.c:458): 
pam_mount 1.17: entering session stage
Feb 19 20:21:47 MYHOSTNAME login[4568]: pam_mount(pam_mount.c:479): back 
from global readconfig
Feb 19 20:21:47 MYHOSTNAME login[4568]: pam_mount(pam_mount.c:481): 
per-user configurations not allowed by pam_mount.conf.xml
Feb 19 20:21:47 MYHOSTNAME login[4568]: pam_mount(misc.c:38): Session 
open: (uid=0, euid=0, gid=1000, egid=1000)
Feb 19 20:21:47 MYHOSTNAME login[4568]: pam_mount(rdconf2.c:182): 
checking sanity of volume record (/my/encrypted.img)
Feb 19 20:21:47 MYHOSTNAME login[4568]: pam_mount(pam_mount.c:536): 
about to perform mount operations
Feb 19 20:21:47 MYHOSTNAME login[4568]: pam_mount(mount.c:172): Mount 
info: globalconf, user=MYUSERNAME <volume fstype="auto" server="(null)" 
path="/my/encrypted.img" mountpoint="/mnt" cipher="(null)" 
fskeypath="/my/encrypted.key" fskeycipher="aes-256-cbc" 
fskeyhash="sha512" 
options="fsk_cipher=aes-256-cbc,fsk_hash=sha512,keyfile=/my/encrypted.key,fsck,noexec,nodev,nosuid,relatime,cipher=aes-cbc-essiv:sha256,keybits=256,hash=sha512" 
/> fstab=0
Feb 19 20:21:47 MYHOSTNAME login[4568]: pam_mount(mount.c:484): checking 
for encrypted filesystem key configuration
Feb 19 20:21:47 MYHOSTNAME login[4568]: pam_mount(mount.c:487): about to 
start building mount command
Feb 19 20:21:47 MYHOSTNAME login[4568]: command: [mount] [-p0] [-o] 
[fsk_cipher=aes-256-cbc,fsk_hash=sha512,keyfile=/my/encrypted.key,fsck,noexec,nodev,nosuid,relatime,cipher=aes-cbc-essiv:sha256,keybits=256,hash=sha512] 
[-t] [auto] [/my/encrypted.img] [/mnt]
Feb 19 20:21:47 MYHOSTNAME login[4585]: pam_mount(misc.c:38): 
set_myuid<pre>: (uid=0, euid=0, gid=1000, egid=1000)
Feb 19 20:21:47 MYHOSTNAME login[4585]: pam_mount(misc.c:38): 
set_myuid<post>: (uid=0, euid=0, gid=1000, egid=1000)
Feb 19 20:21:47 MYHOSTNAME login[4568]: pam_mount(mount.c:64): mount 
messages:
Feb 19 20:21:47 MYHOSTNAME login[4568]: pam_mount(mount.c:67): 
mount.crypt_LUKS(mtcrypt.c:163): loop mount option ignored
Feb 19 20:21:49 MYHOSTNAME login[4568]: pam_mount(mount.c:67): Command 
successful.
Feb 19 20:21:49 MYHOSTNAME kernel: [  795.803115] kjournald starting.  
Commit interval 5 seconds
Feb 19 20:21:49 MYHOSTNAME kernel: [  795.811017] EXT3 FS on loop1, 
internal journal
Feb 19 20:21:49 MYHOSTNAME kernel: [  795.818537] EXT3-fs: mounted 
filesystem with ordered data mode.
Feb 19 20:21:49 MYHOSTNAME login[4568]: command: [pmvarrun] [-u] 
[MYUSERNAME] [-o] [1]
Feb 19 20:21:49 MYHOSTNAME login[4620]: pam_mount(misc.c:38): 
set_myuid<pre>: (uid=0, euid=0, gid=1000, egid=1000)
Feb 19 20:21:49 MYHOSTNAME login[4620]: pam_mount(misc.c:38): 
set_myuid<post>: (uid=0, euid=0, gid=1000, egid=1000)
Feb 19 20:21:49 MYHOSTNAME login[4568]: pam_mount(pam_mount.c:418): 
pmvarrun says login count is 1
Feb 19 20:21:49 MYHOSTNAME login[4568]: pam_mount(pam_mount.c:550): done 
opening session (ret=0)


#LOGOUT:

Feb 19 20:21:51 MYHOSTNAME login[4568]: pam_unix(login:session): session 
closed for user MYUSERNAME
Feb 19 20:21:51 MYHOSTNAME login[4568]: pam_mount(pam_mount.c:592): 
received order to close things
Feb 19 20:21:51 MYHOSTNAME login[4568]: pam_mount(misc.c:38): Session 
close: (uid=0, euid=0, gid=1000, egid=1000)
Feb 19 20:21:51 MYHOSTNAME login[4568]: command: [pmvarrun] [-u] 
[MYUSERNAME] [-o] [-1]
Feb 19 20:21:51 MYHOSTNAME login[4644]: pam_mount(misc.c:38): 
set_myuid<pre>: (uid=0, euid=0, gid=1000, egid=1000)
Feb 19 20:21:51 MYHOSTNAME login[4644]: pam_mount(misc.c:38): 
set_myuid<post>: (uid=0, euid=0, gid=1000, egid=1000)
Feb 19 20:21:51 MYHOSTNAME login[4568]: pam_mount(pam_mount.c:418): 
pmvarrun says login count is 0
Feb 19 20:21:51 MYHOSTNAME login[4568]: pam_mount(mount.c:673): going to 
unmount
Feb 19 20:21:51 MYHOSTNAME login[4568]: pam_mount(mount.c:172): Mount 
info: globalconf, user=MYUSERNAME <volume fstype="auto" server="(null)" 
path="/my/encrypted.img" mountpoint="/mnt" cipher="(null)" 
fskeypath="/my/encrypted.key" fskeycipher="aes-256-cbc" 
fskeyhash="sha512" 
options="fsk_cipher=aes-256-cbc,fsk_hash=sha512,keyfile=/my/encrypted.key,fsck,noexec,nodev,nosuid,relatime,cipher=aes-cbc-essiv:sha256,keybits=256,hash=sha512" 
/> fstab=0

Feb 19 20:21:51 MYHOSTNAME login[4568]: command: [umount] [/mnt]

Feb 19 20:21:51 MYHOSTNAME login[4645]: pam_mount(misc.c:38): 
set_myuid<pre>: (uid=0, euid=0, gid=1000, egid=1000)
Feb 19 20:21:52 MYHOSTNAME login[4645]: pam_mount(misc.c:38): 
set_myuid<post>: (uid=0, euid=0, gid=1000, egid=1000)
Feb 19 20:21:52 MYHOSTNAME login[4568]: pam_mount(mount.c:64): umount 
messages:
Feb 19 20:21:52 MYHOSTNAME login[4568]: pam_mount(mount.c:67): Command 
failed: Device busy
Feb 19 20:21:52 MYHOSTNAME login[4568]: pam_mount(mount.c:67): 
umount.crypt(crypto-dmc.c:160): Could not unload dm-crypt device 
"/dev/mapper/_dev_loop0", cryptsetup returned HXproc status 240
Feb 19 20:21:52 MYHOSTNAME login[4568]: pam_mount(mount.c:67): umount: 
/mnt: not mounted
Feb 19 20:21:52 MYHOSTNAME login[4568]: pam_mount(mount.c:67): umount 
/mnt failed with run_sync status 1
Feb 19 20:21:52 MYHOSTNAME login[4568]: pam_mount(mount.c:67): Command 
failed: Device busy
Feb 19 20:21:52 MYHOSTNAME login[4568]: pam_mount(mount.c:67): 
umount.crypt(crypto-dmc.c:160): Could not unload dm-crypt device 
"/dev/mapper/_dev_loop0", cryptsetup returned HXproc status 240
Feb 19 20:21:52 MYHOSTNAME login[4568]: pam_mount(mount.c:676): unmount 
of /my/encrypted.img failed
Feb 19 20:21:52 MYHOSTNAME login[4568]: pam_mount(pam_mount.c:633): 
pam_mount execution complete
Feb 19 20:21:52 MYHOSTNAME login[4568]: pam_mount(pam_mount.c:115): 
Clean global config (0)
Feb 19 20:21:52 MYHOSTNAME login[4568]: pam_mount(pam_mount.c:132): 
clean system authtok=0x8d68f58 (0)



The following is just pure speculation. I think the "Command failed: 
Device busy" is caused by "int ehd_unload(const struct ehd_mount *mt)" 
in crypto.c (umount.crypt / mount.crypt):


int ehd_unload(const struct ehd_mount *mt)
{
   int ret;

#if defined(__linux__)
   ret = ehd_dmcrypt_ops.unload(mt); // ====>> WEARENOTALONE: Error???
#elif defined(HAVE_DEV_CGDVAR_H)
   ret = ehd_cgd_ops.unload(mt);
#endif

   /* Try to free loop device even if cryptsetup remove failed */
   if (mt->loop_device != NULL)
       ret = pmt_loop_release(mt->loop_device);

   return ret;
}


The function ehd_dmcrypt_ops.unload() fails because on top of my LUKS 
partition (/dev/mapper/_dev_loop0) a loop device is set up (/dev/loop1):


$ losetup -a
/dev/loop0: [0901]:14450726 (/my/encrypted.img)
/dev/loop1: [000d]:30967 (/dev/mapper/_dev_loop0)

That is why i have to do this manually:

losetup -d /dev/loop1
cryptsetup luksClose /dev/mapper/_my_encrypted_img
losetup -d /dev/loop0


But why is a loop device attached to my LUKS partition? Is it not enough 
if only the LUKS partition is mounted and not another loop device on top 
of it?



At the moment i am searching for the place in the sources where the 
(second) loop device (/dev/loop1) is attached to my LUKS partition. Do 
you have a hint where i could search?


Best Regards,
WEARENOTALONE



--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org























					Reply via email to