Can't decrypt root partition after updating packages

Topic: Can't decrypt root partition after updating packages (Read 435 times) previous topic - next topic

0 Members and 1 Guest are viewing this topic.

Can't decrypt root partition after updating packages

18 November 2022, 18:41:30

I'll start off by giving an indication of my skill level. I've been using linux and bsd systems off and on for several years now. I'm pretty comfortable with them and feel like a have a pretty good understanding of them. Until now, I haven't run into a problem that I couldn't fix with a little searching.

I have the qt community version installed almost exactly like the case A here on the wiki: https://wiki.artixlinux.org/Main/InstallationWithFullDiskEncryption Only difference is that I have a seperate encrypted drive that mounts to /home at boot. I updated my packages, restarted my system, entered the decryption password, and got an error that the root logical volume could not be found. From the emergency shell I could see the physical volume mounted at /dev/mapper but not the root and swap logical volumes. Using parted to get more information returned the error that the drive did not exist or that I don't have access.
The next morning I booted up the live installation usb and a kde notification immediatly notified me that the root drive is on the brink of failure according to the smart info. Info from smartctl said the same and that the drive was at 84 degrees despite being turned off all night. This drive is a samsung nvme that is barely a year old and has no where near it's rated write and hour usage. Manually onlocking the drive with cryptsetup had the same problem of seeing the physical volume in /dev/mapper but none of the logical ones. Later when I had more time, smartctl now returns that the drive is healthy as does kde partition manager but I'm still unable to boot or access the drive.

Does anyone have any idea what's going on? Did the volume data on the drive somehow get corrupted? Is my drive on the brink of failure? Maybe a different issue with my computer?

I'm trying to decide what I should do next. Is it possible to repair the root and swap volumes? If not, should I reinstall or warranty the drive?

Let me know if I should try something and post the results or if I forgot any information. I've lurked in many forums but don't really ever post anything so maybe I forgot something.

Quick edit: I did see the stickied post that is very similar to my problem but I can't access the encrypted root partition at all anymore and something else I forgot to mention, the boot partition is unecrypted and on the same drive and it appears to be working without a problem.

Re: Can't decrypt root partition after updating packages

Reply #1 – 19 November 2022, 07:36:24

Code: [Select]

 sudo smartctl -a -t short /dev/nvme0

share output of above

Edit : Better quickly backup /home data

Re: Can't decrypt root partition after updating packages

Reply #2 – 19 November 2022, 13:30:41

/home is on a seperate drive but backing it up was the first thing I did.

Here is the output:

Code: [Select]

smartctl 7.3 2022-02-28 r5338 [x86_64-linux-5.18.10-artix1-1] (local build)
Copyright (C) 2002-22, Bruce Allen, Christian Franke, www.smartmontools.org

=== START OF INFORMATION SECTION ===
Model Number:                       Samsung SSD 980 1TB
Serial Number:                      S649NF0R588560J
Firmware Version:                   1B4QFXO7
PCI Vendor/Subsystem ID:            0x144d
IEEE OUI Identifier:                0x002538
Total NVM Capacity:                 1,000,204,886,016 [1.00 TB]
Unallocated NVM Capacity:           0
Controller ID:                      5
NVMe Version:                       1.4
Number of Namespaces:               1
Namespace 1 Size/Capacity:          1,000,204,886,016 [1.00 TB]
Namespace 1 Utilization:            1,000,138,473,472 [1.00 TB]
Namespace 1 Formatted LBA Size:     512
Namespace 1 IEEE EUI-64:            002538 d511b2a13f
Local Time is:                      Sat Nov 19 13:26:40 2022 UTC
Firmware Updates (0x16):            3 Slots, no Reset required
Optional Admin Commands (0x0017):   Security Format Frmw_DL Self_Test
Optional NVM Commands (0x0055):     Comp DS_Mngmt Sav/Sel_Feat Timestmp
Log Page Attributes (0x0f):         S/H_per_NS Cmd_Eff_Lg Ext_Get_Lg Telmtry_Lg
Maximum Data Transfer Size:         512 Pages
Warning  Comp. Temp. Threshold:     82 Celsius
Critical Comp. Temp. Threshold:     85 Celsius
Namespace 1 Features (0x10):        NP_Fields

Supported Power States
St Op     Max   Active     Idle   RL RT WL WT  Ent_Lat  Ex_Lat
 0 +     5.24W       -        -    0  0  0  0        0       0
 1 +     4.49W       -        -    1  1  1  1        0       0
 2 +     2.19W       -        -    2  2  2  2        0     500
 3 -   0.0500W       -        -    3  3  3  3      210    1200
 4 -   0.0050W       -        -    4  4  4  4     1000    9000

Supported LBA Sizes (NSID 0x1)
Id Fmt  Data  Metadt  Rel_Perf
 0 +     512       0         0

=== START OF SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED

SMART/Health Information (NVMe Log 0x02)
Critical Warning:                   0x00
Temperature:                        28 Celsius
Available Spare:                    100%
Available Spare Threshold:          10%
Percentage Used:                    0%
Data Units Read:                    4,385,084 [2.24 TB]
Data Units Written:                 2,746,960 [1.40 TB]
Host Read Commands:                 16,854,138
Host Write Commands:                262,198,224
Controller Busy Time:               26
Power Cycles:                       1,871
Power On Hours:                     110
Unsafe Shutdowns:                   58
Media and Data Integrity Errors:    0
Error Information Log Entries:      0
Warning  Comp. Temperature Time:    1
Critical Comp. Temperature Time:    0
Temperature Sensor 1:               28 Celsius
Temperature Sensor 2:               32 Celsius
Thermal Temp. 2 Transition Count:   56
Thermal Temp. 2 Total Time:         59

Error Information (NVMe Log 0x01, 16 of 64 entries)
No Errors Logged

I just noticed that there is no difference in output for the long or short test. Not sure if that means something.

Re: Can't decrypt root partition after updating packages

Reply #3 – 19 November 2022, 13:56:10

Code: [Select]

cryptsetup luksDump /path/to/root-partition

what does this command output?
also share

Re: Can't decrypt root partition after updating packages

Reply #4 – 19 November 2022, 17:52:04

Here is the output:

Code: [Select]

LUKS header information for /dev/nvme0n1p2

Version:        1
Cipher name:    aes
Cipher mode:    xts-plain64
Hash spec:      sha256
Payload offset: 4096
MK bits:        256
MK digest:      8c 47 e6 e1 d2 34 9c 79 a3 3d 34 2b c1 f5 33 b1 e0 42 32 f6 
MK salt:        f7 6f d6 7b c0 09 e7 28 b2 35 99 5f 9b f8 40 57 
                da 57 e3 11 37 14 d2 6d 21 c2 d0 47 35 08 33 b5 
MK iterations:  266949
UUID:           **********************************************

Key Slot 0: ENABLED
        Iterations:             21377690
        Salt:                   5b c6 bf 80 b8 01 38 0a 56 37 c8 3a 86 36 1c 44 
                                f8 08 85 c2 a2 0b 7d 5d c6 26 4a aa cf 3e 58 17 
        Key material offset:    8
        AF stripes:             4000
Key Slot 1: DISABLED
Key Slot 2: DISABLED
Key Slot 3: DISABLED
Key Slot 4: DISABLED
Key Slot 5: DISABLED
Key Slot 6: DISABLED
Key Slot 7: DISABLED

I hadn't noticed this before but it says that key slot 1 is disabled even though there is a key assigned there and

Code: [Select]

cryptsetup open /path/to/partition lvm-group

does accept this key and behaves as if it has been decrypted (but not really).

edit: I don't think I'll be able to recover this partition and I'll have to reinstall. I'm just trying to figure what went wrong so that I can avoid it in the future and whether the drive is safe to use but the best way to figure that out may be to just use it. It still has 4 years of warranty.

Re: Can't decrypt root partition after updating packages

Reply #5 – 19 November 2022, 19:10:56

>edit: I don't think I'll be able to recover this partition and I'll have to reinstall. I'm just trying to figure what went wrong so that I can avoid it in the future and whether the drive is safe to use but the best way to figure that out may be to just use it. It still has 4 years of warranty.

This is purely a guess, but resetting the cells of your SSD might be of help: https://wiki.archlinux.org/title/Solid_state_drive/Memory_cell_clearing

Be sure to read the warnings.

Re: Can't decrypt root partition after updating packages

Reply #6 – 20 November 2022, 06:39:22

Keyslot 0 has the key. Keyslot 1 to 7 used to store multiple keys