Bug Report: openmediavault-luksencryption unsafe usage of devices instead of partitions (potential data loss)

1. offizieller Beitrag

    When openmediavault-luksencryption is applied to a device like /dev/md0, it uses the whole device instead of a partition that covers the whole device.


    I was so unlucky as to have the automatic partition scanning of Linux to think that there existed two partitions /dev/md0p1 and /dev/md0p2 on my device with 1.5 TByte and 750 GByte each. I think this was because of a random combination of data in the LUKS header or in the content itself. When I tested via parted, there was no valid label on the device.


    This led to many problems:


    1. In the GUI RAID overview, those devices were shown. After I verified that they devices were unneeded, I tried to remove them in the GUI, thereby removing /dev/md0 as well. Probably the mere existence of these devices would have destroyed the drive content anyway as the recovery of those devices had not begun yet.


    2. Upon a reboot, when the RAID5 buildup was not finished yet, the rebuild did not continue, saying "resync=PENDING".


    Since I think that one cannot disable probing for partitions, the proper way of handling this would be to create a GPT disk label and a large partition covering the whole device and put the LUKS containers into that partition. When I tried this manually, I could not choose the partition for encryption via the GUI.


    You cannot rely on "random data" on a device not to trigger this behaviour.

  • meyergru

    Hat das Label OMV 6.x hinzugefügt.
    • Offizieller Beitrag
    Zitat von meyergru

    When openmediavault-luksencryption is applied to a device like /dev/md0, it uses the whole device

    That's the expected behaviour, omv creates a raid array using the full block device, then a filesystem is added/created on the array creating a single partition on the array


    To do what I think you want to do you would have to create the array from the cli

    It may be "expected" behaviour, however, it is risky at best because the interpretation of what is on the block device makes system components believe that there are partitions which are really not there - leading to catastrophic data loss in suite.


    I would not (and have never) do that this way. LUKS containers belong in a partition, not on a raw device.


    I admit that the probability may be low - but my example shows it is > 0.


    Also, I already stated why creating this via CLI is not a workaround.

    Zitat von meyergru

    I would not (and have never) do that this way). LUKS containers belong in a partition, not on a raw device.

    Then by all means, make a Pull request with a solution.


    I'm sure the developers will appreciate the help, ;)

    • Offizieller Beitrag

    I still don't understand the issue here. Partitions are not needed and it is not dangerous to use the entire device.

    Zitat von meyergru

    I was so unlucky as to have the automatic partition scanning of Linux

    What does this mean? Was the array created using the OMV web interface? If it was, there should be no partitions on the array. If there were, it seems you didn't properly wipe the disks before creating the array.

    omv 7.1.0-2 sandworm | 64 bit | 6.8 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.13 | compose 7.2 | k8s 7.1.0-3 | cputemp 7.0.1 | mergerfs 7.0.5 | scripts 7.0.7


    omv-extras.org plugins source code and issue tracker - github - changelogs


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

    No. I wiped the arrays - besides: if OMV uses only whole devices anyway, why is there no function to do that properly?


    The "partitions" were auto-detected after I created multiple LUKS passwords and rebooted the machine. Obviously the "random" key material was being misinterpreted as partition info.


    It is dangerous to use the device as a LUKS header can obviously be misinterpreted as partition info. Therefore, a protecting GPT label is needed.

    • Offizieller Beitrag
    Zitat von meyergru

    No. I wiped the arrays - besides: if OMV uses only whole devices anyway, why is there no function to do that properly?

    Do what? wipe whole devices? That does exist in the Storage -> Disks tab.

    Zitat von meyergru

    The "partitions" were auto-detected after I created multiple LUKS passwords and rebooted the machine. Obviously the "random" key material was being misinterpreted as partition info.

    I would love to see this "random" key because in all of the years of maintaining the LUKS plugin AND running dozens of VMs at work with no partitions for LUKS, I have never seen this.

    Zitat von meyergru

    It is dangerous to use the device as a LUKS header can obviously be misinterpreted as partition info. Therefore, a protecting GPT label is needed.

    You use obviously a lot yet I can't reproduce this. The average luks key is not going to be anywhere near the length of a paritition table.

    omv 7.1.0-2 sandworm | 64 bit | 6.8 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.13 | compose 7.2 | k8s 7.1.0-3 | cputemp 7.0.1 | mergerfs 7.0.5 | scripts 7.0.7


    omv-extras.org plugins source code and issue tracker - github - changelogs


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!

Benutzerkonto erstellen Anmelden