Bug#994682: cryptsetup-initramfs: Poweroff timeout for cryptroot

2021-10-13 Thread Roland Tapken 
Hello Chris,

> a) How does a laptop turn on unintentionally? ;-)

It happens from time to time on my Dell Latitude 9420. I've shut the system 
down at evening and later (or the next morning) I saw that the display was on 
and waiting for the passphrase. It even happened twice when it was stored in 
my laptop case.  It seems that this problem is sporadically seen on Dell 
laptops, maybe a hardware fault. But it could also happen on any other laptop 
if you accidentally selected reboot instead of poweroff and closed the lid, or 
if the laptop has a power-on-lid feature.

> Consider that such a system would constantly be powered on
> automatically (Wake-On-LAN or similar features of servers)... in such a
> case, if cryptroot keyscript wouldn't finish in due time (e.g. because
> no one enters the passphrase or so), it might end up in a
> powerup/powerdown cycle... which is probably of no good for the
> hardware.

Well, then don't enable it for servers? The patch doesn't add a timeout by 
default, only if defined in crypttab.

Best Regards,

Roland

Bug#994682: cryptsetup-initramfs: Poweroff timeout for cryptroot

2021-10-11 Thread Christoph Anton Mitterer 
Just adding my two cents here, since Guilhem referenced that bug on the
mailing list:

a) How does a laptop turn on unintentionally? ;-)

b) Adding such feature (and enabling it by default) has IMO also some
dangers.

Consider that such a system would constantly be powered on
automatically (Wake-On-LAN or similar features of servers)... in such a
case, if cryptroot keyscript wouldn't finish in due time (e.g. because
no one enters the passphrase or so), it might end up in a
powerup/powerdown cycle... which is probably of no good for the
hardware.


Cheers,
Chris.

Bug#994682: cryptsetup-initramfs: Poweroff timeout for cryptroot

2021-09-19 Thread Roland Tapken 
Package: cryptsetup-initramfs
Version: 2.3.5
Severity: wishlist

If someone is using an encrypted root fs, and the laptop unintentionally turns 
on, it would wait for the passphrase until the battery is empty (that's what 
happened to me yesterday).

For this reason please let me suggest to add a timeout option into crypttab, 
which will turn the system off if the passphrase (or the key) has not been 
provided within the given period of time.

I've added a proof-of-concept patch to /usr/share/initramfs-tools/scripts/
local-top/cryptroot and /usr/lib/cryptsetup/functions which introduced this 
feature.

I know that there is a similar report #509070 from 2008, but while that 
reports suggests to skip the device for convenience reasons, my report is to 
protecting the system's battery.

Best regards,

Roland--- /usr/lib/cryptsetup/functions	2021-09-19 12:28:43.194023501 +0200
+++ /usr/lib/cryptsetup/functions	2021-09-19 12:58:51.302852958 +0200
@@ -81,7 +81,8 @@
  CRYPTTAB_OPTION_keyscript \
  CRYPTTAB_OPTION_keyslot \
  CRYPTTAB_OPTION_header \
- CRYPTTAB_OPTION_tcrypthidden
+ CRYPTTAB_OPTION_tcrypthidden \
+ CRYPTTAB_OPTION_timeout
 # use $_CRYPTTAB_OPTIONS not $CRYPTTAB_OPTIONS as options values may
 # contain '\054' which is decoded to ',' in the latter
 for x in $_CRYPTTAB_OPTIONS; do
@@ -177,7 +178,7 @@
 fi
 ;;
 # numeric options >=0
-offset|skip|tries|keyslot|keyfile-offset)
+offset|skip|tries|keyslot|keyfile-offset|timeout)
 if ! printf '%s' "${VALUE-}" | grep -Exq "[0-9]+"; then
 return 1
 fi
--- /usr/share/initramfs-tools/scripts/local-top/cryptroot	2021-09-19 11:51:52.149584290 +0200
+++ /usr/share/initramfs-tools/scripts/local-top/cryptroot	2021-09-19 13:11:29.646265591 +0200
@@ -155,8 +155,16 @@
 fi
 fi
 
-local count=0 maxtries="${CRYPTTAB_OPTION_tries:-3}" fstype vg rv
+local count=0 maxtries="${CRYPTTAB_OPTION_tries:-3}" poweroffpid=0 fstype vg rv
 while [ $maxtries -le 0 ] || [ $count -lt $maxtries ]; do
+if [ "${CRYPTTAB_OPTION_timeout:-0}" -gt 15 ]; then
+# Power down if not key has been entered within $timeout seconds.
+# Ignore values below 15 seconds to give the user a chance
+# to enter his passphrase in case of a typo in /etc/crypttab.
+cryptsetup_message "Timeout in $CRYPTTAB_OPTION_timeout seconds"
+	(sleep "$CRYPTTAB_OPTION_timeout" && poweroff) &
+poweroffpid=$!
+fi
 if [ -z "${CRYPTTAB_OPTION_keyscript+x}" ] && [ "$CRYPTTAB_KEY" != "none" ]; then
 # unlock via keyfile
 unlock_mapping "$CRYPTTAB_KEY"
@@ -166,6 +174,9 @@
 fi
 rv=$?
 count=$(( $count + 1 ))
+if [ "$poweroffpid" -gt 0 ]; then
+kill "$poweroffpid"
+fi
 
 if [ $rv -ne 0 ]; then
 cryptsetup_message "ERROR: $CRYPTTAB_NAME: cryptsetup failed, bad password or options?"