Suspend-to-disk with LUKS-encrypted root doesn’t work

Ludovic Courtès wrote on 7 Apr 2023 14:42

Suspend-to-disk with LUKS-encrypted root doesn’ t work

Recipients:(address . bug-guix@gnu.org)

Message-ID:87y1n3dfsd.fsf@inria.fr

Hello!

Since my laptop’s battery died, I set up suspend-to-disk as documented

in the manual (info "(guix) Swap Space"). I use a swap file on top of

my LUKS-encrypted root partition, so I added:

"resume=/swap"

"resume_offset=OFFSET"

to my ‘kernel-arguments’ field, where OFFSET is given by ‘filefrag’.

However, when resuming, it looks as though the kernel is not even trying

to resume:

Toggle snippet (67 lines)Apr  7 14:29:47 localhost vmunix: [    0.000000] Linux version 6.2.9-gnu (guix@guix) (gcc (GCC) 10.3.0, GNU ld (GNU Binutils) 2.37) #1 SMP PREEMPT_DYNAMIC 1
Apr  7 14:29:47 localhost vmunix: [    0.000000] Command line: BOOT_IMAGE=/gnu/store/6441f00fkyg1r6jpj7f0qpa798svsggv-linux-libre-6.2.9/bzImage root=root gnu.system=/gnu/store/rsv7gc69ishn0cvd8151083i367zp0v2-system gnu.load=/gnu/store/rsv7gc69ishn0cvd8151083i367zp0v2-system/boot modprobe.blacklist=usbmouse,usbkbd,iwlwifi resume=/swap resume_offset=118786729 quiet
Apr  7 14:29:47 localhost vmunix: [    0.000000] KERNEL supported cpus:
Apr  7 14:29:47 localhost vmunix: [    0.000000]   Intel GenuineIntel
Apr  7 14:29:47 localhost vmunix: [    0.000000]   AMD AuthenticAMD

[...]

Apr  7 14:29:47 localhost vmunix: [    0.043725] smpboot: Allowing 4 CPUs, 0 hotplug CPUs
Apr  7 14:29:47 localhost vmunix: [    0.043748] PM: hibernation: Registered nosave memory: [mem 0x00000000-0x00000fff]
Apr  7 14:29:47 localhost vmunix: [    0.043750] PM: hibernation: Registered nosave memory: [mem 0x00058000-0x00058fff]
Apr  7 14:29:47 localhost vmunix: [    0.043753] PM: hibernation: Registered nosave memory: [mem 0x0009e000-0x0009efff]
Apr  7 14:29:47 localhost vmunix: [    0.043755] PM: hibernation: Registered nosave memory: [mem 0x000a0000-0x000fffff]
Apr  7 14:29:47 localhost vmunix: [    0.043757] PM: hibernation: Registered nosave memory: [mem 0xb8a36000-0xb8a3dfff]
Apr  7 14:29:47 localhost vmunix: [    0.043759] PM: hibernation: Registered nosave memory: [mem 0xc70fb000-0xc75fafff]
Apr  7 14:29:47 localhost vmunix: [    0.043760] PM: hibernation: Registered nosave memory: [mem 0xc75fb000-0xc7c7efff]
Apr  7 14:29:47 localhost vmunix: [    0.043761] PM: hibernation: Registered nosave memory: [mem 0xc7c7f000-0xc7e7efff]
Apr  7 14:29:47 localhost vmunix: [    0.043762] PM: hibernation: Registered nosave memory: [mem 0xc7e7f000-0xc7efefff]
Apr  7 14:29:47 localhost vmunix: [    0.043764] PM: hibernation: Registered nosave memory: [mem 0xc7f00000-0xcc7fffff]
Apr  7 14:29:47 localhost vmunix: [    0.043765] PM: hibernation: Registered nosave memory: [mem 0xcc800000-0xf80f9fff]
Apr  7 14:29:47 localhost vmunix: [    0.043766] PM: hibernation: Registered nosave memory: [mem 0xf80fa000-0xf80fafff]
Apr  7 14:29:47 localhost vmunix: [    0.043767] PM: hibernation: Registered nosave memory: [mem 0xf80fb000-0xf80fcfff]
Apr  7 14:29:47 localhost vmunix: [    0.043768] PM: hibernation: Registered nosave memory: [mem 0xf80fd000-0xf80fdfff]
Apr  7 14:29:47 localhost vmunix: [    0.043768] PM: hibernation: Registered nosave memory: [mem 0xf80fe000-0xfdffffff]
Apr  7 14:29:47 localhost vmunix: [    0.043769] PM: hibernation: Registered nosave memory: [mem 0xfe000000-0xfe010fff]
Apr  7 14:29:47 localhost vmunix: [    0.043770] PM: hibernation: Registered nosave memory: [mem 0xfe011000-0xffffffff]
Apr  7 14:29:47 localhost vmunix: [    0.043772] [mem 0xcc800000-0xf80f9fff] available for PCI devices
Apr  7 14:29:47 localhost vmunix: [    0.043773] Booting paravirtualized kernel on bare hardware
Apr  7 14:29:47 localhost vmunix: [    0.043775] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 7645519600211568 ns
Apr  7 14:29:47 localhost vmunix: [    0.043785] setup_percpu: NR_CPUS:256 nr_cpumask_bits:4 nr_cpu_ids:4 nr_node_ids:1
Apr  7 14:29:47 localhost vmunix: [    0.044150] percpu: Embedded 57 pages/cpu s194792 r8192 d30488 u524288
Apr  7 14:29:47 localhost vmunix: [    0.044189] Fallback order for Node 0: 0 
Apr  7 14:29:47 localhost vmunix: [    0.044192] Built 1 zonelists, mobility grouping on.  Total pages: 4098520
Apr  7 14:29:47 localhost vmunix: [    0.044193] Policy zone: Normal
Apr  7 14:29:47 localhost vmunix: [    0.044194] Kernel command line: BOOT_IMAGE=/gnu/store/6441f00fkyg1r6jpj7f0qpa798svsggv-linux-libre-6.2.9/bzImage root=root gnu.system=/gnu/store/rsv7gc69ishn0cvd8151083i367zp0v2-system gnu.load=/gnu/store/rsv7gc69ishn0cvd8151083i367zp0v2-system/boot modprobe.blacklist=usbmouse,usbkbd,iwlwifi resume=/swap resume_offset=118786729 quiet
Apr  7 14:29:47 localhost vmunix: [    0.044318] Unknown kernel command line parameters "BOOT_IMAGE=/gnu/store/6441f00fkyg1r6jpj7f0qpa798svsggv-linux-libre-6.2.9/bzImage", will be passed to user space.
Apr  7 14:29:47 localhost vmunix: [    0.044342] random: crng init done

[...]

Apr  7 14:29:47 localhost vmunix: [    0.946203] sd 2:0:0:0: Attached scsi generic sg0 type 0
Apr  7 14:29:47 localhost vmunix: [    0.946436] sd 2:0:0:0: [sda] 1000215216 512-byte logical blocks: (512 GB/477 GiB)
Apr  7 14:29:47 localhost vmunix: [    0.946447] sd 2:0:0:0: [sda] 4096-byte physical blocks
Apr  7 14:29:47 localhost vmunix: [    0.946490] sd 2:0:0:0: [sda] Write Protect is off
Apr  7 14:29:47 localhost vmunix: [    0.946722] sd 2:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
Apr  7 14:29:47 localhost vmunix: [    0.946873] sd 2:0:0:0: [sda] Preferred minimum I/O size 4096 bytes
Apr  7 14:29:47 localhost vmunix: [    0.969038]  sda: sda1 sda2 sda3
Apr  7 14:29:47 localhost vmunix: [    0.969435] sd 2:0:0:0: [sda] Attached SCSI disk
Apr  7 14:29:47 localhost vmunix: [    0.974847] usbcore: registered new interface driver usb-storage

[...]

Apr  7 14:29:47 localhost vmunix: [    2.106128] usb 1-9: Manufacturer: Generic
Apr  7 14:29:47 localhost vmunix: [    2.106132] usb 1-9: SerialNumber: 200901010001
Apr  7 14:29:47 localhost vmunix: [   13.073755] EXT4-fs (dm-0): mounted filesystem d25675c9-c26a-487d-a6e4-0bab06b2474b with ordered data mode. Quota mode: none.
Apr  7 14:29:47 localhost vmunix: [   14.350824] shepherd[1]: Starting service root...
Apr  7 14:29:47 localhost vmunix: [   14.351331] shepherd[1]: Service root started.
Apr  7 14:29:47 localhost vmunix: [   14.351787] shepherd[1]: Service root running with value #t.
Apr  7 14:29:47 localhost vmunix: [   14.353268] shepherd[1]: Service root has been started.
Apr  7 14:29:47 localhost vmunix: [   14.806435] shepherd[1]: starting services...
Apr  7 14:29:47 localhost vmunix: [   14.810401] shepherd[1]: Starting service user-file-systems...
Apr  7 14:29:47 localhost vmunix: [   14.813909] shepherd[1]: Starting service root-file-system...
Apr  7 14:29:47 localhost vmunix: [   14.814404] shepherd[1]: Starting service host-name...
Apr  7 14:29:47 localhost vmunix: [   14.815015] shepherd[1]: Starting service sysctl...
Apr  7 14:29:47 localhost vmunix: [   14.815373] shepherd[1]: Starting service loopback...

Hibernation (with ‘echo disk > /sys/power/state’) did seem to succeed,

with this one message:

Toggle snippet (3 lines)

Apr 7 12:39:30 localhost vmunix: [14219.893014] PM: hibernation: hibernation entry

Am I missing something?

Thanks,

Ludo’.

Mekeor Melire wrote on 7 Apr 2023 23:20

Re: bug#62711: Suspend-to-disk with LUKS-encrypted root doesn’t work

Recipients:(name . Ludovic Courtès)(address . ludo@gnu.org)

Message-ID:87mt3jmll0.fsf@posteo.de

2023-04-07 14:42 ludo@gnu.org:

Toggle quote (9 lines)

> Since my laptop’s battery died, I set up suspend-to-disk as

> documented

> in the manual (info "(guix) Swap Space"). I use a swap file on

> top of

> my LUKS-encrypted root partition, so I added:

> "resume=/swap"

> "resume_offset=OFFSET"

I use the following configuration which works fine for me. (Except 
sometimes I have to wait for 2-3 minutes for the Linux kernel 
modules to get loaded; but that might be due to the special Linux 
kernel I'm using.)

#+begin_src scheme
(mapped-devices
  (list
    (mapped-device
      (source
        (uuid "SNIP"))
      (target "cryptroot")
      (type luks-device-mapping))))

(file-systems
  (cons
    (file-system
      (mount-point "/")
      (device "/dev/mapper/cryptroot")
      (type "ext4")
      (dependencies mapped-devices))
    %base-file-systems))

(kernel-arguments
  (cons*
    "resume=/dev/mapper/cryptroot"
    "resume_offset=5308416"
    %default-kernel-arguments))
#+end_src

Josselin Poiret wrote on 8 Apr 2023 12:18

Recipients:

Message-ID:87y1n27k3v.fsf@jpoiret.xyz

Hi Ludo,

Ludovic Courtès <ludo@gnu.org> writes:

Toggle quote (11 lines)> Hello!
>
> Since my laptop’s battery died, I set up suspend-to-disk as documented
> in the manual (info "(guix) Swap Space").  I use a swap file on top of
> my LUKS-encrypted root partition, so I added:
>
>      "resume=/swap"
>      "resume_offset=OFFSET"
>
> to my ‘kernel-arguments’ field, where OFFSET is given by ‘filefrag’.

No file systems are mounted before resuming, otherwise you would get

data loss. As mekeor mentioned, you need to pass the actual device that

holds the swap file instead, specifying at which offset the file is.

I'm starting to think I should set this up as well :)

Best,

Josselin Poiret

Ludovic Courtès wrote on 20 Apr 2023 12:16

Recipients:(name . Mekeor Melire)(address . mekeor@posteo.de)

Message-ID:87354ux3hn.fsf@gnu.org

Hi,

Mekeor Melire <mekeor@posteo.de> skribis:

Toggle quote (4 lines)

> (kernel-arguments

> (cons*

> "resume=/dev/mapper/cryptroot"

Ooh, got it, that’s the part I got wrong.

Thanks to the two of your for explaining!

How about this change:

Toggle diff (21 lines)diff --git a/doc/guix.texi b/doc/guix.texi
index adb1975935..817b336654 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -17454,6 +17454,17 @@ $ sudo filefrag -e /swapfile | grep '^ *0:' | cut -d: -f3 | cut -d. -f1
    92514304
 @end smallexample
 
+Note that if @file{/swapfile} lives on an encrypted root file system,
+you will instead need to specify the mapped device as the @code{resume}
+argument, like so:
+
+@lisp
+(kernel-arguments
+  (cons* "resume=/dev/mapper/cryptroot"  ;device holding /swapfile
+         "resume_offset=92514304"
+         %default-kernel-arguments))
+@end lisp
+
 @node User Accounts
 @section User Accounts

?

Ludo’.

Ludovic Courtès wrote on 21 May 2023 01:19

Recipients:(name . Mekeor Melire)(address . mekeor@posteo.de)

Message-ID:87fs7qvbee.fsf@gnu.org

Hi,

Ludovic Courtès <ludo@gnu.org> skribis:

Toggle quote (12 lines)> Mekeor Melire <mekeor@posteo.de> skribis:
>
>> (kernel-arguments
>>   (cons*
>>     "resume=/dev/mapper/cryptroot"
>
> Ooh, got it, that’s the part I got wrong.
>
> Thanks to the two of your for explaining!
>
> How about this change:

I finally pushed a simpler change as commit

7d1d5e16da6f1b37b3e0c16adf44b8e305e1e5bd.

Ludo’.

Closed

Your comment

This issue is archived.

To comment on this conversation send an email to 62711@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it

mumi current 62711

Then, you may apply the latest patchset in this issue (with sign off)

mumi am -- -s

Or, compose a reply to this issue

mumi compose

Or, send patches to this issue

mumi send-email *.patch

is:open	open issues
is:done	closed issues
submitter:<who>	search issue submitter
author:<who>	search by message author
date:yesterday..now	search by issue date
mdate:3m..2d	search by message date