udisks encrypted swap is not recognized

My laptop has a LUKS encrypted swap partition which udisks does not recognize as either swap or encrypted partition

/org/freedesktop/UDisks2/block_devices/nvme0n1p2:
  org.freedesktop.UDisks2.Block:
    Configuration:              []
    CryptoBackingDevice:        '/'
    Device:                     /dev/nvme0n1p2
    DeviceNumber:               66306
    Drive:                      '/org/freedesktop/UDisks2/drives/Micron_MTFDHBA256TDV_21112DDAD49E'
    HintAuto:                   false
    HintIconName:
    HintIgnore:                 false
    HintName:
    HintPartitionable:          true
    HintSymbolicIconName:
    HintSystem:                 true
    Id:                         by-id-nvme-Micron_MTFDHBA256TDV_21112DDAD49E-part2
    IdLabel:
    IdType:
    IdUUID:
    IdUsage:
    IdVersion:
    MDRaid:                     '/'
    MDRaidMember:               '/'
    PreferredDevice:            /dev/nvme0n1p2
    ReadOnly:                   false
    Size:                       8589934592
    Symlinks:                   /dev/disk/by-id/nvme-Micron_MTFDHBA256TDV_21112DDAD49E-part2
                                /dev/disk/by-id/nvme-eui.000000000000000100a075212ddad49e-part2
                                /dev/disk/by-partlabel/cryptswap
                                /dev/disk/by-partuuid/456d4f0a-f07b-4637-b12c-ef51226553f0
                                /dev/disk/by-path/pci-0000:2e:00.0-nvme-1-part2
    UserspaceMountOptions:
  org.freedesktop.UDisks2.Partition:
    Flags:              0
    IsContained:        false
    IsContainer:        false
    Name:               cryptswap
    Number:             2
    Offset:             537919488
    Size:               8589934592
    Table:              '/org/freedesktop/UDisks2/block_devices/nvme0n1'
    Type:               0657fd6d-a4ab-43c4-84e5-0933c84b4f4f
    UUID:               456d4f0a-f07b-4637-b12c-ef51226553f0

lsblk does show it correctly

NAME        MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINTS
nvme0n1     259:0    0 238.5G  0 disk
├─nvme0n1p1 259:1    0   512M  0 part  /boot
├─nvme0n1p2 259:2    0     8G  0 part
│ └─swap    254:1    0     8G  0 crypt [SWAP]
└─nvme0n1p3 259:3    0   230G  0 part

Sep 17 '21 15:09 jelly

The partition should be recognized as a LUKS device (IdUsage should be crypto and IdType crypto_LUKS), the dm-crypt device (/dev/mapper/swap in your case) should be the one with a swap interface. What blkid and udev show about the partition? sudo blkid -p /dev/nvme0n1p2 and udevadm info /dev/nvme0n1p2

Sep 20 '21 06:09 vojtechtrefny

[jelle@t14s][~]%sudo blkid -p /dev/nvme0n1p2
/dev/nvme0n1p2: PART_ENTRY_SCHEME="gpt" PART_ENTRY_NAME="cryptswap" PART_ENTRY_UUID="456d4f0a-f07b-4637-b12c-ef51226553f0" PART_ENTRY_TYPE="0657fd6d-a4ab-43c4-84e5-0933c84b4f4f" PART_ENTRY_NUMBER="2" PART_ENTRY_OFFSET="1050624" PART_ENTRY_SIZE="16777216" PART_ENTRY_DISK="259:0"

[jelle@t14s][~]%udevadm info /dev/nvme0n1p2
P: /devices/pci0000:00/0000:00:1d.4/0000:2e:00.0/nvme/nvme0/nvme0n1/nvme0n1p2
N: nvme0n1p2
L: 0
S: disk/by-path/pci-0000:2e:00.0-nvme-1-part2
S: disk/by-partuuid/456d4f0a-f07b-4637-b12c-ef51226553f0
S: disk/by-id/nvme-Micron_MTFDHBA256TDV_21112DDAD49E-part2
S: disk/by-id/nvme-eui.000000000000000100a075212ddad49e-part2
S: disk/by-partlabel/cryptswap
E: DEVPATH=/devices/pci0000:00/0000:00:1d.4/0000:2e:00.0/nvme/nvme0/nvme0n1/nvme0n1p2
E: DEVNAME=/dev/nvme0n1p2
E: DEVTYPE=partition
E: PARTN=2
E: PARTNAME=cryptswap
E: MAJOR=259
E: MINOR=2
E: SUBSYSTEM=block
E: USEC_INITIALIZED=20766416
E: ID_SERIAL_SHORT=21112DDAD49E
E: ID_WWN=eui.000000000000000100a075212ddad49e
E: ID_MODEL=Micron MTFDHBA256TDV
E: ID_REVISION=3009P4LN
E: ID_SERIAL=Micron_MTFDHBA256TDV_21112DDAD49E
E: ID_PATH=pci-0000:2e:00.0-nvme-1
E: ID_PATH_TAG=pci-0000_2e_00_0-nvme-1
E: ID_PART_TABLE_UUID=258ae1e3-248d-455f-b55a-75dc024c0b5d
E: ID_PART_TABLE_TYPE=gpt
E: ID_PART_ENTRY_SCHEME=gpt
E: ID_PART_ENTRY_NAME=cryptswap
E: ID_PART_ENTRY_UUID=456d4f0a-f07b-4637-b12c-ef51226553f0
E: ID_PART_ENTRY_TYPE=0657fd6d-a4ab-43c4-84e5-0933c84b4f4f
E: ID_PART_ENTRY_NUMBER=2
E: ID_PART_ENTRY_OFFSET=1050624
E: ID_PART_ENTRY_SIZE=16777216
E: ID_PART_ENTRY_DISK=259:0
E: DEVLINKS=/dev/disk/by-path/pci-0000:2e:00.0-nvme-1-part2 /dev/disk/by-partuuid/456d4f0a-f07b-4637-b12c-ef51226553f0 /dev/disk/by-id/nvme-Micron_MTFDHBA256TDV_21112DDAD49E-part2 /dev/disk/by-id/nvme-eui.000000000000000100a075212ddad49e-part2 /dev/disk/by-partlabel/cryptswap
E: TAGS=:systemd:
E: CURRENT_TAGS=:systemd:

Sep 20 '21 15:09 jelly

Weird, even blkid won't detect the LUKS header on /dev/nvme0n1p2. Is this a detached header setup or plain mode? How did you create the encrypted swap?

Sep 21 '21 07:09 vojtechtrefny

Ah!

cryptsetup open --type plain --key-file /dev/urandom /dev/disk/by-partlabel/cryptswap swap
mkswap -L swap /dev/mapper/swap
swapon -L swap

In /etc/crypttab

cryptswap        /dev/disk/by-partlabel/cryptswap        /dev/urandom        swap,offset=2048,cipher=aes-xts-plain64,size=256

Sep 21 '21 19:09 jelly

Yes, that explains it. Plain doesn't have a header so we don't detect it as a encrypted device. There are two things we can use in UDisks: the crypttab entry and the fact the device is open so we can use the dm-crypt device to mark the backing device as encrypted. Definitely something we can look into in the future but for now UDisks behaves as expected (unfortunately).

Sep 22 '21 12:09 vojtechtrefny

Thanks for the information.

Sep 25 '21 10:09 jelly

udisks udisks copied to clipboard

encrypted swap is not recognized

udisks
udisks copied to clipboard