Re: Encrypted root partition - boot failed

[Pierre Dupond <76nemo76%gmx.ch@localhost>]

Hi All,
      The attachments of the previous mail were binary junk and
not text. I don't know why. Hopefully, these one are more correct.

Sorry for the inconvenience.

Best regards

Le 12.08.20 à 18:50, Pierre Dupond a écrit :
> Hi All,
>        I want to use NetBSD with the root partition encrypted. I have
> followed these instructions: https://wiki.netbsd.org/security/cgdroot/.
>
> After installing the NetBSD 9.0 (not Current but with the CD image),
> I am able to start the boot process but not to mount the boot partition
> (the error message is provided in the image taken from the VirtualBox
> screen found in attachment).
>
> I was not too surprised since I have created a guid partition booting
> from standard BIOS. The boot partition is then /dev/dk2, the crypted
> partition (with cgd) /dev/dk3 and the root partition of NetBSD /dev/dk4
> (once the partition /dev/dk3 is decrypted).
>
> This scheme seems to be different from what is indicated in the
> documentation where it is mentioned the partition wd0a (and wd0f).
>
> In attachment, you will find alisting of the different partition schemes
> and the "ls" command done on the boot partition (/dev/dk2).
>
> Should I recompile the kernel module "cgdroot.kmod" to adapt the
> different devices used in the procedure?  Should I do someting else?
>
> I have no more ideas and some pointers to the correct solution
> would be greatly appreciated.
>
> Thanks for your help.
>
> Best regards
strategy:
/dev/rwd0: priocscan

getcache:
/dev/rwd0: read cache enabled
/dev/rwd0: write-back cache enabled
/dev/rwd0: read cache enable is not changeable
/dev/rwd0: write cache enable is changeable
/dev/rwd0: cache parameters are not savable
/dev/rwd0: cache Force Unit Access (FUA) supported
/dev/rwd0: cache Disable Page Out (DPO) not supported

listwedges:
/dev/rwd0: 4 wedges:
dk0: Bios_boot_wd0, 4096 blocks at 34, type: 
dk1: AlpineLinux, 4194304 blocks at 4130, type: ext2fs
dk2: NetBSD_boot, 204800 blocks at 4198434, type: ffs
dk3: NetBSD_crypted, 29151165 blocks at 4403234, type: cgd

     start      size  index  contents
         0         1         PMBR (active)
         1         1         Pri GPT header
         2        32         Pri GPT table
        34      4096      1  GPT part - BIOS Boot
      4130   4194304      2  GPT part - Linux data
   4198434    204800      3  GPT part - NetBSD FFSv1/FFSv2
   4403234  29151165      4  GPT part - NetBSD Cryptographic Disk
  33554399        32         Sec GPT table
  33554431         1         Sec GPT header

total 34814
-r--r--r--  1 root  wheel     84408 Aug 12 16:19 boot
-rw-r--r--  1 root  wheel       202 Aug 12 15:29 boot.cfg
-rw-r--r--  2 root  wheel        23 Aug 12 15:22 cgd.conf
-r-xr-xr-x  1 root  wheel   1156550 Feb 14 00:06 cgdroot.kmod
-rw-r--r--  3 root  wheel       174 Aug 11 17:59 dk3
-rw-r--r--  3 root  wheel       174 Aug 11 17:59 dk3.conf
drwxr-xr-x  3 root  wheel       512 Aug 11 17:16 etc
drwxr-xr-x  2 root  wheel       512 Aug 12 16:30 logs
-rwxr-xr-x  1 root  wheel  24837888 Feb 14 00:06 netbsd
-r--r--r--  1 root  wheel   9458872 Feb 14 00:06 netbsd.gz
-rw-r--r--  1 root  wheel     53568 Aug 12 16:14 restoresymtable