2.4.19 or 2.4.20 breaks encrypted swap (loop-aes or cryptoapi)

[umsfalfb@umail.furryterror.org (Zygo Blaxell)]

In a nutshell:

Encrypted swap on kernels 2.4.19 and 2.4.20 has fatal problems which
are not present in 2.4.18.

My test setup:

	32 MB RAM (limited by mem= on kernel command line)

	Partitions set up as follows:
	hda1:  512MB swap partition
	hda2:  2.9G filesystem partition
	hda3:  128MB boot partition (clear)
	hda4:  512MB "other" partition (more on this later)

	One of:
	Linux 2.4.18 with loop-AES 1.5b, 1.6e, 1.6f, 1.7a
	Linux 2.4.19 with loop-AES 1.6f
	Linux 2.4.20 with loop-AES 1.7a
	Linux 2.4.20 with cryptoapi 2.4.20.1

My test:

1.  Set up filesystem and swap partitions.  I tested all four combinations
of encrypted/clear filesystem/swap on 2.4.20.  "Encrypted" means AES with
256 bit keys through a loop device.  "Clear" means direct access to the
partition with no intervening loop device.

2.  Run the following tasks in parallel, each one in an infinite loop:

	a.  bonnie -u0 -f -n0 -s1024 (run on the filesystem on hda2)

	b.  tar xjf linux-2.4.20.tar.bz2 && 
	    cd linux-2.4.20 &&
	    make oldconfig &&
	    make dep &&
	    make -j5 bzImage modules &&
	    cd .. &&
 	    rm -rf linux-2.4.20
	(also run on hda2)

	c.  cat /dev/zero > /dev/hda4

	d.  watch ps xar

Obviously there will be a lot of swapping and memory pressure when running
all of those at once on a machine with 32MB of RAM.  That's the point.  ;-)
I've been discovering this accidentally for some time now--system locks up
after a few days of normal use--but the above recipe triggers the problems
in only a few minutes.

My results:

                        SE-FE   SE-FC   SC-FE   SC-FC
2.4.20+cryptoapi        hangs   ??      hangs   ??
2.4.20+loop-AES         hangs   hangs   ok      ok
2.4.19+loop-AES         hangs   ??      ??      ok
2.4.18+loop-AES         ok      ??      ??      ok

SE-FE = Swap Encrypted Filesystem Encrypted,
SC-FE = Swap Clear Filesystem Encrypted, etc.

hangs = hangs after a few minutes or hours
ok    = doesn't hang after days of continuous abuse
??    = not tested

2.4.20 + cryptoapi locks up almost immediately.  I never got the
'tar' command to finish, even with clear swap.  Processes get stuck in
various states.  Sometimes I can hit ^C and restart the 'tar' process.
Sometimes ^C will not kill a stuck process but the rest of the system
continues to function.  Sometimes the system locks up completely.
I didn't run all the test combinations as cryptoapi wasn't able to even
finish the test setup, let alone the tests themselves.

2.4.20 + loop-AES runs for a few minutes or a few hours with encrypted
swap, then kswapd gets stuck in D state.  All further swapping on
the machine stops, since it needs kswapd to work and kswapd is stuck.
One by one, every process on the system locks up as it needs to page in
or out to swap.

2.4.20 + loop-AES runs for days with clear swap, regardless of whether
the filesystem is encrypted or clear.

2.4.19 seems to be similar to 2.4.20, although I ran only one of the
test cases on 2.4.19.  I gather that there were significant changes
to the VM stuff between 2.4.18 and 2.4.19, so I presume that 2.4.19 and
2.4.20 have all the same problems with encrypted swap.

I have been using 2.4.18 + loop-AES since 2.4.18 was released, and
earlier 2.4.x versions with loop-AES since the end of 2001.  No problems.

-- 
Zygo Blaxell (Laptop) <zblaxell@feedme.hungrycats.org>
GPG = D13D 6651 F446 9787 600B AD1E CCF3 6F93 2823 44AD
-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/