RS4021xs+ on Proxmox Volume Encryption (unlock fails)

[nikos1988]

Just tried version 23.6.2 on Proxmox with 2 virtual disks and tried to create an encrypted volume.
It looks like the volume ist created but it fails to unlock.

desmg -T shows:
[Fri Jun 2 15:09:02 2023] device-mapper: table: 249:3: crypt: Error allocating crypto tfm
[Fri Jun 2 15:09:02 2023] device-mapper: ioctl: error adding target to table

Looks like the kernel is missing the right crypto configuration?!

[AuxXxilium]

Please provide serial log from Proxmox. Without this, it is not possible to find the issue. With ESXi everything is working, so i can't fix it without your logfile.

[nikos1988]

Here is the serial log after starting the vm

log.txt

[nikos1988]

My ESXi VM with 23.5.55 is working fine with encrypted volumes. Could it be CPU features? I tried KVM64 and host CPU (i5-12500). The loader was built with KVM64 CPU.

[AuxXxilium]

I use it on baremetal 12500, let me try and look into log file.

[AuxXxilium]

your log file is nearly empty. there is something wrong

[nikos1988]

scroll down a bit. it is the complete startup log

[nikos1988]

when i try to unlock the volume only this pops up in the serial log:

[ 749.533422] device-mapper: table: 249:3: crypt: Error allocating crypto tfm
[ 749.534024] device-mapper: ioctl: error adding target to table

[AuxXxilium]

i need complete log incl. bootlog

oh i saw it. :D

[nikos1988]

[nikos1988]

It is a q35 EFI VM with this pve conf file:

args: -device 'qemu-xhci,addr=0x18' -drive 'id=synoboot,file=/rpool/data/arc.img,if=none,format=raw' -device 'usb-storage,id=synoboot,drive=synoboot,bootindex=1'
bios: ovmf
cores: 4
cpu: host
hostpci1: 0000:04:00,device-id=0x1166,pcie=1,vendor-id=0x1b21
machine: q35
memory: 4096
meta: creation-qemu=7.2.0,ctime=1685693114
name: Niko-DSX
net0: vmxnet3=00:11:32:FE:1A:A1,bridge=vmbr0,firewall=1
numa: 0
ostype: l26
sata0: local-zfs:vm-102-disk-0,discard=on,size=32G,ssd=1
sata1: local-zfs:vm-102-disk-1,discard=on,size=32G,ssd=1
scsihw: virtio-scsi-pci
serial0: socket
smbios1: uuid=81f90226-9980-4074-857f-eefc3157ca3d
sockets: 1
vmgenid: d6cf3a56-fc2d-47c1-916a-9127cd7093be

[AuxXxilium]

have you tried to add the disks to a sata controller and not scsi?

[nikos1988]

I tried with the real ssd disk on the passed ASM1166 controller card and it does not work too.

[AuxXxilium]

i need some time, to find the issue.

[nikos1988]

Is your ESXI VM with loader 23.6.2 and encrypted volumes working fine?

[AuxXxilium]

i don't know, i'm looking thru all files because of build issue in github. have to check more things atm.

[nikos1988]

I just compared /proc/crypto between my ESXI and Proxmox VM. The Proxmox VM has a lot less supported crypto algorithms
crypto_esxi.txt
crypto_pve.txt

[AuxXxilium]

so it's possible that this issue is proxmox related

[AuxXxilium]

Please try with 23.6.21

[nikos1988]

Hi, i can confirm it works now with 23.6.21e. But only after completely resetting and reinstalling DSM. The DSM installation with the previous loader 23.6.2 was corrupted. Not even resetting the local encryption vault helped.