Installation fails with encryption on ZFS

J

jonasdig

Hi
I have a Intel NUC DC53427HYE. I am trying to install FreeBSD 10.1 with ZFS and disk encryption enabled. The installation stops at extracting ports.txz at 22% and overall progress 23%. After 10-20min the NUC reboots and I got the following error message:
Code: 
Mounting from zfs: bootpool failed with error 2: unknown file system.

I have tried several times using different installation media and the same happens every time. If I install without encryption everything works fine.
 
Last edited by a moderator:
It may not help, but your disk may need to be cleaned. The installer has some occasional bugs, where if there is already zfs stuff there it gets confused.

Boot your computer and go to recovery console.

Wipe the disk with dd if=/dev/zero of=/dev/ada<your disk> bs=1m

Then try again.
 
Thanks for the help. I have now managed to install FreeBSD. Not sure what helped, I both used dd and uncheck the installation of ports.

I have now a new problem. I rebooted after the installation, after I type the password for ada0p4 some lines are displayed and the computer immediately reboots before I am able to read the lines. I have rebooted several times with the same result.
 
I managed to record what happened on video before the computer restarted:

Code: 
GEOM_ELI: Device ada0p.eli created.
GEOM_ELI: Encryption: AES-XTS 256
GEOM_ELI:    Crypto: hardware
Trying to mount root from zfs:zroot/ROOT/default []...

Fatal double fault:
eip = 0xc17ec4a5
esp = 0xe438b000
ebp = 0xe438b000
cpuid = 1; apic id = 01
panic: double fault
cpuid = 1
KDB: stack backtrace:
#0 0xc0b676d2 at kdb_backtrace+0x52
#1 0xc0b28c8f at panic+0x11f
#2 0xc10294fb at dblfault_handler+0xab
Uptime: 3m2s
 
I had the exact problem after I lost power to my laptop and I couldn't boot into my system, just like you!

So here is what I did to get back in:
I used a FreeBSD 10.0-RELEASE Live CD (it was a bootonly -- to minimize download)
  1. Boot into the CD and choose "Live CD" from the options. (log in as root)
  2. Execute the following commands to attach partitions using geli; you would have to enter your passphrase if you have a root-on-ZFS full disk encryption setup
Code: 
mkdir /tmp/bootpool
zpool import -f bootpool
zfs set mountpoint=/tmp/bootpool bootpool
zfs mount -a
cp /tmp/bootpool/boot/encryption.key /tmp/
zfs umount -a
zfs set mountpoint=/bootpool bootpool
zpool export bootpool
geli attach -k /tmp/encryption.key /dev/ada0p4
zpool import -f -R /mnt zroot
zfs umount -a
reboot

I had to zpool import with -f flag because the power down problem didn't export the partition in the right way.
After executing these commands I rebooted and the system went online again.

If you happen to have problems with an empty /boot/ after reboot, try to load the bootpool manually.
Code: 
zpool import -f bootpool
reboot

That's it and the /boot symbolic link should work again.
Hope that helps!

Thanks,
Draco

References:
 
Last edited by a moderator:
Thanks. I am able to boot normally and mount the disk with your guide. The /boot/ is empty but everything looks to work fine. I have used the system for a few hours and done several reboots. I get the same error again as in post #4 if I load the bootpool manually and reboots. So it looks like there is a problem with the bootpool. I am not a very experienced freebsdFreeBSD user so I don't know what is happening if I have an empty /boot/. I have to do some reading on the subject.

I am still quit concerned that this is happening on a new system with a fresh installation. Could I have some hardware errors?
 
When you load the bootpool using this command zpool import -f bootpool do you see any files under /boot ?

Please note that my steps were tested on a FreeBSD 10.0-RELEASE.
 
You must log in or register to reply here.
Back
Top