Bug 229357 - bootpool is not imported after boot (separated bootpool/zroot due to zroot encryption)
Summary: bootpool is not imported after boot (separated bootpool/zroot due to zroot en...
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: misc (show other bugs)
Version: 11.2-RELEASE
Hardware: amd64 Any
: --- Affects Some People
Assignee: freebsd-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-06-27 06:38 UTC by Petr Fischer
Modified: 2021-03-19 13:55 UTC (History)
2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Petr Fischer 2018-06-27 06:38:33 UTC 
I have encrypted zroot partition, so, my bootpool is separated from zroot zpool. Encryption classic, via GELI, password prompt before boot.

But on freshly updated 10.2, after every reboot, bootpool is not imported, so, no access to the kernel modules, resulting in other related issues (some autoloaded modules from rc.conf, like vbox, can crash the whole system during boot, because bootpool is just not available/auto imported)...

This is similar to bug #212258, but I have GPT (not MBR).

Workaround is probably to import bootpool in rc.local and then, load all necesary kernel modules (like linux, vbox etc.) manualy again (also in rc.local).

This bug occurs probably only on separated bootpool/zroot systems, due to zroot encryption.

Also - I have GPT partitions, but I am booting in CMS BIOS Mode (classic BIOS way), not UEFI, because with UEFI, my i915kms Intel Graphics does not work (tested on 11.0 and 11.1).

Is there any new way how to config encrypted zroot, than separated bootpool/zroot?

--- gpt output ----
=>       40  500118112  ada0  GPT  (238G)
         40       2008        - free -  (1.0M)
       2048       1024     1  freebsd-boot  (512K)
       3072       1024        - free -  (512K)
       4096     204800     2  efi  (100M)
     208896       2048        - free -  (1.0M)
     210944    4194304     3  freebsd-zfs  (2.0G)
    4405248    8388608     4  freebsd-swap  (4.0G)
   12793856  487324296     5  freebsd-zfs  (232G)

--- loader.conf (selection) ---
...
geli_ada0p5_keyfile0_load="YES"
geli_ada0p5_keyfile0_type="ada0p5:geli_keyfile0"
geli_ada0p5_keyfile0_name="/boot/encryption.key"
geom_eli_load="YES"
geom_eli_passphrase_prompt="YES"
vfs.root.mountfrom="zfs:zroot/ROOT/default"
kern.geom.label.disk_ident.enable="1"
kern.geom.label.gptid.enable="1"
zpool_cache_load="YES"
zpool_cache_type="/boot/zfs/zpool.cache"
zpool_cache_name="/boot/zfs/zpool.cache"
...
Comment 1 Petr Fischer 2018-06-27 06:42:50 UTC 
Also, after every reboot, this email arrives:
-------
Subject: Cron <root@pf-bsd>    periodic reboot

cannot open 'bootpool': dataset does not exist
usage:
        snapshot|snap [-r] [-o property=value] ... <filesystem|volume>@<snap> ...

For the property list, run: zfs set|get

For the delegated permission list, run: zfs allow|unallow

-- End of reboot output --
---------


But bootpool definitely exists, I am importing it manualy (prev comment).
Comment 2 Ryan Moeller freebsd_committer freebsd_triage 2021-03-15 11:02:02 UTC 
Still a bug. The installer sets cachefile=/boot/zfs/zpool.cache on bootpool so it can autoimport because that's where ZFS looked for the cachefile before 13, but /boot is in bootpool so the cachefile can't be found and the pool never gets imported.
Comment 3 Allan Jude freebsd_committer freebsd_triage 2021-03-19 13:55:30 UTC 
(In reply to Ryan Moeller from comment #2)
So the workaround is:
zpool import bootpool
zpool set cachefile=/etc/zfs/zpool.cache bootpool

And now your bootpool will be on the list to auto-import at boot.

Of course, if you use updated UEFI code, you don't need a separate bootpool anymore:

You can convert to a single pool that supports boot environments now:

https://ftfl.ca/blog/2016-09-17-zfs-fde-one-pool-conversion.html