Bug 240760 - Caps lock key became a character in GELI passphrase entry after upgrading to 12.0 w/root-on-ZFS
Summary: Caps lock key became a character in GELI passphrase entry after upgrading to ...
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 12.0-RELEASE
Hardware: amd64 Any
: --- Affects Only Me
Assignee: freebsd-bugs mailing list
URL:
Keywords: regression
Depends on:
Blocks:
 
Reported: 2019-09-23 07:10 UTC by Ariel Millennium Thornton
Modified: 2019-12-22 20:38 UTC (History)
5 users (show)

See Also:


Attachments
git(1) diff against /boot/lua/password.lua (568 bytes, patch)
2019-09-29 18:32 UTC, Kyle Evans
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Ariel Millennium Thornton 2019-09-23 07:10:22 UTC
A couple years ago, I installed 10.2-RELEASE amd64 on an Acer Aspire One Z (model ZC-700g, Intel Celeron J3160 CPU, 4GB RAM).  During installation, I followed the instructions in the FreeBSD Handbook: In section 2.6, I chose Automatic Root-on-ZFS and changed the "Encrypt Disks?" option to yes, and followed the instructions in section 2.6.4.  Since then, I updated and upgraded following the handbook, release notes, and errata documents.

Yesterday, I upgraded from 11.2-RELEASE to 12.0-RELEASE.  After shutting down to boot into the new kernel, I entered my passphrase at the GELI prompt which appears before the boot menu.  However, the boot process stalled after the kernel booted, as if I entered a bad passphrase.  Double-checking and slowing down my typing had no effect:  I was entering the correct passphrase, consistent with all previous startups, but it wasn't being recognized.

My current passphrase consists of runs where the letters are uppercase, long enough that it's easier to type with caps lock on.  While trying to figure out what I was doing wrong, I noticed the GELI keypress spinner advance a step when I turned caps lock on and again when I turned it off; this is new.  My passphrase wasn't recognized until I typed it in without the benefit of caps lock.

Steps to reproduce:  Install (or upgrade to) FreeBSD 11.2-RELEASE amd64 with "Automatic Root-on-ZFS," change "Encrypt Disks?" from NO to YES, set a passphrase including uppercase letters.  Then, upgrade to 12.0-RELEASE.

Expected behavior:  The passphrase typed at the boot-time GELI prompt is recognized whether capitals are typed with Shift pressed or capitals are typed with caps lock on.

Actual behavior: The passphrase is recognized if capitals are typed with Shift pressed, but it is not recognized if the caps lock key is used during passphrase entry.
Comment 1 Kyle Evans freebsd_committer 2019-09-23 14:55:42 UTC
Hi,

Follow up questions:

- Is this a separate, unencrypted bootpool setup?
- geom_eli_passphrase_prompt="YES" in /boot/loader.conf?
Comment 2 Ariel Millennium Thornton 2019-09-24 03:01:36 UTC
I have a separate pool called bootpool, and I assume it's unencrypted.  I'm too ignorant of ZFS management to be 100% confident.  According to `zpool status`, it's also ada0p3 (no .eli), and according to `zfs list`, it mounts on /bootpool.

The root pool, zroot, is ada0p5.eli, and zroot/ROOT/default mounts on /.  When booting with what the system thought was a bad passphrase, it was only ada0p5 it asked me for.

My /boot/loader.conf file wasn't changed during the upgrade, and it has a `geom_eli_passphrase_prompt="YES"` line.
Comment 3 Ariel Millennium Thornton 2019-09-28 04:39:46 UTC
New information: The caps lock key can be used, but backspace must be pressed once right after pressing caps lock.
Comment 4 Kyle Evans freebsd_committer 2019-09-29 18:32:08 UTC
Created attachment 207941 [details]
git(1) diff against /boot/lua/password.lua

Hi,

Please try this patch against /boot/lua/password.lua.
Comment 5 Ariel Millennium Thornton 2019-09-29 22:18:32 UTC
The patch had no effect on passphrase input, both at the boot-time prompt and when asked for ada0p5's passphrase while the kernel booted up.  The patch also had no effect on the boot-time display: The keypress spinner advanced with each press of caps lock.
Comment 6 Lorenzo Salvadore freebsd_committer 2019-10-26 16:59:52 UTC
Recently SHIFT also became (at least) a character: whenever I try to insert a capital letter by pressing the SHIFT key I see the bar indicating character insertion rotating full speed and of course the password is inserted wrong.

The problem is present in 12.1-STABLE r354066 but was not there in 12.1-STABLE r353430.
Comment 7 Toomas Soome freebsd_committer 2019-10-27 09:27:13 UTC
(In reply to Lorenzo Salvadore from comment #6)

Is this defect on BIOS or UEFI system?

If it is UEFI, please run from loader OK prompt: chain /boot/loader_4th.efi - does it still have the defect?

If this is BIOS system, does the defect appear with boot1 or loader? That is, if you enter the password and press the space when there is spinner, does boot: prompt appear?

On boot: prompt, enter /boot/loader_4th and does the defect appear there?

It would be helpful to know exactly where the issue does appear.
Comment 8 Lorenzo Salvadore freebsd_committer 2019-10-27 10:02:10 UTC
(In reply to Toomas Soome from comment #7)
 
I'm on a UEFI system.

I was unable to run the test you suggested: SHIFT is broken in the ok prompt too, so that I cannot insert the needed underscore. Whenever I press SHIFT I cannot add any character to the line I'm writing and only terminating it by pressing ENTER gets the prompt working again.

CAPSLOCK works as expected on the ok prompt but does not for the GELI password insertion: it inserts a dummy character as described in comment #3.
Comment 9 Toomas Soome freebsd_committer 2019-12-03 11:21:26 UTC
(In reply to Lorenzo Salvadore from comment #8)

please try this patch and please report me back the output:

Index: stand/efi/libefi/efi_console.c
===================================================================
--- stand/efi/libefi/efi_console.c	(revision 355225)
+++ stand/efi/libefi/efi_console.c	(working copy)
@@ -1112,6 +1112,9 @@
 	if (status == EFI_SUCCESS) {
 		kss = key_data.KeyState.KeyShiftState;
 		kp = &key_data.Key;
+		printf("kts: %x kss: %x scan: %x unicode: %x\n",
+		    key_data.KeyState.KeyToggleState, kss,
+		    kp->ScanCode, kp->UnicodeChar);
 		if (kss & EFI_SHIFT_STATE_VALID) {
 
 			/*
@@ -1126,10 +1129,11 @@
 					kp->UnicodeChar++;
 				}
 			}
+			if (kp->ScanCode == 0 && kp->UnicodeChar == 0)
+				return (false);
+			keybuf_inschar(kp);
+			return (true);
 		}
-
-		keybuf_inschar(kp);
-		return (true);
 	}
 	return (false);
 }
Comment 10 Lorenzo Salvadore freebsd_committer 2019-12-03 17:15:47 UTC
(In reply to Toomas Soome from comment #9)

I tested your patch on 12.1-STABLE r355326.

Here are some outputs. Feel free to ask for more.

- pressing SHIFT with CAPSLOCK off:
kts: c0   kss:80000001   scan: 0   unicode: 0

- pressing SHIFT with CAPSLOCK on:
kts: c4   kss:80000001   scan: 0   unicode: 0

- switching CAPSLOCK from off to on:
kts: 80   kss:80000000   scan: 0   unicode: 0

- switching CAPSLOCK from on to off:
kts: 84   kss:80000000   scan: 0   unicode: 0
Comment 11 Toomas Soome freebsd_committer 2019-12-03 17:18:37 UTC
(In reply to Lorenzo Salvadore from comment #10)

ok, This output is expected, but is the input working now?
Comment 12 Lorenzo Salvadore freebsd_committer 2019-12-03 17:27:58 UTC
(In reply to Toomas Soome from comment #11)

Sorry, I had forgotten to test the input itself.

Yes, it works now. Thank you very much.
Comment 13 commit-hook freebsd_committer 2019-12-03 18:36:47 UTC
A commit references this bug:

Author: tsoome
Date: Tue Dec  3 18:36:39 UTC 2019
New revision: 355347
URL: https://svnweb.freebsd.org/changeset/base/355347

Log:
  loader: ReadKeyStrokeEx may return partial keystrokes

  In some systems we can receive no scancode nor unicodechar values.

  PR:		240760
  Reported by:	Ariel Millennium Thornton
  MFC after:	1 week

Changes:
  head/stand/efi/libefi/efi_console.c
Comment 14 commit-hook freebsd_committer 2019-12-09 21:11:05 UTC
A commit references this bug:

Author: tsoome
Date: Mon Dec  9 21:10:18 UTC 2019
New revision: 355571
URL: https://svnweb.freebsd.org/changeset/base/355571

Log:
  MFC r355347:
  loader: ReadKeyStrokeEx may return partial keystrokes

  In some systems we can receive no scancode nor unicodechar values.

  PR:		240760
  Reported by:	Ariel Millennium Thornton

Changes:
_U  stable/12/
  stable/12/stand/efi/libefi/efi_console.c
Comment 15 Toomas Soome freebsd_committer 2019-12-22 08:27:16 UTC
(In reply to Ariel Millennium Thornton from comment #0)

Ariel, is this issue fixed for you?
Comment 16 Ariel Millennium Thornton 2019-12-22 19:27:32 UTC
(In reply to Toomas Soome from comment #15)

I'm afraid not.  I just upgraded to 12.0-RELEASE-p12, and the issue is still present.
Comment 17 Toomas Soome freebsd_committer 2019-12-22 20:38:27 UTC
(In reply to Ariel Millennium Thornton from comment #16)

I wonder if you could test stable/12, I am not sure about what patch is included in p12...