(follow-up of #228, running on the same system

Setup

• OS: Arch Linux, recently upgraded
• Kernel: Zen kernel 6.4.6.zen1-1 from Arch repo
• booster: 0.11-1 from Arch repo
• /etc/booster.yaml

modules_force_load: i915
modules: vmd,i915,intel_lpss_pci
extra_files: fido2-assert
vconsole: true

• Boot loader: systemd-boot with the following entry:

title Arch Zen
linux /vmlinuz-linux-zen
initrd /intel-ucode.img
initrd /booster-linux-zen.img
options rd.luks.name=<REDACTED UUID>=arch root=/dev/mapper/arch rootflags=subvol=@ rw add_efi_memmap random.trust_cpu=on intel_iommu=on

• Root Partition: Btrfs on a LUKS2 partition, with a systemd-cryptenroll-ed Yubikey 5 NFC

Expected Behavior

When the screen shows Enter passphase for arch:, with my Yubikey plugged in, the LED on the Yubikey should be flashing. Touching the Yubikey (the metal part, that is) should unlock the LUKS partition and continue the boot process

Actual Behavior

The screen shows (The number in the square brackets may vary)

[    0.968319] booster: exit status 71:
Press ENTER to Reboot

Pressing Enter key on keyboard does nothing. Have to hard reboot / shutdown.

Attempted Fiddling 1: Print Logs from Booster

• Add booster.log=info,console to kernel options
• Reboot

Result: Expected behavior happens (with extra logging printed). This looks like a Heisenbug.

Attempted Fiddling 2: Print Logs from Kernel

• Switch to kernel linux-lts 6.1.39-1
• Remove booster.log=info,console from kernel options
• Reboot to this kernel

Result: the LTS kernel prints many lines of [ <NUMBER>] blacklist: problem blackl before Enter passphrase for arch. Then expected behavior happens. Works well.

[ 0.968319] booster: exit status 71:

Booster reported a process exit error. I guess it is fido2-assert process has died for some reason.

And the hole situation sounds like a race condition.

I just added a commit that tries to capture more logs from fiso2-assert tool. Please pull wip branch, compile, regenerate the image and try to boot again. This time the exit code should include more useful information.

No luck. The actual behavior happened again with no extra logging. It's still:

[    <NUMBER>] booster: exit status 71:
Press ENTER to Reboot

Here is what I did:

• Build and install booster-git from AUR
  • Before running makepkg, change the line source=... in PKGBUILD to source=(git+https://github.com/anatol/booster#commit=e5253cb)
• Restore /etc/booster.yaml which gets moved to /etc/booster.yaml.pacsave when installing booster-git
• Rerun /usr/lib/booster/regenerate_images
• Reboot

I even tried manually build an init with go bulid with the following patch:

diff --git i/init/luks.go w/init/luks.go
index 69bc590..2833269 100644
--- i/init/luks.go
+++ w/init/luks.go
@@ -125,6 +125,8 @@ func recoverFido2Password(devName string, credential string, salt string, relyin
 		args = append(args, "-t", "pin=true")
 	}
 
+	args = append(args, "-d")
+
 	cmd := exec.Command("fido2-assert", args...)
 	pipeOut, err := cmd.StdoutPipe()
 	if err != nil {

... and regenerate image with doas booster build --init-binary ./init/init --force --kernel-version 6.4.6-zen1-1-zen /boot/booster-linux-zen.img . Still no help.

I guess that the culprit might not be fido2-assert, but actually something else (setfont?) since I hadn't used vconsole: true until I encountered #228 . A quick Googling of setfont exit 71 also implies that the exit code could be from setfont.

... and yes, I can reproduce the bug with only vconsole: true, no extra_files: fido2-assert needed. And the bug dissappears with vconsole: true removed. I'll edit the issue title to reflect this discovery.

BTW, this is my /etc/vconsole.conf if you need it to reproduce the bug:

KEYMAP=us
FONT=ter-u32b

... and /etc/locale.conf:

LANG=en_US.UTF-8

LC_MEASUREMENT=zh_CN.UTF-8
LC_PAPER=zh_CN.UTF-8
LC_TIME=en_DK.UTF-8
LC_TELEPHONE=zh_CN.UTF-8

Thank you for the information @5long

I was able to reproduce the problem locally. The issue is indeed the setfont failed to load ter-u32b from terminus-font arch package.

I set setfont -v and I see following output:

setfont -v /console/font
setfont: INFO setfont.c:161 try_loadfont: Loading 256-char 16x32 font from file /console/font
setfont: ERROR kdfontop.c:211 put_font_kdfontop: ioctl(KDFONTOP): Invalid argument
[    2.050924] booster: exit status 71: 

/console/font is an unpacked content of /usr/share/kbd/consolefonts/ter-u32b.psf.gz from terminus-font package:

$ unp /usr/share/kbd/consolefonts/ter-u32b.psf.gz
$ sha1sum font ter-u32b.psf 
3b4e5a1e4506b4aefd1e074413662885d12aa162  font
3b4e5a1e4506b4aefd1e074413662885d12aa162  ter-u32b.psf

I need to dig into setfont to understand what it does not like about the font file.

cc @legionus who might have an explanation on top of his head

cc @legionus who might have an explanation on top of his head

This error message has been added to highlight an issue that was previously ignored. See my explanation [1]. Most likely the problem is in systemd-vconsole-setup [2]. This is not the only problem with this utility. I'm not a systemd expert but there are several workarounds [3][4].

[1] legionus/kbd#99 (comment)
[2] legionus/kbd#99 (comment)
[3] legionus/kbd#99 (comment)
[4] legionus/kbd#99 (comment)

Note that booster does not use systemd toolset; it calls setfont /usr/share/kbd/consolefonts/ter-u32b.psf directly; and fails. legionus/kbd#99 has some proposals on how to fix the problem and I am going to try it.

Same issues on Ubuntu

Without setfont

the only way to fix this this is to disable vconsole in booster

This happened to me as well, I have FONT=ter-132n in my /etc/vconsole.conf and enabling vconsole: true freezes booster initramfs saying "booster: exit status 71"