Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-94860

V2v of Windows 11 is failing with error "Unexpected metadata entry value '24' found when parsing supported Volume Master Key"

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Normal Normal
    • rhel-9.7
    • rhel-9.5.z, rhel-9.6
    • cryptsetup
    • None
    • cryptsetup-2.7.2-4.el9
    • No
    • Important
    • ZStream
    • rhel-storage-crs
    • ssg_platform_storage
    • 16
    • 18
    • 1
    • False
    • False
    • Hide

      None

      Show
      None
    • No
    • None
    • Approved Blocker
    • Release Note Not Required
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      What were you trying to do that didn't work?

      Created a Windows 11 VM in VMware using latest ISO available from the Microsoft website  and after the installation, activated the bitlocker. Created a migration plan in MTV, and also added the recovery key to decrypt the bitlocker. The migration to OpenShift Virtualization failed with following error:

       

      command: blkid '-c' '/dev/null' '-o' 'value' '-s' 'TYPE' '/dev/sda3'
command: blkid returned 0
command: blkid: stdout:
BitLocker
command: cryptsetup '-d' '/tmp/crypt52335c.key' 'open' '/dev/sda3' 'cryptsda3' '--type' 'bitlk'
command: cryptsetup returned 1
command: cryptsetup: stderr:
Unexpected metadata entry value '24' found when parsing supported Volume Master Key.
Device /dev/sda3 is not a valid BITLK device.
ocaml_exn: 'cryptsetup_open' raised 'Failulibguestfs: trace: v2v: cryptsetup_open = -1 (error)
virt-v2v: could not find key to open LUKS encrypted /dev/sda3.

      Looks like cryptsetup is unable to decrypt the BitLocker volume. I tried to open it directly from a RHEL 9 VM and it also failed with the same error:

      [root@vm-235-2 ~]# blkid -c /dev/null -o value -s TYPE /dev/sdb3
BitLocker
[root@vm-235-2 ~]# cryptsetup -d /tmp/crypt52335c.key open /dev/sdb3 cryptsda3 --type bitlk
Unexpected metadata entry value '24' found when parsing supported Volume Master Key.
Device /dev/sdb3 is not a valid BITLK device.

[root@vm-235-2 ~]# rpm -qa|grep -i cryptsetup
cryptsetup-libs-2.7.2-3.el9_5.x86_64
cryptsetup-2.7.2-3.el9_5.x86_64

      Looks like a known problem in cryptsetup already fixed in upstream https://gitlab.com/cryptsetup/cryptsetup/-/merge_requests/652

      What is the impact of this issue to you?

      Unable to migrate Windows 11 VMs with disks encrypted using bitlocker.

      Please provide the package NVR for which the bug is seen:

      virt-v2v-2.5.6-10.el9_5.x86_64

      How reproducible is this bug?

      100 %

      Steps to reproduce

      1. Download the latest Windows 11 ISO from  https://www.microsoft.com/en-us/software-download/windows11
      2. Create a Windows 11 VM in VMware and complete the installation.
      3. Activate the bitlocker and tried converting VM to OpenShift Virtualization using MTV with bitlocker recovery key, migration failed with error "Unexpected metadata entry value '24' found when parsing supported Volume Master Key"

      Expected results

      V2v of Windows 11 is failing with error "Unexpected metadata entry value '24' found when parsing supported Volume Master Key"

      Actual results

      Migration should work

        1. bitlk.img.xz
          4.63 MB
          Ondrej Kozina

              okozina@redhat.com Ondrej Kozina
              rhn-support-nashok Nijin Ashok
              Ondrej Kozina Ondrej Kozina
              Guangwu Zhang Guangwu Zhang
              Votes:
              0 Vote for this issue
              Watchers:
              19 Start watching this issue

                Created:
                Updated:
                Resolved: