Booting from a fully encrypted disk requires four incorrect passphrase attempts
When prompting for a passphrase to unlock / at boot, actually valid and correctly entered passphrases are reported as invalid but the crypto container still gets unlocked eventually.
After entering a valid passphrase when being prompted first, I’m getting prompted other four times before booting into the unlocked root partition actually continues. No matter what string was entered, all attempts are reported as invalid.
My usual procedure to boot therefore consists of entering a valid passphrase and hitting five times.
I’m using latest Alpine v3.3 on a ThinkPad X230 running coreboot + GRUB2 payload, thus no ext/syslinux or any other bootloader on my disk is used. GRUB2 unlocks my LUKS container and loads /boot/grub.cfg which then boots Alpine Linux.
Kernel parameters and initramfs features:
$ cat /proc/cmdline
BOOT_IMAGE=/__alpine_root__/boot/vmlinuz cryptroot=/dev/sda cryptdm=main root=/dev/mapper/main rootflags=compress=lzo,noatime,subvolid=319 modules=btrfs quiet
$ /etc/mkinitfs.conf
features="keymap cryptsetup kms ata base scsi btrfs"
(from redmine: issue id 5362, created on 2016-04-03, closed on 2019-05-03)