richardphibel / rpms / systemd

Forked from rpms/systemd 2 years ago
Clone
4fbe94
From 40612e4e7690c613cba7ac87b9d782724e623a39 Mon Sep 17 00:00:00 2001
4fbe94
From: =?UTF-8?q?Michal=20Sekleta=CC=81r?= <msekleta@redhat.com>
4fbe94
Date: Wed, 27 Nov 2019 14:27:58 +0100
4fbe94
Subject: [PATCH] cryptsetup: reduce the chance that we will be OOM killed
4fbe94
4fbe94
cryptsetup introduced optional locking scheme that should serialize
4fbe94
unlocking keyslots which use memory hard key derivation
4fbe94
function (argon2). Using the serialization should prevent OOM situation
4fbe94
in early boot while unlocking encrypted volumes.
4fbe94
4fbe94
(cherry picked from commit 408c81f62454684dfbff1c95ce3210d06f256e58)
4fbe94
4fbe94
Resolves: #1696602
4fbe94
---
4fbe94
 src/cryptsetup/cryptsetup.c | 6 ++++++
4fbe94
 1 file changed, 6 insertions(+)
4fbe94
4fbe94
diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c
4fbe94
index 4e1b3eff19..9071126c2e 100644
4fbe94
--- a/src/cryptsetup/cryptsetup.c
4fbe94
+++ b/src/cryptsetup/cryptsetup.c
4fbe94
@@ -656,6 +656,12 @@ int main(int argc, char *argv[]) {
4fbe94
                 if (arg_discards)
4fbe94
                         flags |= CRYPT_ACTIVATE_ALLOW_DISCARDS;
4fbe94
 
4fbe94
+#ifdef CRYPT_ACTIVATE_SERIALIZE_MEMORY_HARD_PBKDF
4fbe94
+                /* Try to decrease the risk of OOM event if memory hard key derivation function is in use */
4fbe94
+                /* https://gitlab.com/cryptsetup/cryptsetup/issues/446/ */
4fbe94
+                flags |= CRYPT_ACTIVATE_SERIALIZE_MEMORY_HARD_PBKDF;
4fbe94
+#endif
4fbe94
+
4fbe94
                 if (arg_timeout == USEC_INFINITY)
4fbe94
                         until = 0;
4fbe94
                 else