teknoraver / rpms / systemd

Forked from rpms/systemd 3 months ago
Clone

Blame SOURCES/0205-cryptsetup-call-crypt_load-for-LUKS-only-once.patch

4bff0a
From 788fb775f7deb8c456868362454e2a5f50c6068f Mon Sep 17 00:00:00 2001
4bff0a
From: Milan Broz <gmazyland@gmail.com>
4bff0a
Date: Mon, 27 May 2019 09:43:03 +0200
4bff0a
Subject: [PATCH] cryptsetup: call crypt_load() for LUKS only once
4bff0a
4bff0a
The crypt_load() for LUKS2 can read a quite big area of disk
4bff0a
(metadata area size is configurable and can increase up to megabytes).
4bff0a
4bff0a
This initialization is not needed to be repeated, just use the existing context.
4bff0a
4bff0a
(This patch is also required for the following change.)
4bff0a
4bff0a
(cherry picked from commit ea9a9d49e4af31c49e5c216e7e5e2f533e727579)
4bff0a
4bff0a
Related: #1719153
4bff0a
---
4bff0a
 src/cryptsetup/cryptsetup.c | 28 ++++++++++++----------------
4bff0a
 1 file changed, 12 insertions(+), 16 deletions(-)
4bff0a
4bff0a
diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c
4bff0a
index 5be1469d69..a0bd80ea65 100644
4bff0a
--- a/src/cryptsetup/cryptsetup.c
4bff0a
+++ b/src/cryptsetup/cryptsetup.c
4bff0a
@@ -475,7 +475,6 @@ static int attach_tcrypt(
4bff0a
 static int attach_luks_or_plain(struct crypt_device *cd,
4bff0a
                                 const char *name,
4bff0a
                                 const char *key_file,
4bff0a
-                                const char *data_device,
4bff0a
                                 char **passwords,
4bff0a
                                 uint32_t flags) {
4bff0a
         int r = 0;
4bff0a
@@ -485,20 +484,6 @@ static int attach_luks_or_plain(struct crypt_device *cd,
4bff0a
         assert(name);
4bff0a
         assert(key_file || passwords);
4bff0a
 
4bff0a
-        if (!arg_type || STR_IN_SET(arg_type, ANY_LUKS, CRYPT_LUKS1)) {
4bff0a
-                r = crypt_load(cd, CRYPT_LUKS, NULL);
4bff0a
-                if (r < 0) {
4bff0a
-                        log_error("crypt_load() failed on device %s.\n", crypt_get_device_name(cd));
4bff0a
-                        return r;
4bff0a
-                }
4bff0a
-
4bff0a
-                if (data_device) {
4bff0a
-                        r = crypt_set_data_device(cd, data_device);
4bff0a
-                        if (r < 0)
4bff0a
-                                return log_error_errno(r, "Failed to set LUKS data device %s: %m", data_device);
4bff0a
-                }
4bff0a
-        }
4bff0a
-
4bff0a
         if ((!arg_type && !crypt_get_type(cd)) || streq_ptr(arg_type, CRYPT_PLAIN)) {
4bff0a
                 struct crypt_params_plain params = {
4bff0a
                         .offset = arg_offset,
4bff0a
@@ -687,6 +672,18 @@ int main(int argc, char *argv[]) {
4bff0a
                                 log_warning("Key file %s is world-readable. This is not a good idea!", key_file);
4bff0a
                 }
4bff0a
 
4bff0a
+                if (!arg_type || STR_IN_SET(arg_type, ANY_LUKS, CRYPT_LUKS1)) {
4bff0a
+                        r = crypt_load(cd, CRYPT_LUKS, NULL);
4bff0a
+                        if (r < 0)
4bff0a
+                                return log_error_errno(r, "Failed to load LUKS superblock on device %s: %m", crypt_get_device_name(cd));
4bff0a
+
4bff0a
+                        if (arg_header) {
4bff0a
+                                r = crypt_set_data_device(cd, argv[3]);
4bff0a
+                                if (r < 0)
4bff0a
+                                        return log_error_errno(r, "Failed to set LUKS data device %s: %m", argv[3]);
4bff0a
+                        }
4bff0a
+                }
4bff0a
+
4bff0a
                 for (tries = 0; arg_tries == 0 || tries < arg_tries; tries++) {
4bff0a
                         _cleanup_strv_free_erase_ char **passwords = NULL;
4bff0a
 
4bff0a
@@ -704,7 +701,6 @@ int main(int argc, char *argv[]) {
4bff0a
                                 r = attach_luks_or_plain(cd,
4bff0a
                                                          argv[2],
4bff0a
                                                          key_file,
4bff0a
-                                                         arg_header ? argv[3] : NULL,
4bff0a
                                                          passwords,
4bff0a
                                                          flags);
4bff0a
                         if (r >= 0)