teknoraver / rpms / systemd

Forked from rpms/systemd 2 months ago
Clone

Blame SOURCES/0205-cryptsetup-call-crypt_load-for-LUKS-only-once.patch

4fbe94
From 788fb775f7deb8c456868362454e2a5f50c6068f Mon Sep 17 00:00:00 2001
4fbe94
From: Milan Broz <gmazyland@gmail.com>
4fbe94
Date: Mon, 27 May 2019 09:43:03 +0200
4fbe94
Subject: [PATCH] cryptsetup: call crypt_load() for LUKS only once
4fbe94
4fbe94
The crypt_load() for LUKS2 can read a quite big area of disk
4fbe94
(metadata area size is configurable and can increase up to megabytes).
4fbe94
4fbe94
This initialization is not needed to be repeated, just use the existing context.
4fbe94
4fbe94
(This patch is also required for the following change.)
4fbe94
4fbe94
(cherry picked from commit ea9a9d49e4af31c49e5c216e7e5e2f533e727579)
4fbe94
4fbe94
Related: #1719153
4fbe94
---
4fbe94
 src/cryptsetup/cryptsetup.c | 28 ++++++++++++----------------
4fbe94
 1 file changed, 12 insertions(+), 16 deletions(-)
4fbe94
4fbe94
diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c
4fbe94
index 5be1469d69..a0bd80ea65 100644
4fbe94
--- a/src/cryptsetup/cryptsetup.c
4fbe94
+++ b/src/cryptsetup/cryptsetup.c
4fbe94
@@ -475,7 +475,6 @@ static int attach_tcrypt(
4fbe94
 static int attach_luks_or_plain(struct crypt_device *cd,
4fbe94
                                 const char *name,
4fbe94
                                 const char *key_file,
4fbe94
-                                const char *data_device,
4fbe94
                                 char **passwords,
4fbe94
                                 uint32_t flags) {
4fbe94
         int r = 0;
4fbe94
@@ -485,20 +484,6 @@ static int attach_luks_or_plain(struct crypt_device *cd,
4fbe94
         assert(name);
4fbe94
         assert(key_file || passwords);
4fbe94
 
4fbe94
-        if (!arg_type || STR_IN_SET(arg_type, ANY_LUKS, CRYPT_LUKS1)) {
4fbe94
-                r = crypt_load(cd, CRYPT_LUKS, NULL);
4fbe94
-                if (r < 0) {
4fbe94
-                        log_error("crypt_load() failed on device %s.\n", crypt_get_device_name(cd));
4fbe94
-                        return r;
4fbe94
-                }
4fbe94
-
4fbe94
-                if (data_device) {
4fbe94
-                        r = crypt_set_data_device(cd, data_device);
4fbe94
-                        if (r < 0)
4fbe94
-                                return log_error_errno(r, "Failed to set LUKS data device %s: %m", data_device);
4fbe94
-                }
4fbe94
-        }
4fbe94
-
4fbe94
         if ((!arg_type && !crypt_get_type(cd)) || streq_ptr(arg_type, CRYPT_PLAIN)) {
4fbe94
                 struct crypt_params_plain params = {
4fbe94
                         .offset = arg_offset,
4fbe94
@@ -687,6 +672,18 @@ int main(int argc, char *argv[]) {
4fbe94
                                 log_warning("Key file %s is world-readable. This is not a good idea!", key_file);
4fbe94
                 }
4fbe94
 
4fbe94
+                if (!arg_type || STR_IN_SET(arg_type, ANY_LUKS, CRYPT_LUKS1)) {
4fbe94
+                        r = crypt_load(cd, CRYPT_LUKS, NULL);
4fbe94
+                        if (r < 0)
4fbe94
+                                return log_error_errno(r, "Failed to load LUKS superblock on device %s: %m", crypt_get_device_name(cd));
4fbe94
+
4fbe94
+                        if (arg_header) {
4fbe94
+                                r = crypt_set_data_device(cd, argv[3]);
4fbe94
+                                if (r < 0)
4fbe94
+                                        return log_error_errno(r, "Failed to set LUKS data device %s: %m", argv[3]);
4fbe94
+                        }
4fbe94
+                }
4fbe94
+
4fbe94
                 for (tries = 0; arg_tries == 0 || tries < arg_tries; tries++) {
4fbe94
                         _cleanup_strv_free_erase_ char **passwords = NULL;
4fbe94
 
4fbe94
@@ -704,7 +701,6 @@ int main(int argc, char *argv[]) {
4fbe94
                                 r = attach_luks_or_plain(cd,
4fbe94
                                                          argv[2],
4fbe94
                                                          key_file,
4fbe94
-                                                         arg_header ? argv[3] : NULL,
4fbe94
                                                          passwords,
4fbe94
                                                          flags);
4fbe94
                         if (r >= 0)