rpms/clevis
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Improve boot performance by removing key check

Browse Source 
Resolves: rhbz#2099701
This commit is contained in:
Sergio Arroutbi 2022-08-02 09:27:51 -03:00 committed by Sergio Correia
parent 16c88e2a5a
commit 9d54e7fff2
2 changed files with 60 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
0008-Improve-boot-performance-by-removing-key-check.patch Normal file
View File

@ -0,0 +1,54 @@
From da988dee93fd3171d41248fe884c627cdafa563e Mon Sep 17 00:00:00 2001
From: Sergio Arroutbi <sarroutb@redhat.com>
Date: Tue, 2 Aug 2022 09:25:54 -0300
Subject: [PATCH] Improve boot performance by removing key check
---
src/luks/clevis-luks-common-functions.in | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/src/luks/clevis-luks-common-functions.in b/src/luks/clevis-luks-common-functions.in
index f018340..d059aae 100644
--- a/src/luks/clevis-luks-common-functions.in
+++ b/src/luks/clevis-luks-common-functions.in
@@ -313,6 +313,7 @@ clevis_luks_check_valid_key_or_keyfile() {
clevis_luks_unlock_device_by_slot() {
local DEV="${1}"
local SLT="${2}"
+ local SKIP_CHECK="${3}"
[ -z "${DEV}" ] && return 1
[ -z "${SLT}" ] && return 1
@@ -327,8 +328,9 @@ clevis_luks_unlock_device_by_slot() {
|| [ -z "${passphrase}" ]; then
return 1
fi
-
- clevis_luks_check_valid_key_or_keyfile "${DEV}" "${passphrase}" || return 1
+ if [ -z "${SKIP_CHECK}" ]; then
+ clevis_luks_check_valid_key_or_keyfile "${DEV}" "${passphrase}" || return 1
+ fi
printf '%s' "${passphrase}"
}
@@ -336,6 +338,8 @@ clevis_luks_unlock_device_by_slot() {
# parameter and returns the decoded passphrase.
clevis_luks_unlock_device() {
local DEV="${1}"
+ local SKIP_CHECK="YES"
+
[ -z "${DEV}" ] && return 1
local used_slots
@@ -346,7 +350,7 @@ clevis_luks_unlock_device() {
local slt pt
for slt in ${used_slots}; do
- if ! pt=$(clevis_luks_unlock_device_by_slot "${DEV}" "${slt}") \
+ if ! pt=$(clevis_luks_unlock_device_by_slot "${DEV}" "${slt}" "${SKIP_CHECK}") \
|| [ -z "${pt}" ]; then
continue
fi
--
2.35.1

7
clevis.spec
View File

@ -1,6 +1,6 @@
Name: clevis Name: clevis
Version: 18 Version: 18
Release: 103%{?dist} Release: 104%{?dist}
Summary: Automated decryption framework Summary: Automated decryption framework
License: GPLv3+ License: GPLv3+
@ -14,6 +14,7 @@ Patch0004: 0004-luks-explicitly-specify-pbkdf-iterations-to-cryptset.patch
Patch0005: 0005-tang-dump-url-on-error-communication.patch Patch0005: 0005-tang-dump-url-on-error-communication.patch
Patch0006: 0006-feat-rename-the-test-pin-to-null-pin.patch Patch0006: 0006-feat-rename-the-test-pin-to-null-pin.patch
Patch0007: 0007-avoid-clevis-invalid-msg.patch Patch0007: 0007-avoid-clevis-invalid-msg.patch
Patch0008: 0008-Improve-boot-performance-by-removing-key-check.patch
BuildRequires: git-core BuildRequires: git-core
BuildRequires: gcc BuildRequires: gcc
@ -201,6 +202,10 @@ exit 0
%attr(4755, root, root) %{_libexecdir}/%{name}-luks-udisks2 %attr(4755, root, root) %{_libexecdir}/%{name}-luks-udisks2
%changelog %changelog
* Thu Jul 21 2022 Sergio Arroutbi <sarroutb@redhat.com> - 18-104
- Improve boot performance by removing key check
Resolves: rhbz#2099701
* Mon Jun 20 2022 Sergio Arroutbi <sarroutb@redhat.com> - 18-103 * Mon Jun 20 2022 Sergio Arroutbi <sarroutb@redhat.com> - 18-103
- Avoid invalid message for clevis command - Avoid invalid message for clevis command
Resolves: rhbz#2080281 Resolves: rhbz#2080281