40 lines
1.4 KiB
Diff
40 lines
1.4 KiB
Diff
|
From 63bb997b41b8e92fe09ce8cb6582e094e00e19a6 Mon Sep 17 00:00:00 2001
|
||
|
|
From: Ondrej Kozina <okozina@redhat.com>
|
||
|
|
Date: Mon, 26 Aug 2024 10:46:52 +0200
|
||
|
|
Subject: [PATCH 08/10] Abort online reencryption for misconfigured devices.
|
||
|
|
|
||
|
|
Hard abort is justified here. The online reencryption on
|
||
|
|
data devices that do not support O_DIRECT io flag is
|
||
|
|
dangerous and leads to data corruption. This should be
|
||
|
|
impossible to hit due to a patch that handles it
|
||
|
|
in initialization phase. Better safe than sorry.
|
||
|
|
---
|
||
|
|
lib/luks2/luks2_reencrypt.c | 11 ++++++++---
|
||
|
|
1 file changed, 8 insertions(+), 3 deletions(-)
|
||
|
|
|
||
|
|
diff --git a/lib/luks2/luks2_reencrypt.c b/lib/luks2/luks2_reencrypt.c
|
||
|
|
index 6519c1e3..05f69d18 100644
|
||
|
|
--- a/lib/luks2/luks2_reencrypt.c
|
||
|
|
+++ b/lib/luks2/luks2_reencrypt.c
|
||
|
|
@@ -4230,9 +4230,14 @@ int crypt_reencrypt_run(
|
||
|
|
|
||
|
|
log_dbg(cd, "Resuming LUKS2 reencryption.");
|
||
|
|
|
||
|
|
- if (rh->online && reencrypt_init_device_stack(cd, rh)) {
|
||
|
|
- log_err(cd, _("Failed to initialize reencryption device stack."));
|
||
|
|
- return -EINVAL;
|
||
|
|
+ if (rh->online) {
|
||
|
|
+ /* This is last resort to avoid data corruption. Abort is justified here. */
|
||
|
|
+ assert(device_direct_io(crypt_data_device(cd)));
|
||
|
|
+
|
||
|
|
+ if (reencrypt_init_device_stack(cd, rh)) {
|
||
|
|
+ log_err(cd, _("Failed to initialize reencryption device stack."));
|
||
|
|
+ return -EINVAL;
|
||
|
|
+ }
|
||
|
|
}
|
||
|
|
|
||
|
|
log_dbg(cd, "Progress %" PRIu64 ", device_size %" PRIu64, rh->progress, rh->device_size);
|
||
|
|
--
|
||
|
|
2.46.0
|
||
|
|
|