From 63bb997b41b8e92fe09ce8cb6582e094e00e19a6 Mon Sep 17 00:00:00 2001 From: Ondrej Kozina Date: Mon, 26 Aug 2024 10:46:52 +0200 Subject: [PATCH 08/10] Abort online reencryption for misconfigured devices. Hard abort is justified here. The online reencryption on data devices that do not support O_DIRECT io flag is dangerous and leads to data corruption. This should be impossible to hit due to a patch that handles it in initialization phase. Better safe than sorry. --- lib/luks2/luks2_reencrypt.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/lib/luks2/luks2_reencrypt.c b/lib/luks2/luks2_reencrypt.c index 6519c1e3..05f69d18 100644 --- a/lib/luks2/luks2_reencrypt.c +++ b/lib/luks2/luks2_reencrypt.c @@ -4230,9 +4230,14 @@ int crypt_reencrypt_run( log_dbg(cd, "Resuming LUKS2 reencryption."); - if (rh->online && reencrypt_init_device_stack(cd, rh)) { - log_err(cd, _("Failed to initialize reencryption device stack.")); - return -EINVAL; + if (rh->online) { + /* This is last resort to avoid data corruption. Abort is justified here. */ + assert(device_direct_io(crypt_data_device(cd))); + + if (reencrypt_init_device_stack(cd, rh)) { + log_err(cd, _("Failed to initialize reencryption device stack.")); + return -EINVAL; + } } log_dbg(cd, "Progress %" PRIu64 ", device_size %" PRIu64, rh->progress, rh->device_size); -- 2.46.0