Set persistent allow-discards flag for newly created LUKS devices

Resolves: RHEL-82884
2025-03-11 15:23:01 +01:00 · 2025-03-11 15:23:01 +01:00 · 0325a6a032
commit 0325a6a032
parent 18f7244e03
2 changed files with 102 additions and 1 deletions
--- a/0013-Set-persistent-allow-discards-flag-for-new-LUKS-devices.patch
+++ b/0013-Set-persistent-allow-discards-flag-for-new-LUKS-devices.patch
@ -0,0 +1,96 @@
+From 5fc2cfb675580cecc7e583c7c6a7fb767b4507de Mon Sep 17 00:00:00 2001
+From: Vojtech Trefny <vtrefny@redhat.com>
+Date: Mon, 10 Mar 2025 09:52:27 +0100
+Subject: [PATCH 1/2] Set persitent allow-discards flag for newly created LUKS
+ devices
+
+We are currently using the "allow-discards" in /etc/crypttab to
+set the discards/fstrim feature for LUKS, but that doesn't work
+for Fedora Silverblue so we need to set the persistent flag in the
+LUKS header instead.
+
+Resolves: RHEL-82884
+---
+ blivet/formats/luks.py | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/blivet/formats/luks.py b/blivet/formats/luks.py
+index 92c2f0bd7..151ca985a 100644
+--- a/blivet/formats/luks.py
+++ b/blivet/formats/luks.py
+@@ -364,6 +364,15 @@ def _create(self, **kwargs):
+     def _post_create(self, **kwargs):
+         super(LUKS, self)._post_create(**kwargs)
+ 
+        if self.luks_version == "luks2" and flags.discard_new:
+            try:
+                blockdev.crypto.luks_set_persistent_flags(self.device,
+                                                          blockdev.CryptoLUKSPersistentFlags.ALLOW_DISCARDS)
+            except blockdev.CryptoError as e:
+                raise LUKSError("Failed to set allow discards flag for newly created LUKS format: %s" % str(e))
+            except AttributeError:
+                log.warning("Cannot set allow discards flag: not supported")
+
+         try:
+             info = blockdev.crypto.luks_info(self.device)
+         except blockdev.CryptoError as e:
+
+From 8312a8cb8a4f78529174031214d3cc137c503fbc Mon Sep 17 00:00:00 2001
+From: Vojtech Trefny <vtrefny@redhat.com>
+Date: Wed, 12 Mar 2025 11:08:00 +0100
+Subject: [PATCH 2/2] Add a simple test for setting the allow-discards flag on
+ LUKS
+
+---
+ tests/unit_tests/formats_tests/luks_test.py | 30 ++++++++++++++++++++-
+ 1 file changed, 29 insertions(+), 1 deletion(-)
+
+diff --git a/tests/unit_tests/formats_tests/luks_test.py b/tests/unit_tests/formats_tests/luks_test.py
+index d4322f118..70baf8f7b 100644
+--- a/tests/unit_tests/formats_tests/luks_test.py
+++ b/tests/unit_tests/formats_tests/luks_test.py
+@@ -18,8 +18,17 @@ def test_create_discard_option(self):
+         fmt = LUKS(exists=True)
+         self.assertEqual(fmt.options, None)
+ 
+        fmt = LUKS(passphrase="passphrase")
+        with patch("blivet.devicelibs.crypto.calculate_luks2_max_memory", return_value=None):
+            with patch("blivet.devicelibs.crypto.get_optimal_luks_sector_size", return_value=0):
+                with patch("blivet.formats.luks.blockdev") as bd:
+                    fmt._create()
+                    bd.crypto.luks_format.assert_called()
+                    fmt._post_create()
+                    bd.crypto.luks_set_persistent_flags.assert_not_called()
+
+         # flags.discard_new=True --> discard if creating new
+-        with patch("blivet.flags.flags.discard_new", True):
+        with patch("blivet.formats.luks.flags.discard_new", True):
+             fmt = LUKS(exists=True)
+             self.assertEqual(fmt.options, None)
+ 
+@@ -34,6 +43,25 @@ def test_create_discard_option(self):
+             fmt = LUKS(exists=False, options="blah")
+             self.assertEqual(fmt.options, "blah,discard")
+ 
+            fmt = LUKS(passphrase="passphrase")
+            with patch("blivet.devicelibs.crypto.calculate_luks2_max_memory", return_value=None):
+                with patch("blivet.devicelibs.crypto.get_optimal_luks_sector_size", return_value=0):
+                    with patch("blivet.formats.luks.blockdev") as bd:
+                        fmt._create()
+                        bd.crypto.luks_format.assert_called()
+                        fmt._post_create()
+                        bd.crypto.luks_set_persistent_flags.assert_called()
+
+            # LUKS 1 doesn't support the persistent flags
+            fmt = LUKS(passphrase="passphrase", luks_version="luks1")
+            with patch("blivet.devicelibs.crypto.calculate_luks2_max_memory", return_value=None):
+                with patch("blivet.devicelibs.crypto.get_optimal_luks_sector_size", return_value=0):
+                    with patch("blivet.formats.luks.blockdev") as bd:
+                        fmt._create()
+                        bd.crypto.luks_format.assert_called()
+                        fmt._post_create()
+                        bd.crypto.luks_set_persistent_flags.assert_not_called()
+
+     def test_key_size(self):
+         # default cipher is AES-XTS with 512b key
+         fmt = LUKS()
--- a/python-blivet.spec
+++ b/python-blivet.spec
@ -5,7 +5,7 @@ Version: 3.10.0

 #%%global prerelease .b2
 # prerelease, if defined, should be something like .a1, .b1, .b2.dev1, or .c2
-Release: 15%{?prerelease}%{?dist}
+Release: 16%{?prerelease}%{?dist}
 Epoch: 1
 License: LGPL-2.1-or-later
 %global realname blivet
@ -27,6 +27,7 @@ Patch7: 0009-mod_pass_in_stratis_test.patch
 Patch8: 0010-Fix_running_tests_in_FIPS_mode.patch
 Patch9: 0011-Make-GPT-default-label-type-on-all-architectures.patch
 Patch10: 0012-Fix-crash-on-ppc64le-with-GPT.patch
+Patch11: 0013-Set-persistent-allow-discards-flag-for-new-LUKS-devices.patch

 # Versions of required components (done so we make sure the buildrequires
 # match the requires versions of things).
@ -121,6 +122,10 @@ make DESTDIR=%{buildroot} install
 %{python3_sitelib}/*

 %changelog
+* Tue Mar 11 2025 Vojtech Trefny <vtrefny@redhat.com> - 3.10.0-16
+- Set persistent allow-discards flag for newly created LUKS devices
+  Resolves: RHEL-82884
+
 * Wed Jan 29 2025 Vojtech Trefny <vtrefny@redhat.com> - 3.10.0-15
 - Revert "Remove support for the MD linear RAID level"
  Resolves: RHEL-76808