Add patch to allow crypttab to support workqueue disablement
This patch enables support of the following options in
/etc/crypttab:
- no-read-workqueue
- no-write-workqueue
This patch corresponds to the upstream pull request that has been
merged and will be in systemd 248:
https://github.com/systemd/systemd/pull/18062/
This commit is contained in:
Jonathan G. Underwood
parent
3e123da08e
commit
5b6dfac2cc
102
9cc6a94790eecfc808335b759355a4005d66f6e3.patch
Normal file
102
9cc6a94790eecfc808335b759355a4005d66f6e3.patch
Normal file
@ -0,0 +1,102 @@
|
|||||||
|
From 9cc6a94790eecfc808335b759355a4005d66f6e3 Mon Sep 17 00:00:00 2001
|
||||||
|
From: "Jonathan G. Underwood" <jonathan.underwood@gmail.com>
|
||||||
|
Date: Tue, 22 Dec 2020 20:04:52 +0000
|
||||||
|
Subject: [PATCH] cryptsetup: add support for workqueue options
|
||||||
|
|
||||||
|
This commit adds support for disabling the read and write
|
||||||
|
workqueues with the new crypttab options no-read-workqueue
|
||||||
|
and no-write-workqueue. These correspond to the cryptsetup
|
||||||
|
options --perf-no_read_workqueue and --perf-no_write_workqueue
|
||||||
|
respectively.
|
||||||
|
---
|
||||||
|
man/crypttab.xml | 19 +++++++++++++++++++
|
||||||
|
src/cryptsetup/cryptsetup.c | 12 ++++++++++++
|
||||||
|
src/shared/cryptsetup-util.h | 8 ++++++++
|
||||||
|
3 files changed, 39 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/man/crypttab.xml b/man/crypttab.xml
|
||||||
|
index 2062a5b8e70..72fe2e692da 100644
|
||||||
|
--- a/man/crypttab.xml
|
||||||
|
+++ b/man/crypttab.xml
|
||||||
|
@@ -342,6 +342,25 @@
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
+ <varlistentry>
|
||||||
|
+ <term><option>no-read-workqueue</option></term>
|
||||||
|
+
|
||||||
|
+ <listitem><para>Bypass dm-crypt internal workqueue and process read requests synchronously. The
|
||||||
|
+ default is to queue these requests and process them asynchronously.</para>
|
||||||
|
+
|
||||||
|
+ <para>This requires kernel 5.9 or newer.</para>
|
||||||
|
+ </listitem>
|
||||||
|
+ </varlistentry>
|
||||||
|
+ <varlistentry>
|
||||||
|
+ <term><option>no-write-workqueue</option></term>
|
||||||
|
+
|
||||||
|
+ <listitem><para>Bypass dm-crypt internal workqueue and process write requests synchronously. The
|
||||||
|
+ default is to queue these requests and process them asynchronously.</para>
|
||||||
|
+
|
||||||
|
+ <para>This requires kernel 5.9 or newer.</para>
|
||||||
|
+ </listitem>
|
||||||
|
+ </varlistentry>
|
||||||
|
+
|
||||||
|
<varlistentry>
|
||||||
|
<term><option>skip=</option></term>
|
||||||
|
|
||||||
|
diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c
|
||||||
|
index 7b21a7457a1..65cbd1aec83 100644
|
||||||
|
--- a/src/cryptsetup/cryptsetup.c
|
||||||
|
+++ b/src/cryptsetup/cryptsetup.c
|
||||||
|
@@ -60,6 +60,8 @@ static bool arg_verify = false;
|
||||||
|
static bool arg_discards = false;
|
||||||
|
static bool arg_same_cpu_crypt = false;
|
||||||
|
static bool arg_submit_from_crypt_cpus = false;
|
||||||
|
+static bool arg_no_read_workqueue = false;
|
||||||
|
+static bool arg_no_write_workqueue = false;
|
||||||
|
static bool arg_tcrypt_hidden = false;
|
||||||
|
static bool arg_tcrypt_system = false;
|
||||||
|
static bool arg_tcrypt_veracrypt = false;
|
||||||
|
@@ -236,6 +238,10 @@ static int parse_one_option(const char *option) {
|
||||||
|
arg_same_cpu_crypt = true;
|
||||||
|
else if (streq(option, "submit-from-crypt-cpus"))
|
||||||
|
arg_submit_from_crypt_cpus = true;
|
||||||
|
+ else if (streq(option, "no-read-workqueue"))
|
||||||
|
+ arg_no_read_workqueue = true;
|
||||||
|
+ else if (streq(option, "no-write-workqueue"))
|
||||||
|
+ arg_no_write_workqueue = true;
|
||||||
|
else if (streq(option, "luks"))
|
||||||
|
arg_type = ANY_LUKS;
|
||||||
|
/* since cryptsetup 2.3.0 (Feb 2020) */
|
||||||
|
@@ -1352,6 +1358,12 @@ static uint32_t determine_flags(void) {
|
||||||
|
if (arg_submit_from_crypt_cpus)
|
||||||
|
flags |= CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS;
|
||||||
|
|
||||||
|
+ if (arg_no_read_workqueue)
|
||||||
|
+ flags |= CRYPT_ACTIVATE_NO_READ_WORKQUEUE;
|
||||||
|
+
|
||||||
|
+ if (arg_no_write_workqueue)
|
||||||
|
+ flags |= CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE;
|
||||||
|
+
|
||||||
|
#ifdef CRYPT_ACTIVATE_SERIALIZE_MEMORY_HARD_PBKDF
|
||||||
|
/* Try to decrease the risk of OOM event if memory hard key derivation function is in use */
|
||||||
|
/* https://gitlab.com/cryptsetup/cryptsetup/issues/446/ */
|
||||||
|
diff --git a/src/shared/cryptsetup-util.h b/src/shared/cryptsetup-util.h
|
||||||
|
index fa2d2f65f3c..afac5cd46bd 100644
|
||||||
|
--- a/src/shared/cryptsetup-util.h
|
||||||
|
+++ b/src/shared/cryptsetup-util.h
|
||||||
|
@@ -7,6 +7,14 @@
|
||||||
|
#if HAVE_LIBCRYPTSETUP
|
||||||
|
#include <libcryptsetup.h>
|
||||||
|
|
||||||
|
+/* These next two are defined in libcryptsetup.h from cryptsetup version 2.3.4 forwards. */
|
||||||
|
+#ifndef CRYPT_ACTIVATE_NO_READ_WORKQUEUE
|
||||||
|
+#define CRYPT_ACTIVATE_NO_READ_WORKQUEUE (1 << 24)
|
||||||
|
+#endif
|
||||||
|
+#ifndef CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE
|
||||||
|
+#define CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE (1 << 25)
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
extern int (*sym_crypt_activate_by_passphrase)(struct crypt_device *cd, const char *name, int keyslot, const char *passphrase, size_t passphrase_size, uint32_t flags);
|
||||||
|
#if HAVE_CRYPT_ACTIVATE_BY_SIGNED_KEY
|
||||||
|
extern int (*sym_crypt_activate_by_signed_key)(struct crypt_device *cd, const char *name, const char *volume_key, size_t volume_key_size, const char *signature, size_t signature_size, uint32_t flags);
|
||||||
@ -21,7 +21,7 @@
|
|||||||
Name: systemd
|
Name: systemd
|
||||||
Url: https://www.freedesktop.org/wiki/Software/systemd
|
Url: https://www.freedesktop.org/wiki/Software/systemd
|
||||||
Version: 247.2
|
Version: 247.2
|
||||||
Release: 1%{?dist}
|
Release: 2%{?dist}
|
||||||
# For a breakdown of the licensing, see README
|
# For a breakdown of the licensing, see README
|
||||||
License: LGPLv2+ and MIT and GPLv2+
|
License: LGPLv2+ and MIT and GPLv2+
|
||||||
Summary: System and Service Manager
|
Summary: System and Service Manager
|
||||||
@ -76,6 +76,7 @@ Patch0004: 0001-test-path-util-ignore-test-failure.patch
|
|||||||
Patch0005: 0001-test-login-skip-consistency-checks-when-logind-is-no.patch
|
Patch0005: 0001-test-login-skip-consistency-checks-when-logind-is-no.patch
|
||||||
|
|
||||||
Patch0009: https://github.com/systemd/systemd/pull/17050/commits/f58b96d3e8d1cb0dd3666bc74fa673918b586612.patch
|
Patch0009: https://github.com/systemd/systemd/pull/17050/commits/f58b96d3e8d1cb0dd3666bc74fa673918b586612.patch
|
||||||
|
Patch0010: https://github.com/systemd/systemd/pull/18062/commits/9cc6a94790eecfc808335b759355a4005d66f6e3.patch
|
||||||
|
|
||||||
%ifarch %{ix86} x86_64 aarch64
|
%ifarch %{ix86} x86_64 aarch64
|
||||||
%global have_gnu_efi 1
|
%global have_gnu_efi 1
|
||||||
@ -893,6 +894,11 @@ getent passwd systemd-network &>/dev/null || useradd -r -u 192 -l -g systemd-net
|
|||||||
%files standalone-sysusers -f .file-list-standalone-sysusers
|
%files standalone-sysusers -f .file-list-standalone-sysusers
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Dec 23 2020 Jonathan Underwood <jonathan.underwood@gmail.com> - 247.2-2
|
||||||
|
- Add patch to enable crypttab to support disabling of luks read and
|
||||||
|
write workqueues (corresponding to
|
||||||
|
https://github.com/systemd/systemd/pull/18062/).
|
||||||
|
|
||||||
* Wed Dec 16 2020 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 247.2-1
|
* Wed Dec 16 2020 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 247.2-1
|
||||||
- Minor stable release
|
- Minor stable release
|
||||||
- Fixes #1908071.
|
- Fixes #1908071.
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user