Commit 471f7810 authored by Ondrej Kozina's avatar Ondrej Kozina Committed by Milan Broz

Enhance persistent flags handling in cryptsetup.

With --persistent option, write only flags actually
used during activation. In other words we will not
store anymore flags not supported by running kernel.
parent f6cb8e41
......@@ -1077,6 +1077,17 @@ out:
return r;
}
static int update_persistent_flags(struct crypt_device *cd, const char *name, uint32_t activation_flags)
{
struct crypt_active_device cad;
/* write only flags not filtered by current kernel during activation */
if (crypt_get_active_device(cd, name, &cad))
return -EINVAL;
return crypt_persistent_flags_set(cd, CRYPT_FLAGS_ACTIVATION, cad.flags & activation_flags);
}
static int action_open_luks(void)
{
struct crypt_device *cd = NULL;
......@@ -1139,10 +1150,9 @@ static int action_open_luks(void)
}
out:
if (r >= 0 && opt_persistent &&
crypt_persistent_flags_set(cd, CRYPT_FLAGS_ACTIVATION, activate_flags))
update_persistent_flags(cd, activated_name, activate_flags))
log_err(_("Device activated but cannot make flags persistent.\n"));
crypt_safe_free(key);
crypt_safe_free(password);
crypt_free(cd);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment