Hello all, we get bug reports that the switch to systemd destroyed the underlying partitions of encrypted swap partitions which were using "offset=". As this is silently ignored right now, the cryptsetup plain device always starts at the beginning of the device, deleting everything which was before the intended offset. In particular, this removed any UUID or other signature that crypttab referred to to identify the underlying device.
This simple patch adds offset=. While I was at it I also added skip=. I attached my script for testing this to the fd.o bug. Thanks for considering, Martin -- Martin Pitt | http://www.piware.de Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org)
From e345e310d710a2cc58f529229d26068e7a3cfbfb Mon Sep 17 00:00:00 2001 From: Martin Pitt <martin.p...@ubuntu.com> Date: Thu, 16 Apr 2015 06:44:07 -0500 Subject: [PATCH] cryptsetup: Implement offset and skip options These are useful for plain devices as they don't have any metadata by themselves. Instead of using an unreliable hardcoded device name in crypttab you can then put static meatadata at the start of the partition for a stable UUID or label. https://bugs.freedesktop.org/show_bug.cgi?id=87717 https://bugs.debian.org/751707 https://launchpad.net/bugs/953875 --- src/cryptsetup/cryptsetup.c | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c index ba0ef72..beb8caf 100644 --- a/src/cryptsetup/cryptsetup.c +++ b/src/cryptsetup/cryptsetup.c @@ -50,12 +50,12 @@ static bool arg_discards = false; static bool arg_tcrypt_hidden = false; static bool arg_tcrypt_system = false; static char **arg_tcrypt_keyfiles = NULL; +static uint64_t arg_offset = 0; +static uint64_t arg_skip = 0; static usec_t arg_timeout = 0; /* Options Debian's crypttab knows we don't: - offset= - skip= precheck= check= checkargs= @@ -185,6 +185,20 @@ static int parse_one_option(const char *option) { return 0; } + } else if (startswith(option, "offset=")) { + + if (safe_atou64(option+7, &arg_offset) < 0) { + log_error("offset= parse failure, ignoring."); + return 0; + } + + } else if (startswith(option, "skip=")) { + + if (safe_atou64(option+5, &arg_skip) < 0) { + log_error("skip= parse failure, ignoring."); + return 0; + } + } else if (!streq(option, "none")) log_error("Encountered unknown /etc/crypttab option '%s', ignoring.", option); @@ -423,6 +437,9 @@ static int attach_luks_or_plain(struct crypt_device *cd, * package is to not hash when a key file is provided */ params.hash = "ripemd160"; + params.offset = arg_offset; + params.skip = arg_skip; + if (arg_cipher) { size_t l; -- 2.1.4
signature.asc
Description: Digital signature
_______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
