mirror of
git://sourceware.org/git/lvm2.git
synced 2024-12-22 17:35:59 +03:00
Suport DM_SECURE_DATA_FLAG.
It will be user for cryptsetup to ensure buffers are properly wiped when sending sensitive data (key).
This commit is contained in:
parent
6ed7b4d790
commit
c154d18b11
@ -1,5 +1,6 @@
|
||||
Version 1.02.62 -
|
||||
===================================
|
||||
Add dm_task_secure_data to libdevmapper to wipe ioctl buffers in kernel.
|
||||
Set DM_UDEV_DISABLE_OTHER_RULES_FLAG for suspended DM devices in udev rules.
|
||||
Initialize pool object for each row in _output_as_rows().
|
||||
|
||||
|
@ -1273,6 +1273,13 @@ int dm_task_skip_lockfs(struct dm_task *dmt)
|
||||
return 1;
|
||||
}
|
||||
|
||||
int dm_task_secure_data(struct dm_task *dmt)
|
||||
{
|
||||
dmt->secure_data = 1;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
int dm_task_query_inactive_table(struct dm_task *dmt)
|
||||
{
|
||||
dmt->query_inactive_table = 1;
|
||||
@ -1521,6 +1528,8 @@ static struct dm_ioctl *_flatten(struct dm_task *dmt, unsigned repeat_count)
|
||||
dmi->flags |= DM_READONLY_FLAG;
|
||||
if (dmt->skip_lockfs)
|
||||
dmi->flags |= DM_SKIP_LOCKFS_FLAG;
|
||||
if (dmt->secure_data)
|
||||
dmi->flags |= DM_SECURE_DATA_FLAG;
|
||||
if (dmt->query_inactive_table) {
|
||||
if (_dm_version_minor < 16)
|
||||
log_warn("WARNING: Inactive table query unsupported "
|
||||
@ -1737,6 +1746,7 @@ static int _create_and_load_v4(struct dm_task *dmt)
|
||||
task->read_only = dmt->read_only;
|
||||
task->head = dmt->head;
|
||||
task->tail = dmt->tail;
|
||||
task->secure_data = dmt->secure_data;
|
||||
|
||||
r = dm_task_run(task);
|
||||
|
||||
@ -1940,7 +1950,7 @@ static struct dm_ioctl *_do_dm_ioctl(struct dm_task *dmt, unsigned command,
|
||||
}
|
||||
|
||||
log_debug("dm %s %s%s %s%s%s %s%.0d%s%.0d%s"
|
||||
"%s%c%c%s%s %.0" PRIu64 " %s [%u]",
|
||||
"%s%c%c%s%s%s %.0" PRIu64 " %s [%u]",
|
||||
_cmd_data_v4[dmt->type].name,
|
||||
dmt->new_uuid ? "UUID " : "",
|
||||
dmi->name, dmi->uuid, dmt->newname ? " " : "",
|
||||
@ -1954,6 +1964,7 @@ static struct dm_ioctl *_do_dm_ioctl(struct dm_task *dmt, unsigned command,
|
||||
dmt->no_open_count ? 'N' : 'O',
|
||||
dmt->no_flush ? 'N' : 'F',
|
||||
dmt->skip_lockfs ? "S " : "",
|
||||
dmt->secure_data ? "W " : "",
|
||||
dmt->query_inactive_table ? "I " : "",
|
||||
dmt->sector, _sanitise_message(dmt->message),
|
||||
dmi->data_size);
|
||||
|
@ -63,6 +63,7 @@ struct dm_task {
|
||||
uint64_t existing_table_size;
|
||||
int cookie_set;
|
||||
int new_uuid;
|
||||
int secure_data;
|
||||
|
||||
char *uuid;
|
||||
};
|
||||
|
@ -184,6 +184,7 @@ int dm_task_no_open_count(struct dm_task *dmt);
|
||||
int dm_task_skip_lockfs(struct dm_task *dmt);
|
||||
int dm_task_query_inactive_table(struct dm_task *dmt);
|
||||
int dm_task_suppress_identical_reload(struct dm_task *dmt);
|
||||
int dm_task_secure_data(struct dm_task *dmt);
|
||||
|
||||
/*
|
||||
* Control read_ahead.
|
||||
|
@ -200,6 +200,7 @@ struct dm_task *dm_task_create(int type)
|
||||
dmt->cookie_set = 0;
|
||||
dmt->query_inactive_table = 0;
|
||||
dmt->new_uuid = 0;
|
||||
dmt->secure_data = 0;
|
||||
|
||||
return dmt;
|
||||
}
|
||||
|
@ -269,9 +269,9 @@ enum {
|
||||
#define DM_DEV_SET_GEOMETRY _IOWR(DM_IOCTL, DM_DEV_SET_GEOMETRY_CMD, struct dm_ioctl)
|
||||
|
||||
#define DM_VERSION_MAJOR 4
|
||||
#define DM_VERSION_MINOR 19
|
||||
#define DM_VERSION_MINOR 20
|
||||
#define DM_VERSION_PATCHLEVEL 0
|
||||
#define DM_VERSION_EXTRA "-ioctl (2010-10-14)"
|
||||
#define DM_VERSION_EXTRA "-ioctl (2011-02-02)"
|
||||
|
||||
/* Status bits */
|
||||
#define DM_READONLY_FLAG (1 << 0) /* In/Out */
|
||||
@ -330,4 +330,10 @@ enum {
|
||||
*/
|
||||
#define DM_UUID_FLAG (1 << 14) /* In */
|
||||
|
||||
/*
|
||||
* If set, all buffers are wiped after use. Used when sending
|
||||
* or requesting sensitive data like crypt key.
|
||||
*/
|
||||
#define DM_SECURE_DATA_FLAG (1 << 15) /* In */
|
||||
|
||||
#endif /* _LINUX_DM_IOCTL_H */
|
||||
|
Loading…
Reference in New Issue
Block a user