diff options
Diffstat (limited to 'pkgs/by-name/bc/bcachefs-tools/fix-encrypted-boot.patch')
-rw-r--r-- | pkgs/by-name/bc/bcachefs-tools/fix-encrypted-boot.patch | 92 |
1 files changed, 0 insertions, 92 deletions
diff --git a/pkgs/by-name/bc/bcachefs-tools/fix-encrypted-boot.patch b/pkgs/by-name/bc/bcachefs-tools/fix-encrypted-boot.patch deleted file mode 100644 index 5e14d09547f43..0000000000000 --- a/pkgs/by-name/bc/bcachefs-tools/fix-encrypted-boot.patch +++ /dev/null @@ -1,92 +0,0 @@ -From f76ad4da12e6a65550d564bb626a1429ae75433a Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Thomas=20M=C3=BChlbacher?= <tmuehlbacher@posteo.net> -Date: Thu, 9 May 2024 23:52:47 +0200 -Subject: [PATCH 1/2] `check_for_key` before `ask_for_passphrase` -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -let's always first check if there is already a key in the keyring -available before we try to get the key from some more involved means. - -Fixes: #261 -Signed-off-by: Thomas Mühlbacher <tmuehlbacher@posteo.net> ---- - src/commands/mount.rs | 13 +++++++++++-- - src/key.rs | 4 +++- - 2 files changed, 14 insertions(+), 3 deletions(-) - -diff --git a/src/commands/mount.rs b/src/commands/mount.rs -index 9414c77f..34a741cb 100644 ---- a/src/commands/mount.rs -+++ b/src/commands/mount.rs -@@ -344,8 +344,17 @@ fn cmd_mount_inner(opt: Cli) -> anyhow::Result<()> { - if block_devices_to_mount.len() == 0 { - Err(anyhow::anyhow!("No device found from specified parameters"))?; - } -- // Check if the filesystem's master key is encrypted -- if unsafe { bcachefs::bch2_sb_is_encrypted_and_locked(block_devices_to_mount[0].sb) } { -+ -+ let key_name = CString::new(format!( -+ "bcachefs:{}", -+ block_devices_to_mount[0].sb().uuid() -+ )) -+ .unwrap(); -+ -+ // Check if the filesystem's master key is encrypted and we don't have a key -+ if unsafe { bcachefs::bch2_sb_is_encrypted_and_locked(block_devices_to_mount[0].sb) } -+ && !key::check_for_key(&key_name)? -+ { - // First by password_file, if available - let fallback_to_unlock_policy = if let Some(passphrase_file) = &opt.passphrase_file { - match key::read_from_passphrase_file(&block_devices_to_mount[0], passphrase_file.as_path()) { -diff --git a/src/key.rs b/src/key.rs -index d0018805..568b3cdb 100644 ---- a/src/key.rs -+++ b/src/key.rs -@@ -58,7 +58,7 @@ impl fmt::Display for UnlockPolicy { - } - } - --fn check_for_key(key_name: &std::ffi::CStr) -> anyhow::Result<bool> { -+pub fn check_for_key(key_name: &std::ffi::CStr) -> anyhow::Result<bool> { - use bch_bindgen::keyutils::{self, keyctl_search}; - let key_name = key_name.to_bytes_with_nul().as_ptr() as *const _; - let key_type = c_str!("user"); -@@ -86,10 +86,12 @@ fn wait_for_unlock(uuid: &uuid::Uuid) -> anyhow::Result<()> { - } - } - -+// blocks indefinitely if no input is available on stdin - fn ask_for_passphrase(sb: &bch_sb_handle) -> anyhow::Result<()> { - let passphrase = if stdin().is_terminal() { - rpassword::prompt_password("Enter passphrase: ")? - } else { -+ info!("Trying to read passphrase from stdin..."); - let mut line = String::new(); - stdin().read_line(&mut line)?; - line - -From 734ccc58f42c3cccb0960bdd84808839e2b62ca9 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Thomas=20M=C3=BChlbacher?= <tmuehlbacher@posteo.net> -Date: Sun, 12 May 2024 19:39:19 +0200 -Subject: [PATCH 2/2] fix unfortunate typo - -causes mounting encrypted devices to become stuck in a busy loop. ---- - include/crypto/skcipher.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/include/crypto/skcipher.h b/include/crypto/skcipher.h -index 70905a5a..833729dc 100644 ---- a/include/crypto/skcipher.h -+++ b/include/crypto/skcipher.h -@@ -112,7 +112,7 @@ static inline void skcipher_request_set_sync_tfm(struct skcipher_request *req, - skcipher_request_set_tfm(req, &tfm->base); - } - --#define skcipher_request_set_callback(...) do {} while (9) -+#define skcipher_request_set_callback(...) do {} while (0) - - static inline void skcipher_request_set_crypt( - struct skcipher_request *req, |