forked from NixOS/nixpkgs
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
bcachefs-tools: 1.7.0 -> 1.7.0-unstable-2024-05-09
Moved temporarily to unstable to fix NixOS#313350 Also vendor the updated patch for NixOS#309388 from koverstreet/bcachefs-tools#263
- Loading branch information
1 parent
d6043ad
commit 1037866
Showing
2 changed files
with
99 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,92 @@ | ||
From f76ad4da12e6a65550d564bb626a1429ae75433a Mon Sep 17 00:00:00 2001 | ||
From: =?UTF-8?q?Thomas=20M=C3=BChlbacher?= <[email protected]> | ||
Date: Thu, 9 May 2024 23:52:47 +0200 | ||
Subject: [PATCH 1/2] `check_for_key` before `ask_for_passphrase` | ||
MIME-Version: 1.0 | ||
Content-Type: text/plain; charset=UTF-8 | ||
Content-Transfer-Encoding: 8bit | ||
|
||
let's always first check if there is already a key in the keyring | ||
available before we try to get the key from some more involved means. | ||
|
||
Fixes: #261 | ||
Signed-off-by: Thomas Mühlbacher <[email protected]> | ||
--- | ||
src/commands/mount.rs | 13 +++++++++++-- | ||
src/key.rs | 4 +++- | ||
2 files changed, 14 insertions(+), 3 deletions(-) | ||
|
||
diff --git a/src/commands/mount.rs b/src/commands/mount.rs | ||
index 9414c77f..34a741cb 100644 | ||
--- a/src/commands/mount.rs | ||
+++ b/src/commands/mount.rs | ||
@@ -344,8 +344,17 @@ fn cmd_mount_inner(opt: Cli) -> anyhow::Result<()> { | ||
if block_devices_to_mount.len() == 0 { | ||
Err(anyhow::anyhow!("No device found from specified parameters"))?; | ||
} | ||
- // Check if the filesystem's master key is encrypted | ||
- if unsafe { bcachefs::bch2_sb_is_encrypted_and_locked(block_devices_to_mount[0].sb) } { | ||
+ | ||
+ let key_name = CString::new(format!( | ||
+ "bcachefs:{}", | ||
+ block_devices_to_mount[0].sb().uuid() | ||
+ )) | ||
+ .unwrap(); | ||
+ | ||
+ // Check if the filesystem's master key is encrypted and we don't have a key | ||
+ if unsafe { bcachefs::bch2_sb_is_encrypted_and_locked(block_devices_to_mount[0].sb) } | ||
+ && !key::check_for_key(&key_name)? | ||
+ { | ||
// First by password_file, if available | ||
let fallback_to_unlock_policy = if let Some(passphrase_file) = &opt.passphrase_file { | ||
match key::read_from_passphrase_file(&block_devices_to_mount[0], passphrase_file.as_path()) { | ||
diff --git a/src/key.rs b/src/key.rs | ||
index d0018805..568b3cdb 100644 | ||
--- a/src/key.rs | ||
+++ b/src/key.rs | ||
@@ -58,7 +58,7 @@ impl fmt::Display for UnlockPolicy { | ||
} | ||
} | ||
|
||
-fn check_for_key(key_name: &std::ffi::CStr) -> anyhow::Result<bool> { | ||
+pub fn check_for_key(key_name: &std::ffi::CStr) -> anyhow::Result<bool> { | ||
use bch_bindgen::keyutils::{self, keyctl_search}; | ||
let key_name = key_name.to_bytes_with_nul().as_ptr() as *const _; | ||
let key_type = c_str!("user"); | ||
@@ -86,10 +86,12 @@ fn wait_for_unlock(uuid: &uuid::Uuid) -> anyhow::Result<()> { | ||
} | ||
} | ||
|
||
+// blocks indefinitely if no input is available on stdin | ||
fn ask_for_passphrase(sb: &bch_sb_handle) -> anyhow::Result<()> { | ||
let passphrase = if stdin().is_terminal() { | ||
rpassword::prompt_password("Enter passphrase: ")? | ||
} else { | ||
+ info!("Trying to read passphrase from stdin..."); | ||
let mut line = String::new(); | ||
stdin().read_line(&mut line)?; | ||
line | ||
|
||
From 734ccc58f42c3cccb0960bdd84808839e2b62ca9 Mon Sep 17 00:00:00 2001 | ||
From: =?UTF-8?q?Thomas=20M=C3=BChlbacher?= <[email protected]> | ||
Date: Sun, 12 May 2024 19:39:19 +0200 | ||
Subject: [PATCH 2/2] fix unfortunate typo | ||
|
||
causes mounting encrypted devices to become stuck in a busy loop. | ||
--- | ||
include/crypto/skcipher.h | 2 +- | ||
1 file changed, 1 insertion(+), 1 deletion(-) | ||
|
||
diff --git a/include/crypto/skcipher.h b/include/crypto/skcipher.h | ||
index 70905a5a..833729dc 100644 | ||
--- a/include/crypto/skcipher.h | ||
+++ b/include/crypto/skcipher.h | ||
@@ -112,7 +112,7 @@ static inline void skcipher_request_set_sync_tfm(struct skcipher_request *req, | ||
skcipher_request_set_tfm(req, &tfm->base); | ||
} | ||
|
||
-#define skcipher_request_set_callback(...) do {} while (9) | ||
+#define skcipher_request_set_callback(...) do {} while (0) | ||
|
||
static inline void skcipher_request_set_crypt( | ||
struct skcipher_request *req, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters