diff options
| author | Jason Wessel <jason.wessel@windriver.com> | 2019-10-29 12:44:46 -0700 |
|---|---|---|
| committer | Jia Zhang <zhang.jia@linux.alibaba.com> | 2019-11-08 13:27:23 +0800 |
| commit | ca003d11bbce34708b9ef3822b4b684beb7a1159 (patch) | |
| tree | 1925650571a8fee947b558892c5c3d4227e80baa | |
| parent | d63b6d273b78f557ad829b05c7286b8c24d2e511 (diff) | |
| download | meta-secure-core-ca003d11bbce34708b9ef3822b4b684beb7a1159.tar.gz | |
lvm2: Fix hanging dmcrypt volumes on boot
The initrd takes care of starting the luks volumes and activing the
dmcrypt udev rules. The udev rule required a modification to deal
with volumes that had already been started, else the cold plug event
that runs at user space startup puts the dmcrypt device into a state
that systemd cannot manage it.
[ Issue: LINUXEXEC-2450 ]
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
| -rw-r--r-- | meta-encrypted-storage/recipes-support/lvm2/lvm2/0001-10-dm.rules.in-Fix-dmcrypt-hanging-on-hand-over-from.patch | 38 | ||||
| -rw-r--r-- | meta-encrypted-storage/recipes-support/lvm2/lvm2_%.bbappend | 7 |
2 files changed, 45 insertions, 0 deletions
diff --git a/meta-encrypted-storage/recipes-support/lvm2/lvm2/0001-10-dm.rules.in-Fix-dmcrypt-hanging-on-hand-over-from.patch b/meta-encrypted-storage/recipes-support/lvm2/lvm2/0001-10-dm.rules.in-Fix-dmcrypt-hanging-on-hand-over-from.patch new file mode 100644 index 0000000..0ae4669 --- /dev/null +++ b/meta-encrypted-storage/recipes-support/lvm2/lvm2/0001-10-dm.rules.in-Fix-dmcrypt-hanging-on-hand-over-from.patch | |||
| @@ -0,0 +1,38 @@ | |||
| 1 | From b655a26908ca170bf030d7bb8de6d6a96022375b Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Jason Wessel <jason.wessel@windriver.com> | ||
| 3 | Date: Mon, 28 Oct 2019 17:43:57 -0700 | ||
| 4 | Subject: [PATCH] 10-dm.rules.in: Fix dmcrypt hanging on hand over from | ||
| 5 | initramfs | ||
| 6 | |||
| 7 | If an encrypted volume has already been setup from the intiramfs, it | ||
| 8 | should not have the device nodes removed. The udevadm trigger | ||
| 9 | --action=add for the device was causing the dm managed udev rules to | ||
| 10 | fall throug to the dm_disable path, which knocks the device offline | ||
| 11 | and it is not possible to reactivate it because the initramfs shuts | ||
| 12 | down the path to obtain the key from the TPM after the boot sequence | ||
| 13 | is completed. | ||
| 14 | |||
| 15 | Upstream-Status: Pending | ||
| 16 | |||
| 17 | Signed-off-by: Jason Wessel <jason.wessel@windriver.com> | ||
| 18 | --- | ||
| 19 | udev/10-dm.rules.in | 3 ++- | ||
| 20 | 1 file changed, 2 insertions(+), 1 deletion(-) | ||
| 21 | |||
| 22 | diff --git a/udev/10-dm.rules.in b/udev/10-dm.rules.in | ||
| 23 | index b4fa52a..ccaf863 100644 | ||
| 24 | --- a/udev/10-dm.rules.in | ||
| 25 | +++ b/udev/10-dm.rules.in | ||
| 26 | @@ -84,7 +84,8 @@ LABEL="dm_flags_done" | ||
| 27 | # script to not remove the existing udev database so we can reuse the information | ||
| 28 | # stored at the time of device activation in the initrd. | ||
| 29 | ACTION!="add", GOTO="dm_no_coldplug" | ||
| 30 | -ENV{DM_UDEV_RULES_VSN}!="1", ENV{DM_UDEV_PRIMARY_SOURCE_FLAG}!="1", GOTO="dm_disable" | ||
| 31 | +ENV{DM_UDEV_RULES_VSN}=="2",GOTO="dm_no_coldplug" | ||
| 32 | +#ENV{DM_UDEV_RULES_VSN}!="1", ENV{DM_UDEV_PRIMARY_SOURCE_FLAG}!="1", GOTO="dm_disable" | ||
| 33 | ENV{DM_ACTIVATION}="1" | ||
| 34 | LABEL="dm_no_coldplug" | ||
| 35 | |||
| 36 | -- | ||
| 37 | 2.23.0 | ||
| 38 | |||
diff --git a/meta-encrypted-storage/recipes-support/lvm2/lvm2_%.bbappend b/meta-encrypted-storage/recipes-support/lvm2/lvm2_%.bbappend new file mode 100644 index 0000000..e2dd834 --- /dev/null +++ b/meta-encrypted-storage/recipes-support/lvm2/lvm2_%.bbappend | |||
| @@ -0,0 +1,7 @@ | |||
| 1 | # | ||
| 2 | # Copyright (C) 2019 Wind River Systems, Inc. | ||
| 3 | # | ||
| 4 | |||
| 5 | FILESEXTRAPATHS_prepend := "${THISDIR}/lvm2:" | ||
| 6 | |||
| 7 | SRC_URI += "file://0001-10-dm.rules.in-Fix-dmcrypt-hanging-on-hand-over-from.patch" | ||