Suport DM_SECURE_DATA_FLAG.

It will be user for cryptsetup to ensure buffers are properly
wiped when sending sensitive data (key).

diff --git a/WHATS_NEW_DM b/WHATS_NEW_DM
index 2f24c5ddf4c1fc7ca974599fcfce66f5c5eb5222..68876528fb8483a69b4a03c493f57b65f37834a2 100644 (file)
--- a/WHATS_NEW_DM
+++ b/WHATS_NEW_DM
@@ -1,5 +1,6 @@
 Version 1.02.62 - 
 ===================================
+  Add dm_task_secure_data to libdevmapper to wipe ioctl buffers in kernel.
   Set DM_UDEV_DISABLE_OTHER_RULES_FLAG for suspended DM devices in udev rules.
   Initialize pool object for each row in _output_as_rows().
 

diff --git a/libdm/ioctl/libdm-iface.c b/libdm/ioctl/libdm-iface.c
index fbe4b149bb65cbd347161ad94a00e0c28dcaee7f..956ccd53a25df3a99a2775552893424a5de05989 100644 (file)
--- a/libdm/ioctl/libdm-iface.c
+++ b/libdm/ioctl/libdm-iface.c
@@ -1273,6 +1273,13 @@ int dm_task_skip_lockfs(struct dm_task *dmt)
        return 1;
 }
 
+int dm_task_secure_data(struct dm_task *dmt)
+{
+       dmt->secure_data = 1;
+
+       return 1;
+}
+
 int dm_task_query_inactive_table(struct dm_task *dmt)
 {
        dmt->query_inactive_table = 1;
@@ -1521,6 +1528,8 @@ static struct dm_ioctl *_flatten(struct dm_task *dmt, unsigned repeat_count)
                dmi->flags |= DM_READONLY_FLAG;
        if (dmt->skip_lockfs)
                dmi->flags |= DM_SKIP_LOCKFS_FLAG;
+       if (dmt->secure_data)
+               dmi->flags |= DM_SECURE_DATA_FLAG;
        if (dmt->query_inactive_table) {
                if (_dm_version_minor < 16)
                        log_warn("WARNING: Inactive table query unsupported "
@@ -1737,6 +1746,7 @@ static int _create_and_load_v4(struct dm_task *dmt)
        task->read_only = dmt->read_only;
        task->head = dmt->head;
        task->tail = dmt->tail;
+       task->secure_data = dmt->secure_data;
 
        r = dm_task_run(task);
 
@@ -1940,7 +1950,7 @@ static struct dm_ioctl *_do_dm_ioctl(struct dm_task *dmt, unsigned command,
        }
 
        log_debug("dm %s %s%s %s%s%s %s%.0d%s%.0d%s"
-                 "%s%c%c%s%s %.0" PRIu64 " %s [%u]",
+                 "%s%c%c%s%s%s %.0" PRIu64 " %s [%u]",
                  _cmd_data_v4[dmt->type].name,
                  dmt->new_uuid ? "UUID " : "",
                  dmi->name, dmi->uuid, dmt->newname ? " " : "",
@@ -1954,6 +1964,7 @@ static struct dm_ioctl *_do_dm_ioctl(struct dm_task *dmt, unsigned command,
                  dmt->no_open_count ? 'N' : 'O',
                  dmt->no_flush ? 'N' : 'F',
                  dmt->skip_lockfs ? "S " : "",
+                 dmt->secure_data ? "W " : "",
                  dmt->query_inactive_table ? "I " : "",
                  dmt->sector, _sanitise_message(dmt->message),
                  dmi->data_size);

diff --git a/libdm/ioctl/libdm-targets.h b/libdm/ioctl/libdm-targets.h
index d8cee45395d2693f690a639efa3194148c809ba7..24c01a77d61a4b1ae9a8cdb53b1d889935f72427 100644 (file)
--- a/libdm/ioctl/libdm-targets.h
+++ b/libdm/ioctl/libdm-targets.h
@@ -63,6 +63,7 @@ struct dm_task {
        uint64_t existing_table_size;
        int cookie_set;
        int new_uuid;
+       int secure_data;
 
        char *uuid;
 };

diff --git a/libdm/libdevmapper.h b/libdm/libdevmapper.h
index eea1a6cf548b0a4a7a2c1e4635cb874c4c40ef51..d0644ffa822c0d032cc0c26019309f07bb078adc 100644 (file)
--- a/libdm/libdevmapper.h
+++ b/libdm/libdevmapper.h
@@ -184,6 +184,7 @@ int dm_task_no_open_count(struct dm_task *dmt);
 int dm_task_skip_lockfs(struct dm_task *dmt);
 int dm_task_query_inactive_table(struct dm_task *dmt);
 int dm_task_suppress_identical_reload(struct dm_task *dmt);
+int dm_task_secure_data(struct dm_task *dmt);
 
 /*
  * Control read_ahead.

diff --git a/libdm/libdm-common.c b/libdm/libdm-common.c
index a181c5f07b375a850fcdce5929fb42d9eaf70a54..0f6eb5570f7f42b1718e052aef6c3345f498bdd4 100644 (file)
--- a/libdm/libdm-common.c
+++ b/libdm/libdm-common.c
@@ -200,6 +200,7 @@ struct dm_task *dm_task_create(int type)
        dmt->cookie_set = 0;
        dmt->query_inactive_table = 0;
        dmt->new_uuid = 0;
+       dmt->secure_data = 0;
 
        return dmt;
 }

diff --git a/libdm/misc/dm-ioctl.h b/libdm/misc/dm-ioctl.h
index fb11b5c7b54a5564b68ad09b8d96482b54e0701d..c03131508484061c080e2666601d44dc668fc4f4 100644 (file)
--- a/libdm/misc/dm-ioctl.h
+++ b/libdm/misc/dm-ioctl.h
@@ -269,9 +269,9 @@ enum {
 #define DM_DEV_SET_GEOMETRY    _IOWR(DM_IOCTL, DM_DEV_SET_GEOMETRY_CMD, struct dm_ioctl)
 
 #define DM_VERSION_MAJOR       4
-#define DM_VERSION_MINOR       19
+#define DM_VERSION_MINOR       20
 #define DM_VERSION_PATCHLEVEL  0
-#define DM_VERSION_EXTRA       "-ioctl (2010-10-14)"
+#define DM_VERSION_EXTRA       "-ioctl (2011-02-02)"
 
 /* Status bits */
 #define DM_READONLY_FLAG       (1 << 0) /* In/Out */
@@ -330,4 +330,10 @@ enum {
  */
 #define DM_UUID_FLAG                   (1 << 14) /* In */
 
+/*
+ * If set, all buffers are wiped after use. Used when sending
+ * or requesting sensitive data like crypt key.
+ */
+#define DM_SECURE_DATA_FLAG            (1 << 15) /* In */
+
 #endif                         /* _LINUX_DM_IOCTL_H */