public inbox for lvm2-cvs@sourceware.org help / color / mirror / Atom feed
From: mbroz@sourceware.org To: lvm-devel@redhat.com, lvm2-cvs@sourceware.org Subject: LVM2 ./WHATS_NEW_DM libdm/libdevmapper.h libdm ... Date: Fri, 04 Feb 2011 16:08:00 -0000 [thread overview] Message-ID: <20110204160813.1233.qmail@sourceware.org> (raw) CVSROOT: /cvs/lvm2 Module name: LVM2 Changes by: mbroz@sourceware.org 2011-02-04 16:08:12 Modified files: . : WHATS_NEW_DM libdm : libdevmapper.h libdm-common.c libdm/ioctl : libdm-iface.c libdm-targets.h libdm/misc : dm-ioctl.h Log message: Suport DM_SECURE_DATA_FLAG. It will be user for cryptsetup to ensure buffers are properly wiped when sending sensitive data (key). Patches: http://sourceware.org/cgi-bin/cvsweb.cgi/LVM2/WHATS_NEW_DM.diff?cvsroot=lvm2&r1=1.440&r2=1.441 http://sourceware.org/cgi-bin/cvsweb.cgi/LVM2/libdm/libdevmapper.h.diff?cvsroot=lvm2&r1=1.133&r2=1.134 http://sourceware.org/cgi-bin/cvsweb.cgi/LVM2/libdm/libdm-common.c.diff?cvsroot=lvm2&r1=1.107&r2=1.108 http://sourceware.org/cgi-bin/cvsweb.cgi/LVM2/libdm/ioctl/libdm-iface.c.diff?cvsroot=lvm2&r1=1.89&r2=1.90 http://sourceware.org/cgi-bin/cvsweb.cgi/LVM2/libdm/ioctl/libdm-targets.h.diff?cvsroot=lvm2&r1=1.27&r2=1.28 http://sourceware.org/cgi-bin/cvsweb.cgi/LVM2/libdm/misc/dm-ioctl.h.diff?cvsroot=lvm2&r1=1.7&r2=1.8 --- LVM2/WHATS_NEW_DM 2011/01/28 11:41:51 1.440 +++ LVM2/WHATS_NEW_DM 2011/02/04 16:08:11 1.441 @@ -1,5 +1,6 @@ Version 1.02.62 - =================================== + Add dm_task_secure_data to libdevmapper to wipe ioctl buffers in kernel. Set DM_UDEV_DISABLE_OTHER_RULES_FLAG for suspended DM devices in udev rules. Initialize pool object for each row in _output_as_rows(). --- LVM2/libdm/libdevmapper.h 2011/01/10 13:42:31 1.133 +++ LVM2/libdm/libdevmapper.h 2011/02/04 16:08:11 1.134 @@ -184,6 +184,7 @@ int dm_task_skip_lockfs(struct dm_task *dmt); int dm_task_query_inactive_table(struct dm_task *dmt); int dm_task_suppress_identical_reload(struct dm_task *dmt); +int dm_task_secure_data(struct dm_task *dmt); /* * Control read_ahead. --- LVM2/libdm/libdm-common.c 2011/01/12 20:42:51 1.107 +++ LVM2/libdm/libdm-common.c 2011/02/04 16:08:12 1.108 @@ -200,6 +200,7 @@ dmt->cookie_set = 0; dmt->query_inactive_table = 0; dmt->new_uuid = 0; + dmt->secure_data = 0; return dmt; } --- LVM2/libdm/ioctl/libdm-iface.c 2011/01/31 11:54:55 1.89 +++ LVM2/libdm/ioctl/libdm-iface.c 2011/02/04 16:08:12 1.90 @@ -1273,6 +1273,13 @@ return 1; } +int dm_task_secure_data(struct dm_task *dmt) +{ + dmt->secure_data = 1; + + return 1; +} + int dm_task_query_inactive_table(struct dm_task *dmt) { dmt->query_inactive_table = 1; @@ -1521,6 +1528,8 @@ dmi->flags |= DM_READONLY_FLAG; if (dmt->skip_lockfs) dmi->flags |= DM_SKIP_LOCKFS_FLAG; + if (dmt->secure_data) + dmi->flags |= DM_SECURE_DATA_FLAG; if (dmt->query_inactive_table) { if (_dm_version_minor < 16) log_warn("WARNING: Inactive table query unsupported " @@ -1737,6 +1746,7 @@ task->read_only = dmt->read_only; task->head = dmt->head; task->tail = dmt->tail; + task->secure_data = dmt->secure_data; r = dm_task_run(task); @@ -1940,7 +1950,7 @@ } log_debug("dm %s %s%s %s%s%s %s%.0d%s%.0d%s" - "%s%c%c%s%s %.0" PRIu64 " %s [%u]", + "%s%c%c%s%s%s %.0" PRIu64 " %s [%u]", _cmd_data_v4[dmt->type].name, dmt->new_uuid ? "UUID " : "", dmi->name, dmi->uuid, dmt->newname ? " " : "", @@ -1954,6 +1964,7 @@ dmt->no_open_count ? 'N' : 'O', dmt->no_flush ? 'N' : 'F', dmt->skip_lockfs ? "S " : "", + dmt->secure_data ? "W " : "", dmt->query_inactive_table ? "I " : "", dmt->sector, _sanitise_message(dmt->message), dmi->data_size); --- LVM2/libdm/ioctl/libdm-targets.h 2010/10/15 01:10:28 1.27 +++ LVM2/libdm/ioctl/libdm-targets.h 2011/02/04 16:08:12 1.28 @@ -63,6 +63,7 @@ uint64_t existing_table_size; int cookie_set; int new_uuid; + int secure_data; char *uuid; }; --- LVM2/libdm/misc/dm-ioctl.h 2010/10/25 11:44:21 1.7 +++ LVM2/libdm/misc/dm-ioctl.h 2011/02/04 16:08:12 1.8 @@ -269,9 +269,9 @@ #define DM_DEV_SET_GEOMETRY _IOWR(DM_IOCTL, DM_DEV_SET_GEOMETRY_CMD, struct dm_ioctl) #define DM_VERSION_MAJOR 4 -#define DM_VERSION_MINOR 19 +#define DM_VERSION_MINOR 20 #define DM_VERSION_PATCHLEVEL 0 -#define DM_VERSION_EXTRA "-ioctl (2010-10-14)" +#define DM_VERSION_EXTRA "-ioctl (2011-02-02)" /* Status bits */ #define DM_READONLY_FLAG (1 << 0) /* In/Out */ @@ -330,4 +330,10 @@ */ #define DM_UUID_FLAG (1 << 14) /* In */ +/* + * If set, all buffers are wiped after use. Used when sending + * or requesting sensitive data like crypt key. + */ +#define DM_SECURE_DATA_FLAG (1 << 15) /* In */ + #endif /* _LINUX_DM_IOCTL_H */
next reply other threads:[~2011-02-04 16:08 UTC|newest] Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top 2011-02-04 16:08 mbroz [this message] -- strict thread matches above, loose matches on Subject: below -- 2012-03-02 17:31 zkabelac 2012-02-23 22:45 zkabelac 2012-02-15 12:23 prajnoha 2012-02-15 11:39 prajnoha 2012-02-15 11:27 prajnoha 2012-01-11 12:34 prajnoha 2011-12-21 12:47 zkabelac 2011-09-29 8:53 zkabelac 2011-09-22 17:36 prajnoha 2011-09-22 17:23 prajnoha 2011-09-22 17:17 prajnoha 2011-09-22 17:09 prajnoha 2011-08-19 16:26 agk 2011-03-10 12:48 zkabelac 2011-02-18 14:38 zkabelac 2011-01-04 14:43 prajnoha 2010-10-25 13:13 zkabelac 2010-10-15 1:10 agk 2010-04-28 13:37 prajnoha 2009-11-13 12:43 prajnoha 2009-10-22 12:55 prajnoha 2009-06-03 11:40 agk
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20110204160813.1233.qmail@sourceware.org \ --to=mbroz@sourceware.org \ --cc=lvm-devel@redhat.com \ --cc=lvm2-cvs@sourceware.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).