rpms / systemd

Clone
Source Code
GIT

Blame SOURCES/0291-cryptsetup-reduce-the-chance-that-we-will-be-OOM-kil.patch

c7-beta c8s
  1.   df9c27a5985e8c0121010b72fbd996a42861b9ef
  2.   SOURCES
  3.   0291-cryptsetup-reduce-the-chance-that-we-will-be-OOM-kil.patch
Blob History Raw
ddca0b 
From 40612e4e7690c613cba7ac87b9d782724e623a39 Mon Sep 17 00:00:00 2001
ddca0b 
From: =?UTF-8?q?Michal=20Sekleta=CC=81r?= <msekleta@redhat.com>
ddca0b 
Date: Wed, 27 Nov 2019 14:27:58 +0100
ddca0b 
Subject: [PATCH] cryptsetup: reduce the chance that we will be OOM killed
ddca0b
ddca0b 
cryptsetup introduced optional locking scheme that should serialize
ddca0b 
unlocking keyslots which use memory hard key derivation
ddca0b 
function (argon2). Using the serialization should prevent OOM situation
ddca0b 
in early boot while unlocking encrypted volumes.
ddca0b
ddca0b 
(cherry picked from commit 408c81f62454684dfbff1c95ce3210d06f256e58)
ddca0b
ddca0b 
Resolves: #1696602
ddca0b 
---
ddca0b 
 src/cryptsetup/cryptsetup.c | 6 ++++++
ddca0b 
 1 file changed, 6 insertions(+)
ddca0b
ddca0b 
diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c
ddca0b 
index 4e1b3eff19..9071126c2e 100644
ddca0b 
--- a/src/cryptsetup/cryptsetup.c
ddca0b 
+++ b/src/cryptsetup/cryptsetup.c
ddca0b 
@@ -656,6 +656,12 @@ int main(int argc, char *argv[]) {
ddca0b 
                 if (arg_discards)
ddca0b 
                         flags |= CRYPT_ACTIVATE_ALLOW_DISCARDS;
ddca0b
ddca0b 
+#ifdef CRYPT_ACTIVATE_SERIALIZE_MEMORY_HARD_PBKDF
ddca0b 
+                /* Try to decrease the risk of OOM event if memory hard key derivation function is in use */
ddca0b 
+                /* https://gitlab.com/cryptsetup/cryptsetup/issues/446/ */
ddca0b 
+                flags |= CRYPT_ACTIVATE_SERIALIZE_MEMORY_HARD_PBKDF;
ddca0b 
+#endif
ddca0b 
+
ddca0b 
                 if (arg_timeout == USEC_INFINITY)
ddca0b 
                         until = 0;
ddca0b 
                 else

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation