diff options
| author | Blazej Kucman <blazej.kucman@intel.com> | 2024-03-22 12:51:18 +0100 |
|---|---|---|
| committer | Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com> | 2024-04-02 08:29:07 +0200 |
| commit | 336e13fc5ef43bc5b4633a9dadac5f7208e6c241 (patch) | |
| tree | 0d832318dc73ed2b209bafe80ae7d0d0c6895dd0 /config.c | |
| parent | Add reading SATA encryption information (diff) | |
| download | mdadm-336e13fc5ef43bc5b4633a9dadac5f7208e6c241.tar.xz mdadm-336e13fc5ef43bc5b4633a9dadac5f7208e6c241.zip | |
Add key ENCRYPTION_NO_VERIFY to conf
Add ENCRYPTION_NO_VERIFY config key and allow to disable checking
encryption status for given type of drives.
The key is introduced because of SATA Opal disks for which TPM commands
must be enabled in libata kernel module, (libata.allow_tpm=1), otherwise
it is impossible to verify encryption status. TPM commands are disabled by
default.
Currently the key only supports the "sata_opal" value, if necessary,
the functionality is ready to support more types of disks. This
functionality will be used in the next patches.
Signed-off-by: Blazej Kucman <blazej.kucman@intel.com>
Signed-off-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com>
Diffstat (limited to 'config.c')
| -rw-r--r-- | config.c | 25 |
1 files changed, 24 insertions, 1 deletions
@@ -81,7 +81,7 @@ char DefaultAltConfDir[] = CONFFILE2 ".d"; enum linetype { Devices, Array, Mailaddr, Mailfrom, Program, CreateDev, Homehost, HomeCluster, AutoMode, Policy, PartPolicy, Sysfs, - MonitorDelay, LTEnd }; + MonitorDelay, EncryptionNoVerify, LTEnd }; char *keywords[] = { [Devices] = "devices", [Array] = "array", @@ -96,6 +96,7 @@ char *keywords[] = { [PartPolicy]="part-policy", [Sysfs] = "sysfs", [MonitorDelay] = "monitordelay", + [EncryptionNoVerify] = "ENCRYPTION_NO_VERIFY", [LTEnd] = NULL }; @@ -729,6 +730,19 @@ void monitordelayline(char *line) } } +static bool sata_opal_encryption_no_verify; +void encryption_no_verify_line(char *line) +{ + char *word; + + for (word = dl_next(line); word != line; word = dl_next(word)) { + if (strcasecmp(word, "sata_opal") == 0) + sata_opal_encryption_no_verify = true; + else + pr_err("unrecognised word on ENCRYPTION_NO_VERIFY line: %s\n", word); + } +} + char auto_yes[] = "yes"; char auto_no[] = "no"; char auto_homehost[] = "homehost"; @@ -913,6 +927,9 @@ void conf_file(FILE *f) case MonitorDelay: monitordelayline(line); break; + case EncryptionNoVerify: + encryption_no_verify_line(line); + break; default: pr_err("Unknown keyword %s\n", line); } @@ -1075,6 +1092,12 @@ int conf_get_monitor_delay(void) return monitor_delay; } +bool conf_get_sata_opal_encryption_no_verify(void) +{ + load_conffile(); + return sata_opal_encryption_no_verify; +} + struct createinfo *conf_get_create_info(void) { load_conffile(); |