rpm/cryptsetup
SHA256
1
0
Fork 0
forked from pool/cryptsetup
Code Pull Requests Activity
82af2dfa2d
cryptsetup/cryptsetup-Check-for-physical-memory-available-also-in-PBKDF-be.patch
Pedro Monreal Gonzalez 82af2dfa2d Accepting request 1098511 from home:pmonrealgonzalez:branches:security 
- luksFormat: Handle system with low memory and no swap space [bsc#1211079]
  * Check for physical memory available also in PBKDF benchmark.
  * Try to avoid OOM killer on low-memory systems without swap.
  * Use only half of detected free memory on systems without swap.
  * Add patches:
    - cryptsetup-Check-for-physical-memory-available-also-in-PBKDF-be.patch
    - cryptsetup-Try-to-avoid-OOM-killer-on-low-memory-systems-withou.patch
    - cryptsetup-Use-only-half-of-detected-free-memory-on-systems-wit.patch

OBS-URL: https://build.opensuse.org/request/show/1098511
OBS-URL: https://build.opensuse.org/package/show/security/cryptsetup?expand=0&rev=190
2023-07-13 11:20:07 +00:00

73 lines
2.5 KiB
Diff
Raw Blame History

From 7893c33d71cde09e240234c484c6c468f22c2fe7 Mon Sep 17 00:00:00 2001
From: Milan Broz <gmazyland@gmail.com>
Date: Mon, 3 Apr 2023 13:31:16 +0200
Subject: [PATCH] Check for physical memory available also in PBKDF benchmark.
---
lib/internal.h | 1 +
lib/utils_benchmark.c | 9 +++++++++
lib/utils_pbkdf.c | 4 ++--
3 files changed, 12 insertions(+), 2 deletions(-)
Index: cryptsetup-2.6.1/lib/internal.h
===================================================================
--- cryptsetup-2.6.1.orig/lib/internal.h
+++ cryptsetup-2.6.1/lib/internal.h
@@ -89,6 +89,7 @@ int crypt_benchmark_pbkdf_internal(struc
struct crypt_pbkdf_type *pbkdf,
size_t volume_key_size);
const char *crypt_get_cipher_spec(struct crypt_device *cd);
+uint32_t pbkdf_adjusted_phys_memory_kb(void);
/* Device backend */
struct device;
Index: cryptsetup-2.6.1/lib/utils_benchmark.c
===================================================================
--- cryptsetup-2.6.1.orig/lib/utils_benchmark.c
+++ cryptsetup-2.6.1/lib/utils_benchmark.c
@@ -101,6 +101,7 @@ int crypt_benchmark_pbkdf(struct crypt_d
{
int r, priority;
const char *kdf_opt;
+ uint32_t memory_kb;
if (!pbkdf || (!password && password_size))
return -EINVAL;
@@ -113,6 +114,14 @@ int crypt_benchmark_pbkdf(struct crypt_d
log_dbg(cd, "Running %s(%s) benchmark.", pbkdf->type, kdf_opt);
+ memory_kb = pbkdf_adjusted_phys_memory_kb();
+ if (memory_kb < pbkdf->max_memory_kb) {
+ log_dbg(cd, "Not enough physical memory detected, "
+ "PBKDF max memory decreased from %dkB to %dkB.",
+ pbkdf->max_memory_kb, memory_kb);
+ pbkdf->max_memory_kb = memory_kb;
+ }
+
crypt_process_priority(cd, &priority, true);
r = crypt_pbkdf_perf(pbkdf->type, pbkdf->hash, password, password_size,
salt, salt_size, volume_key_size, pbkdf->time_ms,
Index: cryptsetup-2.6.1/lib/utils_pbkdf.c
===================================================================
--- cryptsetup-2.6.1.orig/lib/utils_pbkdf.c
+++ cryptsetup-2.6.1/lib/utils_pbkdf.c
@@ -61,7 +61,7 @@ const struct crypt_pbkdf_type *crypt_get
return NULL;
}
-static uint32_t adjusted_phys_memory(void)
+uint32_t pbkdf_adjusted_phys_memory_kb(void)
{
uint64_t memory_kb = crypt_getphysmemory_kb();
@@ -249,7 +249,7 @@ int init_pbkdf_type(struct crypt_device
}
if (cd_pbkdf->max_memory_kb) {
- memory_kb = adjusted_phys_memory();
+ memory_kb = pbkdf_adjusted_phys_memory_kb();
if (cd_pbkdf->max_memory_kb > memory_kb) {
log_dbg(cd, "Not enough physical memory detected, "
"PBKDF max memory decreased from %dkB to %dkB.",
View Git Blame Copy Permalink