From 76a9d607b5388dc18b5ae84fc4bf07f8463e566b Mon Sep 17 00:00:00 2001 From: mulhern Date: Tue, 15 Oct 2024 12:36:53 -0400 Subject: [PATCH 1/5] Change matches macro expansion to assert_matches matches! simply evaluates to a bool, true or false, assert_matches! causes a test failure if its condition evaluates to false. Signed-off-by: mulhern (cherry picked from commit 13058d0a7bcf27799bd1cb3a67dd082d90504c80) --- src/engine/strat_engine/backstore/backstore.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/engine/strat_engine/backstore/backstore.rs b/src/engine/strat_engine/backstore/backstore.rs index aa8f916890..47952e4fb6 100644 --- a/src/engine/strat_engine/backstore/backstore.rs +++ b/src/engine/strat_engine/backstore/backstore.rs @@ -1332,7 +1332,7 @@ mod tests { Ok(false) ); - matches!( + assert_matches!( backstore.bind_clevis( "tang", &json!({"url": env::var("TANG_URL").expect("TANG_URL env var required"), "stratis:tang:trust_url": true}) From 1d88493b7daf5cf0cba4d9cb71fc5bcec8f185f9 Mon Sep 17 00:00:00 2001 From: John Baublitz Date: Wed, 16 Oct 2024 09:39:33 -0400 Subject: [PATCH 2/5] Tidies Tidies include: * Stale logging message * Fix bug where cached metadata may be inconsistent with on-disk metadata in rollback of crypt operations * One simple workaround is to restart stratisd and this should resolve (cherry picked from commit 0dde12c4bc490ad586d177efc5467893c053f7c6) Signed-off-by: mulhern --- src/engine/strat_engine/backstore/backstore.rs | 12 ++++++++++++ src/engine/strat_engine/backstore/blockdev.rs | 9 +++++++++ src/engine/strat_engine/backstore/crypt/handle.rs | 11 +++++++++++ 3 files changed, 32 insertions(+) diff --git a/src/engine/strat_engine/backstore/backstore.rs b/src/engine/strat_engine/backstore/backstore.rs index 47952e4fb6..49a115a95e 100644 --- a/src/engine/strat_engine/backstore/backstore.rs +++ b/src/engine/strat_engine/backstore/backstore.rs @@ -1021,6 +1021,18 @@ where level: ActionAvailability::NoRequests, }; } + if let Err(e) = blockdev.reload_crypt_metadata() { + warn!( + "Failed to reload on-disk metadata for device {}: {}", + blockdev.physical_path().display(), + e, + ); + return StratisError::RollbackError { + causal_error: Box::new(causal_error), + rollback_error: Box::new(e), + level: ActionAvailability::NoRequests, + }; + } } causal_error diff --git a/src/engine/strat_engine/backstore/blockdev.rs b/src/engine/strat_engine/backstore/blockdev.rs index efc8d9b9f1..3742a4fefa 100644 --- a/src/engine/strat_engine/backstore/blockdev.rs +++ b/src/engine/strat_engine/backstore/blockdev.rs @@ -364,6 +364,15 @@ impl StratBlockDev { self.blksizes } + /// Reload the crypt metadata from disk and store in the crypt handle if the device is + /// encrypted. + pub fn reload_crypt_metadata(&mut self) -> StratisResult<()> { + match self.underlying_device.crypt_handle_mut() { + Some(handle) => handle.reload_metadata(), + None => Ok(()), + } + } + /// Bind encrypted device using the given clevis configuration. pub fn bind_clevis(&mut self, pin: &str, clevis_info: &Value) -> StratisResult<()> { let crypt_handle = self.underlying_device.crypt_handle_mut().ok_or_else(|| { diff --git a/src/engine/strat_engine/backstore/crypt/handle.rs b/src/engine/strat_engine/backstore/crypt/handle.rs index dc7330bb15..9032b952c7 100644 --- a/src/engine/strat_engine/backstore/crypt/handle.rs +++ b/src/engine/strat_engine/backstore/crypt/handle.rs @@ -427,6 +427,17 @@ impl CryptHandle { } } + /// Reload the required information for Stratis from the LUKS2 metadata. + pub fn reload_metadata(&mut self) -> StratisResult<()> { + match setup_crypt_device(self.luks2_device_path())? { + Some(ref mut device) => { + self.metadata = load_crypt_metadata(device, self.luks2_device_path())?.ok_or_else(|| StratisError::Msg("Found no crypt metadata on this device".to_string()))?; + Ok(()) + } + None => Err(StratisError::Msg("Expected device to be an encrypted device but could not acquire handle to crypt device".to_string())), + } + } + /// Get the encryption info for this encrypted device. pub fn encryption_info(&self) -> &EncryptionInfo { &self.metadata.encryption_info From 0dd8e9857d0cd16b521e808e764cdf44082caca0 Mon Sep 17 00:00:00 2001 From: mulhern Date: Wed, 16 Oct 2024 12:55:18 -0400 Subject: [PATCH 3/5] Build f40 and f39 copr repos with additional repo We require updatest-testing repo for f40 and f39 because libcryptsetup-rs 0.11.0 will not be in stable for another couple of weeks. We can remove these changes when the new release reach stable. Signed-off-by: mulhern (cherry picked from commit a914985d4baeafe3cbc7d5b65a34cd4846289ec9) --- .packit.yaml | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/.packit.yaml b/.packit.yaml index 0504a12d8b..509dd8f94e 100644 --- a/.packit.yaml +++ b/.packit.yaml @@ -30,7 +30,21 @@ jobs: - job: copr_build trigger: pull_request targets: - - fedora-all + - fedora-development + + - job: copr_build + trigger: pull_request + additional_repos: + - https://dl.fedoraproject.org/pub/fedora/linux/updates/testing/40/Everything/x86_64/ + targets: + - fedora-40 + + - job: copr_build + trigger: pull_request + additional_repos: + - https://dl.fedoraproject.org/pub/fedora/linux/updates/testing/39/Everything/x86_64/ + targets: + - fedora-39 - job: tests identifier: local From fe28677ab605e267318d1a1fc024fa65d46f0794 Mon Sep 17 00:00:00 2001 From: mulhern Date: Thu, 17 Oct 2024 14:24:04 -0400 Subject: [PATCH 4/5] Allow improper ctypes in bindgen-generated bindings https://github.com/rust-lang/rust-bindgen/issues/2845 Signed-off-by: mulhern (cherry picked from commit fb78ef7be256e04775b06626aa336d581d06cb51) --- src/systemd/bindings.rs | 1 + 1 file changed, 1 insertion(+) diff --git a/src/systemd/bindings.rs b/src/systemd/bindings.rs index 5f41b12864..e28289ff46 100644 --- a/src/systemd/bindings.rs +++ b/src/systemd/bindings.rs @@ -6,6 +6,7 @@ #![allow(non_upper_case_globals)] #![allow(non_camel_case_types)] #![allow(non_snake_case)] +#![allow(improper_ctypes)] #![allow(clippy::redundant_static_lifetimes)] #![allow(clippy::unreadable_literal)] #![allow(clippy::missing_safety_doc)] From 1c9ee4e3fc452b50c06e511eef1525728b060f99 Mon Sep 17 00:00:00 2001 From: mulhern Date: Thu, 17 Oct 2024 16:14:10 -0400 Subject: [PATCH 5/5] version 3.7.3 Signed-off-by: mulhern --- CHANGES.txt | 11 +++++++++++ Cargo.lock | 2 +- Cargo.toml | 2 +- 3 files changed, 13 insertions(+), 2 deletions(-) diff --git a/CHANGES.txt b/CHANGES.txt index cf7a5fd88e..663b740724 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,3 +1,14 @@ +stratisd 3.7.3 +============== +Recommended Rust toolchain version: 1.81.0 +Recommended development platform for Python development: Fedora 40 + +* Cherry-picked commits: + * Allow improper ctypes in bindgen-generated bindings + * Build f40 and f39 copr repos with additional repo + * Tidies + * Change matches macro expansion to assert_matches + stratisd 3.7.2 ============== Recommended Rust toolchain version: 1.81.0 diff --git a/Cargo.lock b/Cargo.lock index b7d2ad63a0..1b71d25f73 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1282,7 +1282,7 @@ dependencies = [ [[package]] name = "stratisd" -version = "3.7.2" +version = "3.7.3" dependencies = [ "assert_cmd", "assert_matches", diff --git a/Cargo.toml b/Cargo.toml index 88aad02118..6553d16adf 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "stratisd" -version = "3.7.2" +version = "3.7.3" authors.workspace = true edition.workspace = true rust-version.workspace = true