On Wed, Jan 22, 2020 at 10:14:38AM +0100, Jan Synacek wrote:
> -val inspect_decrypt : Guestfs.guestfs -> key_store -> unit
> +val inspect_decrypt : Guestfs.guestfs -> ?allow_discards:bool -> key_store -> unit
>
> (** Simple implementation of decryption: look for any [crypto_LUKS]
> partitions and decrypt them, then rescan for VGs. This only works
> for Fedora whole-disk encryption. *)
Documentation here needs a short explanation of what the
new allow_discards parameter does, and what the default is.
> diff --git a/options/decrypt.c b/options/decrypt.c
> index 683cf5e..0f24a7a 100644
> --- a/options/decrypt.c
> +++ b/options/decrypt.c
> @@ -71,7 +71,7 @@ make_mapname (const char *device, char *mapname, size_t len)
> * encryption schemes.
> */
> void
> -inspect_do_decrypt (guestfs_h *g, struct key_store *ks)
> +inspect_do_decrypt (guestfs_h *g, struct key_store *ks, int allowdiscards)
> {
> CLEANUP_FREE_STRING_LIST char **partitions = guestfs_list_partitions (g);
> if (partitions == NULL)
> @@ -101,7 +101,8 @@ inspect_do_decrypt (guestfs_h *g, struct key_store *ks)
> * is set? This might break 'mount_ro'.
> */
> guestfs_push_error_handler (g, NULL, NULL);
> - r = guestfs_luks_open (g, partitions[i], keys[j], mapname);
> + r = guestfs_luks_open_opts (g, partitions[i], keys[j], mapname,
> + GUESTFS_LUKS_OPEN_OPTS_ALLOWDISCARDS, allowdiscards, -1);
Obviously this means this patch depends on the API change :-)
[...]
> /* in decrypt.c */
> -extern void inspect_do_decrypt (guestfs_h *g, struct key_store *ks);
> +extern void inspect_do_decrypt (guestfs_h *g, struct key_store *ks, int allowdiscards);
> - inspect_do_decrypt (g, ks);
> + inspect_do_decrypt (g, ks, 0);
Kind of wonder if we want to use a C bool here instead of an int.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-builder quickly builds VMs from scratch
http://libguestfs.org/virt-builder.1.html