fscrypt: create a new blank key sized according to the passphrase #4464
Commits on Mar 6, 2024
-
cephfs: return
ErrBadAuthduring keyFn retryfscrypt will infinitely retry the keyFn during an auth failure, preventing the csi driver from progressing when configured with an invalid passphrase See also: https://github.com/google/fscrypt/blob/8c12cd64ab471d0a73ef4c300d7c40077cad5d5d/actions/callback.go#L102-L106 Signed-off-by: Michael Fritch <mfritch@suse.com>
-
cephfs: create a new blank key sized according to the passphrase
Padding a passphrase with null chars to arrive at a 32-byte length later forces a user to also pass null chars via the term when attempting to manually unlock a subvolume via the fscrypt cli tools. This also had a side-effect of truncating any longer length passphrase down to a shorter 32-byte length. fixup for: cfea8d7 dd0e198 Signed-off-by: Michael Fritch <mfritch@suse.com>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.