Print warning when keyslot requires more memory than available

This warning is displayed only if maximum memory was adjusted:
no swap, not enough memory, but is not printed if user set keyslot
memory cost above default limit intentionally.

In the latter case we have to check all available memory and guess
if swap is enough - this is not job af cryptsetup and also
it should not excessively parse any /sys files during keyslot open.

lib/luks2/luks2_keyslot_luks2.c

@@ -307,7 +307,7 @@ static int luks2_keyslot_get_key(struct crypt_device *cd,
 	char *volume_key, size_t volume_key_len)
 {
 	struct volume_key *derived_key = NULL;
-	struct crypt_pbkdf_type pbkdf;
+	struct crypt_pbkdf_type pbkdf, *cd_pbkdf;
 	char *AfKey = NULL;
 	size_t AFEKSize;
 	const char *af_hash = NULL;
@@ -360,6 +360,16 @@ static int luks2_keyslot_get_key(struct crypt_device *cd,
 		goto out;
 	}
 
+	/*
+	 * Print warning when keyslot requires more memory than available
+	 * (if maximum memory was adjusted - no swap, not enough memory),
+	 * but be silent if user set keyslot memory cost above default limit intentionally.
+	 */
+	cd_pbkdf = crypt_get_pbkdf(cd);
+	if (cd_pbkdf->max_memory_kb && pbkdf.max_memory_kb > cd_pbkdf->max_memory_kb &&
+	    pbkdf.max_memory_kb <= DEFAULT_LUKS2_MEMORY_KB)
+		log_std(cd, _("Warning: keyslot operation could fail as it requires more than available memory.\n"));
+
 	/*
 	 * If requested, serialize unlocking for memory-hard KDF. Usually NOOP.
 	 */