Fix shared activation for dm-verity devices.

CRYPT_ACTIVATE_SHARED flag was silently ignored while activating dm-verity devices by libcryptsetup. This was a bug. DM verity shared activation is generaly safe (single mapped data device in multiple DM verity tables) since all verity devices are read only. The CRYPT_ACTIVATE_SHARED flag also fixes a race condition when multiple processes compete for the same DM device name (all dm-verity) while using same backing data device. The exclusive open check in-before verity activation could fail DM table load for a process that otherwise successfully acquired DM device name (succeed in creating the DM device). This could (in some cases) result in all processes competening for the DM verity device to fail and none would activate the DM verity device.
2025-12-05 16:00:05 +01:00 · 2024-07-23 15:13:04 +02:00
parent 81507cdf12
commit 42e36206a0
1 changed files with 2 additions and 1 deletions
--- a/lib/verity/verity.c
+++ b/lib/verity/verity.c
@@ -338,7 +338,8 @@ int VERITY_activate(struct crypt_device *cd,
 	if (r)
 		goto out;

-	r = device_block_adjust(cd, crypt_data_device(cd), DEV_EXCL,
+	r = device_block_adjust(cd, crypt_data_device(cd),
+				activation_flags & CRYPT_ACTIVATE_SHARED ? DEV_OK : DEV_EXCL,
 				0, &dmd.size, &dmd.flags);
 	if (r)
 		goto out;