On Tue, 06 Dec 2022 09:29:13 +0000, luca.boccassi@xxxxxxxxx wrote:
> Usually when closing a crypto device (eg: dm-crypt with LUKS) the
> volume key is not required, as it requires root privileges anyway, and
> root can deny access to a disk in many ways regardless. Requiring the
> volume key to lock the device is a peculiarity of the OPAL
> specification.
>
> Given we might already have saved the key if the user requested it via
> the 'IOC_OPAL_SAVE' ioctl, we can use that key to lock the device if no
> key was provided here and the locking range matches, and the user sets
> the appropriate flag with 'IOC_OPAL_SAVE'. This allows integrating OPAL
> with tools and libraries that are used to the common behaviour and do
> not ask for the volume key when closing a device.
>
> [...]
Applied, thanks!
[1/1] sed-opal: allow using IOC_OPAL_SAVE for locking too
commit: c1f480b2d092960ecf8bb0bd1f27982c33ada42a
Best regards,
--
Jens Axboe
