From 9cf530f3e158d461912fdc9010eff12361ec6aeb Mon Sep 17 00:00:00 2001 From: John Baublitz Date: Tue, 21 Jan 2025 11:45:41 -0500 Subject: [PATCH] Increase token slot area for V2 pools --- src/bin/utils/predict_usage.rs | 4 +- src/engine/mod.rs | 2 +- .../strat_engine/backstore/backstore/v2.rs | 10 +-- .../strat_engine/backstore/blockdev/v1.rs | 5 +- src/engine/strat_engine/crypt/consts.rs | 6 +- src/engine/strat_engine/crypt/handle/v1.rs | 36 +++++++--- src/engine/strat_engine/crypt/handle/v2.rs | 67 +++++++++---------- src/engine/strat_engine/crypt/mod.rs | 4 +- src/engine/strat_engine/crypt/shared.rs | 24 +++++-- src/engine/strat_engine/engine.rs | 4 +- src/engine/strat_engine/mod.rs | 2 +- src/engine/strat_engine/pool/inspection.rs | 9 ++- 12 files changed, 96 insertions(+), 77 deletions(-) diff --git a/src/bin/utils/predict_usage.rs b/src/bin/utils/predict_usage.rs index 268452757b..da757520ce 100644 --- a/src/bin/utils/predict_usage.rs +++ b/src/bin/utils/predict_usage.rs @@ -14,7 +14,7 @@ use serde_json::{json, Value}; use devicemapper::{Bytes, Sectors}; use stratisd::engine::{ - crypt_metadata_size, integrity_meta_space, ThinPoolSizeParams, ValidatedIntegritySpec, BDA, + crypt_metadata_size_v2, integrity_meta_space, ThinPoolSizeParams, ValidatedIntegritySpec, BDA, }; // 2^FS_SIZE_START_POWER is the logical size of the smallest Stratis @@ -195,7 +195,7 @@ fn predict_pool_metadata_usage( }) .collect::, _>>()?; - let crypt_metadata_size = crypt_metadata_size(); + let crypt_metadata_size = crypt_metadata_size_v2(); let crypt_metadata_size_sectors = crypt_metadata_size.sectors(); // verify that crypt metadata size is divisible by sector size assert_eq!(crypt_metadata_size_sectors.bytes(), crypt_metadata_size); diff --git a/src/engine/mod.rs b/src/engine/mod.rs index df0a86c2fc..1fb03a5b4a 100644 --- a/src/engine/mod.rs +++ b/src/engine/mod.rs @@ -13,7 +13,7 @@ pub use self::{ shared::{total_allocated, total_used}, sim_engine::SimEngine, strat_engine::{ - crypt_metadata_size, get_dm, get_dm_init, integrity_meta_space, register_clevis_token, + crypt_metadata_size_v2, get_dm, get_dm_init, integrity_meta_space, register_clevis_token, set_up_crypt_logging, unshare_mount_namespace, StaticHeader, StaticHeaderResult, StratEngine, StratKeyActions, ThinPoolSizeParams, BDA, CLEVIS_TANG_TRUST_URL, }, diff --git a/src/engine/strat_engine/backstore/backstore/v2.rs b/src/engine/strat_engine/backstore/backstore/v2.rs index ed10235457..5a037fb659 100644 --- a/src/engine/strat_engine/backstore/backstore/v2.rs +++ b/src/engine/strat_engine/backstore/backstore/v2.rs @@ -23,7 +23,7 @@ use crate::{ blockdevmgr::BlockDevMgr, cache_tier::CacheTier, data_tier::DataTier, devices::UnownedDevices, shared::BlockSizeSummary, }, - crypt::{crypt_metadata_size, handle::v2::CryptHandle}, + crypt::{crypt_metadata_size_v2, handle::v2::CryptHandle}, dm::{get_dm, list_of_backstore_devices, remove_optional_devices, DEVICEMAPPER_PATH}, metadata::{MDADataSize, BDA}, names::{format_backstore_ids, CacheRole}, @@ -455,7 +455,7 @@ impl Backstore { crypt_meta_allocs: Vec::new(), }; - let size = crypt_metadata_size().sectors(); + let size = crypt_metadata_size_v2().sectors(); if !backstore.meta_alloc_cache(&[size])? { return Err(StratisError::Msg(format!( "Failed to satisfy request in backstore for {size}" @@ -1174,7 +1174,7 @@ mod tests { strat_engine::{ backstore::devices::{ProcessedPathInfos, UnownedDevices}, cmd, - crypt::crypt_metadata_size, + crypt::crypt_metadata_size_v2, metadata::device_identifiers, ns::{unshare_mount_namespace, MemoryFilesystem}, tests::{crypt, loopbacked, real}, @@ -1202,7 +1202,7 @@ mod tests { assert_eq!( backstore.data_tier.allocated(), match (&backstore.origin, &backstore.cache) { - (None, None) => crypt_metadata_size().sectors(), + (None, None) => crypt_metadata_size_v2().sectors(), (&None, Some(cache)) => cache.size(), (Some(linear), &None) => linear.size(), _ => panic!("impossible; see first assertion"), @@ -1500,7 +1500,7 @@ mod tests { // Allocate space from the backstore so that the cap device is made. backstore - .alloc(pool_uuid, &[2u64 * crypt_metadata_size().sectors()]) + .alloc(pool_uuid, &[2u64 * crypt_metadata_size_v2().sectors()]) .unwrap() .unwrap(); diff --git a/src/engine/strat_engine/backstore/blockdev/v1.rs b/src/engine/strat_engine/backstore/blockdev/v1.rs index dd628fca0f..6fe789c287 100644 --- a/src/engine/strat_engine/backstore/blockdev/v1.rs +++ b/src/engine/strat_engine/backstore/blockdev/v1.rs @@ -18,7 +18,6 @@ use devicemapper::{Device, Sectors}; use crate::{ engine::{ - crypt_metadata_size, engine::{BlockDev, DumpState}, strat_engine::{ backstore::{ @@ -26,7 +25,7 @@ use crate::{ devices::BlockSizes, range_alloc::{PerDevSegments, RangeAllocator}, }, - crypt::handle::v1::CryptHandle, + crypt::{crypt_metadata_size_v1, handle::v1::CryptHandle}, device::blkdev_size, metadata::{ disown_device, static_header, BlockdevSize, MDADataSize, MetadataLocation, @@ -302,7 +301,7 @@ impl StratBlockDev { pub fn scan_blkdev_size(physical_path: &Path, is_encrypted: bool) -> StratisResult { Ok(blkdev_size(&File::open(physical_path)?)?.sectors() - if is_encrypted { - crypt_metadata_size().sectors() + crypt_metadata_size_v1().sectors() } else { Sectors(0) }) diff --git a/src/engine/strat_engine/crypt/consts.rs b/src/engine/strat_engine/crypt/consts.rs index d4f953fa1e..e0d36faf4a 100644 --- a/src/engine/strat_engine/crypt/consts.rs +++ b/src/engine/strat_engine/crypt/consts.rs @@ -4,7 +4,7 @@ use libc::c_uint; -use devicemapper::{Bytes, IEC}; +use devicemapper::{Bytes, Sectors, IEC}; // Stratis token JSON keys pub const TOKEN_TYPE_KEY: &str = "type"; @@ -32,8 +32,10 @@ pub const LUKS2_SECTOR_SIZE: Bytes = Bytes(4096); /// tang server does not need to be verified. pub const CLEVIS_TANG_TRUST_URL: &str = "stratis:tang:trust_url"; -pub const DEFAULT_CRYPT_METADATA_SIZE: Bytes = Bytes(16 * IEC::Ki as u128); +pub const DEFAULT_CRYPT_METADATA_SIZE_V1: Bytes = Bytes(16 * IEC::Ki as u128); +pub const DEFAULT_CRYPT_METADATA_SIZE_V2: Bytes = Bytes(64 * IEC::Ki as u128); pub const DEFAULT_CRYPT_KEYSLOTS_SIZE: Bytes = Bytes(16352 * IEC::Ki as u128); +pub const DEFAULT_CRYPT_DATA_OFFSET_V2: Sectors = Sectors(34816); pub const CLEVIS_TOKEN_NAME: &str = "clevis\0"; diff --git a/src/engine/strat_engine/crypt/handle/v1.rs b/src/engine/strat_engine/crypt/handle/v1.rs index 7e2625fd21..bbba1ebc07 100644 --- a/src/engine/strat_engine/crypt/handle/v1.rs +++ b/src/engine/strat_engine/crypt/handle/v1.rs @@ -34,12 +34,13 @@ use crate::{ cmd::{clevis_decrypt, clevis_luks_bind, clevis_luks_regen, clevis_luks_unbind}, crypt::{ consts::{ - CLEVIS_LUKS_TOKEN_ID, DEFAULT_CRYPT_KEYSLOTS_SIZE, DEFAULT_CRYPT_METADATA_SIZE, - LUKS2_TOKEN_ID, STRATIS_MEK_SIZE, STRATIS_TOKEN_DEVNAME_KEY, - STRATIS_TOKEN_DEV_UUID_KEY, STRATIS_TOKEN_ID, STRATIS_TOKEN_POOLNAME_KEY, - STRATIS_TOKEN_POOL_UUID_KEY, STRATIS_TOKEN_TYPE, TOKEN_KEYSLOTS_KEY, - TOKEN_TYPE_KEY, + CLEVIS_LUKS_TOKEN_ID, DEFAULT_CRYPT_KEYSLOTS_SIZE, + DEFAULT_CRYPT_METADATA_SIZE_V1, LUKS2_TOKEN_ID, STRATIS_MEK_SIZE, + STRATIS_TOKEN_DEVNAME_KEY, STRATIS_TOKEN_DEV_UUID_KEY, STRATIS_TOKEN_ID, + STRATIS_TOKEN_POOLNAME_KEY, STRATIS_TOKEN_POOL_UUID_KEY, STRATIS_TOKEN_TYPE, + TOKEN_KEYSLOTS_KEY, TOKEN_TYPE_KEY, }, + crypt_metadata_size_v1, shared::{ acquire_crypt_device, activate, activate_by_token, add_keyring_keyslot, check_luks2_token, clevis_info_from_metadata, device_from_physical_path, @@ -573,7 +574,7 @@ impl CryptHandle { physical_path.display() ); device.settings_handle().set_metadata_size( - MetadataSize::try_from(convert_int!(*DEFAULT_CRYPT_METADATA_SIZE, u128, u64)?)?, + MetadataSize::try_from(convert_int!(*DEFAULT_CRYPT_METADATA_SIZE_V1, u128, u64)?)?, KeyslotsSize::try_from(convert_int!(*DEFAULT_CRYPT_KEYSLOTS_SIZE, u128, u64)?)?, )?; Self::initialize_with_err(&mut device, physical_path, pool_uuid, dev_uuid, &pool_name, encryption_info, luks2_params.as_ref()) @@ -663,7 +664,11 @@ impl CryptHandle { .context_handle() .load::<()>(Some(EncryptionFormat::Luks2), None) { - return Err(wipe_fallback(physical_path, StratisError::from(e))); + return Err(wipe_fallback( + physical_path, + DEFAULT_CRYPT_METADATA_SIZE_V1, + StratisError::from(e), + )); } device.keyslot_handle().destroy(keyslot)?; @@ -695,7 +700,11 @@ impl CryptHandle { .context_handle() .load::<()>(Some(EncryptionFormat::Luks2), None) { - return Err(wipe_fallback(physical_path, StratisError::from(e))); + return Err(wipe_fallback( + physical_path, + DEFAULT_CRYPT_METADATA_SIZE_V1, + StratisError::from(e), + )); } Ok(()) @@ -725,6 +734,11 @@ impl CryptHandle { physical_path.display() ); + assert_eq!( + *crypt_metadata_size_v1().sectors(), + device.status_handle().get_data_offset() + ); + match encryption_info { EncryptionInfo::Both(kd, (pin, config)) => { let mut parsed_config = config.clone(); @@ -1143,8 +1157,8 @@ mod tests { strat_engine::{ crypt::{ consts::{ - CLEVIS_LUKS_TOKEN_ID, DEFAULT_CRYPT_KEYSLOTS_SIZE, DEFAULT_CRYPT_METADATA_SIZE, - LUKS2_TOKEN_ID, STRATIS_MEK_SIZE, + CLEVIS_LUKS_TOKEN_ID, DEFAULT_CRYPT_KEYSLOTS_SIZE, + DEFAULT_CRYPT_METADATA_SIZE_V1, LUKS2_TOKEN_ID, STRATIS_MEK_SIZE, }, shared::acquire_crypt_device, }, @@ -1421,7 +1435,7 @@ mod tests { ) .unwrap(); let (metadata, keyslot) = context.settings_handle().get_metadata_size().unwrap(); - assert_eq!(DEFAULT_CRYPT_METADATA_SIZE, Bytes::from(*metadata)); + assert_eq!(DEFAULT_CRYPT_METADATA_SIZE_V1, Bytes::from(*metadata)); assert_eq!(DEFAULT_CRYPT_KEYSLOTS_SIZE, Bytes::from(*keyslot)); } diff --git a/src/engine/strat_engine/crypt/handle/v2.rs b/src/engine/strat_engine/crypt/handle/v2.rs index d514de406e..98f8f0a3ad 100644 --- a/src/engine/strat_engine/crypt/handle/v2.rs +++ b/src/engine/strat_engine/crypt/handle/v2.rs @@ -33,8 +33,9 @@ use crate::{ cmd::{clevis_decrypt, clevis_luks_bind, clevis_luks_regen, clevis_luks_unbind}, crypt::{ consts::{ - CLEVIS_LUKS_TOKEN_ID, DEFAULT_CRYPT_KEYSLOTS_SIZE, DEFAULT_CRYPT_METADATA_SIZE, - LUKS2_TOKEN_ID, STRATIS_MEK_SIZE, + CLEVIS_LUKS_TOKEN_ID, DEFAULT_CRYPT_DATA_OFFSET_V2, + DEFAULT_CRYPT_KEYSLOTS_SIZE, DEFAULT_CRYPT_METADATA_SIZE_V2, LUKS2_TOKEN_ID, + STRATIS_MEK_SIZE, }, shared::{ acquire_crypt_device, activate, activate_by_token, add_keyring_keyslot, @@ -275,10 +276,6 @@ impl CryptHandle { nothing to clean up", physical_path.display() ); - device.settings_handle().set_metadata_size( - MetadataSize::try_from(convert_int!(*DEFAULT_CRYPT_METADATA_SIZE, u128, u64)?)?, - KeyslotsSize::try_from(convert_int!(*DEFAULT_CRYPT_KEYSLOTS_SIZE, u128, u64)?)?, - )?; Self::initialize_with_err(&mut device, physical_path, pool_uuid, encryption_info, luks2_params.as_ref()) .and_then(|path| clevis_info_from_metadata(&mut device).map(|ci| (path, ci))) .and_then(|(_, clevis_info)| { @@ -366,7 +363,11 @@ impl CryptHandle { .context_handle() .load::<()>(Some(EncryptionFormat::Luks2), None) { - return Err(wipe_fallback(physical_path, StratisError::from(e))); + return Err(wipe_fallback( + physical_path, + DEFAULT_CRYPT_METADATA_SIZE_V2, + StratisError::from(e), + )); } device.keyslot_handle().destroy(keyslot)?; @@ -398,7 +399,11 @@ impl CryptHandle { .context_handle() .load::<()>(Some(EncryptionFormat::Luks2), None) { - return Err(wipe_fallback(physical_path, StratisError::from(e))); + return Err(wipe_fallback( + physical_path, + DEFAULT_CRYPT_METADATA_SIZE_V2, + StratisError::from(e), + )); } Ok(()) @@ -414,6 +419,12 @@ impl CryptHandle { let mut luks2_params_ref: Option> = luks2_params.map(|lp| lp.try_into()).transpose()?; + device.settings_handle().set_metadata_size( + MetadataSize::try_from(convert_int!(*DEFAULT_CRYPT_METADATA_SIZE_V2, u128, u64)?)?, + KeyslotsSize::try_from(convert_int!(*DEFAULT_CRYPT_KEYSLOTS_SIZE, u128, u64)?)?, + )?; + device.set_data_offset(*DEFAULT_CRYPT_DATA_OFFSET_V2)?; + log_on_failure!( device.context_handle().format::>( EncryptionFormat::Luks2, @@ -426,6 +437,11 @@ impl CryptHandle { physical_path.display() ); + assert_eq!( + *DEFAULT_CRYPT_DATA_OFFSET_V2, + device.status_handle().get_data_offset() + ); + match encryption_info { EncryptionInfo::Both(kd, (pin, config)) => { let mut parsed_config = config.clone(); @@ -780,17 +796,14 @@ mod tests { }; use devicemapper::{Bytes, Sectors, IEC}; - use libcryptsetup_rs::{ - consts::vals::{CryptStatusInfo, EncryptionFormat}, - CryptInit, Either, - }; + use libcryptsetup_rs::consts::vals::CryptStatusInfo; use crate::engine::{ strat_engine::{ crypt::{ consts::{ - CLEVIS_LUKS_TOKEN_ID, DEFAULT_CRYPT_KEYSLOTS_SIZE, DEFAULT_CRYPT_METADATA_SIZE, - LUKS2_TOKEN_ID, STRATIS_MEK_SIZE, + CLEVIS_LUKS_TOKEN_ID, DEFAULT_CRYPT_KEYSLOTS_SIZE, + DEFAULT_CRYPT_METADATA_SIZE_V2, LUKS2_TOKEN_ID, }, shared::acquire_crypt_device, }, @@ -977,28 +990,6 @@ mod tests { ); } - #[test] - fn loop_test_crypt_metadata_defaults() { - fn test_defaults(paths: &[&Path]) { - let mut context = CryptInit::init(paths[0]).unwrap(); - context - .context_handle() - .format::<()>( - EncryptionFormat::Luks2, - ("aes", "xts-plain64"), - None, - Either::Right(STRATIS_MEK_SIZE), - None, - ) - .unwrap(); - let (metadata, keyslot) = context.settings_handle().get_metadata_size().unwrap(); - assert_eq!(DEFAULT_CRYPT_METADATA_SIZE, Bytes::from(*metadata)); - assert_eq!(DEFAULT_CRYPT_KEYSLOTS_SIZE, Bytes::from(*keyslot)); - } - - loopbacked::test_with_spec(&loopbacked::DeviceLimits::Exactly(1, None), test_defaults); - } - #[test] // Test passing an unusual, larger sector size for cryptsetup. 4096 should // be no smaller than the physical sector size of the loop device, and @@ -1114,6 +1105,10 @@ mod tests { .unwrap(); let mut device = acquire_crypt_device(handle.luks2_device_path()).unwrap(); + let (metadata, keyslot) = device.settings_handle().get_metadata_size().unwrap(); + assert_eq!(DEFAULT_CRYPT_METADATA_SIZE_V2, Bytes::from(*metadata)); + assert_eq!(DEFAULT_CRYPT_KEYSLOTS_SIZE, Bytes::from(*keyslot)); + assert!(device.token_handle().json_get(CLEVIS_LUKS_TOKEN_ID).is_ok()); assert!(device.token_handle().json_get(LUKS2_TOKEN_ID).is_err()); } diff --git a/src/engine/strat_engine/crypt/mod.rs b/src/engine/strat_engine/crypt/mod.rs index cf08bb5752..caed9cbfca 100644 --- a/src/engine/strat_engine/crypt/mod.rs +++ b/src/engine/strat_engine/crypt/mod.rs @@ -12,7 +12,7 @@ mod shared; pub use self::{ consts::CLEVIS_TANG_TRUST_URL, shared::{ - back_up_luks_header, crypt_metadata_size, register_clevis_token, restore_luks_header, - set_up_crypt_logging, + back_up_luks_header, crypt_metadata_size_v1, crypt_metadata_size_v2, register_clevis_token, + restore_luks_header, set_up_crypt_logging, }, }; diff --git a/src/engine/strat_engine/crypt/shared.rs b/src/engine/strat_engine/crypt/shared.rs index ef65070f2f..233481dec8 100644 --- a/src/engine/strat_engine/crypt/shared.rs +++ b/src/engine/strat_engine/crypt/shared.rs @@ -35,9 +35,9 @@ use crate::{ cmd::clevis_decrypt, crypt::consts::{ CLEVIS_LUKS_TOKEN_ID, CLEVIS_RECURSION_LIMIT, CLEVIS_TANG_TRUST_URL, - CLEVIS_TOKEN_NAME, DEFAULT_CRYPT_KEYSLOTS_SIZE, DEFAULT_CRYPT_METADATA_SIZE, - LUKS2_SECTOR_SIZE, LUKS2_TOKEN_ID, LUKS2_TOKEN_TYPE, TOKEN_KEYSLOTS_KEY, - TOKEN_TYPE_KEY, + CLEVIS_TOKEN_NAME, DEFAULT_CRYPT_DATA_OFFSET_V2, DEFAULT_CRYPT_KEYSLOTS_SIZE, + DEFAULT_CRYPT_METADATA_SIZE_V1, LUKS2_SECTOR_SIZE, LUKS2_TOKEN_ID, + LUKS2_TOKEN_TYPE, TOKEN_KEYSLOTS_KEY, TOKEN_TYPE_KEY, }, dm::get_dm, keys, @@ -623,7 +623,11 @@ fn ceiling_sector_size_alignment(bytes: Bytes) -> Bytes { /// Fallback method for wiping a crypt device where a handle to the encrypted device /// cannot be acquired. -pub fn wipe_fallback(path: &Path, causal_error: StratisError) -> StratisError { +pub fn wipe_fallback( + path: &Path, + metadata_size: Bytes, + causal_error: StratisError, +) -> StratisError { let mut file = match OpenOptions::new().write(true).open(path) { Ok(f) => f, Err(e) => { @@ -633,7 +637,7 @@ pub fn wipe_fallback(path: &Path, causal_error: StratisError) -> StratisError { } } }; - let size = match convert_int!(*crypt_metadata_size(), u128, usize) { + let size = match convert_int!(*metadata_size, u128, usize) { Ok(s) => s, Err(e) => { return StratisError::NoActionRollbackError { @@ -771,8 +775,14 @@ pub fn key_desc_from_metadata(device: &mut CryptDevice) -> Option { } // Bytes occupied by crypt metadata -pub fn crypt_metadata_size() -> Bytes { - 2u64 * DEFAULT_CRYPT_METADATA_SIZE + ceiling_sector_size_alignment(DEFAULT_CRYPT_KEYSLOTS_SIZE) +pub fn crypt_metadata_size_v1() -> Bytes { + 2u64 * DEFAULT_CRYPT_METADATA_SIZE_V1 + + ceiling_sector_size_alignment(DEFAULT_CRYPT_KEYSLOTS_SIZE) +} + +// Bytes occupied by crypt metadata +pub fn crypt_metadata_size_v2() -> Bytes { + DEFAULT_CRYPT_DATA_OFFSET_V2.bytes() } /// Back up the LUKS2 header to a temporary file. diff --git a/src/engine/strat_engine/engine.rs b/src/engine/strat_engine/engine.rs index 1de9e4184f..45147b040b 100644 --- a/src/engine/strat_engine/engine.rs +++ b/src/engine/strat_engine/engine.rs @@ -900,7 +900,7 @@ mod test { engine::Pool, strat_engine::{ cmd, - crypt::crypt_metadata_size, + crypt::crypt_metadata_size_v1, ns::unshare_mount_namespace, tests::{crypt, loopbacked, real, FailDevice}, }, @@ -1107,7 +1107,7 @@ mod test { } fail_device - .start_failing(*crypt_metadata_size().sectors()) + .start_failing(*crypt_metadata_size_v1().sectors()) .unwrap(); assert_matches!(catch_unwind(move || operation(&mut pool)), Err(_)); diff --git a/src/engine/strat_engine/mod.rs b/src/engine/strat_engine/mod.rs index 37fd872abf..1db2e66989 100644 --- a/src/engine/strat_engine/mod.rs +++ b/src/engine/strat_engine/mod.rs @@ -31,7 +31,7 @@ pub use self::pool::inspection as pool_inspection; pub use self::{ backstore::integrity_meta_space, crypt::{ - crypt_metadata_size, register_clevis_token, set_up_crypt_logging, CLEVIS_TANG_TRUST_URL, + crypt_metadata_size_v2, register_clevis_token, set_up_crypt_logging, CLEVIS_TANG_TRUST_URL, }, dm::{get_dm, get_dm_init}, engine::StratEngine, diff --git a/src/engine/strat_engine/pool/inspection.rs b/src/engine/strat_engine/pool/inspection.rs index 0cbe203d34..8c7fe1ad20 100644 --- a/src/engine/strat_engine/pool/inspection.rs +++ b/src/engine/strat_engine/pool/inspection.rs @@ -11,13 +11,12 @@ use devicemapper::Sectors; use crate::{ engine::{ - strat_engine::serde_structs::PoolSave, + strat_engine::{crypt::crypt_metadata_size_v2, serde_structs::PoolSave}, types::{DevUuid, IntegrityTagSpec, ValidatedIntegritySpec}, }, stratis::{StratisError, StratisResult}, }; -const SIZE_OF_CRYPT_METADATA_SECTORS: Sectors = Sectors(32768); const SIZE_OF_STRATIS_METADATA_SECTORS: Sectors = Sectors(8192); // Encodes the use for each extent. @@ -191,7 +190,7 @@ impl Allocator for CapDevice { if self.encrypted { Sectors(0) } else { - SIZE_OF_CRYPT_METADATA_SECTORS + crypt_metadata_size_v2().sectors() } } @@ -446,7 +445,7 @@ impl CryptAllocs { errors.push(format!("Crypt meta allocs offset, {start} is not 0")); } - if length != SIZE_OF_CRYPT_METADATA_SECTORS { + if length != crypt_metadata_size_v2().sectors() { errors.push(format!( "Crypt meta allocs entry has unexpected length {length}" )); @@ -539,7 +538,7 @@ impl Allocator for FlexDevice { if self.encrypted { Sectors(0) } else { - SIZE_OF_CRYPT_METADATA_SECTORS + crypt_metadata_size_v2().sectors() } }