From: Lennart Poettering Date: Thu, 10 Jun 2021 08:21:08 +0000 (+0200) Subject: cryptsetup: improve error message when key files to load are too large X-Git-Tag: v249-rc1~43^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F19878%2Fhead;p=thirdparty%2Fsystemd.git cryptsetup: improve error message when key files to load are too large Let's make this easier to grok for users. Prompted-by: #19193 --- diff --git a/src/cryptsetup/cryptsetup-keyfile.c b/src/cryptsetup/cryptsetup-keyfile.c index 55c1442ed6e..924555d262f 100644 --- a/src/cryptsetup/cryptsetup-keyfile.c +++ b/src/cryptsetup/cryptsetup-keyfile.c @@ -26,6 +26,8 @@ int find_key_file( READ_FULL_FILE_SECURE|READ_FULL_FILE_WARN_WORLD_READABLE|READ_FULL_FILE_CONNECT_SOCKET, bindname, (char**) ret_key, ret_key_size); + if (r == -E2BIG) + return log_error_errno(r, "Key file '%s' too large.", key_file); if (r < 0) return log_error_errno(r, "Failed to load key file '%s': %m", key_file); @@ -46,6 +48,10 @@ int find_key_file( (char**) ret_key, ret_key_size); if (r >= 0) return 1; + if (r == -E2BIG) { + log_warning_errno(r, "Key file '%s' too large, ignoring.", key_file); + continue; + } if (r != -ENOENT) return log_error_errno(r, "Failed to load key file '%s': %m", key_file); } diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c index 89b8377ea6d..64a7f5bc375 100644 --- a/src/cryptsetup/cryptsetup.c +++ b/src/cryptsetup/cryptsetup.c @@ -1261,6 +1261,10 @@ static int attach_luks_or_plain_or_bitlk_by_key_file( READ_FULL_FILE_SECURE|READ_FULL_FILE_WARN_WORLD_READABLE|READ_FULL_FILE_CONNECT_SOCKET, bindname, &kfdata, &kfsize); + if (r == -E2BIG) { + log_error_errno(r, "Failed to activate, key file '%s' too large.", key_file); + return -EAGAIN; + } if (r == -ENOENT) { log_error_errno(r, "Failed to activate, key file '%s' missing.", key_file); return -EAGAIN; /* Log actual error, but return EAGAIN */