tree-wide: enable/disable libcrypsetup debug output depending on our level

Avoid always setting to debug, as it will incur in many more callbacks from
libcrypsetup that then get discarded, wasting resources.

diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c
index 6d3f842dbe1ec5fb5f6bf7d70ec3ff0b574f67ac..8be9c9acac9fb409d01a0da40d6e069e752d834e 100644 (file)
--- a/src/cryptsetup/cryptsetup.c
+++ b/src/cryptsetup/cryptsetup.c
@@ -839,10 +839,7 @@ static int run(int argc, char *argv[]) {
 
         log_setup_service();
 
-        crypt_set_log_callback(NULL, cryptsetup_log_glue, NULL);
-        if (DEBUG_LOGGING)
-                /* libcryptsetup won't even consider debug messages by default */
-                crypt_set_debug_level(CRYPT_DEBUG_ALL);
+        cryptsetup_enable_logging(cd);
 
         umask(0022);
 
@@ -906,7 +903,7 @@ static int run(int argc, char *argv[]) {
                 if (r < 0)
                         return log_error_errno(r, "crypt_init() failed: %m");
 
-                crypt_set_log_callback(cd, cryptsetup_log_glue, NULL);
+                cryptsetup_enable_logging(cd);
 
                 status = crypt_status(cd, argv[2]);
                 if (IN_SET(status, CRYPT_ACTIVE, CRYPT_BUSY)) {
@@ -1032,7 +1029,7 @@ static int run(int argc, char *argv[]) {
                 if (r < 0)
                         return log_error_errno(r, "crypt_init_by_name() failed: %m");
 
-                crypt_set_log_callback(cd, cryptsetup_log_glue, NULL);
+                cryptsetup_enable_logging(cd);
 
                 r = crypt_deactivate(cd, argv[2]);
                 if (r < 0)

diff --git a/src/home/homework-luks.c b/src/home/homework-luks.c
index b0f237c51b26d6ceb3500b96010d221610cc813a..1eb08e14231188c156bef6d92f099457a86d4d73 100644 (file)
--- a/src/home/homework-luks.c
+++ b/src/home/homework-luks.c
@@ -238,7 +238,7 @@ static int luks_setup(
         if (r < 0)
                 return log_error_errno(r, "Failed to allocate libcryptsetup context: %m");
 
-        crypt_set_log_callback(cd, cryptsetup_log_glue, NULL);
+        cryptsetup_enable_logging(cd);
 
         r = crypt_load(cd, CRYPT_LUKS2, NULL);
         if (r < 0)
@@ -338,7 +338,7 @@ static int luks_open(
         if (r < 0)
                 return log_error_errno(r, "Failed to initialize cryptsetup context for %s: %m", dm_name);
 
-        crypt_set_log_callback(cd, cryptsetup_log_glue, NULL);
+        cryptsetup_enable_logging(cd);
 
         r = crypt_load(cd, CRYPT_LUKS2, NULL);
         if (r < 0)
@@ -1335,7 +1335,7 @@ int home_deactivate_luks(UserRecord *h) {
         else {
                 log_info("Discovered used LUKS device %s.", dm_node);
 
-                crypt_set_log_callback(cd, cryptsetup_log_glue, NULL);
+                cryptsetup_enable_logging(cd);
 
                 r = crypt_deactivate(cd, dm_name);
                 if (IN_SET(r, -ENODEV, -EINVAL, -ENOENT)) {
@@ -1494,7 +1494,7 @@ static int luks_format(
         if (r < 0)
                 return log_error_errno(r, "Failed to allocate libcryptsetup context: %m");
 
-        crypt_set_log_callback(cd, cryptsetup_log_glue, NULL);
+        cryptsetup_enable_logging(cd);
 
         /* Normally we'd, just leave volume key generation to libcryptsetup. However, we can't, since we
          * can't extract the volume key from the library again, but we need it in order to encrypt the JSON
@@ -2971,7 +2971,7 @@ int home_lock_luks(UserRecord *h) {
                 return log_error_errno(r, "Failed to initialize cryptsetup context for %s: %m", dm_name);
 
         log_info("Discovered used LUKS device %s.", dm_node);
-        crypt_set_log_callback(cd, cryptsetup_log_glue, NULL);
+        cryptsetup_enable_logging(cd);
 
         if (syncfs(root_fd) < 0) /* Snake oil, but let's better be safe than sorry */
                 return log_error_errno(errno, "Failed to synchronize file system %s: %m", p);
@@ -3036,7 +3036,7 @@ int home_unlock_luks(UserRecord *h, PasswordCache *cache) {
                 return log_error_errno(r, "Failed to initialize cryptsetup context for %s: %m", dm_name);
 
         log_info("Discovered used LUKS device %s.", dm_node);
-        crypt_set_log_callback(cd, cryptsetup_log_glue, NULL);
+        cryptsetup_enable_logging(cd);
 
         r = -ENOKEY;
         FOREACH_POINTER(list, cache->pkcs11_passwords, cache->fido2_passwords, h->password) {

diff --git a/src/partition/growfs.c b/src/partition/growfs.c
index 98a7e4d31de1037ef541d5e592b574a1de45831f..2728cb8ba8c2216da478f728751a04a132a84346 100644 (file)
--- a/src/partition/growfs.c
+++ b/src/partition/growfs.c
@@ -56,7 +56,7 @@ static int resize_crypt_luks_device(dev_t devno, const char *fstype, dev_t main_
         if (r < 0)
                 return log_error_errno(r, "crypt_init(\"%s\") failed: %m", devpath);
 
-        crypt_set_log_callback(cd, cryptsetup_log_glue, NULL);
+        cryptsetup_enable_logging(cd);
 
         r = crypt_load(cd, CRYPT_LUKS, NULL);
         if (r < 0)
@@ -85,9 +85,7 @@ static int maybe_resize_underlying_device(const char *mountpath, dev_t main_devn
         int r;
 
 #if HAVE_LIBCRYPTSETUP
-        crypt_set_log_callback(NULL, cryptsetup_log_glue, NULL);
-        if (DEBUG_LOGGING)
-                crypt_set_debug_level(CRYPT_DEBUG_ALL);
+        cryptsetup_enable_logging(NULL);
 #endif
 
         r = get_block_device_harder(mountpath, &devno);

diff --git a/src/shared/crypt-util.c b/src/shared/crypt-util.c
index 20bdc5489e5b145a6391d06641fcc322fa6f36fe..52bd12bb8da1c3e7c75f8b40ed6c5e6efc8fcc63 100644 (file)
--- a/src/shared/crypt-util.c
+++ b/src/shared/crypt-util.c
@@ -4,7 +4,7 @@
 #include "crypt-util.h"
 #include "log.h"
 
-void cryptsetup_log_glue(int level, const char *msg, void *usrptr) {
+static void cryptsetup_log_glue(int level, const char *msg, void *usrptr) {
         switch (level) {
         case CRYPT_LOG_NORMAL:
                 level = LOG_NOTICE;
@@ -25,4 +25,10 @@ void cryptsetup_log_glue(int level, const char *msg, void *usrptr) {
 
         log_full(level, "%s", msg);
 }
+
+void cryptsetup_enable_logging(struct crypt_device *cd) {
+        crypt_set_log_callback(cd, cryptsetup_log_glue, NULL);
+        crypt_set_debug_level(DEBUG_LOGGING ? CRYPT_DEBUG_ALL : CRYPT_DEBUG_NONE);
+}
+
 #endif

diff --git a/src/shared/crypt-util.h b/src/shared/crypt-util.h
index c25b11599c5d85ac39ea5950b1b13c546ccbeff7..b9f465fbc189124601752b9f32dbc94183370d55 100644 (file)
--- a/src/shared/crypt-util.h
+++ b/src/shared/crypt-util.h
@@ -8,5 +8,5 @@
 
 DEFINE_TRIVIAL_CLEANUP_FUNC(struct crypt_device *, crypt_free);
 
-void cryptsetup_log_glue(int level, const char *msg, void *usrptr);
+void cryptsetup_enable_logging(struct crypt_device *cd);
 #endif

diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c
index 66b7ec528461b6982d0aa62dd622684c3e34ef0b..f41d1a0e485f7cc6e95fd8effea854d94e20ee3c 100644 (file)
--- a/src/shared/dissect-image.c
+++ b/src/shared/dissect-image.c
@@ -1277,7 +1277,7 @@ static int decrypt_partition(
         if (r < 0)
                 return log_debug_errno(r, "Failed to initialize dm-crypt: %m");
 
-        crypt_set_log_callback(cd, cryptsetup_log_glue, NULL);
+        cryptsetup_enable_logging(cd);
 
         r = crypt_load(cd, CRYPT_LUKS, NULL);
         if (r < 0)
@@ -1399,7 +1399,7 @@ static int verity_partition(
         if (r < 0)
                 return r;
 
-        crypt_set_log_callback(cd, cryptsetup_log_glue, NULL);
+        cryptsetup_enable_logging(cd);
 
         r = crypt_load(cd, CRYPT_VERITY, NULL);
         if (r < 0)

diff --git a/src/veritysetup/veritysetup.c b/src/veritysetup/veritysetup.c
index e475402d9d46eaef9b2b75930525c1367373b2f0..753777b6ad8bb7babc74fe8129c5e9549f495bd7 100644 (file)
--- a/src/veritysetup/veritysetup.c
+++ b/src/veritysetup/veritysetup.c
@@ -73,7 +73,7 @@ static int run(int argc, char *argv[]) {
                 if (r < 0)
                         return log_error_errno(r, "Failed to open verity device %s: %m", argv[4]);
 
-                crypt_set_log_callback(cd, cryptsetup_log_glue, NULL);
+                cryptsetup_enable_logging(cd);
 
                 status = crypt_status(cd, argv[2]);
                 if (IN_SET(status, CRYPT_ACTIVE, CRYPT_BUSY)) {
@@ -124,7 +124,7 @@ static int run(int argc, char *argv[]) {
                 if (r < 0)
                         return log_error_errno(r, "crypt_init_by_name() failed: %m");
 
-                crypt_set_log_callback(cd, cryptsetup_log_glue, NULL);
+                cryptsetup_enable_logging(cd);
 
                 r = crypt_deactivate(cd, argv[2]);
                 if (r < 0)