From 26fbc5aa05562103bc96d87fd379b1dfc2951577 Mon Sep 17 00:00:00 2001
From: Ondrej Kozina <okozina@redhat.com>
Date: Mon, 31 May 2021 19:08:14 +0200
Subject: [PATCH] cryptsetup: Fix misplaced assert.

Seems the assert should be placed in-before decrypted_key
pointer is passed to libcryptsetup API.

Original placement would trigger abort in case tpm2
hw was not present in the system while required
to activate crypt devices.
---
 src/cryptsetup/cryptsetup.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c
index dd84018c174..287069766c7 100644
--- a/src/cryptsetup/cryptsetup.c
+++ b/src/cryptsetup/cryptsetup.c
@@ -1140,7 +1140,6 @@ static int attach_luks_or_plain_or_bitlk_by_tpm2(
                         if (r != -EAGAIN) /* EAGAIN means: no tpm2 chip found */
                                 return r;
                 }
-                assert(decrypted_key);
 
                 if (!monitor) {
                         /* We didn't find the TPM2 device. In this case, watch for it via udev. Let's create
@@ -1181,6 +1180,7 @@ static int attach_luks_or_plain_or_bitlk_by_tpm2(
 
                 log_debug("Got one or more potentially relevant udev events, rescanning for TPM2...");
         }
+        assert(decrypted_key);
 
         if (pass_volume_key)
                 r = crypt_activate_by_volume_key(cd, name, decrypted_key, decrypted_key_size, flags);
-- 
2.47.3