dissect-image: lazily deactivate decrypted DM volumes

The DM block device may be still used by other processes.
author: Yu Watanabe <watanabe.yu+github@gmail.com> 2022-09-14 04:48:16 +0200
committer: Yu Watanabe <watanabe.yu+github@gmail.com> 2022-09-18 00:27:22 +0200
commit: ea16d7f48e23fef6f5db9a95fe9a679a7027048a (patch)
tree: ad83be491a0ff6cad3efa6be1b229e6260b46897
parent: measure: rename measure_pcr() to measure_kernel() (diff)
download: systemd-ea16d7f48e23fef6f5db9a95fe9a679a7027048a.tar.xz
systemd-ea16d7f48e23fef6f5db9a95fe9a679a7027048a.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c
index 5eaff64f87..5e4883a7a7 100644
--- a/src/shared/dissect-image.c
+++ b/src/shared/dissect-image.c
@@ -1567,7 +1567,8 @@ DecryptedImage* decrypted_image_unref(DecryptedImage* d) {
                 DecryptedPartition *p = d->decrypted + i;
 
                 if (p->device && p->name && !p->relinquished) {
-                        r = sym_crypt_deactivate_by_name(p->device, p->name, 0);
+                        /* Let's deactivate lazily, as the dm volume may be already/still used by other processes. */
+                        r = sym_crypt_deactivate_by_name(p->device, p->name, CRYPT_DEACTIVATE_DEFERRED);
                         if (r < 0)
                                 log_debug_errno(r, "Failed to deactivate encrypted partition %s", p->name);
                 }
author	Yu Watanabe <watanabe.yu+github@gmail.com>	2022-09-14 04:48:16 +0200
committer	Yu Watanabe <watanabe.yu+github@gmail.com>	2022-09-18 00:27:22 +0200
commit	ea16d7f48e23fef6f5db9a95fe9a679a7027048a (patch)
tree	ad83be491a0ff6cad3efa6be1b229e6260b46897
parent	measure: rename measure_pcr() to measure_kernel() (diff)
download	systemd-ea16d7f48e23fef6f5db9a95fe9a679a7027048a.tar.xz systemd-ea16d7f48e23fef6f5db9a95fe9a679a7027048a.zip