From: Michal Sekletár Date: Wed, 27 Nov 2019 13:27:58 +0000 (+0100) Subject: cryptsetup: reduce the chance that we will be OOM killed X-Git-Tag: v244~22 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=408c81f62454684dfbff1c95ce3210d06f256e58;p=platform%2Fupstream%2Fsystemd.git cryptsetup: reduce the chance that we will be OOM killed cryptsetup introduced optional locking scheme that should serialize unlocking keyslots which use memory hard key derivation function (argon2). Using the serialization should prevent OOM situation in early boot while unlocking encrypted volumes. --- diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c index 553b1af..8723eb4 100644 --- a/src/cryptsetup/cryptsetup.c +++ b/src/cryptsetup/cryptsetup.c @@ -599,6 +599,12 @@ static uint32_t determine_flags(void) { if (arg_submit_from_crypt_cpus) flags |= CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS; +#ifdef CRYPT_ACTIVATE_SERIALIZE_MEMORY_HARD_PBKDF + /* Try to decrease the risk of OOM event if memory hard key derivation function is in use */ + /* https://gitlab.com/cryptsetup/cryptsetup/issues/446/ */ + flags |= CRYPT_ACTIVATE_SERIALIZE_MEMORY_HARD_PBKDF; +#endif + return flags; }