From: David Zeuthen Date: Thu, 5 Jul 2012 18:20:27 +0000 (-0400) Subject: When setting up LUKS, erase the cleartext device rather than the cryptotext one X-Git-Tag: upstream/2.1.2~187 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=6e15709374d1486af0c4ce2908176875e539ac83;p=platform%2Fupstream%2Fudisks2.git When setting up LUKS, erase the cleartext device rather than the cryptotext one That way the cryptotext device will be full of noise instead of zeroes, that way not conveying that there isn't a lot of data on the device. Signed-off-by: David Zeuthen --- diff --git a/src/udiskslinuxblock.c b/src/udiskslinuxblock.c index d0b490f..f4b9a5c 100644 --- a/src/udiskslinuxblock.c +++ b/src/udiskslinuxblock.c @@ -2052,8 +2052,11 @@ handle_format (UDisksBlock *block, goto out; } - /* Erase the device, if requested */ - if (erase_type != NULL) + /* Erase the device, if requested + * + * (but not if using encryption, we want to erase the cleartext device, see below) + */ + if (erase_type != NULL && encrypt_passphrase == NULL) { if (!erase_device (block, object, daemon, caller_uid, erase_type, &error)) { @@ -2165,6 +2168,17 @@ handle_format (UDisksBlock *block, block_to_mkfs = block; } + /* If using encryption, now erase the cleartext device (if requested) */ + if (encrypt_passphrase != NULL && erase_type != NULL) + { + if (!erase_device (block_to_mkfs, object_to_mkfs, daemon, caller_uid, erase_type, &error)) + { + g_prefix_error (&error, "Error erasing cleartext device: "); + g_dbus_method_invocation_take_error (invocation, error); + goto out; + } + } + /* Set label, if needed */ if (g_variant_lookup (options, "label", "&s", &label)) {