From 6e15709374d1486af0c4ce2908176875e539ac83 Mon Sep 17 00:00:00 2001 From: David Zeuthen Date: Thu, 5 Jul 2012 14:20:27 -0400 Subject: [PATCH] When setting up LUKS, erase the cleartext device rather than the cryptotext one That way the cryptotext device will be full of noise instead of zeroes, that way not conveying that there isn't a lot of data on the device. Signed-off-by: David Zeuthen --- src/udiskslinuxblock.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/src/udiskslinuxblock.c b/src/udiskslinuxblock.c index d0b490f..f4b9a5c 100644 --- a/src/udiskslinuxblock.c +++ b/src/udiskslinuxblock.c @@ -2052,8 +2052,11 @@ handle_format (UDisksBlock *block, goto out; } - /* Erase the device, if requested */ - if (erase_type != NULL) + /* Erase the device, if requested + * + * (but not if using encryption, we want to erase the cleartext device, see below) + */ + if (erase_type != NULL && encrypt_passphrase == NULL) { if (!erase_device (block, object, daemon, caller_uid, erase_type, &error)) { @@ -2165,6 +2168,17 @@ handle_format (UDisksBlock *block, block_to_mkfs = block; } + /* If using encryption, now erase the cleartext device (if requested) */ + if (encrypt_passphrase != NULL && erase_type != NULL) + { + if (!erase_device (block_to_mkfs, object_to_mkfs, daemon, caller_uid, erase_type, &error)) + { + g_prefix_error (&error, "Error erasing cleartext device: "); + g_dbus_method_invocation_take_error (invocation, error); + goto out; + } + } + /* Set label, if needed */ if (g_variant_lookup (options, "label", "&s", &label)) { -- 2.7.4