agent: handle encrypted ephemeral storage for CCW block devices

VirtioBlkCcwHandler::create_device was calling common_storage_handler
directly, bypassing the handle_block_storage function that checks for
the encryption_key=ephemeral driver option. This meant that encrypted
emptyDir volumes on s390x would attempt a plain mount of the raw block
device instead of setting up dm-crypt via the CDH, resulting in an
EINVAL mount error.

Route CCW block devices through handle_block_storage, matching the
pattern used by VirtioBlkPciHandler.

Fixes: failed to mount /dev/vda to .../storage/..., EINVAL

Signed-off-by: Fabiano Fidêncio <ffidencio@nvidia.com>
This commit is contained in:
Fabiano Fidêncio
2026-05-16 12:07:12 +02:00
parent 10b9ab38ab
commit 1a4074ab2e

View File

@@ -163,8 +163,8 @@ impl StorageHandler for VirtioBlkCcwHandler {
let ccw_device = ccw::Device::from_str(&storage.source)?;
let dev_path = get_virtio_blk_ccw_device_name(ctx.sandbox, &ccw_device).await?;
storage.source = dev_path;
let path = common_storage_handler(ctx.logger, &storage)?;
new_device(path)
let dev_num = get_device_number(&storage.source, None)?;
handle_block_storage(ctx.logger, &storage, &dev_num).await
}
#[cfg(not(target_arch = "s390x"))]