Do not filter for know label for unlock

Also use the pasword when refreshing the luks device in order to add discards as it may ask for the password Signed-off-by: Itxaka <itxaka@kairos.io>
2025-07-31 15:10:31 +00:00 · 2025-03-11 13:35:25 +01:00 · 2025-03-11 13:35:25 +01:00 · e64912f96f
commit e64912f96f
parent 437eac239c
3 changed files with 7 additions and 36 deletions
--- a/pkg/config/config.go
+++ b/pkg/config/config.go
@ -7,7 +7,6 @@ import (
 	"os"
 	"strings"

-	"github.com/gofrs/uuid"
 	"github.com/jaypipes/ghw/pkg/block"
 	"github.com/kairos-io/kairos-sdk/collector"
 	"github.com/pkg/errors"
@ -121,25 +120,3 @@ func (c Config) LookupLabelForUUID(uuid string) string {

 	return ""
 }
-
-// GetLabelForUUID returns the partition label for a known UUID
-// UUIDS are generated on luksify method
-// They are generated by setting the namespace to DNS and the name to the fs label, so they are always the same
-func (c Config) GetLabelForUUID(uuidCheck string) (string, error) {
-	persistent := uuid.NewV5(uuid.NamespaceURL, "COS_PERSISTENT")
-	oem := uuid.NewV5(uuid.NamespaceURL, "COS_OEM")
-	fmt.Printf("Checking uuid: %s\n", uuidCheck)
-	parsedUUID, err := uuid.FromString(uuidCheck)
-	if err != nil {
-		return "", err
-	}
-	switch parsedUUID {
-	case persistent:
-		return "COS_PERSISTENT", nil
-	case oem:
-		return "COS_OEM", nil
-	default:
-		return "", errors.New("no partition found with that uuid")
-
-	}
-}
--- a/pkg/lib/lock.go
+++ b/pkg/lib/lock.go
@ -189,7 +189,7 @@ func LuksifyMeasurements(label string, publicKeyPcrs []string, pcrs []string, lo
 // label is the label we will set to the formatted partition
 // password is the pass to unlock the device to be able to format the underlying mapper
 func formatLuks(device, name, mapper, label, pass string, logger types.KairosLogger) error {
-	l := logger.Logger.With().Str("device", device).Str("name", name).Str("mapper", mapper).Logger()
+	l := logger.Logger.With().Str("device", device).Str("label", label).Str("name", name).Str("mapper", mapper).Logger()
 	l.Debug().Msg("unlock")
 	if err := LuksUnlock(device, name, pass); err != nil {
 		return fmt.Errorf("unlock err: %w", err)
@ -208,9 +208,11 @@ func formatLuks(device, name, mapper, label, pass string, logger types.KairosLog
 	}

 	l.Debug().Msg("discards")
-	out, err = SH(fmt.Sprintf("cryptsetup refresh --persistent --allow-discards %s", mapper))
+	cmd := exec.Command("cryptsetup", "refresh", "--persistent", "--allow-discards", mapper)
+	cmd.Stdin = strings.NewReader(pass)
+	output, err := cmd.CombinedOutput()
 	if err != nil {
-		return fmt.Errorf("refresh err: %w, out: %s", err, out)
+		return fmt.Errorf("refresh err: %w, out: %s", err, output)
 	}

 	l.Debug().Msg("close")
--- a/pkg/lib/unlock.go
+++ b/pkg/lib/unlock.go
@ -11,7 +11,6 @@ import (
 	"github.com/kairos-io/kairos-sdk/types"
 	"github.com/kairos-io/kairos-sdk/utils"
 	"github.com/kairos-io/kcrypt/pkg/bus"
-	configpkg "github.com/kairos-io/kcrypt/pkg/config"
 	"github.com/mudler/go-pluggable"
 )

@ -26,11 +25,6 @@ func UnlockAllWithLogger(tpm bool, log types.KairosLogger) error {
 	bus.Manager.Initialize()
 	logger := log.Logger

-	config, err := configpkg.GetConfiguration(configpkg.ConfigScanDirs)
-	if err != nil {
-		logger.Info().Msgf("Warning: Could not read kcrypt configuration '%s'\n", err.Error())
-	}
-
 	blk, err := ghw.Block()
 	if err != nil {
 		logger.Warn().Msgf("Warning: Error reading partitions '%s \n", err.Error())
@ -71,10 +65,8 @@ func UnlockAllWithLogger(tpm bool, log types.KairosLogger) error {
 							logger.Warn().Msgf("Unlocking failed, command output: '%s'\n", out)
 						}
 					} else {
-						p.FilesystemLabel, err = config.GetLabelForUUID(volumeUUID)
-						if err != nil {
-							return err
-						}
+						logger.Debug().Str("uuid", volumeUUID).Str("uuidp", p.UUID).Msg("Unlocking")
+						p.UUID = volumeUUID
 						err = UnlockDisk(p)
 						if err != nil {
 							logger.Warn().Msgf("Unlocking failed: '%s'\n", err.Error())