[slx-dmsetup] Fix dm-crypt usage by making sure we get an encryption key

1 files changed, 8 insertions, 2 deletions

diff --git a/modules.d/slx-dmsetup/scripts/dmsetup-slx-device b/modules.d/slx-dmsetup/scripts/dmsetup-slx-device
index 65ee94b5..e01b1f97 100755
--- a/modules.d/slx-dmsetup/scripts/dmsetup-slx-device
+++ b/modules.d/slx-dmsetup/scripts/dmsetup-slx-device
@@ -142,7 +142,7 @@ parse_config_int() {
 # dmsetup_create_noudevsync <name> [table]
 dmsetup_create_noudevsync() {
 	(
-		set -o errexit
+		set -eo pipefail
 		if [ -n "$2" ]; then
 			printf "%s\n" "$2" | dmsetup create "$1" --noudevsync
 		else
@@ -151,6 +151,7 @@ dmsetup_create_noudevsync() {
 		dmsetup mknodes --noudevsync "$1"
 	)
 	local ret=$?
+	[ -b "/dev/mapper/$1" ] || ret=99
 	[ $ret -ne 0 ] && dmsetup remove --noudevsync "$1"
 	return $ret
 }
@@ -162,7 +163,12 @@ encrypt_device() {
 	[ -b "$1" ] || return 1
 	[ -n "$2" ] || return 1
 	[ -z "$3" ] && local size="$( blockdev --getsz "$1" )"
-	local key="$(head -c32 /dev/random | xxd -c32 -p)"
+	local key
+	key="$( < /dev/urandom xxd -c32 -p -l32 )"
+	[ -z "$key" ] && key="$( < /dev/urandom  tr -c -d 'a-f0-9' | dd count=1 bs=32 )"
+	[ -z "$key" ] && key="$( < /dev/urandom  head -c32 | xxd -c32 -p )"
+	[ -z "$key" ] && key="$( < /dev/urandom  xxd -c32 -p | head -n 1 )"
+	[ -z "$key" ] && echo "$0: ERROR: Could not generate encryption key"
 	if ! dmsetup_create_noudevsync "$2" \
 		"0 ${3:-${size}} crypt aes-xts-plain64 $key 0 $1 0 1 allow_discards"; then
 		echo "$0: Failed to encrypt $1."