diff --git a/usr/share/rear/lib/layout-functions.sh b/usr/share/rear/lib/layout-functions.sh index 0dfd0015cf..d6167e2848 100644 --- a/usr/share/rear/lib/layout-functions.sh +++ b/usr/share/rear/lib/layout-functions.sh @@ -221,7 +221,9 @@ generate_layout_dependencies() { opaldisk) dev=$(echo "$remainder" | cut -d " " -f "1") add_component "opaldisk:$dev" "opaldisk" - add_dependency "$dev" "opaldisk:$dev" + for disk in $(opal_device_disks "$dev"); do + add_dependency "$disk" "opaldisk:$dev" + done ;; esac done < $LAYOUT_FILE diff --git a/usr/share/rear/lib/opal-functions.sh b/usr/share/rear/lib/opal-functions.sh index 12b80097e5..2bbd09931a 100644 --- a/usr/share/rear/lib/opal-functions.sh +++ b/usr/share/rear/lib/opal-functions.sh @@ -17,7 +17,8 @@ # # Functions in this section are meant to be used independently from ReaR. They do not rely on any external -# script code unless. Return codes must be checked by the caller. +# script code unless stated otherwise. Return codes must be checked by the caller. +# Before using these functions ensure that pattern matching extensions are enabled : 'shopt -s nullglob extglob'. # function opal_devices() { @@ -26,6 +27,22 @@ function opal_devices() { sedutil-cli --scan | awk '$1 ~ /\/dev\// && $2 ~ /2/ { print $1; }' } +function opal_device_disks() { + local device="${1:?}" + # prints all block devices belonging to the given Opal device. + # Normally, this is just the Opal device itself, however, NVME devices have one or more namespaces per primary + # device and these namespaces act as disks. + + case "$device" in + (*/nvme*) + echo "$device"n+([0-9]) # consider all namespace block devices (NOTE: relies on nullglob extglob) + ;; + (*) + echo "$device" + ;; + esac +} + function opal_device_attributes() { local device="${1:?}" local result_variable_name="${2:?}" @@ -140,7 +157,7 @@ function opal_device_regenerate_dek_ERASING_ALL_DATA() { # This is recommended initially to ensure that the data encryption key is not known by any third party. # Returns 0 on success. - sedutil-cli --rekeyLockingRange 0 "$password" "$device" && partprobe "$device" + sedutil-cli --rekeyLockingRange 0 "$password" "$device" && partprobe $(opal_device_disks "$device") } function opal_device_factory_reset_ERASING_ALL_DATA() { @@ -148,7 +165,7 @@ function opal_device_factory_reset_ERASING_ALL_DATA() { local password="${2:?}" # factory-resets the device, ERASING ALL DATA ON THE DRIVE, returns 0 on success - sedutil-cli --reverttper "$password" "$device" && partprobe "$device" + sedutil-cli --reverttper "$password" "$device" && partprobe $(opal_device_disks "$device") } function opal_device_load_pba_image() { @@ -172,7 +189,7 @@ function opal_device_disable_mbr() { local password="${2:?}" # disables the device's shadow MBR, returns 0 on success. - sedutil-cli --setMBREnable off "$password" "$device" && partprobe "$device" + sedutil-cli --setMBREnable off "$password" "$device" && partprobe $(opal_device_disks "$device") } function opal_device_enable_mbr() { @@ -189,7 +206,7 @@ function opal_device_hide_mbr() { # hides the device's shadow MBR if one has been enabled, does nothing otherwise. # Returns 0 on success. - sedutil-cli --setMBRDone on "$password" "$device" && partprobe "$device" + sedutil-cli --setMBRDone on "$password" "$device" && partprobe $(opal_device_disks "$device") } function opal_device_unlock() { diff --git a/usr/share/rear/skel/default/etc/scripts/unlock-opal-disks b/usr/share/rear/skel/default/etc/scripts/unlock-opal-disks index 77d489fcd1..2f77e5a08b 100755 --- a/usr/share/rear/skel/default/etc/scripts/unlock-opal-disks +++ b/usr/share/rear/skel/default/etc/scripts/unlock-opal-disks @@ -7,6 +7,7 @@ # To avoid delays, this script will perform a hard reset or power-off instead of a regular # system shutdown. +shopt -s nullglob extglob # Enable pattern matching extensions required for 'opal-functions.sh' source /usr/share/rear/lib/opal-functions.sh [[ -f /.OPAL_PBA_SETTINGS.sh ]] && source /.OPAL_PBA_SETTINGS.sh