Use hardcoded CEEM value instead of configure script parameter (#81)

The default CEEM (check external encryption mode) parameter is undocumented, and default of 0 makes behavior vendor-specific. The standard allows for a drive to report an error when trying to read a block that was pre-encrypted before written to the drive, such as is done with a keyless copy of a tape. This sounds like a very rare scenario to need to support. For the widest compatibility with data sources, this should be set to 1 for general-purpose use.
2022-05-28 02:50:08 -07:00
parent c6bf88e25f
commit 1200fe92ee
4 changed files with 11 additions and 27 deletions
--- a/src/scsiencrypt.cpp
+++ b/src/scsiencrypt.cpp
@@ -250,7 +250,8 @@ make_sde(encrypt_mode enc_mode, decrypt_mode dec_mode,
  page.length = htons(length - sizeof(page_header));
  page.control = std::byte {2u}
                 << page_sde::control_scope_pos; // all IT nexus = 10b
-  page.flags |= std::byte {DEFAULT_CEEM} << page_sde::flags_ceem_pos;
+  // no external encryption mode check for widest compatibility of reads
+  page.flags |= std::byte {1u} << page_sde::flags_ceem_pos;
  page.flags |= std::byte {static_cast<std::underlying_type_t<sde_rdmc>>(rdmc)};
  if (ckod) {
    page.flags |= page_sde::flags_ckod_mask;