Fix shared activation for dm-verity devices.

CRYPT_ACTIVATE_SHARED flag was silently ignored
while activating dm-verity devices by libcryptsetup.
This was a bug.

DM verity shared activation is generaly safe (single mapped data device
in multiple DM verity tables) since all verity devices are
read only.

The CRYPT_ACTIVATE_SHARED flag also fixes a race condition
when multiple processes compete for the same DM device name
(all dm-verity) while using same backing data device.

The exclusive open check in-before verity activation could
fail DM table load for a process that otherwise successfully acquired
DM device name (succeed in creating the DM device). This could (in some
cases) result in all processes competening for the DM verity device
to fail and none would activate the DM verity device.

lib/verity/verity.c

@@ -338,7 +338,8 @@ int VERITY_activate(struct crypt_device *cd,
 	if (r)
 		goto out;
 
-	r = device_block_adjust(cd, crypt_data_device(cd), DEV_EXCL,
+	r = device_block_adjust(cd, crypt_data_device(cd),
+				activation_flags & CRYPT_ACTIVATE_SHARED ? DEV_OK : DEV_EXCL,
 				0, &dmd.size, &dmd.flags);
 	if (r)
 		goto out;