diff --git a/lib/libcryptsetup.h b/lib/libcryptsetup.h index d6f3865b..1745ea0b 100644 --- a/lib/libcryptsetup.h +++ b/lib/libcryptsetup.h @@ -2481,6 +2481,21 @@ int crypt_reencrypt_init_by_keyring(struct crypt_device *cd, const char *cipher_mode, const struct crypt_params_reencrypt *params); +/** + * Legacy data reencryption function. + * + * @param cd crypt device handle + * @param progress is a callback function reporting device \b size, + * current \b offset of reencryption and provided \b usrptr identification + * + * @return @e 0 on success or negative errno value otherwise. + * + * @deprecated Use @link crypt_reencrypt_run @endlink instead. + */ +int crypt_reencrypt(struct crypt_device *cd, + int (*progress)(uint64_t size, uint64_t offset, void *usrptr)) +__attribute__((deprecated("Use crypt_reencrypt_run instead."))); + /** * Run data reencryption. * @@ -2491,7 +2506,7 @@ int crypt_reencrypt_init_by_keyring(struct crypt_device *cd, * * @return @e 0 on success or negative errno value otherwise. */ -int crypt_reencrypt(struct crypt_device *cd, +int crypt_reencrypt_run(struct crypt_device *cd, int (*progress)(uint64_t size, uint64_t offset, void *usrptr), void *usrptr); diff --git a/lib/libcryptsetup.sym b/lib/libcryptsetup.sym index d3b17ca1..f7c6940e 100644 --- a/lib/libcryptsetup.sym +++ b/lib/libcryptsetup.sym @@ -134,7 +134,7 @@ CRYPTSETUP_2.0 { CRYPTSETUP_2.4 { global: - crypt_reencrypt; + crypt_reencrypt_run; crypt_token_max; crypt_header_is_detached; crypt_logf; diff --git a/lib/luks2/luks2_reencrypt.c b/lib/luks2/luks2_reencrypt.c index e0d893a6..a9682b0f 100644 --- a/lib/luks2/luks2_reencrypt.c +++ b/lib/luks2/luks2_reencrypt.c @@ -3327,8 +3327,7 @@ static int reencrypt_teardown(struct crypt_device *cd, struct luks2_hdr *hdr, return r; } -CRYPT_SYMBOL_EXPORT_NEW(int, crypt_reencrypt, 2, 4, - /* crypt_reencrypt parameters follows */ +int crypt_reencrypt_run( struct crypt_device *cd, int (*progress)(uint64_t size, uint64_t offset, void *usrptr), void *usrptr) @@ -3392,12 +3391,11 @@ CRYPT_SYMBOL_EXPORT_NEW(int, crypt_reencrypt, 2, 4, return r; } -CRYPT_SYMBOL_EXPORT_OLD(int, crypt_reencrypt, 2, 0, - /* crypt_reencrypt parameters follows */ +int crypt_reencrypt( struct crypt_device *cd, int (*progress)(uint64_t size, uint64_t offset, void *usrptr)) { - return crypt_reencrypt(cd, progress, NULL); + return crypt_reencrypt_run(cd, progress, NULL); } static int reencrypt_recovery(struct crypt_device *cd, diff --git a/src/cryptsetup.c b/src/cryptsetup.c index a8b72c37..bc683c5c 100644 --- a/src/cryptsetup.c +++ b/src/cryptsetup.c @@ -3424,7 +3424,7 @@ static int action_reencrypt(void) if (r >= 0 && !ARG_SET(OPT_INIT_ONLY_ID)) { set_int_handler(0); - r = crypt_reencrypt(cd, tools_reencrypt_progress, &prog_parms); + r = crypt_reencrypt_run(cd, tools_reencrypt_progress, &prog_parms); } out: crypt_free(cd); diff --git a/tests/api-test-2.c b/tests/api-test-2.c index 345bf8e4..a56a10ab 100644 --- a/tests/api-test-2.c +++ b/tests/api-test-2.c @@ -3883,7 +3883,7 @@ static void Luks2Reencryption(void) OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags)); EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, 0); - FAIL_(crypt_reencrypt(cd, NULL, NULL), "Reencryption context not initialized."); + FAIL_(crypt_reencrypt_run(cd, NULL, NULL), "Reencryption context not initialized."); rparams.flags &= ~CRYPT_REENCRYPT_RESUME_ONLY; OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams)); @@ -3916,7 +3916,7 @@ static void Luks2Reencryption(void) rparams.flags = 0; OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams)); - OK_(crypt_reencrypt(cd, NULL, NULL)); + OK_(crypt_reencrypt_run(cd, NULL, NULL)); /* check keyslots are reassigned to segment after reencryption */ EQ_(crypt_keyslot_status(cd, 0), CRYPT_SLOT_INACTIVE); @@ -3940,10 +3940,10 @@ static void Luks2Reencryption(void) FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 9, 21, "aes", "xts-plain64", &rparams), "Invalid device size alignment."); OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags)); EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, CRYPT_REQUIREMENT_ONLINE_REENCRYPT); - FAIL_(crypt_reencrypt(cd, NULL, NULL), "Reencryption context not initialized."); + FAIL_(crypt_reencrypt_run(cd, NULL, NULL), "Reencryption context not initialized."); rparams.device_size = 16; OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 9, 21, "aes", "xts-plain64", &rparams)); - OK_(crypt_reencrypt(cd, NULL, NULL)); + OK_(crypt_reencrypt_run(cd, NULL, NULL)); OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags)); EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, 0); @@ -3977,7 +3977,7 @@ static void Luks2Reencryption(void) rparams.hash = "sha1"; OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams)); - OK_(crypt_reencrypt(cd, NULL, NULL)); + OK_(crypt_reencrypt_run(cd, NULL, NULL)); /* FIXME: this is a bug, but not critical (data shift parameter is ignored after initialization) */ //rparams.data_shift = 8; @@ -4004,7 +4004,7 @@ static void Luks2Reencryption(void) FAIL_(crypt_reencrypt_init_by_passphrase(cd2, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Reencryption already running."); rparams.flags = 0; FAIL_(crypt_reencrypt_init_by_passphrase(cd2, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Reencryption already running."); - FAIL_(crypt_reencrypt(cd2, NULL, NULL), "Invalid reencryption context."); + FAIL_(crypt_reencrypt_run(cd2, NULL, NULL), "Invalid reencryption context."); OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags)); EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, CRYPT_REQUIREMENT_ONLINE_REENCRYPT); OK_(crypt_persistent_flags_get(cd2, CRYPT_FLAGS_REQUIREMENTS, &getflags)); @@ -4013,7 +4013,7 @@ static void Luks2Reencryption(void) EQ_(crypt_reencrypt_status(cd2, NULL), CRYPT_REENCRYPT_CLEAN); FAIL_(crypt_activate_by_passphrase(cd2, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), "Reencryption already in progress."); FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), "Reencryption already in progress."); - OK_(crypt_reencrypt(cd, NULL, NULL)); + OK_(crypt_reencrypt_run(cd, NULL, NULL)); CRYPT_FREE(cd); CRYPT_FREE(cd2); @@ -4032,7 +4032,7 @@ static void Luks2Reencryption(void) /* interrupt reencryption after 'test_progress_steps' */ test_progress_steps = 1; - OK_(crypt_reencrypt(cd, &test_progress, NULL)); + OK_(crypt_reencrypt_run(cd, &test_progress, NULL)); EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_CLEAN); NOTFAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), "Could not activate device in reencryption."); @@ -4051,7 +4051,7 @@ static void Luks2Reencryption(void) rparams.device_size = 2; rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY; NOTFAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), "Failed to initialize reencryption."); - OK_(crypt_reencrypt(cd, NULL, NULL)); + OK_(crypt_reencrypt_run(cd, NULL, NULL)); EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_NONE); EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 1, PASSPHRASE, strlen(PASSPHRASE), 0), 1); OK_(crypt_get_active_device(cd, CDEVICE_1, &cad)); @@ -4124,7 +4124,7 @@ static void Luks2Reencryption(void) EQ_(crypt_get_data_offset(cd), 32776); rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY; EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), 2); - OK_(crypt_reencrypt(cd, NULL, NULL)); + OK_(crypt_reencrypt_run(cd, NULL, NULL)); CRYPT_FREE(cd); OK_(crypt_init(&cd, DMDIR L_DEVICE_OK)); OK_(crypt_set_pbkdf_type(cd, &pbkdf)); @@ -4157,7 +4157,7 @@ static void Luks2Reencryption(void) EQ_(crypt_get_data_offset(cd), 32760); rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY; EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 1, 0, "aes", "xts-plain64", &rparams), 2); - OK_(crypt_reencrypt(cd, NULL, NULL)); + OK_(crypt_reencrypt_run(cd, NULL, NULL)); CRYPT_FREE(cd); OK_(crypt_init(&cd, DMDIR L_DEVICE_OK)); OK_(crypt_load(cd, CRYPT_LUKS2, NULL)); @@ -4186,7 +4186,7 @@ static void Luks2Reencryption(void) EQ_(cad.size, 8); rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY; EQ_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), 2); - OK_(crypt_reencrypt(cd, NULL, NULL)); + OK_(crypt_reencrypt_run(cd, NULL, NULL)); OK_(crypt_deactivate(cd, CDEVICE_1)); CRYPT_FREE(cd); @@ -4225,7 +4225,7 @@ static void Luks2Reencryption(void) EQ_(crypt_get_data_offset(cd), 8192); rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY; EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ANY_SLOT, 30, NULL, NULL, &rparams), 0); - OK_(crypt_reencrypt(cd, NULL, NULL)); + OK_(crypt_reencrypt_run(cd, NULL, NULL)); CRYPT_FREE(cd); _cleanup_dmdevices(); @@ -4245,7 +4245,7 @@ static void Luks2Reencryption(void) EQ_(crypt_get_data_offset(cd), 8192); rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY; EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ANY_SLOT, 30, NULL, NULL, &rparams), 0); - OK_(crypt_reencrypt(cd, NULL, NULL)); + OK_(crypt_reencrypt_run(cd, NULL, NULL)); CRYPT_FREE(cd); _cleanup_dmdevices(); @@ -4287,7 +4287,7 @@ static void Luks2Reencryption(void) rparams.resilience = "none"; rparams.max_hotzone_size = 2048; OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams)); - OK_(crypt_reencrypt(cd, NULL, NULL)); + OK_(crypt_reencrypt_run(cd, NULL, NULL)); CRYPT_FREE(cd); OK_(crypt_init(&cd, DMDIR L_DEVICE_OK)); OK_(crypt_load(cd, CRYPT_LUKS2, NULL)); @@ -4308,7 +4308,7 @@ static void Luks2Reencryption(void) rparams.resilience = "none"; rparams.max_hotzone_size = 2048; OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams)); - OK_(crypt_reencrypt(cd, NULL, NULL)); + OK_(crypt_reencrypt_run(cd, NULL, NULL)); CRYPT_FREE(cd); /* decryption with data shift */ @@ -4332,7 +4332,7 @@ static void Luks2Reencryption(void) rparams.data_shift = r_header_size; OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams)); EQ_(crypt_get_data_offset(cd), 0); - OK_(crypt_reencrypt(cd, NULL, NULL)); + OK_(crypt_reencrypt_run(cd, NULL, NULL)); remove(BACKUP_FILE); CRYPT_FREE(cd); @@ -4362,7 +4362,7 @@ static void Luks2Reencryption(void) rparams.data_shift = r_header_size; OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_2, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams)); EQ_(crypt_get_data_offset(cd), 0); - OK_(crypt_reencrypt(cd, NULL, NULL)); + OK_(crypt_reencrypt_run(cd, NULL, NULL)); remove(BACKUP_FILE); OK_(t_device_size(DMDIR CDEVICE_2, &r_size_1)); EQ_(r_size_1, 512); @@ -4395,7 +4395,7 @@ static void Luks2Reencryption(void) rparams.luks2 = ¶ms2; OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "cbc-essiv:sha256", &rparams)); - OK_(crypt_reencrypt(cd, NULL, NULL)); + OK_(crypt_reencrypt_run(cd, NULL, NULL)); OK_(crypt_init_data_device(&cd2, IMAGE_EMPTY_SMALL, DMDIR L_DEVICE_OK)); OK_(crypt_load(cd2, CRYPT_LUKS2, NULL)); @@ -4423,7 +4423,7 @@ static void Luks2Reencryption(void) OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "cbc-essiv:sha256", &rparams)); /* reencrypt 8 srectors of device */ test_progress_steps = 1; - OK_(crypt_reencrypt(cd, &test_progress, NULL)); + OK_(crypt_reencrypt_run(cd, &test_progress, NULL)); /* activate another data device with same LUKS2 header (this is wrong, but we can't detect such mistake) */ OK_(crypt_init_data_device(&cd2, IMAGE_EMPTY_SMALL, DMDIR L_DEVICE_OK)); @@ -4435,7 +4435,7 @@ static void Luks2Reencryption(void) rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY; OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "cbc-essiv:sha256", &rparams)); test_progress_steps = 1; - OK_(crypt_reencrypt(cd, &test_progress, NULL)); + OK_(crypt_reencrypt_run(cd, &test_progress, NULL)); /* Now active mapping for second data device does not match its metadata */ OK_(crypt_init_data_device(&cd2, IMAGE_EMPTY_SMALL, DMDIR L_DEVICE_OK)); @@ -4468,7 +4468,7 @@ static void Luks2Reencryption(void) EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 64, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 1); OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "xts-plain64", &rparams)); test_progress_steps = 1; - OK_(crypt_reencrypt(cd, &test_progress, NULL)); + OK_(crypt_reencrypt_run(cd, &test_progress, NULL)); EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_CLEAN); OK_(crypt_get_active_device(cd, CDEVICE_1, &cad)); EQ_(cad.flags & CRYPT_ACTIVATE_ALLOW_DISCARDS, CRYPT_ACTIVATE_ALLOW_DISCARDS); @@ -4477,7 +4477,7 @@ static void Luks2Reencryption(void) OK_(crypt_init_by_name(&cd, CDEVICE_1)); rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY; OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "xts-plain64", &rparams)); - OK_(crypt_reencrypt(cd, NULL, NULL)); + OK_(crypt_reencrypt_run(cd, NULL, NULL)); OK_(crypt_get_active_device(cd, CDEVICE_1, &cad)); EQ_(cad.flags & CRYPT_ACTIVATE_ALLOW_DISCARDS, CRYPT_ACTIVATE_ALLOW_DISCARDS); EQ_(cad.flags & CRYPT_ACTIVATE_KEYRING_KEY, 0); @@ -4505,7 +4505,7 @@ static void Luks2Reencryption(void) EQ_(crypt_keyslot_add_by_key(cd, 9, key, key_size, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 9); EQ_(crypt_keyslot_add_by_key(cd, 10, key, key_size, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT | CRYPT_VOLUME_KEY_DIGEST_REUSE ), 10); OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 3, 9, "aes", "xts-plain64", &rparams)); - OK_(crypt_reencrypt(cd, NULL, NULL)); + OK_(crypt_reencrypt_run(cd, NULL, NULL)); OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0)); OK_(crypt_keyslot_destroy(cd, 9)); OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0));