eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-13 11:50:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add crypt_reencrypt_run superseding now deprecated crypt_reencrypt.

Browse Source 
This reverts commit 367cb7a761
and retains original crypt_reencrypt() symbol marked as deprecated
in favour of new crypt_reencrypt_run(). This makes cryptsetup 2.4.0
release fully backward compatible.
This commit is contained in:
Ondrej Kozina
2021-07-22 12:45:56 +02:00
parent 82816cb52f
commit 06f132066b
5 changed files with 45 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
lib/libcryptsetup.h
View File

@@ -2481,6 +2481,21 @@ int crypt_reencrypt_init_by_keyring(struct crypt_device *cd,
const char *cipher_mode,
const struct crypt_params_reencrypt *params);
/**
* Legacy data reencryption function.
*
* @param cd crypt device handle
* @param progress is a callback function reporting device \b size,
* current \b offset of reencryption and provided \b usrptr identification
*
* @return @e 0 on success or negative errno value otherwise.
*
* @deprecated Use @link crypt_reencrypt_run @endlink instead.
*/
int crypt_reencrypt(struct crypt_device *cd,
int (*progress)(uint64_t size, uint64_t offset, void *usrptr))
__attribute__((deprecated("Use crypt_reencrypt_run instead.")));
/**
* Run data reencryption.
*
@@ -2491,7 +2506,7 @@ int crypt_reencrypt_init_by_keyring(struct crypt_device *cd,
*
* @return @e 0 on success or negative errno value otherwise.
*/
int crypt_reencrypt(struct crypt_device *cd,
int crypt_reencrypt_run(struct crypt_device *cd,
int (*progress)(uint64_t size, uint64_t offset, void *usrptr),
void *usrptr);

2
lib/libcryptsetup.sym
View File

@@ -134,7 +134,7 @@ CRYPTSETUP_2.0 {
CRYPTSETUP_2.4 {
global:
crypt_reencrypt;
crypt_reencrypt_run;
crypt_token_max;
crypt_header_is_detached;
crypt_logf;

8
lib/luks2/luks2_reencrypt.c
View File

@@ -3327,8 +3327,7 @@ static int reencrypt_teardown(struct crypt_device *cd, struct luks2_hdr *hdr,
return r;
}
CRYPT_SYMBOL_EXPORT_NEW(int, crypt_reencrypt, 2, 4,
/* crypt_reencrypt parameters follows */
int crypt_reencrypt_run(
struct crypt_device *cd,
int (*progress)(uint64_t size, uint64_t offset, void *usrptr),
void *usrptr)
@@ -3392,12 +3391,11 @@ CRYPT_SYMBOL_EXPORT_NEW(int, crypt_reencrypt, 2, 4,
return r;
}
CRYPT_SYMBOL_EXPORT_OLD(int, crypt_reencrypt, 2, 0,
/* crypt_reencrypt parameters follows */
int crypt_reencrypt(
struct crypt_device *cd,
int (*progress)(uint64_t size, uint64_t offset, void *usrptr))
{
return crypt_reencrypt(cd, progress, NULL);
return crypt_reencrypt_run(cd, progress, NULL);
}
static int reencrypt_recovery(struct crypt_device *cd,

2
src/cryptsetup.c
View File

@@ -3424,7 +3424,7 @@ static int action_reencrypt(void)
if (r >= 0 && !ARG_SET(OPT_INIT_ONLY_ID)) {
set_int_handler(0);
r = crypt_reencrypt(cd, tools_reencrypt_progress, &prog_parms);
r = crypt_reencrypt_run(cd, tools_reencrypt_progress, &prog_parms);
}
out:
crypt_free(cd);

48
tests/api-test-2.c
View File

@@ -3883,7 +3883,7 @@ static void Luks2Reencryption(void)
OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags));
EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, 0);
FAIL_(crypt_reencrypt(cd, NULL, NULL), "Reencryption context not initialized.");
FAIL_(crypt_reencrypt_run(cd, NULL, NULL), "Reencryption context not initialized.");
rparams.flags &= ~CRYPT_REENCRYPT_RESUME_ONLY;
OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams));
@@ -3916,7 +3916,7 @@ static void Luks2Reencryption(void)
rparams.flags = 0;
OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams));
OK_(crypt_reencrypt(cd, NULL, NULL));
OK_(crypt_reencrypt_run(cd, NULL, NULL));
/* check keyslots are reassigned to segment after reencryption */
EQ_(crypt_keyslot_status(cd, 0), CRYPT_SLOT_INACTIVE);
@@ -3940,10 +3940,10 @@ static void Luks2Reencryption(void)
FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 9, 21, "aes", "xts-plain64", &rparams), "Invalid device size alignment.");
OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags));
EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, CRYPT_REQUIREMENT_ONLINE_REENCRYPT);
FAIL_(crypt_reencrypt(cd, NULL, NULL), "Reencryption context not initialized.");
FAIL_(crypt_reencrypt_run(cd, NULL, NULL), "Reencryption context not initialized.");
rparams.device_size = 16;
OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 9, 21, "aes", "xts-plain64", &rparams));
OK_(crypt_reencrypt(cd, NULL, NULL));
OK_(crypt_reencrypt_run(cd, NULL, NULL));
OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags));
EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, 0);
@@ -3977,7 +3977,7 @@ static void Luks2Reencryption(void)
rparams.hash = "sha1";
OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams));
OK_(crypt_reencrypt(cd, NULL, NULL));
OK_(crypt_reencrypt_run(cd, NULL, NULL));
/* FIXME: this is a bug, but not critical (data shift parameter is ignored after initialization) */
//rparams.data_shift = 8;
@@ -4004,7 +4004,7 @@ static void Luks2Reencryption(void)
FAIL_(crypt_reencrypt_init_by_passphrase(cd2, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Reencryption already running.");
rparams.flags = 0;
FAIL_(crypt_reencrypt_init_by_passphrase(cd2, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Reencryption already running.");
FAIL_(crypt_reencrypt(cd2, NULL, NULL), "Invalid reencryption context.");
FAIL_(crypt_reencrypt_run(cd2, NULL, NULL), "Invalid reencryption context.");
OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags));
EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, CRYPT_REQUIREMENT_ONLINE_REENCRYPT);
OK_(crypt_persistent_flags_get(cd2, CRYPT_FLAGS_REQUIREMENTS, &getflags));
@@ -4013,7 +4013,7 @@ static void Luks2Reencryption(void)
EQ_(crypt_reencrypt_status(cd2, NULL), CRYPT_REENCRYPT_CLEAN);
FAIL_(crypt_activate_by_passphrase(cd2, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), "Reencryption already in progress.");
FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), "Reencryption already in progress.");
OK_(crypt_reencrypt(cd, NULL, NULL));
OK_(crypt_reencrypt_run(cd, NULL, NULL));
CRYPT_FREE(cd);
CRYPT_FREE(cd2);
@@ -4032,7 +4032,7 @@ static void Luks2Reencryption(void)
/* interrupt reencryption after 'test_progress_steps' */
test_progress_steps = 1;
OK_(crypt_reencrypt(cd, &test_progress, NULL));
OK_(crypt_reencrypt_run(cd, &test_progress, NULL));
EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_CLEAN);
NOTFAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), "Could not activate device in reencryption.");
@@ -4051,7 +4051,7 @@ static void Luks2Reencryption(void)
rparams.device_size = 2;
rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
NOTFAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), "Failed to initialize reencryption.");
OK_(crypt_reencrypt(cd, NULL, NULL));
OK_(crypt_reencrypt_run(cd, NULL, NULL));
EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_NONE);
EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 1, PASSPHRASE, strlen(PASSPHRASE), 0), 1);
OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
@@ -4124,7 +4124,7 @@ static void Luks2Reencryption(void)
EQ_(crypt_get_data_offset(cd), 32776);
rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), 2);
OK_(crypt_reencrypt(cd, NULL, NULL));
OK_(crypt_reencrypt_run(cd, NULL, NULL));
CRYPT_FREE(cd);
OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
OK_(crypt_set_pbkdf_type(cd, &pbkdf));
@@ -4157,7 +4157,7 @@ static void Luks2Reencryption(void)
EQ_(crypt_get_data_offset(cd), 32760);
rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 1, 0, "aes", "xts-plain64", &rparams), 2);
OK_(crypt_reencrypt(cd, NULL, NULL));
OK_(crypt_reencrypt_run(cd, NULL, NULL));
CRYPT_FREE(cd);
OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
@@ -4186,7 +4186,7 @@ static void Luks2Reencryption(void)
EQ_(cad.size, 8);
rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
EQ_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), 2);
OK_(crypt_reencrypt(cd, NULL, NULL));
OK_(crypt_reencrypt_run(cd, NULL, NULL));
OK_(crypt_deactivate(cd, CDEVICE_1));
CRYPT_FREE(cd);
@@ -4225,7 +4225,7 @@ static void Luks2Reencryption(void)
EQ_(crypt_get_data_offset(cd), 8192);
rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ANY_SLOT, 30, NULL, NULL, &rparams), 0);
OK_(crypt_reencrypt(cd, NULL, NULL));
OK_(crypt_reencrypt_run(cd, NULL, NULL));
CRYPT_FREE(cd);
_cleanup_dmdevices();
@@ -4245,7 +4245,7 @@ static void Luks2Reencryption(void)
EQ_(crypt_get_data_offset(cd), 8192);
rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ANY_SLOT, 30, NULL, NULL, &rparams), 0);
OK_(crypt_reencrypt(cd, NULL, NULL));
OK_(crypt_reencrypt_run(cd, NULL, NULL));
CRYPT_FREE(cd);
_cleanup_dmdevices();
@@ -4287,7 +4287,7 @@ static void Luks2Reencryption(void)
rparams.resilience = "none";
rparams.max_hotzone_size = 2048;
OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams));
OK_(crypt_reencrypt(cd, NULL, NULL));
OK_(crypt_reencrypt_run(cd, NULL, NULL));
CRYPT_FREE(cd);
OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
OK_(crypt_load(cd, CRYPT_LUKS2, NULL));
@@ -4308,7 +4308,7 @@ static void Luks2Reencryption(void)
rparams.resilience = "none";
rparams.max_hotzone_size = 2048;
OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams));
OK_(crypt_reencrypt(cd, NULL, NULL));
OK_(crypt_reencrypt_run(cd, NULL, NULL));
CRYPT_FREE(cd);
/* decryption with data shift */
@@ -4332,7 +4332,7 @@ static void Luks2Reencryption(void)
rparams.data_shift = r_header_size;
OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams));
EQ_(crypt_get_data_offset(cd), 0);
OK_(crypt_reencrypt(cd, NULL, NULL));
OK_(crypt_reencrypt_run(cd, NULL, NULL));
remove(BACKUP_FILE);
CRYPT_FREE(cd);
@@ -4362,7 +4362,7 @@ static void Luks2Reencryption(void)
rparams.data_shift = r_header_size;
OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_2, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams));
EQ_(crypt_get_data_offset(cd), 0);
OK_(crypt_reencrypt(cd, NULL, NULL));
OK_(crypt_reencrypt_run(cd, NULL, NULL));
remove(BACKUP_FILE);
OK_(t_device_size(DMDIR CDEVICE_2, &r_size_1));
EQ_(r_size_1, 512);
@@ -4395,7 +4395,7 @@ static void Luks2Reencryption(void)
rparams.luks2 = &params2;
OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "cbc-essiv:sha256", &rparams));
OK_(crypt_reencrypt(cd, NULL, NULL));
OK_(crypt_reencrypt_run(cd, NULL, NULL));
OK_(crypt_init_data_device(&cd2, IMAGE_EMPTY_SMALL, DMDIR L_DEVICE_OK));
OK_(crypt_load(cd2, CRYPT_LUKS2, NULL));
@@ -4423,7 +4423,7 @@ static void Luks2Reencryption(void)
OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "cbc-essiv:sha256", &rparams));
/* reencrypt 8 srectors of device */
test_progress_steps = 1;
OK_(crypt_reencrypt(cd, &test_progress, NULL));
OK_(crypt_reencrypt_run(cd, &test_progress, NULL));
/* activate another data device with same LUKS2 header (this is wrong, but we can't detect such mistake) */
OK_(crypt_init_data_device(&cd2, IMAGE_EMPTY_SMALL, DMDIR L_DEVICE_OK));
@@ -4435,7 +4435,7 @@ static void Luks2Reencryption(void)
rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "cbc-essiv:sha256", &rparams));
test_progress_steps = 1;
OK_(crypt_reencrypt(cd, &test_progress, NULL));
OK_(crypt_reencrypt_run(cd, &test_progress, NULL));
/* Now active mapping for second data device does not match its metadata */
OK_(crypt_init_data_device(&cd2, IMAGE_EMPTY_SMALL, DMDIR L_DEVICE_OK));
@@ -4468,7 +4468,7 @@ static void Luks2Reencryption(void)
EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 64, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 1);
OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "xts-plain64", &rparams));
test_progress_steps = 1;
OK_(crypt_reencrypt(cd, &test_progress, NULL));
OK_(crypt_reencrypt_run(cd, &test_progress, NULL));
EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_CLEAN);
OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
EQ_(cad.flags & CRYPT_ACTIVATE_ALLOW_DISCARDS, CRYPT_ACTIVATE_ALLOW_DISCARDS);
@@ -4477,7 +4477,7 @@ static void Luks2Reencryption(void)
OK_(crypt_init_by_name(&cd, CDEVICE_1));
rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY;
OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "xts-plain64", &rparams));
OK_(crypt_reencrypt(cd, NULL, NULL));
OK_(crypt_reencrypt_run(cd, NULL, NULL));
OK_(crypt_get_active_device(cd, CDEVICE_1, &cad));
EQ_(cad.flags & CRYPT_ACTIVATE_ALLOW_DISCARDS, CRYPT_ACTIVATE_ALLOW_DISCARDS);
EQ_(cad.flags & CRYPT_ACTIVATE_KEYRING_KEY, 0);
@@ -4505,7 +4505,7 @@ static void Luks2Reencryption(void)
EQ_(crypt_keyslot_add_by_key(cd, 9, key, key_size, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 9);
EQ_(crypt_keyslot_add_by_key(cd, 10, key, key_size, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT | CRYPT_VOLUME_KEY_DIGEST_REUSE ), 10);
OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 3, 9, "aes", "xts-plain64", &rparams));
OK_(crypt_reencrypt(cd, NULL, NULL));
OK_(crypt_reencrypt_run(cd, NULL, NULL));
OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0));
OK_(crypt_keyslot_destroy(cd, 9));
OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0));