eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-05 16:00:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Switch to volume key keyring helpers.

Browse Source 
And do not access volume key internals bearing
information whether the key payload was uploaded
in kernel keyring or not.
This commit is contained in:
Ondrej Kozina
2025-02-04 15:45:18 +01:00
committed by Milan Broz
parent 15c4a410fd
commit 0a6ee8633a
2 changed files with 8 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/luks2/luks2_json_metadata.c
View File

@@ -2894,8 +2894,7 @@ int LUKS2_deactivate(struct crypt_device *cd, const char *name, struct luks2_hdr
tgt = &dmdc.segment;
while (tgt) {
if (tgt->type == DM_CRYPT)
crypt_unlink_key_by_description_from_thread_keyring(cd, crypt_volume_key_description(tgt->u.crypt.vk),
LOGON_KEY);
crypt_volume_key_drop_kernel_key(cd, tgt->u.crypt.vk);
tgt = tgt->next;
}
}
@@ -2930,8 +2929,7 @@ int LUKS2_deactivate(struct crypt_device *cd, const char *name, struct luks2_hdr
tgt = &dmdc.segment;
while (tgt) {
if (tgt->type == DM_CRYPT)
crypt_unlink_key_by_description_from_thread_keyring(cd, crypt_volume_key_description(tgt->u.crypt.vk),
LOGON_KEY);
crypt_volume_key_drop_kernel_key(cd, tgt->u.crypt.vk);
tgt = tgt->next;
}
}

19
lib/setup.c
View File

@@ -7468,8 +7468,6 @@ int crypt_volume_key_keyring(struct crypt_device *cd __attribute__((unused)), in
/* internal only */
int crypt_volume_key_load_in_keyring(struct crypt_device *cd, struct volume_key *vk)
{
key_serial_t kid;
if (!vk || !cd)
return -EINVAL;
@@ -7481,18 +7479,14 @@ int crypt_volume_key_load_in_keyring(struct crypt_device *cd, struct volume_key
log_dbg(cd, "Loading key (type logon, name %s) in thread keyring.",
crypt_volume_key_description(vk));
kid = keyring_add_key_in_thread_keyring(LOGON_KEY, crypt_volume_key_description(vk),
crypt_volume_key_get_key(vk),
crypt_volume_key_length(vk));
if (kid < 0) {
if (crypt_volume_key_upload_kernel_key(vk)) {
crypt_set_key_in_keyring(cd, 1);
return 0;
} else {
log_dbg(cd, "keyring_add_key_in_thread_keyring failed (error %d)", errno);
log_err(cd, _("Failed to load key in kernel keyring."));
} else {
crypt_set_key_in_keyring(cd, 1);
crypt_volume_key_set_uploaded(vk);
return -EINVAL;
}
return kid < 0 ? -EINVAL : 0;
}
/* internal only */
@@ -7683,8 +7677,7 @@ void crypt_drop_uploaded_keyring_key(struct crypt_device *cd, struct volume_key
struct volume_key *vk = vks;
while (vk) {
if (crypt_volume_key_is_uploaded(vk))
crypt_unlink_key_by_description_from_thread_keyring(cd, crypt_volume_key_description(vk), LOGON_KEY);
crypt_volume_key_drop_uploaded_kernel_key(cd, vk);
vk = crypt_volume_key_next(vk);
}
}