mirror of
https://gitlab.com/cryptsetup/cryptsetup.git
synced 2025-12-05 16:00:05 +01:00
Workaround LMK capability check if dm-crypt module not yet loaded.
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@436 36d66b0a-2a48-0410-832c-cd162a569da5
This commit is contained in:
Milan Broz
@@ -52,11 +52,6 @@ static int _dm_use_udev()
|
||||
#endif
|
||||
}
|
||||
|
||||
uint32_t dm_flags(void)
|
||||
{
|
||||
return _dm_crypt_flags;
|
||||
}
|
||||
|
||||
static void set_dm_error(int level, const char *file, int line,
|
||||
const char *f, ...)
|
||||
{
|
||||
@@ -99,7 +94,9 @@ static void _dm_set_crypt_compat(const char *dm_version, unsigned crypt_maj,
|
||||
if (dm_maj >= 4 && dm_min >= 20)
|
||||
_dm_crypt_flags |= DM_SECURE_SUPPORTED;
|
||||
|
||||
_dm_crypt_checked = 1;
|
||||
/* Repeat test if dm-crypt is not present */
|
||||
if (crypt_maj > 0)
|
||||
_dm_crypt_checked = 1;
|
||||
}
|
||||
|
||||
static int _dm_check_versions(void)
|
||||
@@ -111,6 +108,7 @@ static int _dm_check_versions(void)
|
||||
if (_dm_crypt_checked)
|
||||
return 1;
|
||||
|
||||
/* FIXME: add support to DM so it forces crypt target module load here */
|
||||
if (!(dmt = dm_task_create(DM_DEVICE_LIST_VERSIONS)))
|
||||
return 0;
|
||||
|
||||
@@ -140,6 +138,14 @@ static int _dm_check_versions(void)
|
||||
return 1;
|
||||
}
|
||||
|
||||
uint32_t dm_flags(void)
|
||||
{
|
||||
if (!_dm_crypt_checked)
|
||||
_dm_check_versions();
|
||||
|
||||
return _dm_crypt_flags;
|
||||
}
|
||||
|
||||
int dm_init(struct crypt_device *context, int check_kernel)
|
||||
{
|
||||
if (!_dm_use_count++) {
|
||||
|
||||
@@ -193,17 +193,12 @@ int LOOPAES_activate(struct crypt_device *cd,
|
||||
if (r)
|
||||
return r;
|
||||
|
||||
if (keys_count == 1) {
|
||||
if (asprintf(&cipher, "%s-%s", base_cipher, "cbc-plain") < 0)
|
||||
return -ENOMEM;
|
||||
} else {
|
||||
if (!(dm_flags() & DM_LMK_SUPPORTED)) {
|
||||
log_err(cd, _("Kernel doesn't support loop-AES compatible mapping.\n"));
|
||||
return -ENOTSUP;
|
||||
}
|
||||
if (asprintf(&cipher, "%s:%d-%s", base_cipher, 64, "cbc-lmk") < 0)
|
||||
return -ENOMEM;
|
||||
}
|
||||
if (keys_count == 1)
|
||||
r = asprintf(&cipher, "%s-%s", base_cipher, "cbc-plain");
|
||||
else
|
||||
r = asprintf(&cipher, "%s:%d-%s", base_cipher, 64, "cbc-lmk");
|
||||
if (r < 0)
|
||||
return -ENOMEM;
|
||||
|
||||
log_dbg("Trying to activate loop-AES device %s using cipher %s.", name, cipher);
|
||||
r = dm_create_device(name, device,
|
||||
@@ -211,6 +206,12 @@ int LOOPAES_activate(struct crypt_device *cd,
|
||||
crypt_get_uuid(cd),
|
||||
size, 0, offset, vk->keylength, vk->key,
|
||||
read_only, 0);
|
||||
|
||||
if (!r && keys_count != 1 && !(dm_flags() & DM_LMK_SUPPORTED)) {
|
||||
log_err(cd, _("Kernel doesn't support loop-AES compatible mapping.\n"));
|
||||
r = -ENOTSUP;
|
||||
}
|
||||
|
||||
free(cipher);
|
||||
return r;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user