eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-19 14:50:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

Do not allow decryption on devices with unsupported parameters.

Browse Source 
Most notably LUKS2 w/ authenticated encryption profile. OPAL restriction
will be added in later commits.
This commit is contained in:
Ondrej Kozina
2023-11-01 17:26:45 +01:00
parent b9ba5ec14d
commit 1b7211f013
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/utils_reencrypt.c
View File

@@ -1465,6 +1465,8 @@ static int _decrypt(struct crypt_device **cd, enum device_status_info dev_st, co
if ((r = reencrypt_luks2_load(*cd, data_device)) < 0) if ((r = reencrypt_luks2_load(*cd, data_device)) < 0)
return r; return r;
} else if (dev_st == DEVICE_LUKS2) { } else if (dev_st == DEVICE_LUKS2) {
if (!luks2_reencrypt_eligible(*cd))
return -EINVAL;
if (!ARG_SET(OPT_HEADER_ID)) { if (!ARG_SET(OPT_HEADER_ID)) {
log_err(_("LUKS2 decryption requires --header option.")); log_err(_("LUKS2 decryption requires --header option."));
return -EINVAL; return -EINVAL;