eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-17 22:00:07 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix error message for luksClose and detached LUKS header.

Browse Source 
Allow --header for status command to get full info with detached header.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@689 36d66b0a-2a48-0410-832c-cd162a569da5
This commit is contained in:
Milan Broz
2011-11-13 22:12:51 +00:00
parent b4e2306da8
commit 203f2e082d
5 changed files with 44 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@@ -1,3 +1,7 @@
2011-11-13 Milan Broz <mbroz@redhat.com>
* Fix error message for luksClose and detached LUKS header.
* Allow --header for status command to get full info with detached header.
2011-11-09 Milan Broz <mbroz@redhat.com> 2011-11-09 Milan Broz <mbroz@redhat.com>
* Version 1.4.1. * Version 1.4.1.

35
lib/setup.c
View File

@@ -598,6 +598,27 @@ int crypt_set_data_device(struct crypt_device *cd, const char *device)
return crypt_check_data_device_size(cd); return crypt_check_data_device_size(cd);
} }
static int _crypt_load_luks1(struct crypt_device *cd, int require_header)
{
struct luks_phdr hdr;
int r;
r = init_crypto(cd);
if (r < 0)
return r;
r = LUKS_read_phdr(mdata_device(cd), &hdr, require_header, cd);
if (r < 0)
return r;
if (!cd->type && !(cd->type = strdup(CRYPT_LUKS1)))
return -ENOMEM;
memcpy(&cd->hdr, &hdr, sizeof(hdr));
return r;
}
int crypt_init_by_name_and_header(struct crypt_device **cd, int crypt_init_by_name_and_header(struct crypt_device **cd,
const char *name, const char *name,
const char *header_device) const char *header_device)
@@ -701,7 +722,7 @@ int crypt_init_by_name_and_header(struct crypt_device **cd,
} }
} else if (isLUKS((*cd)->type)) { } else if (isLUKS((*cd)->type)) {
if (mdata_device(*cd)) { if (mdata_device(*cd)) {
r = crypt_load(*cd, CRYPT_LUKS1, NULL); r = _crypt_load_luks1(*cd, 0);
if (r < 0) { if (r < 0) {
log_dbg("LUKS device header does not match active device."); log_dbg("LUKS device header does not match active device.");
free((*cd)->type); free((*cd)->type);
@@ -931,7 +952,6 @@ int crypt_load(struct crypt_device *cd,
const char *requested_type, const char *requested_type,
void *params __attribute__((unused))) void *params __attribute__((unused)))
{ {
struct luks_phdr hdr;
int r; int r;
log_dbg("Trying to load %s crypt type from device %s.", log_dbg("Trying to load %s crypt type from device %s.",
@@ -948,19 +968,10 @@ int crypt_load(struct crypt_device *cd,
return -EINVAL; return -EINVAL;
} }
r = init_crypto(cd); r = _crypt_load_luks1(cd, 1);
if (r < 0) if (r < 0)
return r; return r;
r = LUKS_read_phdr(mdata_device(cd), &hdr, 1, cd);
if (r < 0)
return r;
if (!cd->type && !(cd->type = strdup(CRYPT_LUKS1)))
return -ENOMEM;
memcpy(&cd->hdr, &hdr, sizeof(hdr));
/* cd->type and header must be set in context */ /* cd->type and header must be set in context */
r = crypt_check_data_device_size(cd); r = crypt_check_data_device_size(cd);
if (r < 0) { if (r < 0) {

3
man/cryptsetup.8
View File

@@ -393,7 +393,8 @@ Set detached (separated) metadata device or file with LUKS header.
This options allows separation of ciphertext device and on-disk metadata header. This options allows separation of ciphertext device and on-disk metadata header.
This option is only relevant for LUKS devices and can be used in \fIluksFormat\fR, This option is only relevant for LUKS devices and can be used in \fIluksFormat\fR,
\fIluksOpen\fR, \fIluksSuspend\fR, \fIluksResume\fR and \fIresize\fR commands. \fIluksOpen\fR, \fIluksSuspend\fR, \fIluksResume\fR, \fIstatus\fR and
\fIresize\fR commands.
If used with \fIluksFormat\fR the \-\-align-payload option is taken If used with \fIluksFormat\fR the \-\-align-payload option is taken
as absolute sector alignment on ciphertext device and can be zero. as absolute sector alignment on ciphertext device and can be zero.

3
src/cryptsetup.c
View File

@@ -408,7 +408,8 @@ static int action_status(int arg __attribute__((unused)))
else else
log_std("%s/%s is active%s.\n", crypt_get_dir(), action_argv[0], log_std("%s/%s is active%s.\n", crypt_get_dir(), action_argv[0],
ci == CRYPT_BUSY ? " and is in use" : ""); ci == CRYPT_BUSY ? " and is in use" : "");
r = crypt_init_by_name(&cd, action_argv[0]);
r = crypt_init_by_name_and_header(&cd, action_argv[0], opt_header_device);
if (r < 0 || !crypt_get_type(cd)) if (r < 0 || !crypt_get_type(cd))
goto out; goto out;

15
tests/compat-test
View File

@@ -7,6 +7,7 @@ DEV_NAME2=dummy2
DEV_NAME3=dummy3 DEV_NAME3=dummy3
ORIG_IMG=luks-test-orig ORIG_IMG=luks-test-orig
IMG=luks-test IMG=luks-test
HEADER_IMG=luks-header
KEY1=key1 KEY1=key1
KEY2=key2 KEY2=key2
KEY5=key5 KEY5=key5
@@ -34,7 +35,7 @@ function remove_mapping()
[ -b /dev/mapper/$DEV_NAME2 ] && dmsetup remove $DEV_NAME2 [ -b /dev/mapper/$DEV_NAME2 ] && dmsetup remove $DEV_NAME2
[ -b /dev/mapper/$DEV_NAME ] && dmsetup remove $DEV_NAME [ -b /dev/mapper/$DEV_NAME ] && dmsetup remove $DEV_NAME
losetup -d $LOOPDEV >/dev/null 2>&1 losetup -d $LOOPDEV >/dev/null 2>&1
rm -f $ORIG_IMG $IMG $KEY1 $KEY2 $KEY5 >/dev/null 2>&1 rm -f $ORIG_IMG $IMG $KEY1 $KEY2 $KEY5 $HEADER_IMG >/dev/null 2>&1
} }
function fail() function fail()
@@ -127,7 +128,6 @@ function valgrind_run()
# LUKS tests # LUKS tests
prepare "[1] open - compat image - acceptance check" new prepare "[1] open - compat image - acceptance check" new
echo "compatkey" | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME || fail echo "compatkey" | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME || fail
check_exists check_exists
@@ -446,5 +446,16 @@ $CRYPTSETUP luksOpen -S 1 -d $KEY5 $LOOPDEV $DEV_NAME && fail
$CRYPTSETUP luksOpen -S 5 -d $KEY1 $LOOPDEV $DEV_NAME && fail $CRYPTSETUP luksOpen -S 5 -d $KEY1 $LOOPDEV $DEV_NAME && fail
[ -b /dev/mapper/$DEV_NAME ] && fail [ -b /dev/mapper/$DEV_NAME ] && fail
prepare "[28] Detached LUKS header" wipe
dd if=/dev/zero of=$HEADER_IMG bs=1M count=4 >/dev/null 2>&1
echo "key0" | $CRYPTSETUP luksFormat -i1 $LOOPDEV --header $HEADER_IMG || fail
echo "key0" | $CRYPTSETUP luksFormat -i1 $LOOPDEV --header $HEADER_IMG --align-payload 0 || fail
echo "key0" | $CRYPTSETUP luksOpen $LOOPDEV --header $HEADER_IMG $DEV_NAME || fail
$CRYPTSETUP -q resize $DEV_NAME --size 100 --header $HEADER_IMG || fail
$CRYPTSETUP -q status $DEV_NAME --header $HEADER_IMG | grep "size:" | grep -q "100 sectors" || fail
$CRYPTSETUP luksSuspend $DEV_NAME --header $HEADER_IMG || fail
echo "key0" | $CRYPTSETUP luksResume $DEV_NAME --header $HEADER_IMG || fail
$CRYPTSETUP luksClose $DEV_NAME || fail
remove_mapping remove_mapping
exit 0 exit 0