From 230b80404d61559abb766ee0a7bf49018b985588 Mon Sep 17 00:00:00 2001 From: Ondrej Kozina Date: Fri, 28 Jan 2022 13:15:18 +0100 Subject: [PATCH] Remove parameters annotated by __attribute__((unused)). Attribute unused is useless and makes code imcomprehensible when decorates internal functions not exposed via API. Let's cleanup internal funtion prototypes whenever possible. --- lib/crypto_backend/crypto_openssl.c | 3 --- lib/integrity/integrity.c | 5 ++-- lib/integrity/integrity.h | 5 ++-- lib/libdevmapper.c | 16 ++++++------ lib/luks1/af.c | 4 +-- lib/luks1/af.h | 2 +- lib/luks1/keymanage.c | 2 +- lib/luks2/luks2.h | 16 ++++-------- lib/luks2/luks2_digest.c | 16 ++++++------ lib/luks2/luks2_internal.h | 10 +++----- lib/luks2/luks2_json_format.c | 4 +-- lib/luks2/luks2_json_metadata.c | 13 +++++----- lib/luks2/luks2_keyslot.c | 20 +++++++-------- lib/luks2/luks2_keyslot_luks2.c | 4 +-- lib/luks2/luks2_luks1_convert.c | 2 +- lib/luks2/luks2_reencrypt.c | 17 ++++++------- lib/luks2/luks2_token.c | 10 +++----- lib/luks2/luks2_token_keyring.c | 2 +- lib/random.c | 11 ++++----- lib/setup.c | 38 ++++++++++++++--------------- lib/verity/verity.c | 2 +- lib/verity/verity.h | 2 +- 22 files changed, 88 insertions(+), 116 deletions(-) diff --git a/lib/crypto_backend/crypto_openssl.c b/lib/crypto_backend/crypto_openssl.c index 80a747c3..c8421665 100644 --- a/lib/crypto_backend/crypto_openssl.c +++ b/lib/crypto_backend/crypto_openssl.c @@ -789,9 +789,6 @@ int crypt_bitlk_decrypt_key(const void *key, size_t key_length __attribute__((un if (EVP_DecryptInit_ex(ctx, EVP_aes_256_ccm(), NULL, NULL, NULL) != 1) goto out; - //EVP_CIPHER_CTX_key_length(ctx) - //EVP_CIPHER_CTX_iv_length(ctx) - if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, iv_length, NULL) != 1) goto out; if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, tag_length, CONST_CAST(void*)tag) != 1) diff --git a/lib/integrity/integrity.c b/lib/integrity/integrity.c index 086b42f5..3691425a 100644 --- a/lib/integrity/integrity.c +++ b/lib/integrity/integrity.c @@ -120,7 +120,7 @@ int INTEGRITY_data_sectors(struct crypt_device *cd, return 0; } -int INTEGRITY_key_size(struct crypt_device *cd __attribute__((unused)), const char *integrity) +int INTEGRITY_key_size(const char *integrity) { if (!integrity) return 0; @@ -163,8 +163,7 @@ int INTEGRITY_hash_tag_size(const char *integrity) return r < 0 ? 0 : r; } -int INTEGRITY_tag_size(struct crypt_device *cd __attribute__((unused)), - const char *integrity, +int INTEGRITY_tag_size(const char *integrity, const char *cipher, const char *cipher_mode) { diff --git a/lib/integrity/integrity.h b/lib/integrity/integrity.h index 08b18bf3..7e2819f7 100644 --- a/lib/integrity/integrity.h +++ b/lib/integrity/integrity.h @@ -66,9 +66,8 @@ int INTEGRITY_dump(struct crypt_device *cd, struct device *device, uint64_t offs int INTEGRITY_data_sectors(struct crypt_device *cd, struct device *device, uint64_t offset, uint64_t *data_sectors); -int INTEGRITY_key_size(struct crypt_device *cd, const char *integrity); -int INTEGRITY_tag_size(struct crypt_device *cd, - const char *integrity, +int INTEGRITY_key_size(const char *integrity); +int INTEGRITY_tag_size(const char *integrity, const char *cipher, const char *cipher_mode); int INTEGRITY_hash_tag_size(const char *integrity); diff --git a/lib/libdevmapper.c b/lib/libdevmapper.c index ff2aa573..9dc61031 100644 --- a/lib/libdevmapper.c +++ b/lib/libdevmapper.c @@ -980,7 +980,7 @@ out: return params_out; } -static char *get_dm_linear_params(const struct dm_target *tgt, uint32_t flags __attribute__((unused))) +static char *get_dm_linear_params(const struct dm_target *tgt) { char *params; int r; @@ -1001,7 +1001,7 @@ static char *get_dm_linear_params(const struct dm_target *tgt, uint32_t flags __ return params; } -static char *get_dm_zero_params(const struct dm_target *tgt __attribute__((unused)), uint32_t flags __attribute__((unused))) +static char *get_dm_zero_params(void) { char *params = crypt_safe_alloc(1); if (!params) @@ -1328,9 +1328,9 @@ static int _create_dm_targets_params(struct crypt_dm_active_device *dmd) else if (tgt->type == DM_INTEGRITY) tgt->params = get_dm_integrity_params(tgt, dmd->flags); else if (tgt->type == DM_LINEAR) - tgt->params = get_dm_linear_params(tgt, dmd->flags); + tgt->params = get_dm_linear_params(tgt); else if (tgt->type == DM_ZERO) - tgt->params = get_dm_zero_params(tgt, dmd->flags); + tgt->params = get_dm_zero_params(); else { r = -ENOTSUP; goto err; @@ -2595,7 +2595,7 @@ err: return r; } -static int _dm_target_query_error(struct crypt_device *cd __attribute__((unused)), struct dm_target *tgt) +static int _dm_target_query_error(struct dm_target *tgt) { tgt->type = DM_ERROR; tgt->direction = TARGET_QUERY; @@ -2603,7 +2603,7 @@ static int _dm_target_query_error(struct crypt_device *cd __attribute__((unused) return 0; } -static int _dm_target_query_zero(struct crypt_device *cd __attribute__((unused)), struct dm_target *tgt) +static int _dm_target_query_zero(struct dm_target *tgt) { tgt->type = DM_ZERO; tgt->direction = TARGET_QUERY; @@ -2631,9 +2631,9 @@ static int dm_target_query(struct crypt_device *cd, struct dm_target *tgt, const else if (!strcmp(target_type, DM_LINEAR_TARGET)) r = _dm_target_query_linear(cd, tgt, get_flags, params); else if (!strcmp(target_type, DM_ERROR_TARGET)) - r = _dm_target_query_error(cd, tgt); + r = _dm_target_query_error(tgt); else if (!strcmp(target_type, DM_ZERO_TARGET)) - r = _dm_target_query_zero(cd, tgt); + r = _dm_target_query_zero(tgt); if (!r) { tgt->offset = *start; diff --git a/lib/luks1/af.c b/lib/luks1/af.c index 3aa319d6..e1ab13fb 100644 --- a/lib/luks1/af.c +++ b/lib/luks1/af.c @@ -131,7 +131,7 @@ out: return r; } -int AF_merge(struct crypt_device *ctx __attribute__((unused)), const char *src, char *dst, +int AF_merge(const char *src, char *dst, size_t blocksize, unsigned int blocknumbers, const char *hash) { unsigned int i; @@ -142,7 +142,7 @@ int AF_merge(struct crypt_device *ctx __attribute__((unused)), const char *src, if (!bufblock) return -ENOMEM; - for(i = 0; i < blocknumbers - 1; i++) { + for (i = 0; i < blocknumbers - 1; i++) { XORblock(src + blocksize * i, bufblock, bufblock, blocksize); r = diffuse(bufblock, bufblock, blocksize, hash); if (r < 0) diff --git a/lib/luks1/af.h b/lib/luks1/af.h index f82a42f9..386e95a6 100644 --- a/lib/luks1/af.h +++ b/lib/luks1/af.h @@ -44,7 +44,7 @@ struct volume_key; int AF_split(struct crypt_device *ctx, const char *src, char *dst, size_t blocksize, unsigned int blocknumbers, const char *hash); -int AF_merge(struct crypt_device *ctx, const char *src, char *dst, size_t blocksize, +int AF_merge(const char *src, char *dst, size_t blocksize, unsigned int blocknumbers, const char *hash); size_t AF_split_sectors(size_t blocksize, unsigned int blocknumbers); diff --git a/lib/luks1/keymanage.c b/lib/luks1/keymanage.c index 244b0d58..cca2cbec 100644 --- a/lib/luks1/keymanage.c +++ b/lib/luks1/keymanage.c @@ -1044,7 +1044,7 @@ static int LUKS_open_key(unsigned int keyIndex, if (r < 0) goto out; - r = AF_merge(ctx, AfKey, (*vk)->key, (*vk)->keylength, hdr->keyblock[keyIndex].stripes, hdr->hashSpec); + r = AF_merge(AfKey, (*vk)->key, (*vk)->keylength, hdr->keyblock[keyIndex].stripes, hdr->hashSpec); if (r < 0) goto out; diff --git a/lib/luks2/luks2.h b/lib/luks2/luks2.h index f86fb50b..3aec9000 100644 --- a/lib/luks2/luks2.h +++ b/lib/luks2/luks2.h @@ -217,9 +217,7 @@ int LUKS2_keyslot_wipe(struct crypt_device *cd, int keyslot, int wipe_area_only); -crypt_keyslot_priority LUKS2_keyslot_priority_get(struct crypt_device *cd, - struct luks2_hdr *hdr, - int keyslot); +crypt_keyslot_priority LUKS2_keyslot_priority_get(struct luks2_hdr *hdr, int keyslot); int LUKS2_keyslot_priority_set(struct crypt_device *cd, struct luks2_hdr *hdr, @@ -235,8 +233,7 @@ int LUKS2_keyslot_swap(struct crypt_device *cd, /* * Generic LUKS2 token */ -int LUKS2_token_json_get(struct crypt_device *cd, - struct luks2_hdr *hdr, +int LUKS2_token_json_get(struct luks2_hdr *hdr, int token, const char **json); @@ -247,8 +244,7 @@ int LUKS2_token_assign(struct crypt_device *cd, int assign, int commit); -int LUKS2_token_is_assigned(struct crypt_device *cd, - struct luks2_hdr *hdr, +int LUKS2_token_is_assigned(struct luks2_hdr *hdr, int keyslot, int token); @@ -279,8 +275,7 @@ int LUKS2_token_open_and_activate(struct crypt_device *cd, uint32_t flags, void *usrptr); -int LUKS2_token_keyring_get(struct crypt_device *cd, - struct luks2_hdr *hdr, +int LUKS2_token_keyring_get(struct luks2_hdr *hdr, int token, struct crypt_token_params_luks2_keyring *keyring_params); @@ -410,7 +405,7 @@ int LUKS2_key_description_by_segment(struct crypt_device *cd, int LUKS2_volume_key_load_in_keyring_by_keyslot(struct crypt_device *cd, struct luks2_hdr *hdr, struct volume_key *vk, int keyslot); int LUKS2_volume_key_load_in_keyring_by_digest(struct crypt_device *cd, - struct luks2_hdr *hdr, struct volume_key *vk, int digest); + struct volume_key *vk, int digest); int LUKS2_luks1_to_luks2(struct crypt_device *cd, struct luks_phdr *hdr1, @@ -427,7 +422,6 @@ int LUKS2_reencrypt_locked_recovery_by_passphrase(struct crypt_device *cd, int keyslot_new, const char *passphrase, size_t passphrase_size, - uint32_t flags, struct volume_key **vks); void LUKS2_reencrypt_free(struct crypt_device *cd, diff --git a/lib/luks2/luks2_digest.c b/lib/luks2/luks2_digest.c index 85c30e76..817ccb4d 100644 --- a/lib/luks2/luks2_digest.c +++ b/lib/luks2/luks2_digest.c @@ -111,7 +111,6 @@ int LUKS2_digest_by_keyslot(struct luks2_hdr *hdr, int keyslot) } int LUKS2_digest_verify_by_digest(struct crypt_device *cd, - struct luks2_hdr *hdr __attribute__((unused)), int digest, const struct volume_key *vk) { @@ -144,7 +143,7 @@ int LUKS2_digest_verify(struct crypt_device *cd, log_dbg(cd, "Verifying key from keyslot %d, digest %d.", keyslot, digest); - return LUKS2_digest_verify_by_digest(cd, hdr, digest, vk); + return LUKS2_digest_verify_by_digest(cd, digest, vk); } int LUKS2_digest_dump(struct crypt_device *cd, int digest) @@ -164,7 +163,7 @@ int LUKS2_digest_any_matching(struct crypt_device *cd, int digest; for (digest = 0; digest < LUKS2_DIGEST_MAX; digest++) - if (LUKS2_digest_verify_by_digest(cd, hdr, digest, vk) == digest) + if (LUKS2_digest_verify_by_digest(cd, digest, vk) == digest) return digest; return -ENOENT; @@ -175,7 +174,7 @@ int LUKS2_digest_verify_by_segment(struct crypt_device *cd, int segment, const struct volume_key *vk) { - return LUKS2_digest_verify_by_digest(cd, hdr, LUKS2_digest_by_segment(hdr, segment), vk); + return LUKS2_digest_verify_by_digest(cd, LUKS2_digest_by_segment(hdr, segment), vk); } /* FIXME: segment can have more digests */ @@ -259,8 +258,7 @@ int LUKS2_digest_assign(struct crypt_device *cd, struct luks2_hdr *hdr, return commit ? LUKS2_hdr_write(cd, hdr) : 0; } -static int assign_all_segments(struct crypt_device *cd __attribute__((unused)), - struct luks2_hdr *hdr, int digest, int assign) +static int assign_all_segments(struct luks2_hdr *hdr, int digest, int assign) { json_object *jobj1, *jobj_digest, *jobj_digest_segments; @@ -336,7 +334,7 @@ int LUKS2_digest_segment_assign(struct crypt_device *cd, struct luks2_hdr *hdr, json_object_object_foreach(jobj_digests, key, val) { UNUSED(val); if (segment == CRYPT_ANY_SEGMENT) - r = assign_all_segments(cd, hdr, atoi(key), assign); + r = assign_all_segments(hdr, atoi(key), assign); else r = assign_one_segment(cd, hdr, segment, atoi(key), assign); if (r < 0) @@ -344,7 +342,7 @@ int LUKS2_digest_segment_assign(struct crypt_device *cd, struct luks2_hdr *hdr, } } else { if (segment == CRYPT_ANY_SEGMENT) - r = assign_all_segments(cd, hdr, digest, assign); + r = assign_all_segments(hdr, digest, assign); else r = assign_one_segment(cd, hdr, segment, digest, assign); } @@ -443,7 +441,7 @@ int LUKS2_volume_key_load_in_keyring_by_keyslot(struct crypt_device *cd, } int LUKS2_volume_key_load_in_keyring_by_digest(struct crypt_device *cd, - struct luks2_hdr *hdr __attribute__((unused)), struct volume_key *vk, int digest) + struct volume_key *vk, int digest) { char *desc = get_key_description_by_digest(cd, digest); int r; diff --git a/lib/luks2/luks2_internal.h b/lib/luks2/luks2_internal.h index eee1a6fa..eace2a44 100644 --- a/lib/luks2/luks2_internal.h +++ b/lib/luks2/luks2_internal.h @@ -115,14 +115,13 @@ typedef int (*keyslot_store_func)(struct crypt_device *cd, int keyslot, typedef int (*keyslot_wipe_func) (struct crypt_device *cd, int keyslot); typedef int (*keyslot_dump_func) (struct crypt_device *cd, int keyslot); typedef int (*keyslot_validate_func) (struct crypt_device *cd, json_object *jobj_keyslot); -typedef void(*keyslot_repair_func) (struct crypt_device *cd, json_object *jobj_keyslot); +typedef void(*keyslot_repair_func) (json_object *jobj_keyslot); /* see LUKS2_luks2_to_luks1 */ int placeholder_keyslot_alloc(struct crypt_device *cd, int keyslot, uint64_t area_offset, - uint64_t area_length, - size_t volume_key_len); + uint64_t area_length); /* validate all keyslot implementations in hdr json */ int LUKS2_keyslots_validate(struct crypt_device *cd, json_object *hdr_jobj); @@ -317,7 +316,6 @@ int LUKS2_reencrypt_data_offset(struct luks2_hdr *hdr, bool blockwise); * Generic LUKS2 digest */ int LUKS2_digest_verify_by_digest(struct crypt_device *cd, - struct luks2_hdr *hdr, int digest, const struct volume_key *vk); @@ -343,8 +341,6 @@ int LUKS2_reload(struct crypt_device *cd, int LUKS2_keyslot_for_segment(struct luks2_hdr *hdr, int keyslot, int segment); int LUKS2_find_keyslot(struct luks2_hdr *hdr, const char *type); -int LUKS2_set_keyslots_size(struct crypt_device *cd, - struct luks2_hdr *hdr, - uint64_t data_offset); +int LUKS2_set_keyslots_size(struct luks2_hdr *hdr, uint64_t data_offset); #endif diff --git a/lib/luks2/luks2_json_format.c b/lib/luks2/luks2_json_format.c index 350ebf4c..9103f2c4 100644 --- a/lib/luks2/luks2_json_format.c +++ b/lib/luks2/luks2_json_format.c @@ -383,9 +383,7 @@ int LUKS2_wipe_header_areas(struct crypt_device *cd, offset, length, wipe_block, NULL, NULL); } -int LUKS2_set_keyslots_size(struct crypt_device *cd __attribute__((unused)), - struct luks2_hdr *hdr, - uint64_t data_offset) +int LUKS2_set_keyslots_size(struct luks2_hdr *hdr, uint64_t data_offset) { json_object *jobj_config; uint64_t keyslots_size; diff --git a/lib/luks2/luks2_json_metadata.c b/lib/luks2/luks2_json_metadata.c index 3c0d9ea5..1e8abf01 100644 --- a/lib/luks2/luks2_json_metadata.c +++ b/lib/luks2/luks2_json_metadata.c @@ -402,8 +402,7 @@ static json_bool validate_intervals(struct crypt_device *cd, return 1; } -static int LUKS2_keyslot_validate(struct crypt_device *cd, json_object *hdr_jobj __attribute__((unused)), - json_object *hdr_keyslot, const char *key) +static int LUKS2_keyslot_validate(struct crypt_device *cd, json_object *hdr_keyslot, const char *key) { json_object *jobj_key_size; @@ -488,7 +487,7 @@ static int hdr_validate_keyslots(struct crypt_device *cd, json_object *hdr_jobj) json_object_object_foreach(jobj, key, val) { if (!numbered(cd, "Keyslot", key)) return 1; - if (LUKS2_keyslot_validate(cd, hdr_jobj, val, key)) + if (LUKS2_keyslot_validate(cd, val, key)) return 1; } @@ -514,9 +513,9 @@ static int hdr_validate_tokens(struct crypt_device *cd, json_object *hdr_jobj) return 0; } -static int hdr_validate_crypt_segment(struct crypt_device *cd, - json_object *jobj, const char *key, json_object *jobj_digests, - uint64_t offset __attribute__((unused)), uint64_t size) +static int hdr_validate_crypt_segment(struct crypt_device *cd, json_object *jobj, + const char *key, json_object *jobj_digests, + uint64_t size) { json_object *jobj_ivoffset, *jobj_sector_size, *jobj_integrity; uint32_t sector_size; @@ -739,7 +738,7 @@ static int hdr_validate_segments(struct crypt_device *cd, json_object *hdr_jobj) /* crypt */ if (!strcmp(json_object_get_string(jobj_type), "crypt") && - hdr_validate_crypt_segment(cd, val, key, jobj_digests, offset, size)) + hdr_validate_crypt_segment(cd, val, key, jobj_digests, size)) return 1; } diff --git a/lib/luks2/luks2_keyslot.c b/lib/luks2/luks2_keyslot.c index 2e2487c3..db8718f8 100644 --- a/lib/luks2/luks2_keyslot.c +++ b/lib/luks2/luks2_keyslot.c @@ -34,7 +34,7 @@ static const keyslot_handler *keyslot_handlers[LUKS2_KEYSLOTS_MAX] = { }; static const keyslot_handler -*LUKS2_keyslot_handler_type(struct crypt_device *cd __attribute__((unused)), const char *type) +*LUKS2_keyslot_handler_type(const char *type) { int i; @@ -64,7 +64,7 @@ static const keyslot_handler if (!json_object_object_get_ex(jobj1, "type", &jobj2)) return NULL; - return LUKS2_keyslot_handler_type(cd, json_object_get_string(jobj2)); + return LUKS2_keyslot_handler_type(json_object_get_string(jobj2)); } int LUKS2_keyslot_find_empty(struct crypt_device *cd, struct luks2_hdr *hdr, size_t keylength) @@ -616,7 +616,7 @@ int LUKS2_keyslot_reencrypt_allocate(struct crypt_device *cd, if (keyslot == CRYPT_ANY_SLOT) return -EINVAL; - h = LUKS2_keyslot_handler_type(cd, "reencrypt"); + h = LUKS2_keyslot_handler_type("reencrypt"); if (!h) return -EINVAL; @@ -675,7 +675,7 @@ int LUKS2_keyslot_store(struct crypt_device *cd, if (!LUKS2_get_keyslot_jobj(hdr, keyslot)) { /* Try to allocate default and empty keyslot type */ - h = LUKS2_keyslot_handler_type(cd, "luks2"); + h = LUKS2_keyslot_handler_type("luks2"); if (!h) return -EINVAL; @@ -781,8 +781,7 @@ int LUKS2_keyslot_dump(struct crypt_device *cd, int keyslot) return h->dump(cd, keyslot); } -crypt_keyslot_priority LUKS2_keyslot_priority_get(struct crypt_device *cd __attribute__((unused)), - struct luks2_hdr *hdr, int keyslot) +crypt_keyslot_priority LUKS2_keyslot_priority_get(struct luks2_hdr *hdr, int keyslot) { json_object *jobj_keyslot, *jobj_priority; @@ -816,8 +815,7 @@ int LUKS2_keyslot_priority_set(struct crypt_device *cd, struct luks2_hdr *hdr, int placeholder_keyslot_alloc(struct crypt_device *cd, int keyslot, uint64_t area_offset, - uint64_t area_length, - size_t volume_key_len __attribute__((unused))) + uint64_t area_length) { struct luks2_hdr *hdr; json_object *jobj_keyslots, *jobj_keyslot, *jobj_area; @@ -898,7 +896,7 @@ int LUKS2_keyslots_validate(struct crypt_device *cd, json_object *hdr_jobj) json_object_object_foreach(jobj_keyslots, slot, val) { keyslot = atoi(slot); json_object_object_get_ex(val, "type", &jobj_type); - h = LUKS2_keyslot_handler_type(cd, json_object_get_string(jobj_type)); + h = LUKS2_keyslot_handler_type(json_object_get_string(jobj_type)); if (!h) continue; if (h->validate && h->validate(cd, val)) { @@ -945,9 +943,9 @@ void LUKS2_keyslots_repair(struct crypt_device *cd, json_object *jobj_keyslots) !json_object_is_type(jobj_type, json_type_string)) continue; - h = LUKS2_keyslot_handler_type(cd, json_object_get_string(jobj_type)); + h = LUKS2_keyslot_handler_type(json_object_get_string(jobj_type)); if (h && h->repair) - h->repair(cd, val); + h->repair(val); } } diff --git a/lib/luks2/luks2_keyslot_luks2.c b/lib/luks2/luks2_keyslot_luks2.c index 646c42ff..1ccce8d8 100644 --- a/lib/luks2/luks2_keyslot_luks2.c +++ b/lib/luks2/luks2_keyslot_luks2.c @@ -380,7 +380,7 @@ static int luks2_keyslot_get_key(struct crypt_device *cd, } if (r == 0) - r = AF_merge(cd, AfKey, volume_key, volume_key_len, LUKS_STRIPES, af_hash); + r = AF_merge(AfKey, volume_key, volume_key_len, LUKS_STRIPES, af_hash); out: free(salt); crypt_free_volume_key(derived_key); @@ -751,7 +751,7 @@ static int luks2_keyslot_update(struct crypt_device *cd, return r; } -static void luks2_keyslot_repair(struct crypt_device *cd __attribute__((unused)), json_object *jobj_keyslot) +static void luks2_keyslot_repair(json_object *jobj_keyslot) { const char *type; json_object *jobj_kdf, *jobj_type; diff --git a/lib/luks2/luks2_luks1_convert.c b/lib/luks2/luks2_luks1_convert.c index 87a30304..9e469321 100644 --- a/lib/luks2/luks2_luks1_convert.c +++ b/lib/luks2/luks2_luks1_convert.c @@ -768,7 +768,7 @@ int LUKS2_luks2_to_luks1(struct crypt_device *cd, struct luks2_hdr *hdr2, struct * inactive keyslots. Otherwise we would allocate all * inactive luks1 keyslots over same binary keyslot area. */ - if (placeholder_keyslot_alloc(cd, i, offset, area_length, key_size)) + if (placeholder_keyslot_alloc(cd, i, offset, area_length)) return -EINVAL; } diff --git a/lib/luks2/luks2_reencrypt.c b/lib/luks2/luks2_reencrypt.c index 24be66ca..4b8f0fa6 100644 --- a/lib/luks2/luks2_reencrypt.c +++ b/lib/luks2/luks2_reencrypt.c @@ -2309,7 +2309,7 @@ static int reencrypt_make_backup_segments(struct crypt_device *cd, /* FIXME: also check occupied space by keyslot in shrunk area */ if (params->direction == CRYPT_REENCRYPT_FORWARD && data_shift && crypt_metadata_device(cd) == crypt_data_device(cd) && - LUKS2_set_keyslots_size(cd, hdr, json_segment_get_offset(reencrypt_segment_new(hdr), 0))) { + LUKS2_set_keyslots_size(hdr, json_segment_get_offset(reencrypt_segment_new(hdr), 0))) { log_err(cd, _("Failed to set new keyslots area size.")); r = -EINVAL; goto err; @@ -2332,11 +2332,11 @@ static int reencrypt_verify_and_upload_keys(struct crypt_device *cd, struct luks if (!vk) return -ENOENT; else { - if (LUKS2_digest_verify_by_digest(cd, hdr, digest_new, vk) != digest_new) + if (LUKS2_digest_verify_by_digest(cd, digest_new, vk) != digest_new) return -EINVAL; if (crypt_use_keyring_for_vk(cd) && !crypt_is_cipher_null(reencrypt_segment_cipher_new(hdr)) && - (r = LUKS2_volume_key_load_in_keyring_by_digest(cd, hdr, vk, crypt_volume_key_get_id(vk)))) + (r = LUKS2_volume_key_load_in_keyring_by_digest(cd, vk, crypt_volume_key_get_id(vk)))) return r; } } @@ -2347,12 +2347,12 @@ static int reencrypt_verify_and_upload_keys(struct crypt_device *cd, struct luks r = -ENOENT; goto err; } else { - if (LUKS2_digest_verify_by_digest(cd, hdr, digest_old, vk) != digest_old) { + if (LUKS2_digest_verify_by_digest(cd, digest_old, vk) != digest_old) { r = -EINVAL; goto err; } if (crypt_use_keyring_for_vk(cd) && !crypt_is_cipher_null(reencrypt_segment_cipher_old(hdr)) && - (r = LUKS2_volume_key_load_in_keyring_by_digest(cd, hdr, vk, crypt_volume_key_get_id(vk)))) + (r = LUKS2_volume_key_load_in_keyring_by_digest(cd, vk, crypt_volume_key_get_id(vk)))) goto err; } } @@ -2976,7 +2976,7 @@ static int reencrypt_recovery_by_passphrase(struct crypt_device *cd, if (ri == CRYPT_REENCRYPT_CRASH) { r = LUKS2_reencrypt_locked_recovery_by_passphrase(cd, keyslot_old, keyslot_new, - passphrase, passphrase_size, 0, NULL); + passphrase, passphrase_size, NULL); if (r < 0) log_err(cd, _("LUKS2 reencryption recovery failed.")); } else { @@ -3367,7 +3367,7 @@ static int reencrypt_teardown_ok(struct crypt_device *cd, struct luks2_hdr *hdr, if (finished) { if (reencrypt_wipe_moved_segment(cd, rh)) log_err(cd, _("Failed to wipe backup segment data.")); - if (reencrypt_get_data_offset_new(hdr) && LUKS2_set_keyslots_size(cd, hdr, reencrypt_get_data_offset_new(hdr))) + if (reencrypt_get_data_offset_new(hdr) && LUKS2_set_keyslots_size(hdr, reencrypt_get_data_offset_new(hdr))) log_dbg(cd, "Failed to set new keyslots area size."); if (rh->digest_old >= 0 && rh->digest_new != rh->digest_old) for (i = 0; i < LUKS2_KEYSLOTS_MAX; i++) @@ -3618,7 +3618,6 @@ int LUKS2_reencrypt_locked_recovery_by_passphrase(struct crypt_device *cd, int keyslot_new, const char *passphrase, size_t passphrase_size, - uint32_t flags __attribute__((unused)), struct volume_key **vks) { uint64_t minimal_size, device_size; @@ -3641,7 +3640,7 @@ int LUKS2_reencrypt_locked_recovery_by_passphrase(struct crypt_device *cd, vk = _vks; while (vk) { - r = LUKS2_volume_key_load_in_keyring_by_digest(cd, hdr, vk, crypt_volume_key_get_id(vk)); + r = LUKS2_volume_key_load_in_keyring_by_digest(cd, vk, crypt_volume_key_get_id(vk)); if (r < 0) goto out; vk = crypt_volume_key_next(vk); diff --git a/lib/luks2/luks2_token.c b/lib/luks2/luks2_token.c index 88d84418..9168de00 100644 --- a/lib/luks2/luks2_token.c +++ b/lib/luks2/luks2_token.c @@ -446,7 +446,7 @@ static int token_is_usable(struct luks2_hdr *hdr, json_object *jobj_token, int s for (i = 0; i < len; i++) { keyslot = atoi(json_object_get_string(json_object_array_get_idx(jobj_array, i))); - keyslot_priority = LUKS2_keyslot_priority_get(NULL, hdr, keyslot); + keyslot_priority = LUKS2_keyslot_priority_get(hdr, keyslot); if (keyslot_priority == CRYPT_SLOT_PRIORITY_INVALID) return -EINVAL; @@ -589,7 +589,7 @@ static int LUKS2_keyslot_open_by_token(struct crypt_device *cd, for (i = 0; i < (int) json_object_array_length(jobj_token_keyslots) && r < 0; i++) { jobj = json_object_array_get_idx(jobj_token_keyslots, i); num = atoi(json_object_get_string(jobj)); - keyslot_priority = LUKS2_keyslot_priority_get(NULL, hdr, num); + keyslot_priority = LUKS2_keyslot_priority_get(hdr, num); if (keyslot_priority == CRYPT_SLOT_PRIORITY_INVALID) return -EINVAL; if (keyslot_priority < priority) @@ -779,8 +779,7 @@ void LUKS2_token_dump(struct crypt_device *cd, int token) } } -int LUKS2_token_json_get(struct crypt_device *cd __attribute__((unused)), struct luks2_hdr *hdr, - int token, const char **json) +int LUKS2_token_json_get(struct luks2_hdr *hdr, int token, const char **json) { json_object *jobj_token; @@ -895,8 +894,7 @@ static int token_is_assigned(struct luks2_hdr *hdr, int keyslot, int token) return -ENOENT; } -int LUKS2_token_is_assigned(struct crypt_device *cd __attribute__((unused)), struct luks2_hdr *hdr, - int keyslot, int token) +int LUKS2_token_is_assigned(struct luks2_hdr *hdr, int keyslot, int token) { if (keyslot < 0 || keyslot >= LUKS2_KEYSLOTS_MAX || token < 0 || token >= LUKS2_TOKENS_MAX) return -EINVAL; diff --git a/lib/luks2/luks2_token_keyring.c b/lib/luks2/luks2_token_keyring.c index aa25861d..bcafe4a5 100644 --- a/lib/luks2/luks2_token_keyring.c +++ b/lib/luks2/luks2_token_keyring.c @@ -124,7 +124,7 @@ int LUKS2_token_keyring_json(char *buffer, size_t buffer_size, return 0; } -int LUKS2_token_keyring_get(struct crypt_device *cd __attribute__((unused)), struct luks2_hdr *hdr, +int LUKS2_token_keyring_get(struct luks2_hdr *hdr, int token, struct crypt_token_params_luks2_keyring *keyring_params) { json_object *jobj_token, *jobj; diff --git a/lib/random.c b/lib/random.c index dc371fff..0bc72f57 100644 --- a/lib/random.c +++ b/lib/random.c @@ -42,8 +42,7 @@ static int random_fd = -1; #define RANDOM_DEVICE_TIMEOUT 5 /* URANDOM_DEVICE access */ -static int _get_urandom(struct crypt_device *ctx __attribute__((unused)), - char *buf, size_t len) +static int _get_urandom(char *buf, size_t len) { int r; size_t old_len = len; @@ -51,7 +50,7 @@ static int _get_urandom(struct crypt_device *ctx __attribute__((unused)), assert(urandom_fd != -1); - while(len) { + while (len) { r = read(urandom_fd, buf, len); if (r == -1 && errno != EINTR) return -EINVAL; @@ -178,13 +177,13 @@ int crypt_random_get(struct crypt_device *ctx, char *buf, size_t len, int qualit switch(quality) { case CRYPT_RND_NORMAL: - status = _get_urandom(ctx, buf, len); + status = _get_urandom(buf, len); break; case CRYPT_RND_SALT: if (crypt_fips_mode()) status = crypt_backend_rng(buf, len, quality, 1); else - status = _get_urandom(ctx, buf, len); + status = _get_urandom(buf, len); break; case CRYPT_RND_KEY: if (crypt_fips_mode()) { @@ -195,7 +194,7 @@ int crypt_random_get(struct crypt_device *ctx, char *buf, size_t len, int qualit crypt_random_default_key_rng(); switch (rng_type) { case CRYPT_RNG_URANDOM: - status = _get_urandom(ctx, buf, len); + status = _get_urandom(buf, len); break; case CRYPT_RNG_RANDOM: status = _get_random(ctx, buf, len); diff --git a/lib/setup.c b/lib/setup.c index 6eaa89fa..561ca9b8 100644 --- a/lib/setup.c +++ b/lib/setup.c @@ -972,8 +972,7 @@ static int _crypt_load_integrity(struct crypt_device *cd, return 0; } -static int _crypt_load_bitlk(struct crypt_device *cd, - struct bitlk_metadata *params __attribute__((unused))) +static int _crypt_load_bitlk(struct crypt_device *cd) { int r; @@ -1049,7 +1048,7 @@ int crypt_load(struct crypt_device *cd, log_dbg(cd, "Context is already initialized to type %s", cd->type); return -EINVAL; } - r = _crypt_load_bitlk(cd, params); + r = _crypt_load_bitlk(cd); } else return -EINVAL; @@ -1296,7 +1295,7 @@ static int _init_by_name_crypt(struct crypt_device *cd, const char *name) r = TCRYPT_init_by_name(cd, name, dmd.uuid, tgt, &cd->device, &cd->u.tcrypt.params, &cd->u.tcrypt.hdr); } else if (isBITLK(cd->type)) { - r = _crypt_load_bitlk(cd, NULL); + r = _crypt_load_bitlk(cd); if (r < 0) { log_dbg(cd, "BITLK device header not available."); crypt_set_null_type(cd); @@ -1775,13 +1774,13 @@ static int _crypt_format_luks2(struct crypt_device *cd, params->integrity_params->journal_integrity) return -ENOTSUP; } - if (!INTEGRITY_tag_size(cd, integrity, cipher, cipher_mode)) { + if (!INTEGRITY_tag_size(integrity, cipher, cipher_mode)) { if (!strcmp(integrity, "none")) integrity = NULL; else return -EINVAL; } - integrity_key_size = INTEGRITY_key_size(cd, integrity); + integrity_key_size = INTEGRITY_key_size(integrity); if ((integrity_key_size < 0) || (integrity_key_size >= (int)volume_key_size)) { log_err(cd, _("Volume key is too small for encryption with integrity extensions.")); return -EINVAL; @@ -1860,7 +1859,7 @@ static int _crypt_format_luks2(struct crypt_device *cd, } if ((!integrity || integrity_key_size) && !crypt_cipher_wrapped_key(cipher, cipher_mode) && - !INTEGRITY_tag_size(cd, NULL, cipher, cipher_mode)) { + !INTEGRITY_tag_size(NULL, cipher, cipher_mode)) { r = LUKS_check_cipher(cd, volume_key_size - integrity_key_size, cipher, cipher_mode); if (r < 0) @@ -2154,7 +2153,7 @@ static int _crypt_format_verity(struct crypt_device *cd, if (!(cd->u.verity.uuid = strdup(uuid))) r = -ENOMEM; } else - r = VERITY_UUID_generate(cd, &cd->u.verity.uuid); + r = VERITY_UUID_generate(&cd->u.verity.uuid); if (!r) r = VERITY_write_sb(cd, cd->u.verity.hdr.hash_area_offset, @@ -3200,8 +3199,7 @@ static int resume_by_volume_key(struct crypt_device *cd, digest = LUKS2_digest_by_segment(&cd->u.luks2.hdr, CRYPT_DEFAULT_SEGMENT); if (digest < 0) return -EINVAL; - r = LUKS2_volume_key_load_in_keyring_by_digest(cd, - &cd->u.luks2.hdr, vk, digest); + r = LUKS2_volume_key_load_in_keyring_by_digest(cd, vk, digest); if (r < 0) return r; } @@ -4009,7 +4007,7 @@ static int load_all_keys(struct crypt_device *cd, struct luks2_hdr *hdr, struct struct volume_key *vk = vks; while (vk) { - r = LUKS2_volume_key_load_in_keyring_by_digest(cd, hdr, vk, crypt_volume_key_get_id(vk)); + r = LUKS2_volume_key_load_in_keyring_by_digest(cd, vk, crypt_volume_key_get_id(vk)); if (r < 0) return r; vk = crypt_volume_key_next(vk); @@ -4100,7 +4098,7 @@ static int _open_and_activate_reencrypt_device(struct crypt_device *cd, if (ri == CRYPT_REENCRYPT_CRASH) { r = LUKS2_reencrypt_locked_recovery_by_passphrase(cd, keyslot, - keyslot, passphrase, passphrase_size, flags, &vks); + keyslot, passphrase, passphrase_size, &vks); if (r < 0) { log_err(cd, _("LUKS2 reencryption recovery failed.")); goto out; @@ -5154,10 +5152,10 @@ const char *crypt_get_integrity(struct crypt_device *cd) int crypt_get_integrity_key_size(struct crypt_device *cd) { if (isINTEGRITY(cd->type)) - return INTEGRITY_key_size(cd, crypt_get_integrity(cd)); + return INTEGRITY_key_size(crypt_get_integrity(cd)); if (isLUKS2(cd->type)) - return INTEGRITY_key_size(cd, crypt_get_integrity(cd)); + return INTEGRITY_key_size(crypt_get_integrity(cd)); return 0; } @@ -5169,7 +5167,7 @@ int crypt_get_integrity_tag_size(struct crypt_device *cd) return cd->u.integrity.params.tag_size; if (isLUKS2(cd->type)) - return INTEGRITY_tag_size(cd, crypt_get_integrity(cd), + return INTEGRITY_tag_size(crypt_get_integrity(cd), crypt_get_cipher(cd), crypt_get_cipher_mode(cd)); return 0; @@ -5523,7 +5521,7 @@ crypt_keyslot_priority crypt_keyslot_get_priority(struct crypt_device *cd, int k return CRYPT_SLOT_PRIORITY_INVALID; if (isLUKS2(cd->type)) - return LUKS2_keyslot_priority_get(cd, &cd->u.luks2.hdr, keyslot); + return LUKS2_keyslot_priority_get(&cd->u.luks2.hdr, keyslot); return CRYPT_SLOT_PRIORITY_NORMAL; } @@ -5615,7 +5613,7 @@ int crypt_get_integrity_info(struct crypt_device *cd, ip->integrity = LUKS2_get_integrity(&cd->u.luks2.hdr, CRYPT_DEFAULT_SEGMENT); ip->integrity_key_size = crypt_get_integrity_key_size(cd); - ip->tag_size = INTEGRITY_tag_size(cd, ip->integrity, crypt_get_cipher(cd), crypt_get_cipher_mode(cd)); + ip->tag_size = INTEGRITY_tag_size(ip->integrity, crypt_get_cipher(cd), crypt_get_cipher_mode(cd)); ip->journal_integrity = NULL; ip->journal_integrity_key_size = 0; @@ -5753,7 +5751,7 @@ int crypt_token_json_get(struct crypt_device *cd, int token, const char **json) if ((r = _onlyLUKS2(cd, CRYPT_CD_UNRESTRICTED, 0))) return r; - return LUKS2_token_json_get(cd, &cd->u.luks2.hdr, token, json) ?: token; + return LUKS2_token_json_get(&cd->u.luks2.hdr, token, json) ?: token; } int crypt_token_json_set(struct crypt_device *cd, int token, const char *json) @@ -5819,7 +5817,7 @@ int crypt_token_luks2_keyring_get(struct crypt_device *cd, return -EINVAL; } - return LUKS2_token_keyring_get(cd, &cd->u.luks2.hdr, token, params); + return LUKS2_token_keyring_get(&cd->u.luks2.hdr, token, params); } int crypt_token_luks2_keyring_set(struct crypt_device *cd, @@ -5871,7 +5869,7 @@ int crypt_token_is_assigned(struct crypt_device *cd, int token, int keyslot) if ((r = _onlyLUKS2(cd, CRYPT_CD_QUIET | CRYPT_CD_UNRESTRICTED, 0))) return r; - return LUKS2_token_is_assigned(cd, &cd->u.luks2.hdr, keyslot, token); + return LUKS2_token_is_assigned(&cd->u.luks2.hdr, keyslot, token); } /* Internal only */ diff --git a/lib/verity/verity.c b/lib/verity/verity.c index d1771b80..3febb762 100644 --- a/lib/verity/verity.c +++ b/lib/verity/verity.c @@ -236,7 +236,7 @@ uint64_t VERITY_hash_offset_block(struct crypt_params_verity *params) return hash_offset / params->hash_block_size; } -int VERITY_UUID_generate(struct crypt_device *cd __attribute__((unused)), char **uuid_string) +int VERITY_UUID_generate(char **uuid_string) { uuid_t uuid; diff --git a/lib/verity/verity.h b/lib/verity/verity.h index 2269649b..3c663326 100644 --- a/lib/verity/verity.h +++ b/lib/verity/verity.h @@ -75,6 +75,6 @@ uint64_t VERITY_FEC_blocks(struct crypt_device *cd, struct device *fec_device, struct crypt_params_verity *params); -int VERITY_UUID_generate(struct crypt_device *cd, char **uuid_string); +int VERITY_UUID_generate(char **uuid_string); #endif