diff --git a/lib/libcryptsetup.h b/lib/libcryptsetup.h index bfb0ca1b..98bfb61e 100644 --- a/lib/libcryptsetup.h +++ b/lib/libcryptsetup.h @@ -2291,11 +2291,13 @@ int crypt_reencrypt_init_by_keyring(struct crypt_device *cd, * @param cd crypt device handle * @param progress is a callback funtion reporting device \b size, * current \b offset of reencryption and provided \b usrptr identification + * @param usrptr progress specific data * * @return @e 0 on success or negative errno value otherwise. */ int crypt_reencrypt(struct crypt_device *cd, - int (*progress)(uint64_t size, uint64_t offset, void *usrptr)); + int (*progress)(uint64_t size, uint64_t offset, void *usrptr), + void *usrptr); /** * Reencryption status info diff --git a/lib/libcryptsetup.sym b/lib/libcryptsetup.sym index 59a998c6..89d048de 100644 --- a/lib/libcryptsetup.sym +++ b/lib/libcryptsetup.sym @@ -1,3 +1,8 @@ +CRYPTSETUP_2.1 { + global: + crypt_reencrypt; +}; + CRYPTSETUP_2.0 { global: crypt_init; diff --git a/lib/luks2/luks2_reencrypt.c b/lib/luks2/luks2_reencrypt.c index 78c76c09..f9815d86 100644 --- a/lib/luks2/luks2_reencrypt.c +++ b/lib/luks2/luks2_reencrypt.c @@ -3327,7 +3327,8 @@ static int reencrypt_teardown(struct crypt_device *cd, struct luks2_hdr *hdr, } int crypt_reencrypt(struct crypt_device *cd, - int (*progress)(uint64_t size, uint64_t offset, void *usrptr)) + int (*progress)(uint64_t size, uint64_t offset, void *usrptr), + void *usrptr) { int r; crypt_reencrypt_info ri; @@ -3388,6 +3389,19 @@ int crypt_reencrypt(struct crypt_device *cd, return r; } +#if defined(__GNUC__) +#define CRYPT_EXPORT_SYMBOL(func, maj, min) \ + __asm__(".symver " #func "_v" #maj "_" #min ", " #func "@CRYPTSETUP_" #maj "." #min) +int crypt_reencrypt_v2_0(struct crypt_device *cd, + int (*progress)(uint64_t size, uint64_t offset, void *usrptr)); +int crypt_reencrypt_v2_0(struct crypt_device *cd, + int (*progress)(uint64_t size, uint64_t offset, void *usrptr)) +{ + return crypt_reencrypt(cd, progress, NULL); +} +CRYPT_EXPORT_SYMBOL(crypt_reencrypt, 2, 0); +#endif + static int reencrypt_recovery(struct crypt_device *cd, struct luks2_hdr *hdr, uint64_t device_size, diff --git a/src/cryptsetup.c b/src/cryptsetup.c index 0b68204f..2dff3bfb 100644 --- a/src/cryptsetup.c +++ b/src/cryptsetup.c @@ -3365,7 +3365,7 @@ static int action_reencrypt(void) if (r >= 0 && !opt_reencrypt_init_only) { set_int_handler(0); - r = crypt_reencrypt(cd, tools_reencrypt_progress); + r = crypt_reencrypt(cd, tools_reencrypt_progress, NULL); } out: crypt_free(cd); diff --git a/tests/api-test-2.c b/tests/api-test-2.c index 8386c081..33dbd6c6 100644 --- a/tests/api-test-2.c +++ b/tests/api-test-2.c @@ -3716,7 +3716,7 @@ static void Luks2Reencryption(void) OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags)); EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, 0); - FAIL_(crypt_reencrypt(cd, NULL), "Reencryption context not initialized."); + FAIL_(crypt_reencrypt(cd, NULL, NULL), "Reencryption context not initialized."); rparams.flags &= ~CRYPT_REENCRYPT_RESUME_ONLY; OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams)); @@ -3749,7 +3749,7 @@ static void Luks2Reencryption(void) rparams.flags = 0; OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams)); - OK_(crypt_reencrypt(cd, NULL)); + OK_(crypt_reencrypt(cd, NULL, NULL)); /* check keyslots are reassigned to segment after reencryption */ EQ_(crypt_keyslot_status(cd, 0), CRYPT_SLOT_INACTIVE); @@ -3773,10 +3773,10 @@ static void Luks2Reencryption(void) FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 9, 21, "aes", "xts-plain64", &rparams), "Invalid device size alignment."); OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags)); EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, CRYPT_REQUIREMENT_ONLINE_REENCRYPT); - FAIL_(crypt_reencrypt(cd, NULL), "Reencryption context not initialized."); + FAIL_(crypt_reencrypt(cd, NULL, NULL), "Reencryption context not initialized."); rparams.device_size = 16; OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 9, 21, "aes", "xts-plain64", &rparams)); - OK_(crypt_reencrypt(cd, NULL)); + OK_(crypt_reencrypt(cd, NULL, NULL)); OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags)); EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, 0); @@ -3810,7 +3810,7 @@ static void Luks2Reencryption(void) rparams.hash = "sha1"; OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams)); - OK_(crypt_reencrypt(cd, NULL)); + OK_(crypt_reencrypt(cd, NULL, NULL)); /* FIXME: this is a bug, but not critical (data shift parameter is ignored after initialization) */ //rparams.data_shift = 8; @@ -3837,7 +3837,7 @@ static void Luks2Reencryption(void) FAIL_(crypt_reencrypt_init_by_passphrase(cd2, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Reencryption already running."); rparams.flags = 0; FAIL_(crypt_reencrypt_init_by_passphrase(cd2, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Reencryption already running."); - FAIL_(crypt_reencrypt(cd2, NULL), "Invalid reencryption context."); + FAIL_(crypt_reencrypt(cd2, NULL, NULL), "Invalid reencryption context."); OK_(crypt_persistent_flags_get(cd, CRYPT_FLAGS_REQUIREMENTS, &getflags)); EQ_(getflags & CRYPT_REQUIREMENT_ONLINE_REENCRYPT, CRYPT_REQUIREMENT_ONLINE_REENCRYPT); OK_(crypt_persistent_flags_get(cd2, CRYPT_FLAGS_REQUIREMENTS, &getflags)); @@ -3846,7 +3846,7 @@ static void Luks2Reencryption(void) EQ_(crypt_reencrypt_status(cd2, NULL), CRYPT_REENCRYPT_CLEAN); FAIL_(crypt_activate_by_passphrase(cd2, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), "Reencryption already in progress."); FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), "Reencryption already in progress."); - OK_(crypt_reencrypt(cd, NULL)); + OK_(crypt_reencrypt(cd, NULL, NULL)); CRYPT_FREE(cd); CRYPT_FREE(cd2); @@ -3865,7 +3865,7 @@ static void Luks2Reencryption(void) /* interrupt reencryption after 'test_progress_steps' */ test_progress_steps = 1; - OK_(crypt_reencrypt(cd, &test_progress)); + OK_(crypt_reencrypt(cd, &test_progress, NULL)); EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_CLEAN); NOTFAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, PASSPHRASE, strlen(PASSPHRASE), 0), "Could not activate device in reencryption."); @@ -3884,7 +3884,7 @@ static void Luks2Reencryption(void) rparams.device_size = 2; rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY; NOTFAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), "Failed to initialize reencryption."); - OK_(crypt_reencrypt(cd, NULL)); + OK_(crypt_reencrypt(cd, NULL, NULL)); EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_NONE); EQ_(crypt_activate_by_passphrase(cd, CDEVICE_1, 1, PASSPHRASE, strlen(PASSPHRASE), 0), 1); OK_(crypt_get_active_device(cd, CDEVICE_1, &cad)); @@ -3957,7 +3957,7 @@ static void Luks2Reencryption(void) EQ_(crypt_get_data_offset(cd), 32776); rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY; EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), 2); - OK_(crypt_reencrypt(cd, NULL)); + OK_(crypt_reencrypt(cd, NULL, NULL)); CRYPT_FREE(cd); OK_(crypt_init(&cd, DMDIR L_DEVICE_OK)); OK_(crypt_set_pbkdf_type(cd, &pbkdf)); @@ -3990,7 +3990,7 @@ static void Luks2Reencryption(void) EQ_(crypt_get_data_offset(cd), 32760); rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY; EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 1, 0, "aes", "xts-plain64", &rparams), 2); - OK_(crypt_reencrypt(cd, NULL)); + OK_(crypt_reencrypt(cd, NULL, NULL)); CRYPT_FREE(cd); OK_(crypt_init(&cd, DMDIR L_DEVICE_OK)); OK_(crypt_load(cd, CRYPT_LUKS2, NULL)); @@ -4019,7 +4019,7 @@ static void Luks2Reencryption(void) EQ_(cad.size, 8); rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY; EQ_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 0, 1, "aes", "xts-plain64", &rparams), 2); - OK_(crypt_reencrypt(cd, NULL)); + OK_(crypt_reencrypt(cd, NULL, NULL)); OK_(crypt_deactivate(cd, CDEVICE_1)); CRYPT_FREE(cd); @@ -4058,7 +4058,7 @@ static void Luks2Reencryption(void) EQ_(crypt_get_data_offset(cd), 8192); rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY; EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ANY_SLOT, 30, NULL, NULL, &rparams), 0); - OK_(crypt_reencrypt(cd, NULL)); + OK_(crypt_reencrypt(cd, NULL, NULL)); CRYPT_FREE(cd); _cleanup_dmdevices(); @@ -4078,7 +4078,7 @@ static void Luks2Reencryption(void) EQ_(crypt_get_data_offset(cd), 8192); rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY; EQ_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ANY_SLOT, 30, NULL, NULL, &rparams), 0); - OK_(crypt_reencrypt(cd, NULL)); + OK_(crypt_reencrypt(cd, NULL, NULL)); CRYPT_FREE(cd); _cleanup_dmdevices(); @@ -4120,7 +4120,7 @@ static void Luks2Reencryption(void) rparams.resilience = "none"; rparams.max_hotzone_size = 2048; OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams)); - OK_(crypt_reencrypt(cd, NULL)); + OK_(crypt_reencrypt(cd, NULL, NULL)); CRYPT_FREE(cd); OK_(crypt_init(&cd, DMDIR L_DEVICE_OK)); OK_(crypt_load(cd, CRYPT_LUKS2, NULL)); @@ -4141,7 +4141,7 @@ static void Luks2Reencryption(void) rparams.resilience = "none"; rparams.max_hotzone_size = 2048; OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams)); - OK_(crypt_reencrypt(cd, NULL)); + OK_(crypt_reencrypt(cd, NULL, NULL)); CRYPT_FREE(cd); /* decryption with data shift */ @@ -4165,7 +4165,7 @@ static void Luks2Reencryption(void) rparams.data_shift = r_header_size; OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams)); EQ_(crypt_get_data_offset(cd), 0); - OK_(crypt_reencrypt(cd, NULL)); + OK_(crypt_reencrypt(cd, NULL, NULL)); remove(BACKUP_FILE); CRYPT_FREE(cd); @@ -4195,7 +4195,7 @@ static void Luks2Reencryption(void) rparams.data_shift = r_header_size; OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_2, PASSPHRASE, strlen(PASSPHRASE), 6, CRYPT_ANY_SLOT, NULL, NULL, &rparams)); EQ_(crypt_get_data_offset(cd), 0); - OK_(crypt_reencrypt(cd, NULL)); + OK_(crypt_reencrypt(cd, NULL, NULL)); remove(BACKUP_FILE); OK_(t_device_size(DMDIR CDEVICE_2, &r_size_1)); EQ_(r_size_1, 512); @@ -4228,7 +4228,7 @@ static void Luks2Reencryption(void) rparams.luks2 = ¶ms2; OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "cbc-essiv:sha256", &rparams)); - OK_(crypt_reencrypt(cd, NULL)); + OK_(crypt_reencrypt(cd, NULL, NULL)); OK_(crypt_init_data_device(&cd2, IMAGE_EMPTY_SMALL, DMDIR L_DEVICE_OK)); OK_(crypt_load(cd2, CRYPT_LUKS2, NULL)); @@ -4256,7 +4256,7 @@ static void Luks2Reencryption(void) OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "cbc-essiv:sha256", &rparams)); /* reencrypt 8 srectors of device */ test_progress_steps = 1; - OK_(crypt_reencrypt(cd, &test_progress)); + OK_(crypt_reencrypt(cd, &test_progress, NULL)); /* activate another data device with same LUKS2 header (this is wrong, but we can't detect such mistake) */ OK_(crypt_init_data_device(&cd2, IMAGE_EMPTY_SMALL, DMDIR L_DEVICE_OK)); @@ -4268,7 +4268,7 @@ static void Luks2Reencryption(void) rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY; OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "cbc-essiv:sha256", &rparams)); test_progress_steps = 1; - OK_(crypt_reencrypt(cd, &test_progress)); + OK_(crypt_reencrypt(cd, &test_progress, NULL)); /* Now active mapping for second data device does not match its metadata */ OK_(crypt_init_data_device(&cd2, IMAGE_EMPTY_SMALL, DMDIR L_DEVICE_OK)); @@ -4301,7 +4301,7 @@ static void Luks2Reencryption(void) EQ_(crypt_keyslot_add_by_key(cd, 1, NULL, 64, PASSPHRASE, strlen(PASSPHRASE), CRYPT_VOLUME_KEY_NO_SEGMENT), 1); OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "xts-plain64", &rparams)); test_progress_steps = 1; - OK_(crypt_reencrypt(cd, &test_progress)); + OK_(crypt_reencrypt(cd, &test_progress, NULL)); EQ_(crypt_reencrypt_status(cd, NULL), CRYPT_REENCRYPT_CLEAN); OK_(crypt_get_active_device(cd, CDEVICE_1, &cad)); EQ_(cad.flags & CRYPT_ACTIVATE_ALLOW_DISCARDS, CRYPT_ACTIVATE_ALLOW_DISCARDS); @@ -4310,7 +4310,7 @@ static void Luks2Reencryption(void) OK_(crypt_init_by_name(&cd, CDEVICE_1)); rparams.flags = CRYPT_REENCRYPT_RESUME_ONLY; OK_(crypt_reencrypt_init_by_passphrase(cd, CDEVICE_1, PASSPHRASE, strlen(PASSPHRASE), 6, 1, "aes", "xts-plain64", &rparams)); - OK_(crypt_reencrypt(cd, NULL)); + OK_(crypt_reencrypt(cd, NULL, NULL)); OK_(crypt_get_active_device(cd, CDEVICE_1, &cad)); EQ_(cad.flags & CRYPT_ACTIVATE_ALLOW_DISCARDS, CRYPT_ACTIVATE_ALLOW_DISCARDS); EQ_(cad.flags & CRYPT_ACTIVATE_KEYRING_KEY, 0);