eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-13 11:50:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix setting of integrity persistent flags (no-journal).

Browse Source 
We have to query and set flags also for underlying dm-integrity device,
otherwise activation flags applied there are ignored.
This commit is contained in:
Milan Broz
2018-11-25 12:46:41 +01:00
parent 2f6d0c006c
commit 3d2fd06035
2 changed files with 15 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/luks2/luks2_json_metadata.c
View File

@@ -1263,9 +1263,11 @@ int LUKS2_config_set_flags(struct crypt_device *cd, struct luks2_hdr *hdr, uint3
jobj_flags = json_object_new_array();
for (i = 0; persistent_flags[i].description; i++) {
if (flags & persistent_flags[i].flag)
if (flags & persistent_flags[i].flag) {
log_dbg("Setting persistent flag: %s.", persistent_flags[i].description);
json_object_array_add(jobj_flags,
json_object_new_string(persistent_flags[i].description));
}
}
/* Replace or add new flags array */
@@ -1912,7 +1914,7 @@ int LUKS2_activate(struct crypt_device *cd,
}
snprintf(dm_int_name, sizeof(dm_int_name), "%s_dif", name);
r = INTEGRITY_activate(cd, dm_int_name, NULL, NULL, NULL, NULL, flags);
r = INTEGRITY_activate(cd, dm_int_name, NULL, NULL, NULL, NULL, dmd.flags);
if (r)
return r;

13
lib/setup.c
View File

@@ -3337,13 +3337,14 @@ int crypt_deactivate(struct crypt_device *cd, const char *name)
int crypt_get_active_device(struct crypt_device *cd, const char *name,
struct crypt_active_device *cad)
{
struct crypt_dm_active_device dmd;
struct crypt_dm_active_device dmd = {}, dmdi = {};
const char *namei = NULL;
int r;
if (!cd || !name || !cad)
return -EINVAL;
r = dm_query_device(cd, name, 0, &dmd);
r = dm_query_device(cd, name, DM_ACTIVE_DEVICE, &dmd);
if (r < 0)
return r;
@@ -3352,6 +3353,14 @@ int crypt_get_active_device(struct crypt_device *cd, const char *name,
dmd.target != DM_INTEGRITY)
return -ENOTSUP;
/* For LUKS2 with integrity we need flags from underlying dm-integrity */
if (isLUKS2(cd->type) && crypt_get_integrity_tag_size(cd)) {
namei = device_dm_name(dmd.data_device);
if (namei && dm_query_device(cd, namei, 0, &dmdi) >= 0)
dmd.flags |= dmdi.flags;
}
device_free(dmd.data_device);
if (cd && isTCRYPT(cd->type)) {
cad->offset = TCRYPT_get_data_offset(cd, &cd->u.tcrypt.hdr, &cd->u.tcrypt.params);
cad->iv_offset = TCRYPT_get_iv_offset(cd, &cd->u.tcrypt.hdr, &cd->u.tcrypt.params);