From 3ec14c8668edb696a783bfbb1b4e6dd77108f855 Mon Sep 17 00:00:00 2001 From: Milan Broz Date: Sat, 3 May 2025 18:50:33 +0200 Subject: [PATCH] Move (and rename) UUID helpers to libdevmapper source. --- lib/internal.h | 3 - lib/libdevmapper.c | 88 ++++++++++++++++++++++++++- lib/luks2/luks2_json_metadata.c | 4 +- lib/luks2/luks2_reencrypt.c | 2 +- lib/setup.c | 104 +++----------------------------- lib/utils_dm.h | 4 ++ 6 files changed, 103 insertions(+), 102 deletions(-) diff --git a/lib/internal.h b/lib/internal.h index e5388b43..56efa46b 100644 --- a/lib/internal.h +++ b/lib/internal.h @@ -175,9 +175,6 @@ char *crypt_get_base_device(const char *dev_path); uint64_t crypt_dev_partition_offset(const char *dev_path); int lookup_by_disk_id(const char *dm_uuid); int lookup_by_sysfs_uuid_field(const char *dm_uuid); -int crypt_uuid_cmp(const char *dm_uuid, const char *hdr_uuid); -int crypt_uuid_type_cmp(const char *dm_uuid, const char *type); -int crypt_uuid_integrity_cmp(const char *dm_uuid, const char *dmi_uuid); size_t crypt_getpagesize(void); unsigned crypt_cpusonline(void); diff --git a/lib/libdevmapper.c b/lib/libdevmapper.c index 203bb070..a306bc5b 100644 --- a/lib/libdevmapper.c +++ b/lib/libdevmapper.c @@ -3222,7 +3222,7 @@ char *dm_get_active_iname(struct crypt_device *cd, const char *name) if (single_segment(&dmdi) && tgti->type == DM_INTEGRITY && - crypt_uuid_integrity_cmp(dmd.uuid, dmdi.uuid) == 0) { + dm_uuid_integrity_cmp(dmd.uuid, dmdi.uuid) == 0) { ret_iname = iname; iname = NULL; } @@ -3247,6 +3247,92 @@ int dm_is_dm_kernel_name(const char *name) return strncmp(name, "dm-", 3) ? 0 : 1; } +/* + * compares UUIDs returned by device-mapper (striped by cryptsetup) and uuid in header + */ +int dm_uuid_cmp(const char *dm_uuid, const char *hdr_uuid) +{ + int i, j; + char *str; + + if (!dm_uuid || !hdr_uuid) + return -EINVAL; + + /* skip beyond LUKS2_HW_OPAL prefix */ + if (!strncmp(dm_uuid, CRYPT_LUKS2_HW_OPAL, strlen(CRYPT_LUKS2_HW_OPAL))) + dm_uuid = dm_uuid + strlen(CRYPT_LUKS2_HW_OPAL); + + str = strchr(dm_uuid, '-'); + if (!str) + return -EINVAL; + + for (i = 0, j = 1; hdr_uuid[i]; i++) { + if (hdr_uuid[i] == '-') + continue; + + if (!str[j] || str[j] == '-') + return -EINVAL; + + if (str[j] != hdr_uuid[i]) + return -EINVAL; + j++; + } + + return 0; +} + +/* + * compares two UUIDs returned by device-mapper (striped by cryptsetup) + * used for stacked LUKS2 & INTEGRITY devices + */ +int dm_uuid_integrity_cmp(const char *dm_uuid, const char *dmi_uuid) +{ + int i; + char *str, *stri; + + if (!dm_uuid || !dmi_uuid) + return -EINVAL; + + /* skip beyond LUKS2_HW_OPAL prefix */ + if (!strncmp(dm_uuid, CRYPT_LUKS2_HW_OPAL, strlen(CRYPT_LUKS2_HW_OPAL))) + dm_uuid = dm_uuid + strlen(CRYPT_LUKS2_HW_OPAL); + + str = strchr(dm_uuid, '-'); + if (!str) + return -EINVAL; + + stri = strchr(dmi_uuid, '-'); + if (!stri) + return -EINVAL; + + for (i = 1; str[i] && str[i] != '-'; i++) { + if (!stri[i]) + return -EINVAL; + + if (str[i] != stri[i]) + return -EINVAL; + } + + return 0; +} + +/* + * compares type of active device to provided string + */ +int dm_uuid_type_cmp(const char *dm_uuid, const char *type) +{ + size_t len; + + assert(type); + + len = strlen(type); + if (dm_uuid && strlen(dm_uuid) > len && + !strncmp(dm_uuid, type, len) && dm_uuid[len] == '-') + return 0; + + return -ENODEV; +} + int dm_crypt_target_set(struct dm_target *tgt, uint64_t seg_offset, uint64_t seg_size, struct device *data_device, struct volume_key *vk, const char *cipher, uint64_t iv_offset, uint64_t data_offset, diff --git a/lib/luks2/luks2_json_metadata.c b/lib/luks2/luks2_json_metadata.c index 6d50e5be..cde66ed0 100644 --- a/lib/luks2/luks2_json_metadata.c +++ b/lib/luks2/luks2_json_metadata.c @@ -2841,7 +2841,7 @@ int LUKS2_deactivate(struct crypt_device *cd, const char *name, struct luks2_hdr return -EINVAL; /* uuid mismatch with metadata (if available) */ - if (hdr && crypt_uuid_cmp(dmd->uuid, hdr->uuid)) + if (hdr && dm_uuid_cmp(dmd->uuid, hdr->uuid)) return -EINVAL; r = snprintf(deps_uuid_prefix, sizeof(deps_uuid_prefix), CRYPT_SUBDEV "-%.32s", dmd->uuid + 6); @@ -2849,7 +2849,7 @@ int LUKS2_deactivate(struct crypt_device *cd, const char *name, struct luks2_hdr return -EINVAL; /* check if active device has LUKS2-OPAL dm uuid prefix */ - dm_opal_uuid = !crypt_uuid_type_cmp(dmd->uuid, CRYPT_LUKS2_HW_OPAL); + dm_opal_uuid = !dm_uuid_type_cmp(dmd->uuid, CRYPT_LUKS2_HW_OPAL); if (dm_opal_uuid && hdr && !LUKS2_segment_is_hw_opal(hdr, CRYPT_DEFAULT_SEGMENT)) return -EINVAL; diff --git a/lib/luks2/luks2_reencrypt.c b/lib/luks2/luks2_reencrypt.c index 658073ae..ce11fdba 100644 --- a/lib/luks2/luks2_reencrypt.c +++ b/lib/luks2/luks2_reencrypt.c @@ -3385,7 +3385,7 @@ int LUKS2_reencrypt_lock_by_dm_uuid(struct crypt_device *cd, const char *dm_uuid dm_uuid + 6, dm_uuid + 14, dm_uuid + 18, dm_uuid + 22, dm_uuid + 26); if (r < 0 || (size_t)r != (sizeof(hdr_uuid) - 1)) return -EINVAL; - } else if (crypt_uuid_cmp(dm_uuid, uuid)) + } else if (dm_uuid_cmp(dm_uuid, uuid)) return -EINVAL; return reencrypt_lock_internal(cd, uuid, reencrypt_lock); diff --git a/lib/setup.c b/lib/setup.c index bc693449..6d3a3f2a 100644 --- a/lib/setup.c +++ b/lib/setup.c @@ -512,92 +512,6 @@ static int keyslot_verify_or_find_empty(struct crypt_device *cd, int *keyslot) return 0; } -/* - * compares UUIDs returned by device-mapper (striped by cryptsetup) and uuid in header - */ -int crypt_uuid_cmp(const char *dm_uuid, const char *hdr_uuid) -{ - int i, j; - char *str; - - if (!dm_uuid || !hdr_uuid) - return -EINVAL; - - /* skip beyond LUKS2_HW_OPAL prefix */ - if (!strncmp(dm_uuid, CRYPT_LUKS2_HW_OPAL, strlen(CRYPT_LUKS2_HW_OPAL))) - dm_uuid = dm_uuid + strlen(CRYPT_LUKS2_HW_OPAL); - - str = strchr(dm_uuid, '-'); - if (!str) - return -EINVAL; - - for (i = 0, j = 1; hdr_uuid[i]; i++) { - if (hdr_uuid[i] == '-') - continue; - - if (!str[j] || str[j] == '-') - return -EINVAL; - - if (str[j] != hdr_uuid[i]) - return -EINVAL; - j++; - } - - return 0; -} - -/* - * compares two UUIDs returned by device-mapper (striped by cryptsetup) - * used for stacked LUKS2 & INTEGRITY devices - */ -int crypt_uuid_integrity_cmp(const char *dm_uuid, const char *dmi_uuid) -{ - int i; - char *str, *stri; - - if (!dm_uuid || !dmi_uuid) - return -EINVAL; - - /* skip beyond LUKS2_HW_OPAL prefix */ - if (!strncmp(dm_uuid, CRYPT_LUKS2_HW_OPAL, strlen(CRYPT_LUKS2_HW_OPAL))) - dm_uuid = dm_uuid + strlen(CRYPT_LUKS2_HW_OPAL); - - str = strchr(dm_uuid, '-'); - if (!str) - return -EINVAL; - - stri = strchr(dmi_uuid, '-'); - if (!stri) - return -EINVAL; - - for (i = 1; str[i] && str[i] != '-'; i++) { - if (!stri[i]) - return -EINVAL; - - if (str[i] != stri[i]) - return -EINVAL; - } - - return 0; -} - -/* - * compares type of active device to provided string - */ -int crypt_uuid_type_cmp(const char *dm_uuid, const char *type) -{ - size_t len; - - assert(type); - - len = strlen(type); - if (dm_uuid && strlen(dm_uuid) > len && - !strncmp(dm_uuid, type, len) && dm_uuid[len] == '-') - return 0; - - return -ENODEV; -} - int PLAIN_activate(struct crypt_device *cd, const char *name, struct volume_key *vk, @@ -1443,7 +1357,7 @@ static int _init_by_name_crypt(struct crypt_device *cd, const char *name) goto out; } /* check whether UUIDs match each other */ - r = crypt_uuid_cmp(dmd.uuid, LUKS_UUID(cd)); + r = dm_uuid_cmp(dmd.uuid, LUKS_UUID(cd)); if (r < 0) { log_dbg(cd, "LUKS device header uuid: %s mismatches DM returned uuid %s", LUKS_UUID(cd), dmd.uuid); @@ -3325,13 +3239,13 @@ static int _compare_device_types(struct crypt_device *cd, } if (isLUKS2(cd->type) && !strncmp("INTEGRITY-", tgt->uuid, strlen("INTEGRITY-"))) { - if (crypt_uuid_cmp(tgt->uuid, src->uuid)) { + if (dm_uuid_cmp(tgt->uuid, src->uuid)) { log_dbg(cd, "LUKS UUID mismatch."); return -EINVAL; } } else if (isLUKS(cd->type)) { if (!src->uuid || strncmp(cd->type, tgt->uuid, strlen(cd->type)) || - crypt_uuid_cmp(tgt->uuid, src->uuid)) { + dm_uuid_cmp(tgt->uuid, src->uuid)) { log_dbg(cd, "LUKS UUID mismatch."); return -EINVAL; } @@ -4178,9 +4092,9 @@ int crypt_suspend(struct crypt_device *cd, log_dbg(cd, "Checking if active device %s has UUID type LUKS.", name); - r = crypt_uuid_type_cmp(dmd.uuid, CRYPT_LUKS2); + r = dm_uuid_type_cmp(dmd.uuid, CRYPT_LUKS2); if (r < 0) - r = crypt_uuid_type_cmp(dmd.uuid, CRYPT_LUKS1); + r = dm_uuid_type_cmp(dmd.uuid, CRYPT_LUKS1); if (r < 0) { log_err(cd, _("This operation is supported only for LUKS device.")); @@ -4189,24 +4103,24 @@ int crypt_suspend(struct crypt_device *cd, r = -EINVAL; - if (isLUKS2(cd->type) && crypt_uuid_type_cmp(dmd.uuid, CRYPT_LUKS2)) { + if (isLUKS2(cd->type) && dm_uuid_type_cmp(dmd.uuid, CRYPT_LUKS2)) { log_dbg(cd, "LUKS device header type: %s mismatches DM device type.", cd->type); goto out; } - if (isLUKS1(cd->type) && crypt_uuid_type_cmp(dmd.uuid, CRYPT_LUKS1)) { + if (isLUKS1(cd->type) && dm_uuid_type_cmp(dmd.uuid, CRYPT_LUKS1)) { log_dbg(cd, "LUKS device header type: %s mismatches DM device type.", cd->type); goto out; } /* check if active device has LUKS2-OPAL dm uuid prefix */ - dm_opal_uuid = !crypt_uuid_type_cmp(dmd.uuid, CRYPT_LUKS2_HW_OPAL); + dm_opal_uuid = !dm_uuid_type_cmp(dmd.uuid, CRYPT_LUKS2_HW_OPAL); if (!dm_opal_uuid && isLUKS2(cd->type) && LUKS2_segment_is_hw_opal(&cd->u.luks2.hdr, CRYPT_DEFAULT_SEGMENT)) goto out; - if (cd->type && (r = crypt_uuid_cmp(dmd.uuid, LUKS_UUID(cd))) < 0) { + if (cd->type && (r = dm_uuid_cmp(dmd.uuid, LUKS_UUID(cd))) < 0) { log_dbg(cd, "LUKS device header uuid: %s mismatches DM returned uuid %s", LUKS_UUID(cd), dmd.uuid); goto out; diff --git a/lib/utils_dm.h b/lib/utils_dm.h index 036a62a8..4a558118 100644 --- a/lib/utils_dm.h +++ b/lib/utils_dm.h @@ -225,6 +225,10 @@ const char *dm_get_dir(void); int dm_get_iname(const char *name, char **iname, bool with_path); char *dm_get_active_iname(struct crypt_device *cd, const char *name); +int dm_uuid_cmp(const char *dm_uuid, const char *hdr_uuid); +int dm_uuid_type_cmp(const char *dm_uuid, const char *type); +int dm_uuid_integrity_cmp(const char *dm_uuid, const char *dmi_uuid); + int lookup_dm_dev_by_uuid(struct crypt_device *cd, const char *uuid, const char *type); /* These are DM helpers used only by utils_devpath file */