eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-05 16:00:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Return -ENOENT if digest is missing.

Browse Source 
If there is no digest associated with segment,
for example during reencryption mode encrypt initialization,
return -ENOENT in LUKS2_digest_verify_by_segment.
This commit is contained in:
Ondrej Kozina
2025-05-19 16:15:10 +02:00
parent 1a7e89c55d
commit 5a84dc87e3
2 changed files with 7 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/luks2/luks2_digest.c
View File

@@ -160,7 +160,7 @@ int LUKS2_digest_verify_by_segment(struct crypt_device *cd,
int segment,
const struct volume_key *vk)
{
int r = -EINVAL;
int r;
unsigned s;
if (segment == CRYPT_ANY_SEGMENT) {
@@ -172,7 +172,11 @@ int LUKS2_digest_verify_by_segment(struct crypt_device *cd,
return -EPERM;
}
return LUKS2_digest_verify_by_digest(cd, LUKS2_digest_by_segment(hdr, segment), vk);
r = LUKS2_digest_by_segment(hdr, segment);
if (r < 0)
return r;
return LUKS2_digest_verify_by_digest(cd, r, vk);
}
/* FIXME: segment can have more digests */

2
lib/luks2/luks2_reencrypt.c
View File

@@ -3125,7 +3125,7 @@ static int reencrypt_init(struct crypt_device *cd,
/* do not create new digest in case it matches the current one */
r = LUKS2_digest_verify_by_segment(cd, hdr, CRYPT_DEFAULT_SEGMENT, vk);
if (r == -EPERM)
if (r == -EPERM || r == -ENOENT)
r = LUKS2_digest_create(cd, "pbkdf2", hdr, vk);
crypt_free_volume_key(vk);