eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-15 12:50:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

Reject LUKS2 decryption with broken cmd line arguments.

Browse Source 
LUKS2 decryption is currently not supported for devices
with LUKS2 metadata placed in head of data devices. The decryption
still works correctly, but resulting plaintext device has data on
unexpected (original) offset. For example at offset of 16MiB in case
of default LUKS2 header.

Fixes: #614.
This commit is contained in:
Ondrej Kozina
2020-11-26 15:47:28 +01:00
committed by Milan Broz
parent 0c29321407
commit 670d08b406
2 changed files with 19 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/cryptsetup.c
View File

@@ -2993,6 +2993,11 @@ static int action_decrypt_luks2(struct crypt_device *cd)
};
size_t passwordLen;
if (!crypt_get_metadata_device_name(cd) || crypt_header_is_detached(cd) <= 0) {
log_err(_("LUKS2 decryption is supported with detached header device only."));
return -ENOTSUP;
}
_set_reencryption_flags(&params.flags);
r = tools_get_key(NULL, &password, &passwordLen,