eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-06 00:10:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

LUKS2 code cleanup.

Browse Source 
- drop unused code
- drop unused function declarations
- remove local routines from internal api
This commit is contained in:
Ondrej Kozina
2019-08-05 18:26:07 +02:00
parent 91879960e6
commit a23e1cf729
8 changed files with 79 additions and 172 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
lib/luks2/luks2.h
View File

@@ -367,19 +367,15 @@ int LUKS2_tokens_count(struct luks2_hdr *hdr);
/*
* Generic LUKS2 segment
*/
json_object *json_get_segments_jobj(json_object *hdr_jobj);
uint64_t json_segment_get_offset(json_object *jobj_segment, unsigned blockwise);
const char *json_segment_type(json_object *jobj_segment);
uint64_t json_segment_get_iv_offset(json_object *jobj_segment);
uint64_t json_segment_get_size(json_object *jobj_segment, unsigned blockwise);
const char *json_segment_get_cipher(json_object *jobj_segment);
int json_segment_get_sector_size(json_object *jobj_segment);
json_object *json_segment_get_flags(json_object *jobj_segment);
bool json_segment_is_backup(json_object *jobj_segment);
bool json_segment_is_reencrypt(json_object *jobj_segment);
json_object *json_segments_get_segment(json_object *jobj_segments, int segment);
unsigned json_segments_count(json_object *jobj_segments);
json_object *json_segments_get_segment_by_flag(json_object *jobj_segments, const char *flag);
void json_segment_remove_flag(json_object *jobj_segment, const char *flag);
uint64_t json_segments_get_minimal_offset(json_object *jobj_segments, unsigned blockwise);
json_object *json_segment_create_linear(uint64_t offset, const uint64_t *length, unsigned reencryption);
@@ -396,8 +392,6 @@ json_object *LUKS2_get_segment_by_flag(struct luks2_hdr *hdr, const char *flag);
int LUKS2_get_segment_id_by_flag(struct luks2_hdr *hdr, const char *flag);
json_object *LUKS2_get_ignored_segments(struct luks2_hdr *hdr);
int LUKS2_segments_set(struct crypt_device *cd,
struct luks2_hdr *hdr,
json_object *jobj_segments,
@@ -425,11 +419,6 @@ int LUKS2_get_default_segment(struct luks2_hdr *hdr);
int LUKS2_reencrypt_digest_new(struct luks2_hdr *hdr);
int LUKS2_reencrypt_digest_old(struct luks2_hdr *hdr);
const char *LUKS2_reencrypt_protection_type(struct luks2_hdr *hdr);
const char *LUKS2_reencrypt_protection_hash(struct luks2_hdr *hdr);
uint64_t LUKS2_reencrypt_data_shift(struct luks2_hdr *hdr);
crypt_reencrypt_mode_info LUKS2_reencrypt_mode(struct luks2_hdr *hdr);
crypt_reencrypt_direction_info LUKS2_reencrypt_direction(struct luks2_hdr *hdr);
int LUKS2_reencrypt_data_offset(struct luks2_hdr *hdr, bool blockwise);
/*
@@ -511,12 +500,6 @@ int LUKS2_reload(struct crypt_device *cd,
uint64_t device_size,
uint32_t flags);
int LUKS2_keyslot_luks2_format(struct crypt_device *cd,
struct luks2_hdr *hdr,
int keyslot,
const char *cipher,
size_t keylength);
int LUKS2_generate_hdr(
struct crypt_device *cd,
struct luks2_hdr *hdr,
@@ -552,7 +535,6 @@ int LUKS2_keyslot_find_empty(struct luks2_hdr *hdr);
int LUKS2_keyslot_active_count(struct luks2_hdr *hdr, int segment);
int LUKS2_keyslot_for_segment(struct luks2_hdr *hdr, int keyslot, int segment);
int LUKS2_find_keyslot(struct luks2_hdr *hdr, const char *type);
int LUKS2_find_keyslot_for_segment(struct luks2_hdr *hdr, int segment, const char *type);
crypt_keyslot_info LUKS2_keyslot_info(struct luks2_hdr *hdr, int keyslot);
int LUKS2_keyslot_area(struct luks2_hdr *hdr,
int keyslot,
@@ -577,7 +559,6 @@ int LUKS2_config_set_requirements(struct crypt_device *cd, struct luks2_hdr *hdr
int LUKS2_unmet_requirements(struct crypt_device *cd, struct luks2_hdr *hdr, uint32_t reqs_mask, int quiet);
char *LUKS2_key_description_by_digest(struct crypt_device *cd, int digest);
int LUKS2_key_description_by_segment(struct crypt_device *cd,
struct luks2_hdr *hdr, struct volume_key *vk, int segment);
int LUKS2_volume_key_load_in_keyring_by_keyslot(struct crypt_device *cd,
@@ -596,16 +577,6 @@ int LUKS2_luks2_to_luks1(struct crypt_device *cd,
/*
* LUKS2 reencryption
*/
int LUKS2_verify_and_upload_keys(struct crypt_device *cd,
struct luks2_hdr *hdr,
int digest_old,
int digest_new,
struct volume_key *vks);
int LUKS2_reenc_update_segments(struct crypt_device *cd,
struct luks2_hdr *hdr,
struct luks2_reenc_context *rh);
int LUKS2_reencrypt_locked_recovery_by_passphrase(struct crypt_device *cd,
int keyslot_old,
int keyslot_new,

7
lib/luks2/luks2_digest.c
View File

@@ -28,7 +28,7 @@ static const digest_handler *digest_handlers[LUKS2_DIGEST_MAX] = {
NULL
};
const digest_handler *LUKS2_digest_handler_type(struct crypt_device *cd, const char *type)
static const digest_handler *LUKS2_digest_handler_type(struct crypt_device *cd, const char *type)
{
int i;
@@ -415,11 +415,6 @@ static char *get_key_description_by_digest(struct crypt_device *cd, int digest)
return desc;
}
char *LUKS2_key_description_by_digest(struct crypt_device *cd, int digest)
{
return get_key_description_by_digest(cd, digest);
}
int LUKS2_key_description_by_segment(struct crypt_device *cd,
struct luks2_hdr *hdr, struct volume_key *vk, int segment)
{

2
lib/luks2/luks2_disk_metadata.c
View File

@@ -26,7 +26,7 @@
/*
* Helper functions
*/
json_object *parse_json_len(struct crypt_device *cd, const char *json_area,
static json_object *parse_json_len(struct crypt_device *cd, const char *json_area,
uint64_t max_length, int *json_len)
{
json_object *jobj;

6
lib/luks2/luks2_internal.h
View File

@@ -59,8 +59,6 @@ json_object *LUKS2_get_segments_jobj(struct luks2_hdr *hdr);
void hexprint_base64(struct crypt_device *cd, json_object *jobj,
const char *sep, const char *line_sep);
json_object *parse_json_len(struct crypt_device *cd, const char *json_area,
uint64_t max_length, int *json_len);
uint64_t json_object_get_uint64(json_object *jobj);
uint32_t json_object_get_uint32(json_object *jobj);
json_object *json_object_new_uint64(uint64_t value);
@@ -81,8 +79,6 @@ json_object *json_contains(struct crypt_device *cd, json_object *jobj, const cha
const char *section, const char *key, json_type type);
int LUKS2_hdr_validate(struct crypt_device *cd, json_object *hdr_jobj, uint64_t json_size);
int LUKS2_keyslot_validate(struct crypt_device *cd, json_object *hdr_jobj,
json_object *hdr_keyslot, const char *key);
int LUKS2_check_json_size(struct crypt_device *cd, const struct luks2_hdr *hdr);
int LUKS2_token_validate(struct crypt_device *cd, json_object *hdr_jobj,
json_object *jobj_token, const char *key);
@@ -167,8 +163,6 @@ typedef struct {
digest_dump_func dump;
} digest_handler;
const digest_handler *LUKS2_digest_handler_type(struct crypt_device *cd, const char *type);
/**
* LUKS2 token handlers (internal use only)
*/

12
lib/luks2/luks2_json_metadata.c
View File

@@ -169,6 +169,16 @@ json_object *LUKS2_get_digest_jobj(struct luks2_hdr *hdr, int digest)
return jobj2;
}
static json_object *json_get_segments_jobj(json_object *hdr_jobj)
{
json_object *jobj_segments;
if (!hdr_jobj || !json_object_object_get_ex(hdr_jobj, "segments", &jobj_segments))
return NULL;
return jobj_segments;
}
json_object *LUKS2_get_segment_jobj(struct luks2_hdr *hdr, int segment)
{
if (!hdr)
@@ -393,7 +403,7 @@ static json_bool validate_intervals(struct crypt_device *cd,
return TRUE;
}
int LUKS2_keyslot_validate(struct crypt_device *cd, json_object *hdr_jobj, json_object *hdr_keyslot, const char *key)
static int LUKS2_keyslot_validate(struct crypt_device *cd, json_object *hdr_jobj, json_object *hdr_keyslot, const char *key)
{
json_object *jobj_key_size;

21
lib/luks2/luks2_keyslot.c
View File

@@ -928,24 +928,3 @@ int LUKS2_find_keyslot(struct luks2_hdr *hdr, const char *type)
return -ENOENT;
}
int LUKS2_find_keyslot_for_segment(struct luks2_hdr *hdr, int segment, const char *type)
{
int i;
json_object *jobj_keyslot, *jobj_type;
for (i = 0; i < LUKS2_KEYSLOTS_MAX; i++) {
jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, i);
if (!jobj_keyslot)
continue;
json_object_object_get_ex(jobj_keyslot, "type", &jobj_type);
if (strcmp(json_object_get_string(jobj_type), type))
continue;
if (!LUKS2_keyslot_for_segment(hdr, i, segment))
return i;
}
return -EINVAL;
}

130
lib/luks2/luks2_reencrypt.c
View File

@@ -107,7 +107,7 @@ int LUKS2_reencrypt_digest_old(struct luks2_hdr *hdr)
}
/* none, checksums, journal or shift */
const char *LUKS2_reencrypt_protection_type(struct luks2_hdr *hdr)
static const char *reencrypt_resilience_type(struct luks2_hdr *hdr)
{
json_object *jobj_keyslot, *jobj_area, *jobj_type;
int ks = LUKS2_find_keyslot(hdr, "reencrypt");
@@ -124,7 +124,7 @@ const char *LUKS2_reencrypt_protection_type(struct luks2_hdr *hdr)
return json_object_get_string(jobj_type);
}
const char *LUKS2_reencrypt_protection_hash(struct luks2_hdr *hdr)
static const char *reencrypt_resilience_hash(struct luks2_hdr *hdr)
{
json_object *jobj_keyslot, *jobj_area, *jobj_type, *jobj_hash;
int ks = LUKS2_find_keyslot(hdr, "reencrypt");
@@ -561,7 +561,7 @@ static int reencrypt_make_post_segments(struct crypt_device *cd,
return rh->jobj_segs_post ? 0 : -EINVAL;
}
uint64_t LUKS2_reencrypt_data_shift(struct luks2_hdr *hdr)
static uint64_t reencrypt_data_shift(struct luks2_hdr *hdr)
{
json_object *jobj_keyslot, *jobj_area, *jobj_data_shift;
int ks = LUKS2_find_keyslot(hdr, "reencrypt");
@@ -578,7 +578,7 @@ uint64_t LUKS2_reencrypt_data_shift(struct luks2_hdr *hdr)
return json_object_get_uint64(jobj_data_shift);
}
crypt_reencrypt_mode_info LUKS2_reencrypt_mode(struct luks2_hdr *hdr)
static crypt_reencrypt_mode_info reencrypt_mode(struct luks2_hdr *hdr)
{
const char *mode;
crypt_reencrypt_mode_info mi = CRYPT_REENCRYPT_REENCRYPT;
@@ -600,7 +600,7 @@ crypt_reencrypt_mode_info LUKS2_reencrypt_mode(struct luks2_hdr *hdr)
return mi;
}
crypt_reencrypt_direction_info LUKS2_reencrypt_direction(struct luks2_hdr *hdr)
static crypt_reencrypt_direction_info reencrypt_direction(struct luks2_hdr *hdr)
{
const char *value;
json_object *jobj_keyslot, *jobj_mode;
@@ -792,7 +792,7 @@ static int reencrypt_offset(struct luks2_hdr *hdr,
{
int sg;
json_object *jobj_segments;
uint64_t data_shift = LUKS2_reencrypt_data_shift(hdr);
uint64_t data_shift = reencrypt_data_shift(hdr);
if (!offset)
return -EINVAL;
@@ -808,7 +808,7 @@ static int reencrypt_offset(struct luks2_hdr *hdr,
if (di == CRYPT_REENCRYPT_FORWARD)
return _offset_forward(hdr, jobj_segments, offset);
else if (di == CRYPT_REENCRYPT_BACKWARD) {
if (LUKS2_reencrypt_mode(hdr) == CRYPT_REENCRYPT_ENCRYPT &&
if (reencrypt_mode(hdr) == CRYPT_REENCRYPT_ENCRYPT &&
LUKS2_get_segment_id_by_flag(hdr, "backup-moved-segment") >= 0)
return reencrypt_offset_backward_moved(hdr, jobj_segments, reencrypt_length, data_shift, offset);
return _offset_backward(hdr, jobj_segments, device_size, reencrypt_length, offset);
@@ -826,7 +826,7 @@ static uint64_t reencrypt_length(struct luks2_hdr *hdr, struct luks2_reenc_conte
else if (rh->rp.type == REENC_PROTECTION_CHECKSUM)
length = (keyslot_area_length / rh->rp.p.csum.hash_size) * rh->alignment;
else if (rh->rp.type == REENC_PROTECTION_DATASHIFT)
return LUKS2_reencrypt_data_shift(hdr);
return reencrypt_data_shift(hdr);
else
length = keyslot_area_length;
@@ -849,7 +849,7 @@ static int reencrypt_context_init(struct crypt_device *cd, struct luks2_hdr *hdr
if (LUKS2_keyslot_area(hdr, rh->reenc_keyslot, &dummy, &area_length) < 0)
return -EINVAL;
rh->mode = LUKS2_reencrypt_mode(hdr);
rh->mode = reencrypt_mode(hdr);
rh->alignment = reencrypt_get_alignment(cd, hdr);
if (!rh->alignment)
@@ -869,12 +869,12 @@ static int reencrypt_context_init(struct crypt_device *cd, struct luks2_hdr *hdr
return -EINVAL;
}
rh->direction = LUKS2_reencrypt_direction(hdr);
rh->direction = reencrypt_direction(hdr);
if (!strcmp(params->resilience, "datashift")) {
log_dbg(cd, "Initializaing reencryption context with data_shift resilience.");
rh->rp.type = REENC_PROTECTION_DATASHIFT;
rh->data_shift = LUKS2_reencrypt_data_shift(hdr);
rh->data_shift = reencrypt_data_shift(hdr);
} else if (!strcmp(params->resilience, "journal")) {
log_dbg(cd, "Initializaing reencryption context with journal resilience.");
rh->rp.type = REENC_PROTECTION_JOURNAL;
@@ -968,8 +968,8 @@ static int reencrypt_load_clean(struct crypt_device *cd,
{
int r;
const struct crypt_params_reencrypt hdr_reenc_params = {
.resilience = LUKS2_reencrypt_protection_type(hdr),
.hash = LUKS2_reencrypt_protection_hash(hdr),
.resilience = reencrypt_resilience_type(hdr),
.hash = reencrypt_resilience_hash(hdr),
.device_size = params ? params->device_size : 0
};
struct luks2_reenc_context *tmp = crypt_zalloc(sizeof (*tmp));
@@ -2192,6 +2192,46 @@ err:
return r;
}
static int reencrypt_verify_and_upload_keys(struct crypt_device *cd, struct luks2_hdr *hdr, int digest_old, int digest_new, struct volume_key *vks)
{
int r;
struct volume_key *vk;
if (digest_new >= 0) {
vk = crypt_volume_key_by_id(vks, digest_new);
if (!vk)
return -ENOENT;
else {
if (LUKS2_digest_verify_by_digest(cd, hdr, digest_new, vk) != digest_new)
return -EINVAL;
r = LUKS2_volume_key_load_in_keyring_by_digest(cd, hdr, vk, crypt_volume_key_get_id(vk));
if (r)
return r;
}
}
if (digest_old >= 0 && digest_old != digest_new) {
vk = crypt_volume_key_by_id(vks, digest_old);
if (!vk) {
r = -ENOENT;
goto err;
} else {
if (LUKS2_digest_verify_by_digest(cd, hdr, digest_old, vk) != digest_old) {
r = -EINVAL;
goto err;
}
r = LUKS2_volume_key_load_in_keyring_by_digest(cd, hdr, vk, crypt_volume_key_get_id(vk));
if (r)
goto err;
}
}
return 0;
err:
crypt_drop_keyring_key(cd, vks);
return r;
}
/* This function must be called with metadata lock held */
static int reencrypt_init(struct crypt_device *cd,
const char *name,
@@ -2317,7 +2357,7 @@ static int reencrypt_init(struct crypt_device *cd,
goto err;
if (name && params->mode != CRYPT_REENCRYPT_ENCRYPT) {
r = LUKS2_verify_and_upload_keys(cd, hdr, LUKS2_reencrypt_digest_old(hdr), LUKS2_reencrypt_digest_new(hdr), *vks);
r = reencrypt_verify_and_upload_keys(cd, hdr, LUKS2_reencrypt_digest_old(hdr), LUKS2_reencrypt_digest_new(hdr), *vks);
if (r)
goto err;
@@ -2443,46 +2483,6 @@ static int reencrypt_context_update(struct crypt_device *cd,
return 0;
}
int LUKS2_verify_and_upload_keys(struct crypt_device *cd, struct luks2_hdr *hdr, int digest_old, int digest_new, struct volume_key *vks)
{
int r;
struct volume_key *vk;
if (digest_new >= 0) {
vk = crypt_volume_key_by_id(vks, digest_new);
if (!vk)
return -ENOENT;
else {
if (LUKS2_digest_verify_by_digest(cd, hdr, digest_new, vk) != digest_new)
return -EINVAL;
r = LUKS2_volume_key_load_in_keyring_by_digest(cd, hdr, vk, crypt_volume_key_get_id(vk));
if (r)
return r;
}
}
if (digest_old >= 0 && digest_old != digest_new) {
vk = crypt_volume_key_by_id(vks, digest_old);
if (!vk) {
r = -ENOENT;
goto err;
} else {
if (LUKS2_digest_verify_by_digest(cd, hdr, digest_old, vk) != digest_old) {
r = -EINVAL;
goto err;
}
r = LUKS2_volume_key_load_in_keyring_by_digest(cd, hdr, vk, crypt_volume_key_get_id(vk));
if (r)
goto err;
}
}
return 0;
err:
crypt_drop_keyring_key(cd, vks);
return r;
}
static int reencrypt_load(struct crypt_device *cd, struct luks2_hdr *hdr,
uint64_t device_size,
const struct crypt_params_reencrypt *params,
@@ -2656,13 +2656,13 @@ static int reencrypt_load_by_passphrase(struct crypt_device *cd,
old_ss = reencrypt_get_sector_size_old(hdr);
new_ss = reencrypt_get_sector_size_new(hdr);
r = LUKS2_verify_and_upload_keys(cd, hdr, LUKS2_reencrypt_digest_old(hdr), LUKS2_reencrypt_digest_new(hdr), *vks);
r = reencrypt_verify_and_upload_keys(cd, hdr, LUKS2_reencrypt_digest_old(hdr), LUKS2_reencrypt_digest_new(hdr), *vks);
if (r == -ENOENT) {
log_dbg(cd, "Keys are not ready. Unlocking all volume keys.");
r = LUKS2_keyslot_open_all_segments(cd, keyslot_old, keyslot_new, passphrase, passphrase_size, vks);
if (r < 0)
goto err;
r = LUKS2_verify_and_upload_keys(cd, hdr, LUKS2_reencrypt_digest_old(hdr), LUKS2_reencrypt_digest_new(hdr), *vks);
r = reencrypt_verify_and_upload_keys(cd, hdr, LUKS2_reencrypt_digest_old(hdr), LUKS2_reencrypt_digest_new(hdr), *vks);
}
if (r < 0)
@@ -3263,8 +3263,8 @@ int LUKS2_reencrypt_data_offset(struct luks2_hdr *hdr, bool blockwise)
{
uint64_t data_offset = LUKS2_get_data_offset(hdr);
if (LUKS2_reencrypt_direction(hdr) == CRYPT_REENCRYPT_FORWARD)
data_offset += LUKS2_reencrypt_data_shift(hdr) >> SECTOR_SHIFT;
if (reencrypt_direction(hdr) == CRYPT_REENCRYPT_FORWARD)
data_offset += reencrypt_data_shift(hdr) >> SECTOR_SHIFT;
return blockwise ? data_offset : data_offset << SECTOR_SHIFT;
}
@@ -3275,9 +3275,9 @@ int luks2_check_device_size(struct crypt_device *cd, struct luks2_hdr *hdr, uint
int r;
uint64_t data_offset, real_size = 0;
if (LUKS2_reencrypt_direction(hdr) == CRYPT_REENCRYPT_BACKWARD &&
if (reencrypt_direction(hdr) == CRYPT_REENCRYPT_BACKWARD &&
(LUKS2_get_segment_by_flag(hdr, "backup-moved-segment") || dynamic))
check_size += LUKS2_reencrypt_data_shift(hdr);
check_size += reencrypt_data_shift(hdr);
r = device_check_access(cd, crypt_data_device(cd), activation ? DEV_EXCL : DEV_OK);
if (r)
@@ -3366,11 +3366,11 @@ crypt_reencrypt_info LUKS2_reencrypt_status(struct crypt_device *cd, struct cryp
if (ri == CRYPT_REENCRYPT_NONE || ri == CRYPT_REENCRYPT_INVALID || !params)
return ri;
params->mode = LUKS2_reencrypt_mode(hdr);
params->direction = LUKS2_reencrypt_direction(hdr);
params->resilience = LUKS2_reencrypt_protection_type(hdr);
params->hash = LUKS2_reencrypt_protection_hash(hdr);
params->data_shift = LUKS2_reencrypt_data_shift(hdr) >> SECTOR_SHIFT;
params->mode = reencrypt_mode(hdr);
params->direction = reencrypt_direction(hdr);
params->resilience = reencrypt_resilience_type(hdr);
params->hash = reencrypt_resilience_hash(hdr);
params->data_shift = reencrypt_data_shift(hdr) >> SECTOR_SHIFT;
params->max_hotzone_size = 0;
if (LUKS2_get_segment_id_by_flag(hdr, "backup-moved-segment") >= 0)
params->flags |= CRYPT_REENCRYPT_MOVE_FIRST_SEGMENT;

44
lib/luks2/luks2_segment.c
View File

@@ -21,16 +21,6 @@
#include "luks2_internal.h"
json_object *json_get_segments_jobj(json_object *hdr_jobj)
{
json_object *jobj_segments;
if (!hdr_jobj || !json_object_object_get_ex(hdr_jobj, "segments", &jobj_segments))
return NULL;
return jobj_segments;
}
/* use only on already validated 'segments' object */
uint64_t json_segments_get_minimal_offset(json_object *jobj_segments, unsigned blockwise)
{
@@ -124,7 +114,7 @@ int json_segment_get_sector_size(json_object *jobj_segment)
return json_object_get_int(jobj);
}
json_object *json_segment_get_flags(json_object *jobj_segment)
static json_object *json_segment_get_flags(json_object *jobj_segment)
{
json_object *jobj;
@@ -159,11 +149,6 @@ bool json_segment_is_backup(json_object *jobj_segment)
return json_segment_contains_flag(jobj_segment, "backup-", 7);
}
bool json_segment_is_reencrypt(json_object *jobj_segment)
{
return json_segment_contains_flag(jobj_segment, "in-reencryption", 0);
}
json_object *json_segments_get_segment(json_object *jobj_segments, int segment)
{
json_object *jobj;
@@ -215,16 +200,6 @@ static void _get_segment_or_id_by_flag(json_object *jobj_segments, const char *f
}
}
json_object *json_segments_get_segment_by_flag(json_object *jobj_segments, const char *flag)
{
json_object *jobj_segment = NULL;
if (jobj_segments)
_get_segment_or_id_by_flag(jobj_segments, flag, 0, &jobj_segment);
return jobj_segment;
}
void json_segment_remove_flag(json_object *jobj_segment, const char *flag)
{
json_object *jobj_flags, *jobj_flags_new;
@@ -435,20 +410,3 @@ json_object *LUKS2_get_segment_by_flag(struct luks2_hdr *hdr, const char *flag)
return jobj_segment;
}
json_object *LUKS2_get_ignored_segments(struct luks2_hdr *hdr)
{
json_object *jobj_segments, *jobj = json_object_new_object();
int i = 0;
if (!jobj || !json_object_object_get_ex(hdr->jobj, "segments", &jobj_segments))
return NULL;
json_object_object_foreach(jobj_segments, key, value) {
UNUSED(key);
if (json_segment_is_backup(value))
json_object_object_add_by_uint(jobj, i++, json_object_get(value));
}
return jobj;
}