mirror of
https://gitlab.com/cryptsetup/cryptsetup.git
synced 2025-12-07 00:40:01 +01:00
luks2: unify naming for requirements flags
This commit is contained in:
Ondrej Kozina
committed by
Milan Broz
Milan Broz
parent
c015aeca4e
commit
b3feae5474
@@ -334,8 +334,8 @@ int LUKS2_config_set_flags(struct crypt_device *cd, struct luks2_hdr *hdr, uint3
|
|||||||
/*
|
/*
|
||||||
* Requirements for device activation or header modification
|
* Requirements for device activation or header modification
|
||||||
*/
|
*/
|
||||||
int LUKS2_config_get_requirements(struct crypt_device *cd, struct luks2_hdr *hdr, uint32_t *requirements);
|
int LUKS2_config_get_requirements(struct crypt_device *cd, struct luks2_hdr *hdr, uint32_t *reqs);
|
||||||
int LUKS2_config_set_requirements(struct crypt_device *cd, struct luks2_hdr *hdr, uint32_t requirements);
|
int LUKS2_config_set_requirements(struct crypt_device *cd, struct luks2_hdr *hdr, uint32_t reqs);
|
||||||
|
|
||||||
int LUKS2_unmet_requirements(struct crypt_device *cd, struct luks2_hdr *hdr, int quiet);
|
int LUKS2_unmet_requirements(struct crypt_device *cd, struct luks2_hdr *hdr, int quiet);
|
||||||
|
|
||||||
|
|||||||
@@ -984,9 +984,9 @@ int LUKS2_hdr_backup(struct crypt_device *cd, struct luks2_hdr *hdr,
|
|||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int reqs_unknown(uint32_t flags)
|
static int reqs_unknown(uint32_t reqs)
|
||||||
{
|
{
|
||||||
return flags & CRYPT_REQUIREMENT_UNKNOWN;
|
return reqs & CRYPT_REQUIREMENT_UNKNOWN;
|
||||||
}
|
}
|
||||||
|
|
||||||
int LUKS2_hdr_restore(struct crypt_device *cd, struct luks2_hdr *hdr,
|
int LUKS2_hdr_restore(struct crypt_device *cd, struct luks2_hdr *hdr,
|
||||||
@@ -998,7 +998,7 @@ int LUKS2_hdr_restore(struct crypt_device *cd, struct luks2_hdr *hdr,
|
|||||||
char *buffer = NULL, msg[1024];
|
char *buffer = NULL, msg[1024];
|
||||||
struct luks2_hdr hdr_file;
|
struct luks2_hdr hdr_file;
|
||||||
struct luks2_hdr tmp_hdr = {};
|
struct luks2_hdr tmp_hdr = {};
|
||||||
uint32_t flags = 0;
|
uint32_t reqs = 0;
|
||||||
|
|
||||||
r = device_alloc(&backup_device, backup_file);
|
r = device_alloc(&backup_device, backup_file);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
@@ -1053,7 +1053,7 @@ int LUKS2_hdr_restore(struct crypt_device *cd, struct luks2_hdr *hdr,
|
|||||||
|
|
||||||
r = LUKS2_hdr_read(cd, &tmp_hdr);
|
r = LUKS2_hdr_read(cd, &tmp_hdr);
|
||||||
if (r == 0) {
|
if (r == 0) {
|
||||||
r = LUKS2_config_get_requirements(cd, &tmp_hdr, &flags);
|
r = LUKS2_config_get_requirements(cd, &tmp_hdr, &reqs);
|
||||||
if (r)
|
if (r)
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
@@ -1077,8 +1077,8 @@ int LUKS2_hdr_restore(struct crypt_device *cd, struct luks2_hdr *hdr,
|
|||||||
r ? _("does not contain LUKS2 header. Replacing header can destroy data on that device.") :
|
r ? _("does not contain LUKS2 header. Replacing header can destroy data on that device.") :
|
||||||
_("already contains LUKS2 header. Replacing header will destroy existing keyslots."),
|
_("already contains LUKS2 header. Replacing header will destroy existing keyslots."),
|
||||||
diff_uuid ? _("\nWARNING: real device header has different UUID than backup!") : "",
|
diff_uuid ? _("\nWARNING: real device header has different UUID than backup!") : "",
|
||||||
reqs_unknown(flags) ? _("\nWARNING: unknown LUKS2 requirements detected in real device header!"
|
reqs_unknown(reqs) ? _("\nWARNING: unknown LUKS2 requirements detected in real device header!"
|
||||||
"\nReplacing header with backup may corrupt the data on that device!") : "");
|
"\nReplacing header with backup may corrupt the data on that device!") : "");
|
||||||
if (r < 0 || (size_t) r >= sizeof(msg)) {
|
if (r < 0 || (size_t) r >= sizeof(msg)) {
|
||||||
r = -ENOMEM;
|
r = -ENOMEM;
|
||||||
goto out;
|
goto out;
|
||||||
@@ -1238,17 +1238,17 @@ static uint32_t get_requirement_by_name(const char *requirement)
|
|||||||
/*
|
/*
|
||||||
* returns count of requirements (past cryptsetup 2.0 release)
|
* returns count of requirements (past cryptsetup 2.0 release)
|
||||||
*/
|
*/
|
||||||
int LUKS2_config_get_requirements(struct crypt_device *cd, struct luks2_hdr *hdr, uint32_t *requirements)
|
int LUKS2_config_get_requirements(struct crypt_device *cd, struct luks2_hdr *hdr, uint32_t *reqs)
|
||||||
{
|
{
|
||||||
json_object *jobj_config, *jobj_requirements, *jobj_mandatory, *jobj;
|
json_object *jobj_config, *jobj_requirements, *jobj_mandatory, *jobj;
|
||||||
int i, len;
|
int i, len;
|
||||||
uint32_t flag;
|
uint32_t req;
|
||||||
|
|
||||||
assert(hdr);
|
assert(hdr);
|
||||||
if (!hdr || !requirements)
|
if (!hdr || !reqs)
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
*requirements = 0;
|
*reqs = 0;
|
||||||
|
|
||||||
if (!json_object_object_get_ex(hdr->jobj, "config", &jobj_config))
|
if (!json_object_object_get_ex(hdr->jobj, "config", &jobj_config))
|
||||||
return 0;
|
return 0;
|
||||||
@@ -1260,25 +1260,23 @@ int LUKS2_config_get_requirements(struct crypt_device *cd, struct luks2_hdr *hdr
|
|||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
len = json_object_array_length(jobj_mandatory);
|
len = json_object_array_length(jobj_mandatory);
|
||||||
if (!len) {
|
if (!len)
|
||||||
log_dbg("No LUKS2 requirements detected.");
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
|
||||||
|
|
||||||
log_dbg("LUKS2 requirements detected:");
|
log_dbg("LUKS2 requirements detected:");
|
||||||
|
|
||||||
for (i = 0; i < len; i++) {
|
for (i = 0; i < len; i++) {
|
||||||
jobj = json_object_array_get_idx(jobj_mandatory, i);
|
jobj = json_object_array_get_idx(jobj_mandatory, i);
|
||||||
flag = get_requirement_by_name(json_object_get_string(jobj));
|
req = get_requirement_by_name(json_object_get_string(jobj));
|
||||||
log_dbg("%s - %sknown", json_object_get_string(jobj),
|
log_dbg("%s - %sknown", json_object_get_string(jobj),
|
||||||
(flag & CRYPT_REQUIREMENT_UNKNOWN) ? "un" : "");
|
reqs_unknown(req) ? "un" : "");
|
||||||
*requirements |= flag;
|
*reqs |= req;
|
||||||
}
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int LUKS2_config_set_requirements(struct crypt_device *cd, struct luks2_hdr *hdr, uint32_t requirements)
|
int LUKS2_config_set_requirements(struct crypt_device *cd, struct luks2_hdr *hdr, uint32_t reqs)
|
||||||
{
|
{
|
||||||
int i, r = -EINVAL;
|
int i, r = -EINVAL;
|
||||||
|
|
||||||
@@ -1292,7 +1290,7 @@ int LUKS2_config_set_requirements(struct crypt_device *cd, struct luks2_hdr *hdr
|
|||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
for (i = 0; requirements_flags[i].description; i++) {
|
for (i = 0; requirements_flags[i].description; i++) {
|
||||||
if (requirements & requirements_flags[i].flag) {
|
if (reqs & requirements_flags[i].flag) {
|
||||||
jobj = json_object_new_string(requirements_flags[i].description);
|
jobj = json_object_new_string(requirements_flags[i].description);
|
||||||
if (!jobj) {
|
if (!jobj) {
|
||||||
r = -ENOMEM;
|
r = -ENOMEM;
|
||||||
@@ -1300,12 +1298,12 @@ int LUKS2_config_set_requirements(struct crypt_device *cd, struct luks2_hdr *hdr
|
|||||||
}
|
}
|
||||||
json_object_array_add(jobj_mandatory, jobj);
|
json_object_array_add(jobj_mandatory, jobj);
|
||||||
/* erase processed flag from input set */
|
/* erase processed flag from input set */
|
||||||
requirements &= ~(requirements_flags[i].flag);
|
reqs &= ~(requirements_flags[i].flag);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* any remaining bit in requirements is unknown therefore illegal */
|
/* any remaining bit in requirements is unknown therefore illegal */
|
||||||
if (requirements) {
|
if (reqs) {
|
||||||
log_dbg("Illegal requiremnt flag(s) requested");
|
log_dbg("Illegal requiremnt flag(s) requested");
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user