Introduce LUKS2-OPAL private dm uuid prefix.

LUKS2 devices with configured HW OPAL encryption (any configuration)
get activated with private dm uuid prefix LUKS2-OPAL so that we
can properly detect devices with HW OPAL encryption even with
missing LUKS2 header (detached header). Internally LUKS2-OPAL
prefix matches LUKS2 device type.

lib/internal.h

@@ -53,6 +53,7 @@
 #define MAX_DM_DEPS		32
 
 #define CRYPT_SUBDEV           "SUBDEV" /* prefix for sublayered devices underneath public crypt types */
+#define CRYPT_LUKS2_HW_OPAL    "LUKS2-OPAL" /* dm uuid prefix used for any HW OPAL enabled LUKS2 device */
 
 #ifndef O_CLOEXEC
 #define O_CLOEXEC 0

lib/luks2/luks2_json_metadata.c

@@ -2754,9 +2754,13 @@ int LUKS2_activate(struct crypt_device *cd,
 		if (dynamic)
 			dmd.segment.size = dmdi.segment.size;
 
-		r = create_or_reload_device_with_integrity(cd, name, CRYPT_LUKS2, &dmd, &dmdi);
+		r = create_or_reload_device_with_integrity(cd, name,
+							   opal_key ? CRYPT_LUKS2_HW_OPAL : CRYPT_LUKS2,
+							   &dmd, &dmdi);
 	} else
-		r = create_or_reload_device(cd, name, CRYPT_LUKS2, &dmd);
+		r = create_or_reload_device(cd, name,
+					    opal_key ? CRYPT_LUKS2_HW_OPAL : CRYPT_LUKS2,
+					    &dmd);
 
 	dm_targets_free(cd, &dmd);
 	dm_targets_free(cd, &dmdi);

lib/setup.c

@@ -504,6 +504,10 @@ int crypt_uuid_cmp(const char *dm_uuid, const char *hdr_uuid)
 	if (!dm_uuid || !hdr_uuid)
 		return -EINVAL;
 
+	/* skip beyond LUKS2_HW_OPAL prefix */
+	if (!strncmp(dm_uuid, CRYPT_LUKS2_HW_OPAL, strlen(CRYPT_LUKS2_HW_OPAL)))
+		dm_uuid = dm_uuid + strlen(CRYPT_LUKS2_HW_OPAL);
+
 	str = strchr(dm_uuid, '-');
 	if (!str)
 		return -EINVAL;