From bb304f45bd77af451f3c3e79748d576f60e9c66f Mon Sep 17 00:00:00 2001 From: Milan Broz Date: Thu, 16 Jan 2025 12:22:17 +0100 Subject: [PATCH] Use #if for KERNEL_KEYRING. --- lib/utils_keyring.c | 2 +- src/utils_tools.c | 2 +- tests/api-test-2.c | 42 +++++++++++++++++++++--------------------- tests/test_utils.c | 4 ++-- 4 files changed, 25 insertions(+), 25 deletions(-) diff --git a/lib/utils_keyring.c b/lib/utils_keyring.c index b02a8eec..c8dd8cbe 100644 --- a/lib/utils_keyring.c +++ b/lib/utils_keyring.c @@ -21,7 +21,7 @@ #include "libcryptsetup_macros.h" #include "utils_keyring.h" -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING static const struct { key_type_t type; diff --git a/src/utils_tools.c b/src/utils_tools.c index 19f0a9b6..a68a3e39 100644 --- a/src/utils_tools.c +++ b/src/utils_tools.c @@ -431,7 +431,7 @@ void tools_package_version(const char *name, bool use_pwlibs) #ifdef HAVE_BLKID blkid = true; #endif -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING keyring = true; #endif #ifdef ENABLE_FIPS diff --git a/tests/api-test-2.c b/tests/api-test-2.c index 7e82f147..e5b044e7 100644 --- a/tests/api-test-2.c +++ b/tests/api-test-2.c @@ -17,7 +17,7 @@ #include #include #include -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING #include #include #ifndef HAVE_KEY_SERIAL_T @@ -143,7 +143,7 @@ static uint32_t default_luks2_iter_time = 0; static uint32_t default_luks2_memory_kb = 0; static uint32_t default_luks2_parallel_threads = 0; -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING static char keyring_in_user_str_id[32] = {0}; #endif @@ -415,7 +415,7 @@ static int set_fast_pbkdf(struct crypt_device *_cd) return crypt_set_pbkdf_type(_cd, pbkdf); } -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING static key_serial_t add_key(const char *type, const char *description, const void *payload, size_t plen, key_serial_t keyring) { return syscall(__NR_add_key, type, description, payload, plen, keyring); @@ -594,7 +594,7 @@ static void _cleanup(void) free(DEVICE_5); free(DEVICE_6); -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING char *end; key_serial_t krid; @@ -761,7 +761,7 @@ static void SuspendDevice(void) OK_(suspend_status); OK_(crypt_get_active_device(cd, CDEVICE_1, &cad)); EQ_(CRYPT_ACTIVATE_SUSPENDED, cad.flags & CRYPT_ACTIVATE_SUSPENDED); -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING FAIL_(_volume_key_in_keyring(cd, 0), ""); #endif FAIL_(crypt_suspend(cd, CDEVICE_1), "already suspended"); @@ -1788,7 +1788,7 @@ static void ResizeDeviceLuks2(void) OK_(crypt_deactivate(cd, CDEVICE_1)); CRYPT_FREE(cd); -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING OK_(crypt_init(&cd, DMDIR L_DEVICE_OK)); OK_(crypt_load(cd, CRYPT_LUKS, NULL)); // enable loading VKs in kernel keyring (default mode) @@ -1885,7 +1885,7 @@ static void ResizeDeviceLuks2(void) static void TokenActivationByKeyring(void) { -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING key_serial_t kid, kid1; struct crypt_active_device cad; @@ -2186,7 +2186,7 @@ static void Tokens(void) EQ_(crypt_activate_by_token(cd, CDEVICE_1, 2, passptr, 0), 0); OK_(crypt_deactivate(cd, CDEVICE_1)); -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING if (t_dm_crypt_keyring_support()) { EQ_(crypt_activate_by_token(cd, NULL, 2, passptr, CRYPT_ACTIVATE_KEYRING_KEY), 0); OK_(_volume_key_in_keyring(cd, 0)); @@ -3443,7 +3443,7 @@ static void Luks2KeyslotParams(void) static void Luks2ActivateByKeyring(void) { -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING key_serial_t kid, kid1; uint64_t r_payload_offset; @@ -3517,7 +3517,7 @@ static void Luks2Requirements(void) char key[128]; size_t key_size = 128; const struct crypt_pbkdf_type *pbkdf; -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING key_serial_t kid; #endif uint32_t flags; @@ -3652,7 +3652,7 @@ static void Luks2Requirements(void) OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, 0)); OK_(crypt_activate_by_volume_key(cd, NULL, key, key_size, t_dm_crypt_keyring_support() ? CRYPT_ACTIVATE_KEYRING_KEY : 0)); -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING if (t_dm_crypt_keyring_support()) { kid = add_key("user", KEY_DESC_TEST0, PASSPHRASE, strlen(PASSPHRASE), KEY_SPEC_THREAD_KEYRING); NOTFAIL_(kid, "Test or kernel keyring are broken."); @@ -3747,7 +3747,7 @@ static void Luks2Requirements(void) EQ_(r, -ETXTBSY); /* crypt_activate_by_token (restricted for activation only) */ -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING if (t_dm_crypt_keyring_support()) { kid = add_key("user", KEY_DESC_TEST0, PASSPHRASE, strlen(PASSPHRASE), KEY_SPEC_THREAD_KEYRING); NOTFAIL_(kid, "Test or kernel keyring are broken."); @@ -3835,7 +3835,7 @@ static void Luks2Requirements(void) /* crypt_get_active_device (unrestricted) */ OK_(crypt_get_active_device(cd, CDEVICE_1, &cad)); -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING if (t_dm_crypt_keyring_support()) EQ_(cad.flags & CRYPT_ACTIVATE_KEYRING_KEY, CRYPT_ACTIVATE_KEYRING_KEY); #endif @@ -3963,7 +3963,7 @@ static void Luks2Refresh(void) FAIL_(check_flag(cad.flags, CRYPT_ACTIVATE_KEYRING_KEY), "Unexpected flag raised."); cad.flags = 0; -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING if (t_dm_crypt_keyring_support()) { OK_(crypt_volume_key_keyring(cd, 1)); OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, 0, PASSPHRASE, strlen(PASSPHRASE), CRYPT_ACTIVATE_REFRESH)); @@ -5174,7 +5174,7 @@ static void LuksKeyslotAdd(void) .sector_size = 512 }; char key[128], key3[128]; -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING int ks; key_serial_t kid; #endif @@ -5273,7 +5273,7 @@ static void LuksKeyslotAdd(void) OK_(crypt_keyslot_context_init_by_keyfile(cd, KEYFILE1, 0, 0, &um2)); // passphrase not in keyring FAIL_(crypt_keyslot_add_by_keyslot_context(cd, CRYPT_ANY_SLOT, um1, 13, um2, 0), "No token available."); -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING // wrong passphrase in keyring kid = add_key("user", KEY_DESC_TEST0, PASSPHRASE1, strlen(PASSPHRASE1), KEY_SPEC_THREAD_KEYRING); NOTFAIL_(kid, "Test or kernel keyring are broken."); @@ -5317,7 +5317,7 @@ static void VolumeKeyGet(void) .sector_size = 512 }; char key[256], key2[256], key3[256]; -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING key_serial_t kid; const struct crypt_token_params_luks2_keyring tparams = { .key_description = KEY_DESC_TEST0 @@ -5339,7 +5339,7 @@ static void VolumeKeyGet(void) OK_(prepare_keyfile(KEYFILE1, PASSPHRASE1, strlen(PASSPHRASE1))); -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING kid = add_key("user", KEY_DESC_TEST0, PASSPHRASE1, strlen(PASSPHRASE1), KEY_SPEC_THREAD_KEYRING); NOTFAIL_(kid, "Test or kernel keyring are broken."); #endif @@ -5386,7 +5386,7 @@ static void VolumeKeyGet(void) OK_(crypt_keyslot_context_init_by_keyfile(cd, KEYFILE1, 0, 0, &um2)); EQ_(crypt_keyslot_add_by_keyslot_context(cd, CRYPT_ANY_SLOT, um1, 1, um2, 0), 1); crypt_keyslot_context_free(um2); -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING EQ_(crypt_token_luks2_keyring_set(cd, 0, &tparams), 0); EQ_(crypt_token_assign_keyslot(cd, 0, 1), 0); #endif @@ -5424,7 +5424,7 @@ static void VolumeKeyGet(void) EQ_(crypt_volume_key_get_by_keyslot_context(cd, 1, key2, &key_size, um1), 1); crypt_keyslot_context_free(um1); -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING // by token OK_(crypt_keyslot_context_init_by_token(cd, CRYPT_ANY_TOKEN, NULL, NULL, 0, NULL, &um1)); memset(key2, 0, key_size); @@ -5454,7 +5454,7 @@ static void VolumeKeyGet(void) static void KeyslotContextAndKeyringLink(void) { -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING const char *cipher = "aes"; const char *cipher_mode = "xts-plain64"; struct crypt_keyslot_context *kc, *kc2; diff --git a/tests/test_utils.c b/tests/test_utils.c index 898b643c..899e98bc 100644 --- a/tests/test_utils.c +++ b/tests/test_utils.c @@ -17,7 +17,7 @@ #include #include #include -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING # include # include #endif @@ -486,7 +486,7 @@ int _system(const char *command, int warn) static int _keyring_check(void) { -#ifdef KERNEL_KEYRING +#if KERNEL_KEYRING return syscall(__NR_request_key, "logon", "dummy", NULL, 0) == -1l && errno != ENOSYS; #else return 0;