Fix offset option for loopaesOpen.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@476 36d66b0a-2a48-0410-832c-cd162a569da5

ChangeLog

@@ -2,6 +2,7 @@
 	* Respect maximum keyfile size paramater.
 	* Introduce maximum default keyfile size, add configure option.
 	* Require the whole key read from keyfile in create command (broken in 1.2.0).
+	* Fix offset option for loopaesOpen.
 
 2011-04-14  Milan Broz  <mbroz@redhat.com>
 	* Version 1.3.0-rc1.

lib/loopaes/loopaes.c

@@ -186,6 +186,7 @@ int LOOPAES_activate(struct crypt_device *cd,
 	int read_only, r;
 
 	size = 0;
+	/* Initial IV (skip) is always the same as offset */
 	offset = crypt_get_data_offset(cd);
 	device = crypt_get_device_name(cd);
 	read_only = flags & CRYPT_ACTIVATE_READONLY;
@@ -205,7 +206,7 @@ int LOOPAES_activate(struct crypt_device *cd,
 	r = dm_create_device(name, device,
 			     cipher, CRYPT_LOOPAES,
 			     crypt_get_uuid(cd),
-			     size, 0, offset, vk->keylength, vk->key,
+			     size, offset, offset, vk->keylength, vk->key,
 			     read_only, 0);
 
 	if (!r && keys_count != 1 && !(dm_flags() & DM_LMK_SUPPORTED)) {

man/cryptsetup.8

@@ -173,8 +173,11 @@ N.B. If key file is in GPG encrypted format, you have to use
 \-\-key-file=- and decrypt it before use.
 gpg --decrypt <keyfile> | cryptsetup loopaesOpen \-\-key-file=- <device> <name>
 
-Use \-\-key-file to specify proper key length, default compiled-in
-parameters are visible in \-\-help output.
+Use \fB\-\-key-file\fR to specify proper key length, default compiled-in
+parameters are visible in \fB\-\-help\fR output.
+
+Use \fB\-\-offset\fR to specify device offset. Note the units need to be
+specified in 512 bytes sectors.
 
 \fB<options>\fR can be [\-\-key-file, \-\-key-size, \-\-offset, \-\-readonly].
 .PP
@@ -295,7 +298,7 @@ This option is only relevant for \fIcreate\fR and \fIresize\fR action.
 .TP
 .B "\-\-offset, \-o"
 start offset in the backend device (in 512-byte sectors).
-This option is only relevant for \fIcreate\fR action.
+This option is only relevant for \fIcreate\fR and \fIloopaesOpen\fR action.
 .TP
 .B "\-\-skip, \-p"
 how many sectors of the encrypted data to skip at the beginning.

src/cryptsetup.c

@@ -1249,8 +1249,14 @@ int main(int argc, char **argv)
 		usage(popt_context, EXIT_FAILURE, _("Option --uuid is allowed only for luksFormat and luksUUID."),
 		      poptGetInvocationName(popt_context));
 
-	if ((opt_offset || opt_skip) && strcmp(aname, "create"))
-		usage(popt_context, EXIT_FAILURE, _("Options --offset and --skip are supported only for create command.\n"),
+	if (opt_skip && strcmp(aname, "create"))
+		usage(popt_context, EXIT_FAILURE,
+		_("Option --skip is supported only for create command.\n"),
+		poptGetInvocationName(popt_context));
+
+	if (opt_offset && strcmp(aname, "create") && strcmp(aname, "loopaesOpen"))
+		usage(popt_context, EXIT_FAILURE,
+		_("Option --offset is supported only for create and loopaesOpen commands.\n"),
 		poptGetInvocationName(popt_context));
 
 	if (opt_debug) {

tests/loopaes-test

@@ -3,10 +3,9 @@
 CRYPTSETUP=../src/cryptsetup
 
 # try to validate using loop-AES losetup/kernel if available
-LOSETUP_AES=/losetup-aes
+LOSETUP_AES=/losetup-aes.old
 
 LOOP_DD_PARAM="bs=1k count=10000"
-EXPSUM="31e00e0e4c233c89051cd748122fde2c98db0121ca09ba93a3820817ea037bc5"
 DEV_NAME=dummy
 IMG=loopaes.img
 KEYv1=key_v1
@@ -61,14 +60,32 @@ function check_exists()
 	[ -b /dev/mapper/$DEV_NAME ] || fail
 }
 
-function check_sum() # $key $keysize
+function get_expsum() # $offset
+{
+	case $1 in
+	0)
+	   echo "31e00e0e4c233c89051cd748122fde2c98db0121ca09ba93a3820817ea037bc5"
+	   ;;
+	8192)
+	   echo "bfd94392d1dd8f5d477251d21b3c736e177a4945cd4937847fc7bace82996aed"
+	   ;;
+	8388608)
+	   echo "33838fe36928a929bd7971bed7e82bd426c88193fcd692c2e6f1b9c9bfecd4d6"
+	   ;;
+	*) fail
+	   ;;
+	esac
+}
+
+function check_sum() # $key $keysize $offset
 {
 	# Fill device with zeroes and reopen it
 	dd if=/dev/zero of=/dev/mapper/$DEV_NAME bs=1k $LOOP_DD_PARAM >/dev/null 2>&1
 	sync
 	dmremove $DEV_NAME
 
-        $CRYPTSETUP loopaesOpen $LOOPDEV $DEV_NAME -s $2 --key-file $1 >/dev/null 2>&1
+	EXPSUM=$(get_expsum $offset)
+	$CRYPTSETUP loopaesOpen $LOOPDEV $DEV_NAME -s $2 --key-file $1 -o $3 >/dev/null 2>&1
 	ret=$?
 	VSUM=$(sha256sum /dev/mapper/$DEV_NAME | cut -d' ' -f 1)
 	if [ $ret -eq 0 -a "$VSUM" = "$EXPSUM" ] ; then
@@ -87,7 +104,7 @@ function check_sum_losetup() # $key $alg
 	echo -n " Verification using loop-AES: "
 
 	losetup -d $LOOPDEV >/dev/null 2>&1
-	cat $1 | $LOSETUP_AES -p 0 -e $2 $LOOPDEV $IMG
+	cat $1 | $LOSETUP_AES -p 0 -e $2 -o $3 $LOOPDEV $IMG
 	ret=$?
 	VSUM=$(sha256sum $LOOPDEV | cut -d' ' -f 1)
 	if [ $ret -eq 0 -a "$VSUM" = "$EXPSUM" ] ; then
@@ -119,15 +136,19 @@ check_version || skip "Probably old kernel, test skipped."
 # loop-AES tests
 KEY_SIZES="128 256"
 KEY_FILES="$KEYv1 $KEYv2 $KEYv3"
+DEV_OFFSET="0 8192 8388608"
 
 for key_size in $KEY_SIZES ; do
     for key in $KEY_FILES ; do
-		prepare "Open loop-AES $key / AES-$key_size"
-		$CRYPTSETUP loopaesOpen $LOOPDEV $DEV_NAME -s $key_size --key-file $key || fail
+        for offset in $DEV_OFFSET ; do
+		offset_sec=$(($offset / 512))
+		prepare "Open loop-AES $key / AES-$key_size / offset $offset"
+		$CRYPTSETUP loopaesOpen $LOOPDEV $DEV_NAME -s $key_size --key-file $key -o $offset_sec || fail
 		check_exists
-		check_sum $key $key_size
+		check_sum $key $key_size $offset_sec
 		$CRYPTSETUP loopaesClose $DEV_NAME || fail
-		check_sum_losetup $key AES$key_size
+		check_sum_losetup $key AES$key_size $offset
+        done
     done
 done