eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-11 10:50:01 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix corner case bug in encryption with data shift.

Browse Source 
If we initialized encryption with data shift and only single
segment the resulting metadata were missing
CRYPT_REENCRYPT_MOVE_FIRST_SEGMENT flag and also segments json section was
invalid.
This commit is contained in:
Ondrej Kozina
2019-07-26 11:46:55 +02:00
parent 607e2248c8
commit c033643f07
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/luks2/luks2_reencrypt.c
View File

@@ -1664,8 +1664,8 @@ static int _encrypt_set_segments(struct crypt_device *cd, struct luks2_hdr *hdr,
r = -EINVAL;
if (move_first_segment) {
jobj_segment_first = json_segment_create_linear(first_segment_offset, &first_segment_length, 0);
jobj_segment_second = json_segment_create_linear(second_segment_offset, &second_segment_length, 0);
if (!jobj_segment_second) {
if (second_segment_length &&
!(jobj_segment_second = json_segment_create_linear(second_segment_offset, &second_segment_length, 0))) {
log_dbg(cd, "Failed generate 2nd segment.");
goto err;
}
@@ -2135,7 +2135,7 @@ static int _create_backup_segments(struct crypt_device *cd,
if (segment < 0)
return -EINVAL;
if (!strcmp(params->mode, "encrypt") && segment > 1) {
if (!strcmp(params->mode, "encrypt") && (params->flags & CRYPT_REENCRYPT_MOVE_FIRST_SEGMENT)) {
json_object_copy(LUKS2_get_segment_jobj(hdr, 0), &jobj_segment_bcp);
r = LUKS2_segment_set_flag(jobj_segment_bcp, "backup-moved-segment");
if (r)