eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-19 06:40:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

Do not allow sector size increase reencryption in offline mode.

Browse Source 
The eventual logical block size increase on dm-crypt device above
filesystem block size may lead making fs unusable. Do not allow
offline reencryption when sector size increase is requested.

If users really want to perform it make them use existing
--force-offline-reencrypt option.
This commit is contained in:
Ondrej Kozina
2022-04-22 12:49:18 +02:00
parent 65a5943ee5
commit c67db10c22
2 changed files with 71 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/utils_reencrypt.c
View File

@@ -903,6 +903,14 @@ static int reencrypt_luks2_init(struct crypt_device *cd, const char *data_device
goto out;
}
if (sector_size_increase && !active_name && tools_blkid_supported() &&
!ARG_SET(OPT_FORCE_OFFLINE_REENCRYPT_ID)) {
log_err(_("Encryption sector size increase on offline device is not supported.\n"
"Activate the device first or use --force-offline-reencrypt option (dangerous!)."));
r = -EINVAL;
goto out;
}
if (sector_size_increase && active_name) {
r = reencrypt_check_active_device_sb_block_size(active_name, luks2_params.sector_size);
if (r < 0)