eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-17 05:40:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Detect broken LUKS metadata in-before encryption.

Browse Source 
We should abort LUKS device in-place encryption
when target data device or metadata device
contain broken LUKS metadata (any version).
Filed crypt_load() call was not good enough check
because the call fails also when a device contains
LUKS metadata overlapping with other superblock
(e.g. LVM2 PV signature).

Let blkid decide if device contains broken LUKS
metadata or not.

Fixes: #723.
This commit is contained in:
Ondrej Kozina
2022-04-07 16:26:56 +02:00
committed by Milan Broz
parent 412de7dc25
commit d56ccc97b8
5 changed files with 87 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/utils_blockdev.c
View File

@@ -220,11 +220,22 @@ int tools_detect_signatures(const char *device, tools_probe_filter_info filter,
return -EINVAL;
}
blk_set_chains_for_full_print(h);
if (filter == PRB_FILTER_LUKS && blk_superblocks_filter_luks(h)) {
r = -EINVAL;
goto out;
switch (filter) {
case PRB_FILTER_LUKS:
if (blk_superblocks_filter_luks(h)) {
r = -EINVAL;
goto out;
}
/* fall-through */
case PRB_FILTER_NONE:
blk_set_chains_for_full_print(h);
break;
case PRB_ONLY_LUKS:
blk_set_chains_for_fast_detection(h);
if (blk_superblocks_only_luks(h)) {
r = -EINVAL;
goto out;
}
}
while ((pr = blk_probe(h)) < PRB_EMPTY) {