mirror of
https://gitlab.com/cryptsetup/cryptsetup.git
synced 2025-12-05 16:00:05 +01:00
Introduce support for internal dm suspend/resume flags.
This commit is contained in:
Ondrej Kozina
committed by
Milan Broz
Milan Broz
parent
f5feeab48d
commit
de86ff051e
@@ -896,7 +896,7 @@ out:
|
|||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int _dm_simple(int task, const char *name)
|
static int _dm_simple(int task, const char *name, uint32_t dmflags)
|
||||||
{
|
{
|
||||||
int r = 0;
|
int r = 0;
|
||||||
struct dm_task *dmt;
|
struct dm_task *dmt;
|
||||||
@@ -939,7 +939,7 @@ static int _error_device(const char *name, size_t size)
|
|||||||
goto error;
|
goto error;
|
||||||
|
|
||||||
if (_dm_resume_device(name, 0)) {
|
if (_dm_resume_device(name, 0)) {
|
||||||
_dm_simple(DM_DEVICE_CLEAR, name);
|
_dm_simple(DM_DEVICE_CLEAR, name, 0);
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -983,7 +983,7 @@ int dm_clear_device(struct crypt_device *cd, const char *name)
|
|||||||
if (dm_init_context(cd, DM_UNKNOWN))
|
if (dm_init_context(cd, DM_UNKNOWN))
|
||||||
return -ENOTSUP;
|
return -ENOTSUP;
|
||||||
|
|
||||||
if (_dm_simple(DM_DEVICE_CLEAR, name))
|
if (_dm_simple(DM_DEVICE_CLEAR, name, 0))
|
||||||
r = 0;
|
r = 0;
|
||||||
else
|
else
|
||||||
r = -EINVAL;
|
r = -EINVAL;
|
||||||
@@ -1261,14 +1261,14 @@ out:
|
|||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int _dm_resume_device(const char *name, uint32_t flags)
|
static int _dm_resume_device(const char *name, uint32_t dmflags)
|
||||||
{
|
{
|
||||||
struct dm_task *dmt;
|
struct dm_task *dmt;
|
||||||
int r = -EINVAL;
|
int r = -EINVAL;
|
||||||
uint32_t cookie = 0;
|
uint32_t cookie = 0;
|
||||||
uint16_t udev_flags = DM_UDEV_DISABLE_LIBRARY_FALLBACK;
|
uint16_t udev_flags = DM_UDEV_DISABLE_LIBRARY_FALLBACK;
|
||||||
|
|
||||||
if (flags & CRYPT_ACTIVATE_PRIVATE)
|
if (dmflags & DM_RESUME_PRIVATE)
|
||||||
udev_flags |= CRYPT_TEMP_UDEV_FLAGS;
|
udev_flags |= CRYPT_TEMP_UDEV_FLAGS;
|
||||||
|
|
||||||
if (!(dmt = dm_task_create(DM_DEVICE_RESUME)))
|
if (!(dmt = dm_task_create(DM_DEVICE_RESUME)))
|
||||||
@@ -1514,7 +1514,7 @@ out:
|
|||||||
}
|
}
|
||||||
|
|
||||||
int dm_reload_device(struct crypt_device *cd, const char *name,
|
int dm_reload_device(struct crypt_device *cd, const char *name,
|
||||||
struct crypt_dm_active_device *dmd, unsigned resume)
|
struct crypt_dm_active_device *dmd, uint32_t dmflags, unsigned resume)
|
||||||
{
|
{
|
||||||
int r;
|
int r;
|
||||||
uint32_t dmt_flags;
|
uint32_t dmt_flags;
|
||||||
@@ -1540,7 +1540,7 @@ int dm_reload_device(struct crypt_device *cd, const char *name,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (!r && resume)
|
if (!r && resume)
|
||||||
r = _dm_resume_device(name, dmd->flags);
|
r = _dm_resume_device(name, dmflags | act2dmflags(dmd->flags));
|
||||||
|
|
||||||
dm_exit_context();
|
dm_exit_context();
|
||||||
return r;
|
return r;
|
||||||
@@ -2475,14 +2475,14 @@ out:
|
|||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
int dm_suspend_device(struct crypt_device *cd, const char *name)
|
int dm_suspend_device(struct crypt_device *cd, const char *name, uint32_t dmflags)
|
||||||
{
|
{
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
if (dm_init_context(cd, DM_UNKNOWN))
|
if (dm_init_context(cd, DM_UNKNOWN))
|
||||||
return -ENOTSUP;
|
return -ENOTSUP;
|
||||||
|
|
||||||
if (!_dm_simple(DM_DEVICE_SUSPEND, name))
|
if (!_dm_simple(DM_DEVICE_SUSPEND, name, dmflags))
|
||||||
r = -EINVAL;
|
r = -EINVAL;
|
||||||
else
|
else
|
||||||
r = 0;
|
r = 0;
|
||||||
@@ -2506,7 +2506,7 @@ int dm_suspend_and_wipe_key(struct crypt_device *cd, const char *name)
|
|||||||
if (!(dmt_flags & DM_KEY_WIPE_SUPPORTED))
|
if (!(dmt_flags & DM_KEY_WIPE_SUPPORTED))
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
if (!_dm_simple(DM_DEVICE_SUSPEND, name)) {
|
if (!_dm_simple(DM_DEVICE_SUSPEND, name, 0)) {
|
||||||
r = -EINVAL;
|
r = -EINVAL;
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
@@ -2522,14 +2522,14 @@ out:
|
|||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
int dm_resume_device(struct crypt_device *cd, const char *name, uint32_t flags)
|
int dm_resume_device(struct crypt_device *cd, const char *name, uint32_t dmflags)
|
||||||
{
|
{
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
if (dm_init_context(cd, DM_UNKNOWN))
|
if (dm_init_context(cd, DM_UNKNOWN))
|
||||||
return -ENOTSUP;
|
return -ENOTSUP;
|
||||||
|
|
||||||
r = _dm_resume_device(name, flags);
|
r = _dm_resume_device(name, dmflags);
|
||||||
|
|
||||||
dm_exit_context();
|
dm_exit_context();
|
||||||
|
|
||||||
|
|||||||
16
lib/setup.c
16
lib/setup.c
@@ -2436,7 +2436,7 @@ static int _reload_device(struct crypt_device *cd, const char *name,
|
|||||||
tdmd.flags = sdmd->flags;
|
tdmd.flags = sdmd->flags;
|
||||||
tgt->size = tdmd.size = sdmd->size;
|
tgt->size = tdmd.size = sdmd->size;
|
||||||
|
|
||||||
r = dm_reload_device(cd, name, &tdmd, 1);
|
r = dm_reload_device(cd, name, &tdmd, 0, 1);
|
||||||
out:
|
out:
|
||||||
dm_targets_free(cd, &tdmd);
|
dm_targets_free(cd, &tdmd);
|
||||||
free(CONST_CAST(void*)tdmd.uuid);
|
free(CONST_CAST(void*)tdmd.uuid);
|
||||||
@@ -2544,32 +2544,32 @@ static int _reload_device_with_integrity(struct crypt_device *cd,
|
|||||||
tdmd.flags = sdmd->flags;
|
tdmd.flags = sdmd->flags;
|
||||||
tdmd.size = sdmd->size;
|
tdmd.size = sdmd->size;
|
||||||
|
|
||||||
if ((r = dm_reload_device(cd, iname, sdmdi, 0))) {
|
if ((r = dm_reload_device(cd, iname, sdmdi, 0, 0))) {
|
||||||
log_dbg(cd, "Failed to reload device %s.", iname);
|
log_dbg(cd, "Failed to reload device %s.", iname);
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((r = dm_reload_device(cd, name, &tdmd, 0))) {
|
if ((r = dm_reload_device(cd, name, &tdmd, 0, 0))) {
|
||||||
log_dbg(cd, "Failed to reload device %s.", name);
|
log_dbg(cd, "Failed to reload device %s.", name);
|
||||||
goto err_clear;
|
goto err_clear;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((r = dm_suspend_device(cd, name))) {
|
if ((r = dm_suspend_device(cd, name, 0))) {
|
||||||
log_dbg(cd, "Failed to suspend device %s.", name);
|
log_dbg(cd, "Failed to suspend device %s.", name);
|
||||||
goto err_clear;
|
goto err_clear;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((r = dm_suspend_device(cd, iname))) {
|
if ((r = dm_suspend_device(cd, iname, 0))) {
|
||||||
log_err(cd, "Failed to suspend device %s.", iname);
|
log_err(cd, "Failed to suspend device %s.", iname);
|
||||||
goto err_clear;
|
goto err_clear;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((r = dm_resume_device(cd, iname, sdmdi->flags))) {
|
if ((r = dm_resume_device(cd, iname, act2dmflags(sdmdi->flags)))) {
|
||||||
log_err(cd, "Failed to resume device %s.", iname);
|
log_err(cd, "Failed to resume device %s.", iname);
|
||||||
goto err_clear;
|
goto err_clear;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = dm_resume_device(cd, name, tdmd.flags);
|
r = dm_resume_device(cd, name, act2dmflags(tdmd.flags));
|
||||||
if (!r)
|
if (!r)
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
@@ -2919,7 +2919,7 @@ int crypt_suspend(struct crypt_device *cd,
|
|||||||
|
|
||||||
/* we can't simply wipe wrapped keys */
|
/* we can't simply wipe wrapped keys */
|
||||||
if (crypt_cipher_wrapped_key(crypt_get_cipher(cd), crypt_get_cipher_mode(cd)))
|
if (crypt_cipher_wrapped_key(crypt_get_cipher(cd), crypt_get_cipher_mode(cd)))
|
||||||
r = dm_suspend_device(cd, name);
|
r = dm_suspend_device(cd, name, 0);
|
||||||
else
|
else
|
||||||
r = dm_suspend_and_wipe_key(cd, name);
|
r = dm_suspend_and_wipe_key(cd, name);
|
||||||
|
|
||||||
|
|||||||
@@ -33,6 +33,14 @@ struct crypt_params_verity;
|
|||||||
struct device;
|
struct device;
|
||||||
struct crypt_params_integrity;
|
struct crypt_params_integrity;
|
||||||
|
|
||||||
|
/* Device mapper internal flags */
|
||||||
|
#define DM_RESUME_PRIVATE (1 << 4) /* CRYPT_ACTIVATE_PRIVATE */
|
||||||
|
|
||||||
|
static inline uint32_t act2dmflags(uint32_t act_flags)
|
||||||
|
{
|
||||||
|
return (act_flags & DM_RESUME_PRIVATE);
|
||||||
|
}
|
||||||
|
|
||||||
/* Device mapper backend - kernel support flags */
|
/* Device mapper backend - kernel support flags */
|
||||||
#define DM_KEY_WIPE_SUPPORTED (1 << 0) /* key wipe message */
|
#define DM_KEY_WIPE_SUPPORTED (1 << 0) /* key wipe message */
|
||||||
#define DM_LMK_SUPPORTED (1 << 1) /* lmk mode */
|
#define DM_LMK_SUPPORTED (1 << 1) /* lmk mode */
|
||||||
@@ -183,10 +191,10 @@ int dm_query_device(struct crypt_device *cd, const char *name,
|
|||||||
int dm_create_device(struct crypt_device *cd, const char *name,
|
int dm_create_device(struct crypt_device *cd, const char *name,
|
||||||
const char *type, struct crypt_dm_active_device *dmd);
|
const char *type, struct crypt_dm_active_device *dmd);
|
||||||
int dm_reload_device(struct crypt_device *cd, const char *name,
|
int dm_reload_device(struct crypt_device *cd, const char *name,
|
||||||
struct crypt_dm_active_device *dmd, unsigned resume);
|
struct crypt_dm_active_device *dmd, uint32_t dmflags, unsigned resume);
|
||||||
int dm_suspend_device(struct crypt_device *cd, const char *name);
|
int dm_suspend_device(struct crypt_device *cd, const char *name, uint32_t dmflags);
|
||||||
int dm_suspend_and_wipe_key(struct crypt_device *cd, const char *name);
|
int dm_suspend_and_wipe_key(struct crypt_device *cd, const char *name);
|
||||||
int dm_resume_device(struct crypt_device *cd, const char *name, uint32_t flags);
|
int dm_resume_device(struct crypt_device *cd, const char *name, uint32_t dmflags);
|
||||||
int dm_resume_and_reinstate_key(struct crypt_device *cd, const char *name,
|
int dm_resume_and_reinstate_key(struct crypt_device *cd, const char *name,
|
||||||
const struct volume_key *vk);
|
const struct volume_key *vk);
|
||||||
int dm_error_device(struct crypt_device *cd, const char *name);
|
int dm_error_device(struct crypt_device *cd, const char *name);
|
||||||
|
|||||||
Reference in New Issue
Block a user