eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-06 00:10:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix crypt_init_by_name() for dm-crypt with integrity.

Browse Source 
Initialization by name for dm-crypt with integrity is always
underlying device for dm-integrity target, not dm-integrity
device itself.

This fixes various problems like refresh command or
device printed in status command.

Fixes: #801
This commit is contained in:
Milan Broz
2023-02-15 10:17:55 +01:00
parent e244c8c543
commit e455110c8e
2 changed files with 16 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
lib/setup.c
View File

@@ -1260,10 +1260,13 @@ static int _init_by_name_crypt(struct crypt_device *cd, const char *name)
r = -EINVAL; r = -EINVAL;
goto out; goto out;
} }
if (!cd->metadata_device) {
device_free(cd, cd->device); /*
MOVE_REF(cd->device, tgti->data_device); * Data device for crypt with integrity is not dm-integrity device,
} * but always the device underlying dm-integrity.
*/
device_free(cd, cd->device);
MOVE_REF(cd->device, tgti->data_device);
} }
/* do not try to lookup LUKS2 header in detached header mode */ /* do not try to lookup LUKS2 header in detached header mode */

9
tests/luks2-integrity-test
View File

@@ -60,6 +60,11 @@ add_device() {
sync sync
} }
set_LO_DEV() { # file
# support both /dev/loopX and /dev/loop/X
LO_DEV=$(losetup -l -O NAME -n -j $1 2>/dev/null | sed -e 's/loop\//loop/')
}
status_check() # name value [detached] status_check() # name value [detached]
{ {
if [ -n "$3" ]; then if [ -n "$3" ]; then
@@ -122,10 +127,12 @@ intformat() # alg integrity integrity_out key_size int_key_size sector_size csum
dump_check "Key:" $(($4 + $5)) dump_check "Key:" $(($4 + $5))
echo -n "[ACTIVATE]" echo -n "[ACTIVATE]"
$CRYPTSETUP open -d $KEY_FILE $DEV $DEV_NAME || fail "Cannot activate device." $CRYPTSETUP open -d $KEY_FILE $DEV $DEV_NAME || fail "Cannot activate device."
set_LO_DEV $DEV
status_check "cipher" $1 status_check "cipher" $1
status_check "sector size" $6 status_check "sector size" $6
status_check "integrity:" $3 status_check "integrity:" $3
status_check "keysize:" $(($4 + $5)) status_check "keysize:" $(($4 + $5))
[ -n "$LO_DEV" ] && status_check "device:" $LO_DEV
[ $5 -gt 0 ] && status_check "integrity keysize:" $5 [ $5 -gt 0 ] && status_check "integrity keysize:" $5
int_check_sum $1 $7 int_check_sum $1 $7
echo -n "[REMOVE]" echo -n "[REMOVE]"
@@ -137,10 +144,12 @@ intformat() # alg integrity integrity_out key_size int_key_size sector_size csum
$CRYPTSETUP luksHeaderBackup -q --header-backup-file $HEADER_IMG $DEV || fail $CRYPTSETUP luksHeaderBackup -q --header-backup-file $HEADER_IMG $DEV || fail
wipefs -a $DEV >/dev/null 2>&1 || fail wipefs -a $DEV >/dev/null 2>&1 || fail
$CRYPTSETUP open --header $HEADER_IMG -d $KEY_FILE $DEV $DEV_NAME || fail "Cannot activate device." $CRYPTSETUP open --header $HEADER_IMG -d $KEY_FILE $DEV $DEV_NAME || fail "Cannot activate device."
set_LO_DEV $DEV
status_check "cipher" $1 1 status_check "cipher" $1 1
status_check "sector size" $6 1 status_check "sector size" $6 1
status_check "integrity:" $3 1 status_check "integrity:" $3 1
status_check "keysize:" $(($4 + $5)) 1 status_check "keysize:" $(($4 + $5)) 1
[ -n "$LO_DEV" ] && status_check "device:" $LO_DEV 1
[ $5 -gt 0 ] && status_check "integrity keysize:" $5 1 [ $5 -gt 0 ] && status_check "integrity keysize:" $5 1
int_check_sum $1 $7 int_check_sum $1 $7
$CRYPTSETUP close $DEV_NAME || fail "Cannot deactivate device." $CRYPTSETUP close $DEV_NAME || fail "Cannot deactivate device."