eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-16 05:10:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add blkid scan when attemting to open plain device.

Browse Source 
Warn user about existing device signatures on candidate ciphertext
device and prompt for action confirmation.

Fixes #411.
This commit is contained in:
Ondrej Kozina
2018-09-24 15:38:05 +02:00
committed by Milan Broz
parent b93b676336
commit ee689d88b4
3 changed files with 28 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/cryptsetup.c
View File

@@ -166,7 +166,7 @@ static void _set_activation_flags(uint32_t *flags)
static int action_open_plain(void) static int action_open_plain(void)
{ {
struct crypt_device *cd = NULL; struct crypt_device *cd = NULL;
char cipher[MAX_CIPHER_LEN], cipher_mode[MAX_CIPHER_LEN]; char *msg, cipher[MAX_CIPHER_LEN], cipher_mode[MAX_CIPHER_LEN];
struct crypt_params_plain params = { struct crypt_params_plain params = {
.hash = opt_hash ?: DEFAULT_PLAIN_HASH, .hash = opt_hash ?: DEFAULT_PLAIN_HASH,
.skip = opt_skip, .skip = opt_skip,
@@ -175,8 +175,8 @@ static int action_open_plain(void)
.sector_size = opt_sector_size, .sector_size = opt_sector_size,
}; };
char *password = NULL; char *password = NULL;
size_t passwordLen, key_size_max; size_t passwordLen, key_size_max, signatures,
size_t key_size = (opt_key_size ?: DEFAULT_PLAIN_KEYBITS) / 8; key_size = (opt_key_size ?: DEFAULT_PLAIN_KEYBITS) / 8;
uint32_t activate_flags = 0; uint32_t activate_flags = 0;
int r; int r;
@@ -205,6 +205,27 @@ static int action_open_plain(void)
if ((r = crypt_init(&cd, action_argv[0]))) if ((r = crypt_init(&cd, action_argv[0])))
goto out; goto out;
/* Skip blkid scan when activating plain device with offset */
if (!opt_offset) {
/* Print all present signatures in read-only mode */
r = tools_detect_signatures(action_argv[0], 0, &signatures);
if (r < 0)
goto out;
}
if (signatures) {
r = asprintf(&msg, _("Detected device signature(s) on %s. Proceeding further may damage existing data."), action_argv[0]);
if (r == -1) {
r = -ENOMEM;
goto out;
}
r = yesDialog(msg, _("Operation aborted.\n")) ? 0 : -EINVAL;
free(msg);
if (r < 0)
goto out;
}
r = crypt_format(cd, CRYPT_PLAIN, r = crypt_format(cd, CRYPT_PLAIN,
cipher, cipher_mode, cipher, cipher_mode,
NULL, NULL, NULL, NULL,

6
tests/device-test
View File

@@ -97,11 +97,11 @@ if [ -z "$DM_PERF_CPU" ]; then
SKIP_COUNT=$((SKIP_COUNT+1)) SKIP_COUNT=$((SKIP_COUNT+1))
else else
# plain # plain
echo -e "$PWD1" | $CRYPTSETUP open --type plain $DEV $DEV_NAME --perf-same_cpu_crypt --perf-submit_from_crypt_cpus || fail echo -e "$PWD1" | $CRYPTSETUP open -q --type plain $DEV $DEV_NAME --perf-same_cpu_crypt --perf-submit_from_crypt_cpus || fail
$CRYPTSETUP status $DEV_NAME | grep -q same_cpu_crypt || fail $CRYPTSETUP status $DEV_NAME | grep -q same_cpu_crypt || fail
$CRYPTSETUP status $DEV_NAME | grep -q submit_from_crypt_cpus || fail $CRYPTSETUP status $DEV_NAME | grep -q submit_from_crypt_cpus || fail
$CRYPTSETUP close $DEV_NAME || fail $CRYPTSETUP close $DEV_NAME || fail
echo -e "$PWD1" | $CRYPTSETUP open --type plain $DEV $DEV_NAME --perf-same_cpu_crypt --allow-discards || fail echo -e "$PWD1" | $CRYPTSETUP open -q --type plain $DEV $DEV_NAME --perf-same_cpu_crypt --allow-discards || fail
$CRYPTSETUP status $DEV_NAME | grep -q same_cpu_crypt || fail $CRYPTSETUP status $DEV_NAME | grep -q same_cpu_crypt || fail
$CRYPTSETUP status $DEV_NAME | grep -q discards || fail $CRYPTSETUP status $DEV_NAME | grep -q discards || fail
$CRYPTSETUP close $DEV_NAME || fail $CRYPTSETUP close $DEV_NAME || fail
@@ -152,7 +152,7 @@ else
echo -e "$PWD1" | $CRYPTSETUP open --type plain $DEV $DEV_NAME --sector-size 1234 >/dev/null 2>&1 && fail echo -e "$PWD1" | $CRYPTSETUP open --type plain $DEV $DEV_NAME --sector-size 1234 >/dev/null 2>&1 && fail
for S in 512 1024 2048 4096; do for S in 512 1024 2048 4096; do
echo -n "[$S]" echo -n "[$S]"
echo -e "$PWD1" | $CRYPTSETUP open --type plain $DEV $DEV_NAME --sector-size $S || fail echo -e "$PWD1" | $CRYPTSETUP open -q --type plain $DEV $DEV_NAME --sector-size $S || fail
check_sector_size $S check_sector_size $S
$CRYPTSETUP close $DEV_NAME || fail $CRYPTSETUP close $DEV_NAME || fail
done done

2
tests/discards-test
View File

@@ -74,7 +74,7 @@ dmsetup table $DEV_NAME | grep allow_discards >/dev/null || fail
$CRYPTSETUP luksClose $DEV_NAME || fail $CRYPTSETUP luksClose $DEV_NAME || fail
echo "[2] Allowing discards for plain device" echo "[2] Allowing discards for plain device"
echo $PWD1 | $CRYPTSETUP create $DEV_NAME $DEV --hash sha1 --allow-discards || fail echo $PWD1 | $CRYPTSETUP create -q $DEV_NAME $DEV --hash sha1 --allow-discards || fail
$CRYPTSETUP status $DEV_NAME | grep flags | grep discards >/dev/null || fail $CRYPTSETUP status $DEV_NAME | grep flags | grep discards >/dev/null || fail
$CRYPTSETUP resize $DEV_NAME --size 100 || fail $CRYPTSETUP resize $DEV_NAME --size 100 || fail
$CRYPTSETUP status $DEV_NAME | grep flags | grep discards >/dev/null || fail $CRYPTSETUP status $DEV_NAME | grep flags | grep discards >/dev/null || fail