eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-05 16:00:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Detect support for BitLocker EBOIV and Elephant diffuser.

Browse Source 
If kernel is missing support, print a more friendly error.
This commit is contained in:
Milan Broz
2019-12-30 20:52:36 +01:00
parent 3c189b4183
commit eee46ef2f4
3 changed files with 20 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
lib/bitlk/bitlk.c
View File

@@ -878,6 +878,7 @@ int BITLK_activate(struct crypt_device *cd,
uint64_t next_start = 0;
uint64_t next_end = 0;
uint64_t last_segment = 0;
uint32_t dmt_flags;
next_vmk = params->vmks;
while (next_vmk) {
@@ -962,13 +963,6 @@ int BITLK_activate(struct crypt_device *cd,
next_vmk = next_vmk->next;
}
if (strcmp(params->cipher_mode, "cbc-elephant") == 0) {
log_err(cd, _("Activation of BitLocker devices encrypted using AES-CBC with " \
"the Elephant Diffuser is currently not supported"));
crypt_free_volume_key(open_fvek_key);
return -ENOTSUP;
}
r = device_block_adjust(cd, crypt_data_device(cd), DEV_EXCL,
crypt_get_data_offset(cd), &dmd.size, &dmd.flags);
if (r) {
@@ -1093,6 +1087,17 @@ int BITLK_activate(struct crypt_device *cd,
device_path(crypt_data_device(cd)), name ? " with name " :"", name ?: "");
r = dm_create_device(cd, name, CRYPT_BITLK, &dmd);
if (r < 0) {
dm_flags(cd, DM_CRYPT, &dmt_flags);
if (!strcmp(params->cipher_mode, "cbc-eboiv") && !(dmt_flags & DM_BITLK_EBOIV_SUPPORTED)) {
log_err(cd, _("Cannot activate device, kernel dm-crypt is missing support for BitLocker IV."));
r = -ENOTSUP;
}
if (!strcmp(params->cipher_mode, "cbc-elephant") && !(dmt_flags & DM_BITLK_ELEPHANT_SUPPORTED)) {
log_err(cd, _("Cannot activate device, kernel dm-crypt is missing support for BitLocker Elephant diffuser."));
r = -ENOTSUP;
}
}
out:
dm_targets_free(cd, &dmd);
crypt_free_volume_key(open_fvek_key);

6
lib/libdevmapper.c
View File

@@ -169,6 +169,12 @@ static void _dm_set_crypt_compat(struct crypt_device *cd,
_dm_flags |= DM_CAPI_STRING_SUPPORTED;
}
if (_dm_satisfies_version(1, 19, 0, crypt_maj, crypt_min, crypt_patch))
_dm_flags |= DM_BITLK_EBOIV_SUPPORTED;
if (_dm_satisfies_version(1, 20, 0, crypt_maj, crypt_min, crypt_patch))
_dm_flags |= DM_BITLK_ELEPHANT_SUPPORTED;
_dm_crypt_checked = true;
}

2
lib/utils_dm.h
View File

@@ -65,6 +65,8 @@ static inline uint32_t act2dmflags(uint32_t act_flags)
#define DM_INTEGRITY_BITMAP_SUPPORTED (1 << 17) /* dm-integrity bitmap mode supported */
#define DM_GET_TARGET_VERSION_SUPPORTED (1 << 18) /* dm DM_GET_TARGET version ioctl supported */
#define DM_INTEGRITY_FIX_PADDING_SUPPORTED (1 << 19) /* supports the parameter fix_padding that fixes a bug that caused excessive padding */
#define DM_BITLK_EBOIV_SUPPORTED (1 << 20) /* EBOIV for BitLocker supported */
#define DM_BITLK_ELEPHANT_SUPPORTED (1 << 21) /* Elephant diffuser for BitLocker supported */
typedef enum { DM_CRYPT = 0, DM_VERITY, DM_INTEGRITY, DM_LINEAR, DM_ERROR, DM_ZERO, DM_UNKNOWN } dm_target_type;
enum tdirection { TARGET_SET = 1, TARGET_QUERY };