diff --git a/lib/internal.h b/lib/internal.h index ee9a8c7b..5e9d5fe2 100644 --- a/lib/internal.h +++ b/lib/internal.h @@ -215,7 +215,7 @@ void crypt_set_luks2_reencrypt(struct crypt_device *cd, struct luks2_reencrypt * struct luks2_reencrypt *crypt_get_luks2_reencrypt(struct crypt_device *cd); int onlyLUKS2(struct crypt_device *cd); -int onlyLUKS2mask(struct crypt_device *cd, uint32_t mask); +int onlyLUKS2reencrypt(struct crypt_device *cd); int crypt_wipe_device(struct crypt_device *cd, struct device *device, diff --git a/lib/luks2/luks2_reencrypt.c b/lib/luks2/luks2_reencrypt.c index 146e6552..f440d34b 100644 --- a/lib/luks2/luks2_reencrypt.c +++ b/lib/luks2/luks2_reencrypt.c @@ -3863,7 +3863,7 @@ int crypt_reencrypt_init_by_keyring(struct crypt_device *cd, char *passphrase; size_t passphrase_size; - if (onlyLUKS2mask(cd, CRYPT_REQUIREMENT_ONLINE_REENCRYPT) || !passphrase_description) + if (onlyLUKS2reencrypt(cd) || !passphrase_description) return -EINVAL; if (params && (params->flags & CRYPT_REENCRYPT_INITIALIZE_ONLY) && (params->flags & CRYPT_REENCRYPT_RESUME_ONLY)) return -EINVAL; @@ -3897,7 +3897,7 @@ int crypt_reencrypt_init_by_passphrase(struct crypt_device *cd, const char *cipher_mode, const struct crypt_params_reencrypt *params) { - if (onlyLUKS2mask(cd, CRYPT_REQUIREMENT_ONLINE_REENCRYPT) || !passphrase) + if (onlyLUKS2reencrypt(cd) || !passphrase) return -EINVAL; if (params && (params->flags & CRYPT_REENCRYPT_INITIALIZE_ONLY) && (params->flags & CRYPT_REENCRYPT_RESUME_ONLY)) return -EINVAL; @@ -4201,7 +4201,7 @@ int crypt_reencrypt_run( reenc_status_t rs; bool quit = false; - if (onlyLUKS2mask(cd, CRYPT_REQUIREMENT_ONLINE_REENCRYPT)) + if (onlyLUKS2reencrypt(cd)) return -EINVAL; hdr = crypt_get_hdr(cd, CRYPT_LUKS2); diff --git a/lib/setup.c b/lib/setup.c index 59aacd77..43ee62d4 100644 --- a/lib/setup.c +++ b/lib/setup.c @@ -403,6 +403,11 @@ static int _onlyLUKS(struct crypt_device *cd, uint32_t cdflags) return LUKS2_unmet_requirements(cd, &cd->u.luks2.hdr, 0, cdflags & CRYPT_CD_QUIET); } +static int onlyLUKSunrestricted(struct crypt_device *cd) +{ + return _onlyLUKS(cd, CRYPT_CD_UNRESTRICTED); +} + static int onlyLUKS(struct crypt_device *cd) { return _onlyLUKS(cd, 0); @@ -430,6 +435,11 @@ static int _onlyLUKS2(struct crypt_device *cd, uint32_t cdflags, uint32_t mask) return LUKS2_unmet_requirements(cd, &cd->u.luks2.hdr, mask, cdflags & CRYPT_CD_QUIET); } +static int onlyLUKS2unrestricted(struct crypt_device *cd) +{ + return _onlyLUKS2(cd, CRYPT_CD_UNRESTRICTED, 0); +} + /* Internal only */ int onlyLUKS2(struct crypt_device *cd) { @@ -437,9 +447,9 @@ int onlyLUKS2(struct crypt_device *cd) } /* Internal only */ -int onlyLUKS2mask(struct crypt_device *cd, uint32_t mask) +int onlyLUKS2reencrypt(struct crypt_device *cd) { - return _onlyLUKS2(cd, 0, mask); + return _onlyLUKS2(cd, 0, CRYPT_REQUIREMENT_ONLINE_REENCRYPT); } static void crypt_set_null_type(struct crypt_device *cd) @@ -4535,7 +4545,7 @@ int crypt_keyslot_destroy(struct crypt_device *cd, int keyslot) log_dbg(cd, "Destroying keyslot %d.", keyslot); - if ((r = _onlyLUKS(cd, CRYPT_CD_UNRESTRICTED))) + if ((r = onlyLUKSunrestricted(cd))) return r; ki = crypt_keyslot_status(cd, keyslot); @@ -5845,7 +5855,7 @@ int crypt_volume_key_verify(struct crypt_device *cd, struct volume_key *vk; int r; - if ((r = _onlyLUKS(cd, CRYPT_CD_UNRESTRICTED))) + if ((r = onlyLUKSunrestricted(cd))) return r; vk = crypt_alloc_volume_key(volume_key_size, volume_key); @@ -6766,7 +6776,7 @@ int crypt_token_json_get(struct crypt_device *cd, int token, const char **json) log_dbg(cd, "Requesting JSON for token %d.", token); - if ((r = _onlyLUKS2(cd, CRYPT_CD_UNRESTRICTED, 0))) + if ((r = onlyLUKS2unrestricted(cd))) return r; return LUKS2_token_json_get(&cd->u.luks2.hdr, token, json) ?: token; @@ -6813,7 +6823,7 @@ int crypt_token_luks2_keyring_get(struct crypt_device *cd, log_dbg(cd, "Requesting LUKS2 keyring token %d.", token); - if ((r = _onlyLUKS2(cd, CRYPT_CD_UNRESTRICTED, 0))) + if ((r = onlyLUKS2unrestricted(cd))) return r; token_info = LUKS2_token_status(cd, &cd->u.luks2.hdr, token, &type); @@ -6928,7 +6938,7 @@ int crypt_persistent_flags_get(struct crypt_device *cd, crypt_flags_type type, u if (!flags) return -EINVAL; - if ((r = _onlyLUKS2(cd, CRYPT_CD_UNRESTRICTED, 0))) + if ((r = onlyLUKS2unrestricted(cd))) return r; if (type == CRYPT_FLAGS_ACTIVATION)