eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-06 00:10:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add more onlyLUKS helpers for convenience.

Browse Source
This commit is contained in:
Ondrej Kozina
2023-11-01 11:36:59 +01:00
parent d09b27a170
commit f623eb2e99
3 changed files with 21 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/internal.h
View File

@@ -215,7 +215,7 @@ void crypt_set_luks2_reencrypt(struct crypt_device *cd, struct luks2_reencrypt *
struct luks2_reencrypt *crypt_get_luks2_reencrypt(struct crypt_device *cd); struct luks2_reencrypt *crypt_get_luks2_reencrypt(struct crypt_device *cd);
int onlyLUKS2(struct crypt_device *cd); int onlyLUKS2(struct crypt_device *cd);
int onlyLUKS2mask(struct crypt_device *cd, uint32_t mask); int onlyLUKS2reencrypt(struct crypt_device *cd);
int crypt_wipe_device(struct crypt_device *cd, int crypt_wipe_device(struct crypt_device *cd,
struct device *device, struct device *device,

6
lib/luks2/luks2_reencrypt.c
View File

@@ -3863,7 +3863,7 @@ int crypt_reencrypt_init_by_keyring(struct crypt_device *cd,
char *passphrase; char *passphrase;
size_t passphrase_size; size_t passphrase_size;
if (onlyLUKS2mask(cd, CRYPT_REQUIREMENT_ONLINE_REENCRYPT) || !passphrase_description) if (onlyLUKS2reencrypt(cd) || !passphrase_description)
return -EINVAL; return -EINVAL;
if (params && (params->flags & CRYPT_REENCRYPT_INITIALIZE_ONLY) && (params->flags & CRYPT_REENCRYPT_RESUME_ONLY)) if (params && (params->flags & CRYPT_REENCRYPT_INITIALIZE_ONLY) && (params->flags & CRYPT_REENCRYPT_RESUME_ONLY))
return -EINVAL; return -EINVAL;
@@ -3897,7 +3897,7 @@ int crypt_reencrypt_init_by_passphrase(struct crypt_device *cd,
const char *cipher_mode, const char *cipher_mode,
const struct crypt_params_reencrypt *params) const struct crypt_params_reencrypt *params)
{ {
if (onlyLUKS2mask(cd, CRYPT_REQUIREMENT_ONLINE_REENCRYPT) || !passphrase) if (onlyLUKS2reencrypt(cd) || !passphrase)
return -EINVAL; return -EINVAL;
if (params && (params->flags & CRYPT_REENCRYPT_INITIALIZE_ONLY) && (params->flags & CRYPT_REENCRYPT_RESUME_ONLY)) if (params && (params->flags & CRYPT_REENCRYPT_INITIALIZE_ONLY) && (params->flags & CRYPT_REENCRYPT_RESUME_ONLY))
return -EINVAL; return -EINVAL;
@@ -4201,7 +4201,7 @@ int crypt_reencrypt_run(
reenc_status_t rs; reenc_status_t rs;
bool quit = false; bool quit = false;
if (onlyLUKS2mask(cd, CRYPT_REQUIREMENT_ONLINE_REENCRYPT)) if (onlyLUKS2reencrypt(cd))
return -EINVAL; return -EINVAL;
hdr = crypt_get_hdr(cd, CRYPT_LUKS2); hdr = crypt_get_hdr(cd, CRYPT_LUKS2);

24
lib/setup.c
View File

@@ -403,6 +403,11 @@ static int _onlyLUKS(struct crypt_device *cd, uint32_t cdflags)
return LUKS2_unmet_requirements(cd, &cd->u.luks2.hdr, 0, cdflags & CRYPT_CD_QUIET); return LUKS2_unmet_requirements(cd, &cd->u.luks2.hdr, 0, cdflags & CRYPT_CD_QUIET);
} }
static int onlyLUKSunrestricted(struct crypt_device *cd)
{
return _onlyLUKS(cd, CRYPT_CD_UNRESTRICTED);
}
static int onlyLUKS(struct crypt_device *cd) static int onlyLUKS(struct crypt_device *cd)
{ {
return _onlyLUKS(cd, 0); return _onlyLUKS(cd, 0);
@@ -430,6 +435,11 @@ static int _onlyLUKS2(struct crypt_device *cd, uint32_t cdflags, uint32_t mask)
return LUKS2_unmet_requirements(cd, &cd->u.luks2.hdr, mask, cdflags & CRYPT_CD_QUIET); return LUKS2_unmet_requirements(cd, &cd->u.luks2.hdr, mask, cdflags & CRYPT_CD_QUIET);
} }
static int onlyLUKS2unrestricted(struct crypt_device *cd)
{
return _onlyLUKS2(cd, CRYPT_CD_UNRESTRICTED, 0);
}
/* Internal only */ /* Internal only */
int onlyLUKS2(struct crypt_device *cd) int onlyLUKS2(struct crypt_device *cd)
{ {
@@ -437,9 +447,9 @@ int onlyLUKS2(struct crypt_device *cd)
} }
/* Internal only */ /* Internal only */
int onlyLUKS2mask(struct crypt_device *cd, uint32_t mask) int onlyLUKS2reencrypt(struct crypt_device *cd)
{ {
return _onlyLUKS2(cd, 0, mask); return _onlyLUKS2(cd, 0, CRYPT_REQUIREMENT_ONLINE_REENCRYPT);
} }
static void crypt_set_null_type(struct crypt_device *cd) static void crypt_set_null_type(struct crypt_device *cd)
@@ -4535,7 +4545,7 @@ int crypt_keyslot_destroy(struct crypt_device *cd, int keyslot)
log_dbg(cd, "Destroying keyslot %d.", keyslot); log_dbg(cd, "Destroying keyslot %d.", keyslot);
if ((r = _onlyLUKS(cd, CRYPT_CD_UNRESTRICTED))) if ((r = onlyLUKSunrestricted(cd)))
return r; return r;
ki = crypt_keyslot_status(cd, keyslot); ki = crypt_keyslot_status(cd, keyslot);
@@ -5845,7 +5855,7 @@ int crypt_volume_key_verify(struct crypt_device *cd,
struct volume_key *vk; struct volume_key *vk;
int r; int r;
if ((r = _onlyLUKS(cd, CRYPT_CD_UNRESTRICTED))) if ((r = onlyLUKSunrestricted(cd)))
return r; return r;
vk = crypt_alloc_volume_key(volume_key_size, volume_key); vk = crypt_alloc_volume_key(volume_key_size, volume_key);
@@ -6766,7 +6776,7 @@ int crypt_token_json_get(struct crypt_device *cd, int token, const char **json)
log_dbg(cd, "Requesting JSON for token %d.", token); log_dbg(cd, "Requesting JSON for token %d.", token);
if ((r = _onlyLUKS2(cd, CRYPT_CD_UNRESTRICTED, 0))) if ((r = onlyLUKS2unrestricted(cd)))
return r; return r;
return LUKS2_token_json_get(&cd->u.luks2.hdr, token, json) ?: token; return LUKS2_token_json_get(&cd->u.luks2.hdr, token, json) ?: token;
@@ -6813,7 +6823,7 @@ int crypt_token_luks2_keyring_get(struct crypt_device *cd,
log_dbg(cd, "Requesting LUKS2 keyring token %d.", token); log_dbg(cd, "Requesting LUKS2 keyring token %d.", token);
if ((r = _onlyLUKS2(cd, CRYPT_CD_UNRESTRICTED, 0))) if ((r = onlyLUKS2unrestricted(cd)))
return r; return r;
token_info = LUKS2_token_status(cd, &cd->u.luks2.hdr, token, &type); token_info = LUKS2_token_status(cd, &cd->u.luks2.hdr, token, &type);
@@ -6928,7 +6938,7 @@ int crypt_persistent_flags_get(struct crypt_device *cd, crypt_flags_type type, u
if (!flags) if (!flags)
return -EINVAL; return -EINVAL;
if ((r = _onlyLUKS2(cd, CRYPT_CD_UNRESTRICTED, 0))) if ((r = onlyLUKS2unrestricted(cd)))
return r; return r;
if (type == CRYPT_FLAGS_ACTIVATION) if (type == CRYPT_FLAGS_ACTIVATION)