This is temporary hotfix for stable 2.3.6 release. The full
fix that requires new API will be provided in later 2.4.0
release.
For more info see issue #614.
Reencryption did not take into account adjusted xts
key size configuration option. This patch fix the
issue by using same logic as in luksFormat with xts
mode selected for data encryption.
By default when reencrypting LUKS2 device we regenerate only
the volume key. But if the device was 'encrypted' by cipher_null
this change did not make sense. The key was always empty.
Change the behaviour so that unless user specifies --cipher
parameter on command line, we change data encryption cipher
to default when old segment cipher was cipher_null.
It may be useful to activate device right after LUKS2 encryption
is initialized:
device is ready to use immediately even if data encryption runs in
the background for a long time
It simplifies encryption initialization during reboot.
- test repair commad for reencryption recovery.
- test close command is able to teardown leftover device stack after
crash.
- test open performs recovery by default (to be able to open root
volume).
