This regression was introduced in cryptsetup 2.0.0 release
with refactoring "Enter passphrase for (dev)" prompt.
With cryptsetup 1.7.5, "cryptsetup open /dev/loop0" printed
following prompt:
"Enter passphrase for /path/to/loop/backing_file:"
Whereas cryptsetup 2.0.0 and on printed following one:
"Enter passphrase for /dev/loop:"
Reported in https://bugzilla.redhat.com/show_bug.cgi?id=1726287
Fixes: 39698fa6b7 ("Remove terminal input from libcryptsetup API calls.")
Fixes: c80acbe4c8 ("Add back "Passphrase for (dev):" prompt.")
Fixes: 5171f65c05 ("tests only: Return back password retry support for luksOpen.")
If device properly exposes optimal io size, let's align
reencryption hotzone to it. Otherwise device-mapper driver
complaints about misaligned tables and reencryption performance
is not optimal.
All set_segment funcions must use uin64_t everywhere,
not size_t that is platform dependent.
The code later uses it correctly, it is just wrong function
prototype definitions.
Reported in
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935702
(TODO: add a test for other segment types.)
command "man cryptsetup reencrypt" gets redirected to
cryptsetup-reencrypt man page. This may confuse users that LUKS2 online
reencryption is managed by offline utility.
If all keyslots are removed, LUKS2 has no longer information about
the volume key size (there is only key digest present).
If user wants to open or add new keyslot, it must get information
about key size externally.
We do not want to guess key size from the file size (it does not
work for block devices for example), so require explicit --keyfil
option in these cases.
Fixes#470.
Commit 4c73da31 exposed another bug in minimal device size check.
During reencryption initialization wrong data offset value was used
and adjusted as if device was already undergoing reencryption. The
bug fixed by commit 4c73da31 hid this bug.
This is hotfix only and following functions needs more review:
- LUKS2_reencrypt_data_offset
- LUKS2_get_data_offset
- luks2_check_device_size
- LUKS2_get_data_size
- Remove all 'LUKS2_' name prefixes from internal routines
- Make all internal routines prefixed with 'reencrypt_' instead
- Drop few static routines by refactoring
- Rename all variables and routines containing 'pre' prefix to
contain 'hot' prefix instead (when referring to segments
undergoing reencryption)
- Rename all variables and routines containing 'after' prefix to
contain 'post' prefix instead
- Rename all routines prefixed with '_' to 'reencrypt_' instead
