"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "lib/libdevmapper.c" between
cryptsetup-2.3.6.tar.xz and cryptsetup-2.4.0.tar.xz

About: cryptsetup is a utility used to conveniently setup disk encryption based on the dm-crypt kernel module. These include plain dm-crypt volumes, LUKS volumes, loop-AES and TrueCrypt compatible format.

libdevmapper.c  (cryptsetup-2.3.6.tar.xz):libdevmapper.c  (cryptsetup-2.4.0.tar.xz)
skipping to change at line 27 skipping to change at line 27
* GNU General Public License for more details. * GNU General Public License for more details.
* *
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software * along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#include <stdio.h> #include <stdio.h>
#include <stdbool.h> #include <stdbool.h>
#include <ctype.h> #include <ctype.h>
#include <dirent.h>
#include <errno.h> #include <errno.h>
#include <libdevmapper.h> #include <libdevmapper.h>
#include <linux/fs.h>
#include <uuid/uuid.h> #include <uuid/uuid.h>
#include <sys/stat.h> #include <sys/stat.h>
#ifdef HAVE_SYS_SYSMACROS_H #ifdef HAVE_SYS_SYSMACROS_H
# include <sys/sysmacros.h> /* for major, minor */ # include <sys/sysmacros.h> /* for major, minor */
#endif #endif
#include <assert.h> #include <assert.h>
#include "internal.h" #include "internal.h"
#define DM_UUID_LEN 129
#define DM_BY_ID_PREFIX "dm-uuid-"
#define DM_BY_ID_PREFIX_LEN 8
#define DM_UUID_PREFIX "CRYPT-"
#define DM_UUID_PREFIX_LEN 6
#define DM_CRYPT_TARGET "crypt" #define DM_CRYPT_TARGET "crypt"
#define DM_VERITY_TARGET "verity" #define DM_VERITY_TARGET "verity"
#define DM_INTEGRITY_TARGET "integrity" #define DM_INTEGRITY_TARGET "integrity"
#define DM_LINEAR_TARGET "linear" #define DM_LINEAR_TARGET "linear"
#define DM_ERROR_TARGET "error" #define DM_ERROR_TARGET "error"
#define DM_ZERO_TARGET "zero" #define DM_ZERO_TARGET "zero"
#define RETRY_COUNT 5 #define RETRY_COUNT 5
/* Set if DM target versions were probed */ /* Set if DM target versions were probed */
static bool _dm_ioctl_checked = false; static bool _dm_ioctl_checked = false;
skipping to change at line 245 skipping to change at line 238
if (_dm_satisfies_version(1, 4, 0, integrity_maj, integrity_min, integrit y_patch)) if (_dm_satisfies_version(1, 4, 0, integrity_maj, integrity_min, integrit y_patch))
_dm_flags |= DM_INTEGRITY_FIX_PADDING_SUPPORTED; _dm_flags |= DM_INTEGRITY_FIX_PADDING_SUPPORTED;
if (_dm_satisfies_version(1, 6, 0, integrity_maj, integrity_min, integrit y_patch)) if (_dm_satisfies_version(1, 6, 0, integrity_maj, integrity_min, integrit y_patch))
_dm_flags |= DM_INTEGRITY_DISCARDS_SUPPORTED; _dm_flags |= DM_INTEGRITY_DISCARDS_SUPPORTED;
if (_dm_satisfies_version(1, 7, 0, integrity_maj, integrity_min, integrit y_patch)) if (_dm_satisfies_version(1, 7, 0, integrity_maj, integrity_min, integrit y_patch))
_dm_flags |= DM_INTEGRITY_FIX_HMAC_SUPPORTED; _dm_flags |= DM_INTEGRITY_FIX_HMAC_SUPPORTED;
if (_dm_satisfies_version(1, 8, 0, integrity_maj, integrity_min, integrit
y_patch))
_dm_flags |= DM_INTEGRITY_RESET_RECALC_SUPPORTED;
_dm_integrity_checked = true; _dm_integrity_checked = true;
} }
/* We use this for loading target module */ /* We use this for loading target module */
static void _dm_check_target(dm_target_type target_type) static void _dm_check_target(dm_target_type target_type)
{ {
#if HAVE_DECL_DM_DEVICE_GET_TARGET_VERSION #if HAVE_DECL_DM_DEVICE_GET_TARGET_VERSION
struct dm_task *dmt; struct dm_task *dmt;
const char *target_name = NULL; const char *target_name = NULL;
skipping to change at line 268 skipping to change at line 264
if (target_type == DM_CRYPT) if (target_type == DM_CRYPT)
target_name = DM_CRYPT_TARGET; target_name = DM_CRYPT_TARGET;
else if (target_type == DM_VERITY) else if (target_type == DM_VERITY)
target_name = DM_VERITY_TARGET; target_name = DM_VERITY_TARGET;
else if (target_type == DM_INTEGRITY) else if (target_type == DM_INTEGRITY)
target_name = DM_INTEGRITY_TARGET; target_name = DM_INTEGRITY_TARGET;
else else
return; return;
if (!(dmt = dm_task_create(DM_DEVICE_GET_TARGET_VERSION))) if (!(dmt = dm_task_create(DM_DEVICE_GET_TARGET_VERSION)))
goto out; return;
if (!dm_task_set_name(dmt, target_name)) if (dm_task_set_name(dmt, target_name))
goto out; dm_task_run(dmt);
if (!dm_task_run(dmt)) dm_task_destroy(dmt);
goto out;
out:
if (dmt)
dm_task_destroy(dmt);
#endif #endif
} }
static int _dm_check_versions(struct crypt_device *cd, dm_target_type target_typ e) static int _dm_check_versions(struct crypt_device *cd, dm_target_type target_typ e)
{ {
struct dm_task *dmt; struct dm_task *dmt;
struct dm_versions *target, *last_target; struct dm_versions *target, *last_target;
char dm_version[16]; char dm_version[16];
unsigned dm_maj, dm_min, dm_patch; unsigned dm_maj, dm_min, dm_patch;
int r = 0; int r = 0;
skipping to change at line 301 skipping to change at line 293
(target_type == DM_INTEGRITY && _dm_integrity_checked) || (target_type == DM_INTEGRITY && _dm_integrity_checked) ||
(target_type == DM_LINEAR) || (target_type == DM_ZERO) || (target_type == DM_LINEAR) || (target_type == DM_ZERO) ||
(_dm_crypt_checked && _dm_verity_checked && _dm_integrity_checked)) (_dm_crypt_checked && _dm_verity_checked && _dm_integrity_checked))
return 1; return 1;
/* Shut up DM while checking */ /* Shut up DM while checking */
_quiet_log = 1; _quiet_log = 1;
_dm_check_target(target_type); _dm_check_target(target_type);
/* FIXME: add support to DM so it forces crypt target module load here */
if (!(dmt = dm_task_create(DM_DEVICE_LIST_VERSIONS))) if (!(dmt = dm_task_create(DM_DEVICE_LIST_VERSIONS)))
goto out; goto out;
if (!dm_task_run(dmt)) if (!dm_task_run(dmt))
goto out; goto out;
if (!dm_task_get_driver_version(dmt, dm_version, sizeof(dm_version))) if (!dm_task_get_driver_version(dmt, dm_version, sizeof(dm_version)))
goto out; goto out;
if (!_dm_ioctl_checked) { if (!_dm_ioctl_checked) {
skipping to change at line 399 skipping to change at line 390
void dm_backend_exit(struct crypt_device *cd) void dm_backend_exit(struct crypt_device *cd)
{ {
if (_dm_use_count && (!--_dm_use_count)) { if (_dm_use_count && (!--_dm_use_count)) {
log_dbg(cd, "Releasing device-mapper backend."); log_dbg(cd, "Releasing device-mapper backend.");
dm_log_init_verbose(0); dm_log_init_verbose(0);
dm_log_init(NULL); dm_log_init(NULL);
dm_lib_release(); dm_lib_release();
} }
} }
/* /* libdevmapper is not context friendly, switch context on every DM call. */
* libdevmapper is not context friendly, switch context on every DM call.
* FIXME: this is not safe if called in parallel but neither is DM lib.
*/
static int dm_init_context(struct crypt_device *cd, dm_target_type target) static int dm_init_context(struct crypt_device *cd, dm_target_type target)
{ {
_context = cd; _context = cd;
if (!_dm_check_versions(cd, target)) { if (!_dm_check_versions(cd, target)) {
if (getuid() || geteuid()) if (getuid() || geteuid())
log_err(cd, _("Cannot initialize device-mapper, " log_err(cd, _("Cannot initialize device-mapper, "
"running as non-root user.")); "running as non-root user."));
else else
log_err(cd, _("Cannot initialize device-mapper. " log_err(cd, _("Cannot initialize device-mapper. "
"Is dm_mod kernel module loaded?")); "Is dm_mod kernel module loaded?"));
skipping to change at line 932 skipping to change at line 920
if (tgt->u.integrity.fix_padding) if (tgt->u.integrity.fix_padding)
num_options++; num_options++;
if (tgt->u.integrity.fix_hmac) if (tgt->u.integrity.fix_hmac)
num_options++; num_options++;
if (tgt->u.integrity.legacy_recalc) if (tgt->u.integrity.legacy_recalc)
num_options++; num_options++;
if (tgt->u.integrity.meta_device) if (tgt->u.integrity.meta_device)
num_options++; num_options++;
if (flags & CRYPT_ACTIVATE_RECALCULATE) if (flags & CRYPT_ACTIVATE_RECALCULATE)
num_options++; num_options++;
if (flags & CRYPT_ACTIVATE_RECALCULATE_RESET)
num_options++;
if (flags & CRYPT_ACTIVATE_ALLOW_DISCARDS) if (flags & CRYPT_ACTIVATE_ALLOW_DISCARDS)
num_options++; num_options++;
r = snprintf(features, max_size, "%d%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s", nu m_options, r = snprintf(features, max_size, "%d%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s", num_options,
tgt->u.integrity.journal_size ? _uf(feature[0], sizeof(feature[0] ), /* MAX length 17 + int32 */ tgt->u.integrity.journal_size ? _uf(feature[0], sizeof(feature[0] ), /* MAX length 17 + int32 */
"journal_sectors", (unsigned)(tgt->u.integrity.journal_si ze / SECTOR_SIZE)) : "", "journal_sectors", (unsigned)(tgt->u.integrity.journal_si ze / SECTOR_SIZE)) : "",
tgt->u.integrity.journal_watermark ? _uf(feature[1], sizeof(featu re[1]), /* MAX length 19 + int32 */ tgt->u.integrity.journal_watermark ? _uf(feature[1], sizeof(featu re[1]), /* MAX length 19 + int32 */
/* bitmap overloaded values */ /* bitmap overloaded values */
(flags & CRYPT_ACTIVATE_NO_JOURNAL_BITMAP) ? "sectors_pe r_bit" : "journal_watermark", (flags & CRYPT_ACTIVATE_NO_JOURNAL_BITMAP) ? "sectors_pe r_bit" : "journal_watermark",
tgt->u.integrity.journal_watermark) : "", tgt->u.integrity.journal_watermark) : "",
tgt->u.integrity.journal_commit_time ? _uf(feature[2], sizeof(fea ture[2]), /* MAX length 23 + int32 */ tgt->u.integrity.journal_commit_time ? _uf(feature[2], sizeof(fea ture[2]), /* MAX length 23 + int32 */
/* bitmap overloaded values */ /* bitmap overloaded values */
(flags & CRYPT_ACTIVATE_NO_JOURNAL_BITMAP) ? "bitmap_flu sh_interval" : "commit_time", (flags & CRYPT_ACTIVATE_NO_JOURNAL_BITMAP) ? "bitmap_flu sh_interval" : "commit_time",
tgt->u.integrity.journal_commit_time) : "", tgt->u.integrity.journal_commit_time) : "",
skipping to change at line 959 skipping to change at line 949
"block_size", tgt->u.integrity.sector_size) : "", "block_size", tgt->u.integrity.sector_size) : "",
tgt->u.integrity.buffer_sectors ? _uf(feature[5], sizeof(feature[ 5]), /* MAX length 16 + int32 */ tgt->u.integrity.buffer_sectors ? _uf(feature[5], sizeof(feature[ 5]), /* MAX length 16 + int32 */
"buffer_sectors", tgt->u.integrity.buffer_sectors) : "", "buffer_sectors", tgt->u.integrity.buffer_sectors) : "",
tgt->u.integrity.integrity ? integrity : "", tgt->u.integrity.integrity ? integrity : "",
tgt->u.integrity.journal_integrity ? journal_integrity : "", tgt->u.integrity.journal_integrity ? journal_integrity : "",
tgt->u.integrity.journal_crypt ? journal_crypt : "", tgt->u.integrity.journal_crypt ? journal_crypt : "",
tgt->u.integrity.fix_padding ? " fix_padding" : "", /* MAX lengt h 12 */ tgt->u.integrity.fix_padding ? " fix_padding" : "", /* MAX lengt h 12 */
tgt->u.integrity.fix_hmac ? " fix_hmac" : "", /* MAX length 9 */ tgt->u.integrity.fix_hmac ? " fix_hmac" : "", /* MAX length 9 */
tgt->u.integrity.legacy_recalc ? " legacy_recalculate" : "", /* M AX length 19 */ tgt->u.integrity.legacy_recalc ? " legacy_recalculate" : "", /* M AX length 19 */
flags & CRYPT_ACTIVATE_RECALCULATE ? " recalculate" : "", /* MAX length 12 */ flags & CRYPT_ACTIVATE_RECALCULATE ? " recalculate" : "", /* MAX length 12 */
flags & CRYPT_ACTIVATE_RECALCULATE_RESET ? " reset_recalculate" : "", /* MAX length 18 */
flags & CRYPT_ACTIVATE_ALLOW_DISCARDS ? " allow_discards" : "", / * MAX length 15 */ flags & CRYPT_ACTIVATE_ALLOW_DISCARDS ? " allow_discards" : "", / * MAX length 15 */
tgt->u.integrity.meta_device ? " meta_device:" : "", /* MAX lengt h 13 + str_device */ tgt->u.integrity.meta_device ? " meta_device:" : "", /* MAX lengt h 13 + str_device */
tgt->u.integrity.meta_device ? device_block_path(tgt->u.integrity .meta_device) : ""); tgt->u.integrity.meta_device ? device_block_path(tgt->u.integrity .meta_device) : "");
if (r < 0 || r >= max_size) if (r < 0 || r >= max_size)
goto out; goto out;
if (flags & CRYPT_ACTIVATE_NO_JOURNAL_BITMAP) if (flags & CRYPT_ACTIVATE_NO_JOURNAL_BITMAP)
mode = 'B'; mode = 'B';
else if (flags & CRYPT_ACTIVATE_RECOVERY) else if (flags & CRYPT_ACTIVATE_RECOVERY)
mode = 'R'; mode = 'R';
skipping to change at line 992 skipping to change at line 983
crypt_safe_free(features); crypt_safe_free(features);
crypt_safe_free(integrity); crypt_safe_free(integrity);
crypt_safe_free(journal_integrity); crypt_safe_free(journal_integrity);
crypt_safe_free(journal_crypt); crypt_safe_free(journal_crypt);
if (!params_out) if (!params_out)
crypt_safe_free(params); crypt_safe_free(params);
return params_out; return params_out;
} }
static char *get_dm_linear_params(const struct dm_target *tgt, uint32_t flags) static char *get_dm_linear_params(const struct dm_target *tgt, uint32_t flags __ attribute__((unused)))
{ {
char *params; char *params;
int r; int r;
int max_size = strlen(device_block_path(tgt->data_device)) + int_log10(tg t->u.linear.offset) + 3; int max_size = strlen(device_block_path(tgt->data_device)) + int_log10(tg t->u.linear.offset) + 3;
params = crypt_safe_alloc(max_size); params = crypt_safe_alloc(max_size);
if (!params) if (!params)
return NULL; return NULL;
r = snprintf(params, max_size, "%s %" PRIu64, r = snprintf(params, max_size, "%s %" PRIu64,
device_block_path(tgt->data_device), tgt->u.linear.offset); device_block_path(tgt->data_device), tgt->u.linear.offset);
if (r < 0 || r >= max_size) { if (r < 0 || r >= max_size) {
crypt_safe_free(params); crypt_safe_free(params);
params = NULL; params = NULL;
} }
return params; return params;
} }
static char *get_dm_zero_params(const struct dm_target *tgt, uint32_t flags) static char *get_dm_zero_params(const struct dm_target *tgt __attribute__((unuse d)), uint32_t flags __attribute__((unused)))
{ {
char *params = crypt_safe_alloc(1); char *params = crypt_safe_alloc(1);
if (!params) if (!params)
return NULL; return NULL;
params[0] = 0; params[0] = 0;
return params; return params;
} }
/* DM helpers */ /* DM helpers */
skipping to change at line 1095 skipping to change at line 1086
static int _error_device(const char *name, size_t size) static int _error_device(const char *name, size_t size)
{ {
struct dm_task *dmt; struct dm_task *dmt;
int r = 0; int r = 0;
if (!(dmt = dm_task_create(DM_DEVICE_RELOAD))) if (!(dmt = dm_task_create(DM_DEVICE_RELOAD)))
return 0; return 0;
if (!dm_task_set_name(dmt, name)) if (!dm_task_set_name(dmt, name))
goto error; goto out;
if (!dm_task_add_target(dmt, UINT64_C(0), size, "error", "")) if (!dm_task_add_target(dmt, UINT64_C(0), size, "error", ""))
goto error; goto out;
if (!dm_task_set_ro(dmt)) if (!dm_task_set_ro(dmt))
goto error; goto out;
if (!dm_task_no_open_count(dmt)) if (!dm_task_no_open_count(dmt))
goto error; goto out;
if (!dm_task_run(dmt)) if (!dm_task_run(dmt))
goto error; goto out;
if (_dm_resume_device(name, 0)) { if (_dm_resume_device(name, 0)) {
_dm_simple(DM_DEVICE_CLEAR, name, 0); _dm_simple(DM_DEVICE_CLEAR, name, 0);
goto error; goto out;
} }
r = 1; r = 1;
out:
error:
dm_task_destroy(dmt); dm_task_destroy(dmt);
return r; return r;
} }
int dm_error_device(struct crypt_device *cd, const char *name) int dm_error_device(struct crypt_device *cd, const char *name)
{ {
int r; int r;
struct crypt_dm_active_device dmd; struct crypt_dm_active_device dmd;
if (!name) if (!name)
skipping to change at line 1273 skipping to change at line 1263
c = strrchr(dev_uuid, '-'); c = strrchr(dev_uuid, '-');
if (!c) if (!c)
return -EINVAL; return -EINVAL;
/* cut of dm name */ /* cut of dm name */
*c = '\0'; *c = '\0';
r = lookup_by_disk_id(dev_uuid); r = lookup_by_disk_id(dev_uuid);
if (r == -ENOENT) { if (r == -ENOENT) {
log_dbg(cd, "Search by disk id not available. Using sysfs instead ."); log_dbg(cd, "Search by disk id not available. Using sysfs instead .");
r = lookup_by_sysfs_uuid_field(dev_uuid + DM_BY_ID_PREFIX_LEN, DM _UUID_LEN); r = lookup_by_sysfs_uuid_field(dev_uuid + DM_BY_ID_PREFIX_LEN);
} }
return r; return r;
} }
static int _add_dm_targets(struct dm_task *dmt, struct crypt_dm_active_device *d md) static int _add_dm_targets(struct dm_task *dmt, struct crypt_dm_active_device *d md)
{ {
const char *target; const char *target;
struct dm_target *tgt = &dmd->segment; struct dm_target *tgt = &dmd->segment;
skipping to change at line 1366 skipping to change at line 1356
return r; return r;
} }
static bool dm_device_exists(struct crypt_device *cd, const char *name) static bool dm_device_exists(struct crypt_device *cd, const char *name)
{ {
int r = dm_status_device(cd, name); int r = dm_status_device(cd, name);
return (r >= 0 || r == -EEXIST); return (r >= 0 || r == -EEXIST);
} }
static int _dm_create_device(struct crypt_device *cd, const char *name, const ch ar *type, static int _dm_create_device(struct crypt_device *cd, const char *name, const ch ar *type,
const char *uuid, struct crypt_dm_active_device *dmd ) struct crypt_dm_active_device *dmd)
{ {
struct dm_task *dmt = NULL; struct dm_task *dmt = NULL;
struct dm_info dmi; struct dm_info dmi;
char dev_uuid[DM_UUID_LEN] = {0}; char dev_uuid[DM_UUID_LEN] = {0};
int r = -EINVAL; int r = -EINVAL;
uint32_t cookie = 0, read_ahead = 0; uint32_t cookie = 0, read_ahead = 0;
uint16_t udev_flags = DM_UDEV_DISABLE_LIBRARY_FALLBACK; uint16_t udev_flags = DM_UDEV_DISABLE_LIBRARY_FALLBACK;
if (dmd->flags & CRYPT_ACTIVATE_PRIVATE) if (dmd->flags & CRYPT_ACTIVATE_PRIVATE)
udev_flags |= CRYPT_TEMP_UDEV_FLAGS; udev_flags |= CRYPT_TEMP_UDEV_FLAGS;
skipping to change at line 1679 skipping to change at line 1669
{ {
uint32_t dmt_flags = 0; uint32_t dmt_flags = 0;
int r = -EINVAL; int r = -EINVAL;
if (!type || !dmd) if (!type || !dmd)
return -EINVAL; return -EINVAL;
if (dm_init_context(cd, dmd->segment.type)) if (dm_init_context(cd, dmd->segment.type))
return -ENOTSUP; return -ENOTSUP;
r = _dm_create_device(cd, name, type, dmd->uuid, dmd); r = _dm_create_device(cd, name, type, dmd);
if (r < 0 && dm_flags(cd, dmd->segment.type, &dmt_flags)) if (r < 0 && dm_flags(cd, dmd->segment.type, &dmt_flags))
goto out; goto out;
if (r && (dmd->segment.type == DM_CRYPT || dmd->segment.type == DM_LINEAR || dmd->segment.type == DM_ZERO) && if (r && (dmd->segment.type == DM_CRYPT || dmd->segment.type == DM_LINEAR || dmd->segment.type == DM_ZERO) &&
check_retry(cd, &dmd->flags, dmt_flags)) { check_retry(cd, &dmd->flags, dmt_flags)) {
log_dbg(cd, "Retrying open without incompatible options."); log_dbg(cd, "Retrying open without incompatible options.");
r = _dm_create_device(cd, name, type, dmd->uuid, dmd); r = _dm_create_device(cd, name, type, dmd);
} }
/* /*
* Print warning if activating dm-crypt cipher_null device unless it's re encryption helper or * Print warning if activating dm-crypt cipher_null device unless it's re encryption helper or
* keyslot encryption helper device (LUKS1 cipher_null devices). * keyslot encryption helper device (LUKS1 cipher_null devices).
*/ */
if (!r && !(dmd->flags & CRYPT_ACTIVATE_PRIVATE) && single_segment(dmd) & & dmd->segment.type == DM_CRYPT && if (!r && !(dmd->flags & CRYPT_ACTIVATE_PRIVATE) && single_segment(dmd) & & dmd->segment.type == DM_CRYPT &&
crypt_is_cipher_null(dmd->segment.u.crypt.cipher)) crypt_is_cipher_null(dmd->segment.u.crypt.cipher))
log_dbg(cd, "Activated dm-crypt device with cipher_null. Device i s not encrypted."); log_dbg(cd, "Activated dm-crypt device with cipher_null. Device i s not encrypted.");
skipping to change at line 1734 skipping to change at line 1724
if (dmd->segment.u.crypt.integrity && !(dmt_flags & DM_INTEGRITY_ SUPPORTED)) if (dmd->segment.u.crypt.integrity && !(dmt_flags & DM_INTEGRITY_ SUPPORTED))
log_err(cd, _("Requested data integrity options are not s upported.")); log_err(cd, _("Requested data integrity options are not s upported."));
if (dmd->segment.u.crypt.sector_size != SECTOR_SIZE && !(dmt_flag s & DM_SECTOR_SIZE_SUPPORTED)) if (dmd->segment.u.crypt.sector_size != SECTOR_SIZE && !(dmt_flag s & DM_SECTOR_SIZE_SUPPORTED))
log_err(cd, _("Requested sector_size option is not suppor ted.")); log_err(cd, _("Requested sector_size option is not suppor ted."));
} }
if (r == -EINVAL && dmd->segment.type == DM_INTEGRITY && (dmd->flags & CR YPT_ACTIVATE_RECALCULATE) && if (r == -EINVAL && dmd->segment.type == DM_INTEGRITY && (dmd->flags & CR YPT_ACTIVATE_RECALCULATE) &&
!(dmt_flags & DM_INTEGRITY_RECALC_SUPPORTED)) !(dmt_flags & DM_INTEGRITY_RECALC_SUPPORTED))
log_err(cd, _("Requested automatic recalculation of integrity tag s is not supported.")); log_err(cd, _("Requested automatic recalculation of integrity tag s is not supported."));
if (r == -EINVAL && dmd->segment.type == DM_INTEGRITY && (dmd->flags & CR
YPT_ACTIVATE_RECALCULATE_RESET) &&
!(dmt_flags & DM_INTEGRITY_RESET_RECALC_SUPPORTED))
log_err(cd, _("Requested automatic recalculation of integrity tag
s is not supported."));
if (r == -EINVAL && dmd->segment.type == DM_INTEGRITY && (dmd->flags & CR YPT_ACTIVATE_ALLOW_DISCARDS) && if (r == -EINVAL && dmd->segment.type == DM_INTEGRITY && (dmd->flags & CR YPT_ACTIVATE_ALLOW_DISCARDS) &&
!(dmt_flags & DM_INTEGRITY_DISCARDS_SUPPORTED)) !(dmt_flags & DM_INTEGRITY_DISCARDS_SUPPORTED))
log_err(cd, _("Discard/TRIM is not supported.")); log_err(cd, _("Discard/TRIM is not supported."));
if (r == -EINVAL && dmd->segment.type == DM_INTEGRITY && (dmd->flags & CR YPT_ACTIVATE_NO_JOURNAL_BITMAP) && if (r == -EINVAL && dmd->segment.type == DM_INTEGRITY && (dmd->flags & CR YPT_ACTIVATE_NO_JOURNAL_BITMAP) &&
!(dmt_flags & DM_INTEGRITY_BITMAP_SUPPORTED)) !(dmt_flags & DM_INTEGRITY_BITMAP_SUPPORTED))
log_err(cd, _("Requested dm-integrity bitmap mode is not supporte d.")); log_err(cd, _("Requested dm-integrity bitmap mode is not supporte d."));
out: out:
dm_exit_context(); dm_exit_context();
return r; return r;
skipping to change at line 1794 skipping to change at line 1788
static int dm_status_dmi(const char *name, struct dm_info *dmi, static int dm_status_dmi(const char *name, struct dm_info *dmi,
const char *target, char **status_line) const char *target, char **status_line)
{ {
struct dm_task *dmt; struct dm_task *dmt;
uint64_t start, length; uint64_t start, length;
char *target_type, *params = NULL; char *target_type, *params = NULL;
int r = -EINVAL; int r = -EINVAL;
if (!(dmt = dm_task_create(DM_DEVICE_STATUS))) if (!(dmt = dm_task_create(DM_DEVICE_STATUS)))
goto out; return r;
if (!dm_task_no_flush(dmt)) if (!dm_task_no_flush(dmt))
goto out; goto out;
if (!dm_task_set_name(dmt, name)) if (!dm_task_set_name(dmt, name))
goto out; goto out;
if (!dm_task_run(dmt)) if (!dm_task_run(dmt))
goto out; goto out;
skipping to change at line 1836 skipping to change at line 1830
strcmp(target_type, DM_INTEGRITY_TARGET) && strcmp(target_type, DM_INTEGRITY_TARGET) &&
strcmp(target_type, DM_LINEAR_TARGET) && strcmp(target_type, DM_LINEAR_TARGET) &&
strcmp(target_type, DM_ZERO_TARGET) && strcmp(target_type, DM_ZERO_TARGET) &&
strcmp(target_type, DM_ERROR_TARGET))) strcmp(target_type, DM_ERROR_TARGET)))
goto out; goto out;
r = 0; r = 0;
out: out:
if (!r && status_line && !(*status_line = strdup(params))) if (!r && status_line && !(*status_line = strdup(params)))
r = -ENOMEM; r = -ENOMEM;
if (dmt) dm_task_destroy(dmt);
dm_task_destroy(dmt);
return r; return r;
} }
int dm_status_device(struct crypt_device *cd, const char *name) int dm_status_device(struct crypt_device *cd, const char *name)
{ {
int r; int r;
struct dm_info dmi; struct dm_info dmi;
struct stat st; struct stat st;
skipping to change at line 2313 skipping to change at line 2306
val32 = strtoul(params, &params, 10); val32 = strtoul(params, &params, 10);
if (*params) if (*params)
params++; params++;
if (vp) if (vp)
vp->fec_roots = val32; vp->fec_roots = val32;
i++; i++;
} else if (!strcasecmp(arg, "root_hash_sig_key_desc")) { } else if (!strcasecmp(arg, "root_hash_sig_key_desc")) {
str = strsep(&params, " "); str = strsep(&params, " ");
if (!str) if (!str)
goto err; goto err;
if (!root_hash_sig_key_desc) { if (vp && !root_hash_sig_key_desc) {
root_hash_sig_key_desc = strdup(str); root_hash_sig_key_desc = strdup(str);
if (!root_hash_sig_key_desc) { if (!root_hash_sig_key_desc) {
r = -ENOMEM; r = -ENOMEM;
goto err; goto err;
} }
/* not stored in params, but cannot be us
ed without vp */
vp->flags |= CRYPT_VERITY_ROOT_HASH_SIGNA
TURE;
} }
i++; i++;
if (vp)
vp->flags |= CRYPT_VERITY_ROOT_HASH_SIGNA
TURE;
} else /* unknown option */ } else /* unknown option */
goto err; goto err;
} }
/* All parameters should be processed */ /* All parameters should be processed */
if (params && *params) { if (params && *params) {
r = -EINVAL; r = -EINVAL;
goto err; goto err;
} }
} }
skipping to change at line 2521 skipping to change at line 2514
arg = strsep(&str, ":"); arg = strsep(&str, ":");
if (get_flags & DM_ACTIVE_INTEGRITY_PARAMS) { if (get_flags & DM_ACTIVE_INTEGRITY_PARAMS) {
journal_integrity = strdup(arg); journal_integrity = strdup(arg);
if (!journal_integrity) { if (!journal_integrity) {
r = -ENOMEM; r = -ENOMEM;
goto err; goto err;
} }
} }
} else if (!strcmp(arg, "recalculate")) { } else if (!strcmp(arg, "recalculate")) {
*act_flags |= CRYPT_ACTIVATE_RECALCULATE; *act_flags |= CRYPT_ACTIVATE_RECALCULATE;
} else if (!strcmp(arg, "reset_recalculate")) {
*act_flags |= CRYPT_ACTIVATE_RECALCULATE_RESET;
} else if (!strcmp(arg, "fix_padding")) { } else if (!strcmp(arg, "fix_padding")) {
tgt->u.integrity.fix_padding = true; tgt->u.integrity.fix_padding = true;
} else if (!strcmp(arg, "fix_hmac")) { } else if (!strcmp(arg, "fix_hmac")) {
tgt->u.integrity.fix_hmac = true; tgt->u.integrity.fix_hmac = true;
} else if (!strcmp(arg, "legacy_recalculate")) { } else if (!strcmp(arg, "legacy_recalculate")) {
tgt->u.integrity.legacy_recalc = true; tgt->u.integrity.legacy_recalc = true;
} else if (!strcmp(arg, "allow_discards")) { } else if (!strcmp(arg, "allow_discards")) {
*act_flags |= CRYPT_ACTIVATE_ALLOW_DISCARDS; *act_flags |= CRYPT_ACTIVATE_ALLOW_DISCARDS;
} else /* unknown option */ } else /* unknown option */
goto err; goto err;
skipping to change at line 2603 skipping to change at line 2598
tgt->direction = TARGET_QUERY; tgt->direction = TARGET_QUERY;
tgt->data_device = device; tgt->data_device = device;
tgt->u.linear.offset = val64; tgt->u.linear.offset = val64;
return 0; return 0;
err: err:
device_free(cd, device); device_free(cd, device);
return r; return r;
} }
static int _dm_target_query_error(struct crypt_device *cd, struct dm_target *tgt ) static int _dm_target_query_error(struct crypt_device *cd __attribute__((unused) ), struct dm_target *tgt)
{ {
tgt->type = DM_ERROR; tgt->type = DM_ERROR;
tgt->direction = TARGET_QUERY; tgt->direction = TARGET_QUERY;
return 0; return 0;
} }
static int _dm_target_query_zero(struct crypt_device *cd, struct dm_target *tgt) static int _dm_target_query_zero(struct crypt_device *cd __attribute__((unused)) , struct dm_target *tgt)
{ {
tgt->type = DM_ZERO; tgt->type = DM_ZERO;
tgt->direction = TARGET_QUERY; tgt->direction = TARGET_QUERY;
return 0; return 0;
} }
/* /*
* on error retval has to be negative * on error retval has to be negative
* *
skipping to change at line 2744 skipping to change at line 2739
dmd->holders = 0; dmd->holders = 0;
#if (HAVE_DECL_DM_DEVICE_HAS_HOLDERS && HAVE_DECL_DM_DEVICE_HAS_MOUNTED_FS) #if (HAVE_DECL_DM_DEVICE_HAS_HOLDERS && HAVE_DECL_DM_DEVICE_HAS_MOUNTED_FS)
if (get_flags & DM_ACTIVE_HOLDERS) if (get_flags & DM_ACTIVE_HOLDERS)
dmd->holders = (dm_device_has_mounted_fs(dmi.major, dmi.minor) || dmd->holders = (dm_device_has_mounted_fs(dmi.major, dmi.minor) ||
dm_device_has_holders(dmi.major, dmi.minor)); dm_device_has_holders(dmi.major, dmi.minor));
#endif #endif
r = (dmi.open_count > 0); r = (dmi.open_count > 0);
out: out:
if (dmt) dm_task_destroy(dmt);
dm_task_destroy(dmt);
if (r < 0) if (r < 0)
dm_targets_free(cd, dmd); dm_targets_free(cd, dmd);
return r; return r;
} }
int dm_query_device(struct crypt_device *cd, const char *name, int dm_query_device(struct crypt_device *cd, const char *name,
uint32_t get_flags, struct crypt_dm_active_device *dmd) uint32_t get_flags, struct crypt_dm_active_device *dmd)
{ {
skipping to change at line 2999 skipping to change at line 2993
r = -EINVAL; r = -EINVAL;
goto out; goto out;
} }
r = 0; r = 0;
out: out:
crypt_safe_free(msg); crypt_safe_free(msg);
dm_exit_context(); dm_exit_context();
return r; return r;
} }
int dm_cancel_deferred_removal(const char *name)
{
return _dm_message(name, "@cancel_deferred_remove") ? 0 : -ENOTSUP;
}
const char *dm_get_dir(void) const char *dm_get_dir(void)
{ {
return dm_dir(); return dm_dir();
} }
int dm_is_dm_device(int major) int dm_is_dm_device(int major)
{ {
return dm_is_dm_major((uint32_t)major); return dm_is_dm_major((uint32_t)major);
} }
int dm_is_dm_kernel_name(const char *name) int dm_is_dm_kernel_name(const char *name)
{ {
return strncmp(name, "dm-", 3) ? 0 : 1; return strncmp(name, "dm-", 3) ? 0 : 1;
} }
int dm_crypt_target_set(struct dm_target *tgt, uint64_t seg_offset, uint64_t seg _size, int dm_crypt_target_set(struct dm_target *tgt, uint64_t seg_offset, uint64_t seg _size,
struct device *data_device, struct volume_key *vk, const char *cipher, struct device *data_device, struct volume_key *vk, const char *cipher,
uint64_t iv_offset, uint64_t data_offset, const char *integrity, uint32_t tag_size, uint64_t iv_offset, uint64_t data_offset, const char *integrity, uint32_t tag_size,
uint32_t sector_size) uint32_t sector_size)
{ {
int r = -EINVAL;
/* free on error */
char *dm_integrity = NULL; char *dm_integrity = NULL;
if (tag_size) { if (tag_size) {
/* Space for IV metadata only */ /* Space for IV metadata only */
dm_integrity = strdup(integrity ?: "none"); dm_integrity = strdup(integrity ?: "none");
if (!dm_integrity) { if (!dm_integrity)
r = -ENOMEM; return -ENOMEM;
goto err;
}
} }
tgt->data_device = data_device; tgt->data_device = data_device;
tgt->type = DM_CRYPT; tgt->type = DM_CRYPT;
tgt->direction = TARGET_SET; tgt->direction = TARGET_SET;
tgt->u.crypt.vk = vk; tgt->u.crypt.vk = vk;
tgt->offset = seg_offset; tgt->offset = seg_offset;
tgt->size = seg_size; tgt->size = seg_size;
tgt->u.crypt.cipher = cipher; tgt->u.crypt.cipher = cipher;
tgt->u.crypt.integrity = dm_integrity; tgt->u.crypt.integrity = dm_integrity;
tgt->u.crypt.iv_offset = iv_offset; tgt->u.crypt.iv_offset = iv_offset;
tgt->u.crypt.offset = data_offset; tgt->u.crypt.offset = data_offset;
tgt->u.crypt.tag_size = tag_size; tgt->u.crypt.tag_size = tag_size;
tgt->u.crypt.sector_size = sector_size; tgt->u.crypt.sector_size = sector_size;
return 0; return 0;
err:
free(dm_integrity);
return r;
} }
int dm_verity_target_set(struct dm_target *tgt, uint64_t seg_offset, uint64_t se g_size, int dm_verity_target_set(struct dm_target *tgt, uint64_t seg_offset, uint64_t se g_size,
struct device *data_device, struct device *hash_device, struct device *fe c_device, struct device *data_device, struct device *hash_device, struct device *fe c_device,
const char *root_hash, uint32_t root_hash_size, const char* root_hash_sig _key_desc, const char *root_hash, uint32_t root_hash_size, const char* root_hash_sig _key_desc,
uint64_t hash_offset_block, uint64_t fec_blocks, struct crypt_params_veri ty *vp) uint64_t hash_offset_block, uint64_t fec_blocks, struct crypt_params_veri ty *vp)
{ {
if (!data_device || !hash_device || !vp) if (!data_device || !hash_device || !vp)
return -EINVAL; return -EINVAL;
 End of changes. 39 change blocks. 
57 lines changed or deleted 51 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)