cryptsetup  2.3.3
About: cryptsetup is a utility used to conveniently setup disk encryption based on the dm-crypt kernel module. These include plain dm-crypt volumes, LUKS volumes, loop-AES and TrueCrypt compatible format.
  Fossies Dox: cryptsetup-2.3.3.tar.xz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

Cryptsetup device context initialization

Set of functions for creating and destroying crypt_device context. More...

Functions

int crypt_init (struct crypt_device **cd, const char *device)
 
int crypt_init_data_device (struct crypt_device **cd, const char *device, const char *data_device)
 
int crypt_init_by_name_and_header (struct crypt_device **cd, const char *name, const char *header_device)
 
int crypt_init_by_name (struct crypt_device **cd, const char *name)
 
void crypt_free (struct crypt_device *cd)
 
void crypt_set_confirm_callback (struct crypt_device *cd, int(*confirm)(const char *msg, void *usrptr), void *usrptr)
 
int crypt_set_data_device (struct crypt_device *cd, const char *device)
 
int crypt_set_data_offset (struct crypt_device *cd, uint64_t data_offset)
 

Detailed Description

Set of functions for creating and destroying crypt_device context.

Function Documentation

◆ crypt_free()

void crypt_free ( struct crypt_device cd)

Release crypt device context and used memory.

Parameters
cdcrypt device handle

Definition at line 2987 of file setup.c.

References CONST_CAST, crypt_free_type(), crypt_free_volume_key(), crypt_safe_memzero(), crypt_device::device, device_free(), dm_backend_exit(), crypt_pbkdf_type::hash, log_dbg, mdata_device_path(), crypt_device::metadata_device, crypt_device::pbkdf, crypt_pbkdf_type::type, and crypt_device::volume_key.

Referenced by _activate(), _get_device_type(), _luksFormat(), action_bitlkDump(), action_close(), action_dump(), action_encrypt_luks2(), action_format(), action_isLuks(), action_luksAddKey(), action_luksBackup(), action_luksChangeKey(), action_luksConfig(), action_luksConvert(), action_luksConvertKey(), action_luksDump(), action_luksErase(), action_luksKillSlot(), action_luksRemoveKey(), action_luksRepair(), action_luksRestore(), action_luksResume(), action_luksSuspend(), action_luksUUID(), action_open(), action_open_bitlk(), action_open_loopaes(), action_open_luks(), action_open_plain(), action_open_tcrypt(), action_reencrypt(), action_resize(), action_status(), action_tcryptDump(), action_token(), activate_luks_headers(), backup_fake_header(), backup_luks_headers(), check(), create_new_header(), crypt_deactivate_by_name(), crypt_init_by_name_and_header(), crypt_init_data_device(), initialize_passphrase(), initialize_uuid(), luks2_change_pbkdf_params(), luks2_metadata_copy(), luksAddUnboundKey(), main(), open_by_remote_password(), open_by_token(), remove_headers(), restore_luks_header(), set_reencrypt_requirement(), and token_add().

◆ crypt_init()

int crypt_init ( struct crypt_device **  cd,
const char *  device 
)

Initialize crypt device handle and check if the provided device exists.

Parameters
cdReturns pointer to crypt device handle
devicePath to the backing device. If device is not a block device but a path to some file, the function will try to create a loopdevice and attach the file to the loopdevice with AUTOCLEAR flag set. If device is NULL function it will initialize dm backend only.
Returns
0 on success or negative errno value otherwise.
Note
Note that logging is not initialized here, possible messages use default log function.

Definition at line 577 of file setup.c.

References crypt_random_default_key_rng(), crypt_device::device, device_alloc(), device_free(), dm_backend_init(), log_dbg, and crypt_device::rng_type.

Referenced by _luksFormat(), action_bitlkDump(), action_dump(), action_encrypt_luks2(), action_format(), action_isLuks(), action_luksAddKey(), action_luksBackup(), action_luksChangeKey(), action_luksConfig(), action_luksConvert(), action_luksConvertKey(), action_luksDump(), action_luksErase(), action_luksKillSlot(), action_luksRemoveKey(), action_luksRestore(), action_luksUUID(), action_open_bitlk(), action_open_loopaes(), action_open_plain(), action_open_tcrypt(), action_tcryptDump(), action_token(), backup_fake_header(), backup_luks_headers(), create_new_header(), crypt_init_by_name_and_header(), crypt_init_data_device(), initialize_uuid(), luks2_change_pbkdf_params(), luks2_metadata_copy(), luksAddUnboundKey(), main(), open_by_remote_password(), open_by_token(), remove_headers(), restore_luks_header(), set_reencrypt_requirement(), and token_add().

◆ crypt_init_by_name()

int crypt_init_by_name ( struct crypt_device **  cd,
const char *  name 
)

◆ crypt_init_by_name_and_header()

int crypt_init_by_name_and_header ( struct crypt_device **  cd,
const char *  name,
const char *  header_device 
)

Initialize crypt device handle from provided active device name, and, optionally, from separate metadata (header) device and check if provided device exists.

Returns
0 on success or negative errno value otherwise.
Parameters
cdreturns crypt device handle for active device
namename of active crypt device
header_deviceoptional device containing on-disk header (NULL if it the same as underlying device on there is no on-disk header)
Postcondition
In case device points to active LUKS device but header load fails, context device type is set to NULL and 0 is returned as if it were successful. Context with NULL device type can only be deactivated by crypt_deactivate
Note
crypt_init_by_name is equivalent to calling crypt_init_by_name_and_header(cd, name, NULL);

Definition at line 1408 of file setup.c.

References _, _init_by_name_crypt(), _init_by_name_integrity(), _init_by_name_verity(), CONST_CAST, CRYPT_ACTIVE, CRYPT_BITLK, crypt_free(), crypt_init(), CRYPT_INTEGRITY, CRYPT_INVALID, CRYPT_LOOPAES, CRYPT_LUKS1, CRYPT_LUKS2, CRYPT_PLAIN, crypt_set_data_device(), crypt_status(), CRYPT_TCRYPT, CRYPT_VERITY, dm_target::data_device, device_path(), DM_ACTIVE_DEVICE, DM_ACTIVE_UUID, DM_CRYPT, DM_INTEGRITY, DM_LINEAR, dm_query_device(), dm_targets_free(), DM_VERITY, log_dbg, log_err, log_verbose, name, crypt_device::none, crypt_dm_active_device::segment, dm_target::type, crypt_device::u, and crypt_dm_active_device::uuid.

Referenced by _get_device_type(), action_luksResume(), action_luksSuspend(), action_open_luks(), action_open_plain(), action_reencrypt(), action_resize(), action_status(), and crypt_init_by_name().

◆ crypt_init_data_device()

int crypt_init_data_device ( struct crypt_device **  cd,
const char *  device,
const char *  data_device 
)

Initialize crypt device handle with optional data device and check if devices exist.

Parameters
cdReturns pointer to crypt device handle
devicePath to the backing device or detached header.
data_devicePath to the data device or NULL.
Returns
0 on success or negative errno value otherwise.
Note
Note that logging is not initialized here, possible messages use default log function.

Definition at line 673 of file setup.c.

References _crypt_set_data_device(), crypt_free(), crypt_init(), and log_dbg.

Referenced by _activate(), action_format(), action_luksRepair(), action_open(), action_open_luks(), action_reencrypt(), activate_luks_headers(), and initialize_passphrase().

◆ crypt_set_confirm_callback()

void crypt_set_confirm_callback ( struct crypt_device cd,
int(*)(const char *msg, void *usrptr)  confirm,
void *  usrptr 
)

Set confirmation callback (yes/no).

If code need confirmation (like resetting uuid or restoring LUKS header from file) this function is called. If not defined, everything is confirmed.

Callback function confirm should return 0 if operation is declined, other values mean accepted.

Parameters
cdcrypt device handle
confirmuser defined confirm callback reference
usrptrprovided identification in callback
msgMessage for user to confirm
Note
Current version of cryptsetup API requires confirmation for UUID change and LUKS header restore only.

Definition at line 562 of file setup.c.

References crypt_device::confirm, and crypt_device::confirm_usrptr.

Referenced by action_luksAddKey(), action_luksBackup(), action_luksConvert(), action_luksErase(), action_luksKillSlot(), action_luksRemoveKey(), action_luksRestore(), action_luksUUID(), luksAddUnboundKey(), luksDump_with_unbound_key(), luksDump_with_volume_key(), and tcryptDump_with_volume_key().

◆ crypt_set_data_device()

int crypt_set_data_device ( struct crypt_device cd,
const char *  device 
)

Set data device For LUKS it is encrypted data device when LUKS header is separated. For VERITY it is data device when hash device is separated.

Parameters
cdcrypt device handle
devicepath to device
Returns
0 on success or negative errno value otherwise.

Definition at line 651 of file setup.c.

References _, _crypt_set_data_device(), crypt_get_reenc_context(), crypt_device::device, isINTEGRITY(), isLUKS1(), isLUKS2(), isVERITY(), log_dbg, log_err, and crypt_device::type.

Referenced by _crypt_format_verity(), _crypt_load_verity(), and crypt_init_by_name_and_header().

◆ crypt_set_data_offset()

int crypt_set_data_offset ( struct crypt_device cd,
uint64_t  data_offset 
)

Set data device offset in 512-byte sectors. Used for LUKS. This function is replacement for data alignment fields in LUKS param struct. If set to 0 (default), old behaviour is preserved. This value is reset on crypt_load.

Parameters
cdcrypt device handle
data_offsetdata offset in bytes
Returns
0 on success or negative errno value otherwise.
Note
Data offset must be aligned to multiple of 8 (alignment to 4096-byte sectors) and must be big enough to accommodate the whole LUKS header with all keyslots.
Data offset is enforced by this function, device topology information is no longer used after calling this function.

Definition at line 5185 of file setup.c.

References _, crypt_device::data_offset, log_dbg, log_err, MAX_SECTOR_SIZE, and SECTOR_SHIFT.

Referenced by _luksFormat(), and create_new_header().