You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
77 lines
3.0 KiB
77 lines
3.0 KiB
From be973ab9f6585be762ea0888c81b011222eabb13 Mon Sep 17 00:00:00 2001 |
|
From: Jan Synacek <jsynacek@redhat.com> |
|
Date: Thu, 3 May 2018 11:21:27 +0200 |
|
Subject: [PATCH] cryptsetup: support LUKS2 on-disk format |
|
|
|
Allow cryptsetup utility to activate LUKS2 devices (with appropriate |
|
libcryptsetup) |
|
|
|
The change itself doesn't enforce new libcryptsetup 2.x and is backward |
|
compatible with versions 1.x |
|
|
|
(cherry-picked from commit b3b4ebab02395933cde554b5a5d5c363dae3920d) |
|
|
|
Resolves: #1573838 |
|
--- |
|
src/cryptsetup/cryptsetup.c | 20 ++++++++++++++------ |
|
1 file changed, 14 insertions(+), 6 deletions(-) |
|
|
|
diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c |
|
index 69a0156144..528c36c48b 100644 |
|
--- a/src/cryptsetup/cryptsetup.c |
|
+++ b/src/cryptsetup/cryptsetup.c |
|
@@ -36,7 +36,15 @@ |
|
#include "libudev.h" |
|
#include "udev-util.h" |
|
|
|
-static const char *arg_type = NULL; /* CRYPT_LUKS1, CRYPT_TCRYPT or CRYPT_PLAIN */ |
|
+/* libcryptsetup define for any LUKS version, compatible with libcryptsetup 1.x */ |
|
+#ifndef CRYPT_LUKS |
|
+#define CRYPT_LUKS NULL |
|
+#endif |
|
+ |
|
+/* internal helper */ |
|
+#define ANY_LUKS "LUKS" |
|
+ |
|
+static const char *arg_type = NULL; /* ANY_LUKS, CRYPT_LUKS1, CRYPT_LUKS2, CRYPT_TCRYPT or CRYPT_PLAIN */ |
|
static char *arg_cipher = NULL; |
|
static unsigned arg_key_size = 0; |
|
static int arg_key_slot = CRYPT_ANY_SLOT; |
|
@@ -98,7 +106,7 @@ static int parse_one_option(const char *option) { |
|
|
|
} else if (startswith(option, "key-slot=")) { |
|
|
|
- arg_type = CRYPT_LUKS1; |
|
+ arg_type = ANY_LUKS; |
|
if (safe_atoi(option+9, &arg_key_slot) < 0) { |
|
log_error("key-slot= parse failure, ignoring."); |
|
return 0; |
|
@@ -138,7 +146,7 @@ static int parse_one_option(const char *option) { |
|
arg_hash = t; |
|
|
|
} else if (startswith(option, "header=")) { |
|
- arg_type = CRYPT_LUKS1; |
|
+ arg_type = ANY_LUKS; |
|
|
|
if (!path_is_absolute(option+7)) { |
|
log_error("Header path '%s' is not absolute, refusing.", option+7); |
|
@@ -168,7 +176,7 @@ static int parse_one_option(const char *option) { |
|
else if (STR_IN_SET(option, "allow-discards", "discard")) |
|
arg_discards = true; |
|
else if (streq(option, "luks")) |
|
- arg_type = CRYPT_LUKS1; |
|
+ arg_type = ANY_LUKS; |
|
else if (streq(option, "tcrypt")) |
|
arg_type = CRYPT_TCRYPT; |
|
else if (streq(option, "tcrypt-hidden")) { |
|
@@ -430,8 +438,8 @@ static int attach_luks_or_plain(struct crypt_device *cd, |
|
assert(name); |
|
assert(key_file || passwords); |
|
|
|
- if (!arg_type || streq(arg_type, CRYPT_LUKS1)) { |
|
- r = crypt_load(cd, CRYPT_LUKS1, NULL); |
|
+ if (!arg_type || STR_IN_SET(arg_type, ANY_LUKS, CRYPT_LUKS1)) { |
|
+ r = crypt_load(cd, CRYPT_LUKS, NULL); |
|
if (r < 0) { |
|
log_error("crypt_load() failed on device %s.\n", crypt_get_device_name(cd)); |
|
return r;
|
|
|