+ if (r == -EBUSY)
+ log_err(cd, _("Cannot format device %s which is still in use.\n"),
+ mdata_device_path(cd));
+ else if (r == -EACCES) {
+ log_err(cd, _("Cannot format device %s, permission denied.\n"),
+ mdata_device_path(cd));
+ r = -EINVAL;
+ } else
+ log_err(cd, _("Cannot wipe header on device %s.\n"),
+ mdata_device_path(cd));
+
+ return r;
+ }
+
+ r = LUKS_write_phdr(&cd->hdr, cd);
+
+ return r;
+}
+
+static int _crypt_format_loopaes(struct crypt_device *cd,
+ const char *cipher,
+ const char *uuid,
+ size_t volume_key_size,
+ struct crypt_params_loopaes *params)
+{
+ if (!crypt_metadata_device(cd)) {
+ log_err(cd, _("Can't format LOOPAES without device.\n"));
+ return -EINVAL;
+ }
+
+ if (volume_key_size > 1024) {
+ log_err(cd, _("Invalid key size.\n"));
+ return -EINVAL;
+ }
+
+ if (!(cd->type = strdup(CRYPT_LOOPAES)))
+ return -ENOMEM;
+
+ cd->loopaes_key_size = volume_key_size;
+
+ cd->loopaes_cipher = strdup(cipher ?: DEFAULT_LOOPAES_CIPHER);
+
+ if (uuid)
+ cd->loopaes_uuid = strdup(uuid);
+
+ if (params && params->hash)
+ cd->loopaes_hdr.hash = strdup(params->hash);
+
+ cd->loopaes_hdr.offset = params ? params->offset : 0;
+ cd->loopaes_hdr.skip = params ? params->skip : 0;
+
+ return 0;
+}
+
+static int _crypt_format_verity(struct crypt_device *cd,
+ const char *uuid,
+ struct crypt_params_verity *params)
+{
+ int r = 0, hash_size;
+ uint64_t data_device_size;
+
+ if (!crypt_metadata_device(cd)) {
+ log_err(cd, _("Can't format VERITY without device.\n"));
+ return -EINVAL;
+ }
+
+ if (!params || !params->data_device)
+ return -EINVAL;
+
+ if (params->hash_type > VERITY_MAX_HASH_TYPE) {
+ log_err(cd, _("Unsupported VERITY hash type %d.\n"), params->hash_type);
+ return -EINVAL;
+ }
+
+ if (VERITY_BLOCK_SIZE_OK(params->data_block_size) ||
+ VERITY_BLOCK_SIZE_OK(params->hash_block_size)) {
+ log_err(cd, _("Unsupported VERITY block size.\n"));
+ return -EINVAL;
+ }
+
+ if (params->hash_area_offset % 512) {
+ log_err(cd, _("Unsupported VERITY hash offset.\n"));
+ return -EINVAL;
+ }
+
+ if (!(cd->type = strdup(CRYPT_VERITY)))
+ return -ENOMEM;
+
+ r = crypt_set_data_device(cd, params->data_device);
+ if (r)