projects
/
platform
/
upstream
/
cryptsetup.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Do not use global context.
[platform/upstream/cryptsetup.git]
/
src
/
crypt_reencrypt.c
diff --git
a/src/crypt_reencrypt.c
b/src/crypt_reencrypt.c
index
7eaf4cf
..
5731634
100644
(file)
--- a/
src/crypt_reencrypt.c
+++ b/
src/crypt_reencrypt.c
@@
-34,9
+34,7
@@
#include <sys/time.h>
#include <linux/fs.h>
#include <fcntl.h>
#include <sys/time.h>
#include <linux/fs.h>
#include <fcntl.h>
-#include <limits.h>
#include <signal.h>
#include <signal.h>
-#include <libcryptsetup.h>
#include <popt.h>
#include "cryptsetup.h"
#include <popt.h>
#include "cryptsetup.h"
@@
-64,7
+62,7
@@
static const char **action_argv;
static volatile int quit = 0;
#define MAX_SLOT 8
static volatile int quit = 0;
#define MAX_SLOT 8
-struct {
+struct
reenc_ctx
{
char *device;
char *device_uuid;
uint64_t device_size;
char *device;
char *device_uuid;
uint64_t device_size;
@@
-90,7
+88,7
@@
struct {
struct timeval start_time, end_time;
uint64_t restart_bytes;
struct timeval start_time, end_time;
uint64_t restart_bytes;
-}
rnc
;
+};
char MAGIC[] = {'L','U','K','S', 0xba, 0xbe};
char NOMAGIC[] = {'L','U','K','S', 0xde, 0xad};
char MAGIC[] = {'L','U','K','S', 0xba, 0xbe};
char NOMAGIC[] = {'L','U','K','S', 0xde, 0xad};
@@
-196,13
+194,13
@@
static int alignment(int fd)
return alignment;
}
return alignment;
}
-static int device_magic(header_magic set_magic)
+static int device_magic(
struct reenc_ctx *rc,
header_magic set_magic)
{
char *buf = NULL;
int r, devfd;
ssize_t s;
{
char *buf = NULL;
int r, devfd;
ssize_t s;
- devfd = open(r
nc.
device, O_RDWR | O_DIRECT);
+ devfd = open(r
c->
device, O_RDWR | O_DIRECT);
if (devfd == -1)
return errno == EBUSY ? -EBUSY : -EINVAL;
if (devfd == -1)
return errno == EBUSY ? -EBUSY : -EINVAL;
@@
-214,24
+212,24
@@
static int device_magic(header_magic set_magic)
s = read(devfd, buf, SECTOR_SIZE);
if (s < 0 || s != SECTOR_SIZE) {
s = read(devfd, buf, SECTOR_SIZE);
if (s < 0 || s != SECTOR_SIZE) {
- log_err(_("Cannot read device %s.\n"), r
nc.
device);
+ log_err(_("Cannot read device %s.\n"), r
c->
device);
close(devfd);
return -EIO;
}
if (set_magic == MAKE_UNUSABLE && !memcmp(buf, MAGIC, MAGIC_L)) {
close(devfd);
return -EIO;
}
if (set_magic == MAKE_UNUSABLE && !memcmp(buf, MAGIC, MAGIC_L)) {
- log_verbose(_("Marking LUKS device %s unusable.\n"), r
nc.
device);
+ log_verbose(_("Marking LUKS device %s unusable.\n"), r
c->
device);
memcpy(buf, NOMAGIC, MAGIC_L);
r = 0;
} else if (set_magic == MAKE_USABLE && !memcmp(buf, NOMAGIC, MAGIC_L)) {
memcpy(buf, NOMAGIC, MAGIC_L);
r = 0;
} else if (set_magic == MAKE_USABLE && !memcmp(buf, NOMAGIC, MAGIC_L)) {
- log_verbose(_("Marking LUKS device %s usable.\n"), r
nc.
device);
+ log_verbose(_("Marking LUKS device %s usable.\n"), r
c->
device);
memcpy(buf, MAGIC, MAGIC_L);
r = 0;
} else if (set_magic == CHECK_UNUSABLE) {
r = memcmp(buf, NOMAGIC, MAGIC_L) ? -EINVAL : 0;
if (!r)
memcpy(buf, MAGIC, MAGIC_L);
r = 0;
} else if (set_magic == CHECK_UNUSABLE) {
r = memcmp(buf, NOMAGIC, MAGIC_L) ? -EINVAL : 0;
if (!r)
- r
nc.
device_uuid = strndup(&buf[0xa8], 40);
+ r
c->
device_uuid = strndup(&buf[0xa8], 40);
goto out;
} else
r = -EINVAL;
goto out;
} else
r = -EINVAL;
@@
-241,11
+239,11
@@
static int device_magic(header_magic set_magic)
goto out;
s = write(devfd, buf, SECTOR_SIZE);
if (s < 0 || s != SECTOR_SIZE) {
goto out;
s = write(devfd, buf, SECTOR_SIZE);
if (s < 0 || s != SECTOR_SIZE) {
- log_err(_("Cannot write device %s.\n"), r
nc.
device);
+ log_err(_("Cannot write device %s.\n"), r
c->
device);
r = -EIO;
}
} else
r = -EIO;
}
} else
- log_dbg("LUKS signature check failed for %s.", r
nc.
device);
+ log_dbg("LUKS signature check failed for %s.", r
c->
device);
out:
if (buf)
memset(buf, 0, SECTOR_SIZE);
out:
if (buf)
memset(buf, 0, SECTOR_SIZE);
@@
-285,7
+283,7
@@
static int create_empty_header(const char *new_file, const char *old_file)
return r;
}
return r;
}
-static int write_log(
void
)
+static int write_log(
struct reenc_ctx *rc
)
{
static char buf[SECTOR_SIZE];
ssize_t r;
{
static char buf[SECTOR_SIZE];
ssize_t r;
@@
-294,11
+292,11
@@
static int write_log(void)
snprintf(buf, SECTOR_SIZE, "# LUKS reencryption log, DO NOT EDIT OR DELETE.\n"
"version = %d\nUUID = %s\ndirection = %d\n"
"offset = %" PRIu64 "\nshift = %" PRIu64 "\n# EOF\n",
snprintf(buf, SECTOR_SIZE, "# LUKS reencryption log, DO NOT EDIT OR DELETE.\n"
"version = %d\nUUID = %s\ndirection = %d\n"
"offset = %" PRIu64 "\nshift = %" PRIu64 "\n# EOF\n",
- 1, r
nc.device_uuid, rnc.
reencrypt_direction,
- r
nc.device_offset, rnc.
device_shift);
+ 1, r
c->device_uuid, rc->
reencrypt_direction,
+ r
c->device_offset, rc->
device_shift);
- lseek(r
nc.
log_fd, 0, SEEK_SET);
- r = write(r
nc.
log_fd, buf, SECTOR_SIZE);
+ lseek(r
c->
log_fd, 0, SEEK_SET);
+ r = write(r
c->
log_fd, buf, SECTOR_SIZE);
if (r < 0 || r != SECTOR_SIZE) {
log_err(_("Cannot write reencryption log file.\n"));
return -EIO;
if (r < 0 || r != SECTOR_SIZE) {
log_err(_("Cannot write reencryption log file.\n"));
return -EIO;
@@
-307,7
+305,7
@@
static int write_log(void)
return 0;
}
return 0;
}
-static int parse_line_log(const char *line)
+static int parse_line_log(
struct reenc_ctx *rc,
const char *line)
{
uint64_t u64;
int i;
{
uint64_t u64;
int i;
@@
-323,32
+321,32
@@
static int parse_line_log(const char *line)
return -EINVAL;
}
} else if (sscanf(line, "UUID = %40s", s) == 1) {
return -EINVAL;
}
} else if (sscanf(line, "UUID = %40s", s) == 1) {
- if (!r
nc.device_uuid || strcmp(rnc.
device_uuid, s)) {
+ if (!r
c->device_uuid || strcmp(rc->
device_uuid, s)) {
log_dbg("Log: Unexpected UUID %s", s);
return -EINVAL;
}
} else if (sscanf(line, "direction = %d", &i) == 1) {
log_dbg("Log: direction = %i", i);
log_dbg("Log: Unexpected UUID %s", s);
return -EINVAL;
}
} else if (sscanf(line, "direction = %d", &i) == 1) {
log_dbg("Log: direction = %i", i);
- r
nc.
reencrypt_direction = i;
+ r
c->
reencrypt_direction = i;
} else if (sscanf(line, "offset = %" PRIu64, &u64) == 1) {
log_dbg("Log: offset = %" PRIu64, u64);
} else if (sscanf(line, "offset = %" PRIu64, &u64) == 1) {
log_dbg("Log: offset = %" PRIu64, u64);
- r
nc.
device_offset = u64;
+ r
c->
device_offset = u64;
} else if (sscanf(line, "shift = %" PRIu64, &u64) == 1) {
log_dbg("Log: shift = %" PRIu64, u64);
} else if (sscanf(line, "shift = %" PRIu64, &u64) == 1) {
log_dbg("Log: shift = %" PRIu64, u64);
- r
nc.
device_shift = u64;
+ r
c->
device_shift = u64;
} else
return -EINVAL;
return 0;
}
} else
return -EINVAL;
return 0;
}
-static int parse_log(
void
)
+static int parse_log(
struct reenc_ctx *rc
)
{
static char buf[SECTOR_SIZE];
char *start, *end;
ssize_t s;
{
static char buf[SECTOR_SIZE];
char *start, *end;
ssize_t s;
- s = read(r
nc.
log_fd, buf, SECTOR_SIZE);
+ s = read(r
c->
log_fd, buf, SECTOR_SIZE);
if (s == -1) {
log_err(_("Cannot read reencryption log file.\n"));
return -EIO;
if (s == -1) {
log_err(_("Cannot read reencryption log file.\n"));
return -EIO;
@@
-360,7
+358,7
@@
static int parse_log(void)
end = strchr(start, '\n');
if (end) {
*end++ = '\0';
end = strchr(start, '\n');
if (end) {
*end++ = '\0';
- if (parse_line_log(start)) {
+ if (parse_line_log(
rc,
start)) {
log_err("Wrong log format.\n");
return -EINVAL;
}
log_err("Wrong log format.\n");
return -EINVAL;
}
@@
-372,63
+370,63
@@
static int parse_log(void)
return 0;
}
return 0;
}
-static int open_log(
void
)
+static int open_log(
struct reenc_ctx *rc
)
{
int flags;
struct stat st;
{
int flags;
struct stat st;
- if(stat(r
nc.
log_file, &st) < 0) {
- log_dbg("Creating LUKS reencryption log file %s.", r
nc.
log_file);
+ if(stat(r
c->
log_file, &st) < 0) {
+ log_dbg("Creating LUKS reencryption log file %s.", r
c->
log_file);
flags = opt_directio ? O_RDWR|O_CREAT|O_DIRECT : O_RDWR|O_CREAT;
flags = opt_directio ? O_RDWR|O_CREAT|O_DIRECT : O_RDWR|O_CREAT;
- r
nc.log_fd = open(rnc.
log_file, flags, S_IRUSR|S_IWUSR);
- if (r
nc.
log_fd == -1)
+ r
c->log_fd = open(rc->
log_file, flags, S_IRUSR|S_IWUSR);
+ if (r
c->
log_fd == -1)
return -EINVAL;
return -EINVAL;
- if (write_log() < 0)
+ if (write_log(
rc
) < 0)
return -EIO;
} else {
return -EIO;
} else {
- log_dbg("Log file %s exists, restarting.", r
nc.
log_file);
+ log_dbg("Log file %s exists, restarting.", r
c->
log_file);
flags = opt_directio ? O_RDWR|O_DIRECT : O_RDWR;
flags = opt_directio ? O_RDWR|O_DIRECT : O_RDWR;
- r
nc.log_fd = open(rnc.
log_file, flags);
- if (r
nc.
log_fd == -1)
+ r
c->log_fd = open(rc->
log_file, flags);
+ if (r
c->
log_fd == -1)
return -EINVAL;
return -EINVAL;
- r
nc.
in_progress = 1;
+ r
c->
in_progress = 1;
}
/* Be sure it is correct format */
}
/* Be sure it is correct format */
- return parse_log();
+ return parse_log(
rc
);
}
}
-static void close_log(
void
)
+static void close_log(
struct reenc_ctx *rc
)
{
{
- log_dbg("Closing LUKS reencryption log file %s.", r
nc.
log_file);
- if (r
nc.
log_fd != -1)
- close(r
nc.
log_fd);
+ log_dbg("Closing LUKS reencryption log file %s.", r
c->
log_file);
+ if (r
c->
log_fd != -1)
+ close(r
c->
log_fd);
}
}
-static int activate_luks_headers(
void
)
+static int activate_luks_headers(
struct reenc_ctx *rc
)
{
struct crypt_device *cd = NULL, *cd_new = NULL;
int r;
log_dbg("Activating LUKS devices from headers.");
{
struct crypt_device *cd = NULL, *cd_new = NULL;
int r;
log_dbg("Activating LUKS devices from headers.");
- if ((r = crypt_init(&cd, r
nc.
header_file_org)) ||
+ if ((r = crypt_init(&cd, r
c->
header_file_org)) ||
(r = crypt_load(cd, CRYPT_LUKS1, NULL)) ||
(r = crypt_load(cd, CRYPT_LUKS1, NULL)) ||
- (r = crypt_set_data_device(cd, r
nc.
device)))
+ (r = crypt_set_data_device(cd, r
c->
device)))
goto out;
goto out;
- if ((r = crypt_activate_by_passphrase(cd, r
nc.
header_file_org,
- opt_key_slot, r
nc.p[rnc.keyslot].password, rnc.p[rnc.
keyslot].passwordLen,
+ if ((r = crypt_activate_by_passphrase(cd, r
c->
header_file_org,
+ opt_key_slot, r
c->p[rc->keyslot].password, rc->p[rc->
keyslot].passwordLen,
CRYPT_ACTIVATE_READONLY|CRYPT_ACTIVATE_PRIVATE)) < 0)
goto out;
CRYPT_ACTIVATE_READONLY|CRYPT_ACTIVATE_PRIVATE)) < 0)
goto out;
- if ((r = crypt_init(&cd_new, r
nc.
header_file_new)) ||
+ if ((r = crypt_init(&cd_new, r
c->
header_file_new)) ||
(r = crypt_load(cd_new, CRYPT_LUKS1, NULL)) ||
(r = crypt_load(cd_new, CRYPT_LUKS1, NULL)) ||
- (r = crypt_set_data_device(cd_new, r
nc.
device)))
+ (r = crypt_set_data_device(cd_new, r
c->
device)))
goto out;
goto out;
- if ((r = crypt_activate_by_passphrase(cd_new, r
nc.
header_file_new,
- opt_key_slot, r
nc.p[rnc.keyslot].password, rnc.p[rnc.
keyslot].passwordLen,
+ if ((r = crypt_activate_by_passphrase(cd_new, r
c->
header_file_new,
+ opt_key_slot, r
c->p[rc->keyslot].password, rc->p[rc->
keyslot].passwordLen,
CRYPT_ACTIVATE_SHARED|CRYPT_ACTIVATE_PRIVATE)) < 0)
goto out;
r = 0;
CRYPT_ACTIVATE_SHARED|CRYPT_ACTIVATE_PRIVATE)) < 0)
goto out;
r = 0;
@@
-440,32
+438,32
@@
out:
return r;
}
return r;
}
-static int backup_luks_headers(
void
)
+static int backup_luks_headers(
struct reenc_ctx *rc
)
{
struct crypt_device *cd = NULL, *cd_new = NULL;
struct crypt_params_luks1 params = {0};
char cipher [MAX_CIPHER_LEN], cipher_mode[MAX_CIPHER_LEN];
int i, r;
{
struct crypt_device *cd = NULL, *cd_new = NULL;
struct crypt_params_luks1 params = {0};
char cipher [MAX_CIPHER_LEN], cipher_mode[MAX_CIPHER_LEN];
int i, r;
- log_dbg("Creating LUKS header backup for device %s.", r
nc.
device);
+ log_dbg("Creating LUKS header backup for device %s.", r
c->
device);
- if ((r = crypt_init(&cd, r
nc.
device)) ||
+ if ((r = crypt_init(&cd, r
c->
device)) ||
(r = crypt_load(cd, CRYPT_LUKS1, NULL)))
goto out;
crypt_set_confirm_callback(cd, NULL, NULL);
(r = crypt_load(cd, CRYPT_LUKS1, NULL)))
goto out;
crypt_set_confirm_callback(cd, NULL, NULL);
- if ((r = crypt_header_backup(cd, CRYPT_LUKS1, r
nc.
header_file_org)))
+ if ((r = crypt_header_backup(cd, CRYPT_LUKS1, r
c->
header_file_org)))
goto out;
goto out;
- log_verbose(_("LUKS header backup of device %s created.\n"), r
nc.
device);
+ log_verbose(_("LUKS header backup of device %s created.\n"), r
c->
device);
- if ((r = create_empty_header(r
nc.header_file_new, rnc.
header_file_org)))
+ if ((r = create_empty_header(r
c->header_file_new, rc->
header_file_org)))
goto out;
params.hash = opt_hash ?: DEFAULT_LUKS1_HASH;
params.data_alignment = crypt_get_data_offset(cd);
goto out;
params.hash = opt_hash ?: DEFAULT_LUKS1_HASH;
params.data_alignment = crypt_get_data_offset(cd);
- params.data_device = r
nc.
device;
+ params.data_device = r
c->
device;
- if ((r = crypt_init(&cd_new, r
nc.
header_file_new)))
+ if ((r = crypt_init(&cd_new, r
c->
header_file_new)))
goto out;
if (opt_random)
goto out;
if (opt_random)
@@
-490,13
+488,13
@@
static int backup_luks_headers(void)
crypt_get_uuid(cd),
NULL, crypt_get_volume_key_size(cd), ¶ms)))
goto out;
crypt_get_uuid(cd),
NULL, crypt_get_volume_key_size(cd), ¶ms)))
goto out;
- log_verbose(_("New LUKS header for device %s created.\n"), r
nc.
device);
+ log_verbose(_("New LUKS header for device %s created.\n"), r
c->
device);
for (i = 0; i < MAX_SLOT; i++) {
for (i = 0; i < MAX_SLOT; i++) {
- if (!r
nc.
p[i].password)
+ if (!r
c->
p[i].password)
continue;
if ((r = crypt_keyslot_add_by_volume_key(cd_new, i,
continue;
if ((r = crypt_keyslot_add_by_volume_key(cd_new, i,
- NULL, 0, r
nc.p[i].password, rnc.
p[i].passwordLen)) < 0)
+ NULL, 0, r
c->p[i].password, rc->
p[i].passwordLen)) < 0)
goto out;
log_verbose(_("Activated keyslot %i.\n"), r);
r = 0;
goto out;
log_verbose(_("Activated keyslot %i.\n"), r);
r = 0;
@@
-509,7
+507,7
@@
out:
return r;
}
return r;
}
-static void remove_headers(
void
)
+static void remove_headers(
struct reenc_ctx *rc
)
{
struct crypt_device *cd = NULL;
{
struct crypt_device *cd = NULL;
@@
-518,19
+516,19
@@
static void remove_headers(void)
if (crypt_init(&cd, NULL))
return;
crypt_set_log_callback(cd, _quiet_log, NULL);
if (crypt_init(&cd, NULL))
return;
crypt_set_log_callback(cd, _quiet_log, NULL);
- (void)crypt_deactivate(cd, r
nc.
header_file_org);
- (void)crypt_deactivate(cd, r
nc.
header_file_new);
+ (void)crypt_deactivate(cd, r
c->
header_file_org);
+ (void)crypt_deactivate(cd, r
c->
header_file_new);
crypt_free(cd);
}
crypt_free(cd);
}
-static int restore_luks_header(const char *backup)
+static int restore_luks_header(
struct reenc_ctx *rc,
const char *backup)
{
struct crypt_device *cd = NULL;
int r;
{
struct crypt_device *cd = NULL;
int r;
- log_dbg("Restoring header for %s from %s.", r
nc.
device, backup);
+ log_dbg("Restoring header for %s from %s.", r
c->
device, backup);
- r = crypt_init(&cd, r
nc.
device);
+ r = crypt_init(&cd, r
c->
device);
if (r == 0) {
crypt_set_confirm_callback(cd, NULL, NULL);
r = crypt_header_restore(cd, CRYPT_LUKS1, backup);
if (r == 0) {
crypt_set_confirm_callback(cd, NULL, NULL);
r = crypt_header_restore(cd, CRYPT_LUKS1, backup);
@@
-538,28
+536,28
@@
static int restore_luks_header(const char *backup)
crypt_free(cd);
if (r)
crypt_free(cd);
if (r)
- log_err(_("Cannot restore LUKS header on device %s.\n"), r
nc.
device);
+ log_err(_("Cannot restore LUKS header on device %s.\n"), r
c->
device);
else
else
- log_verbose(_("LUKS header on device %s restored.\n"), r
nc.
device);
+ log_verbose(_("LUKS header on device %s restored.\n"), r
c->
device);
return r;
}
return r;
}
-void print_progress(uint64_t bytes, int final)
+void print_progress(
struct reenc_ctx *rc,
uint64_t bytes, int final)
{
{
- uint64_t mbytes = (bytes - r
nc.
restart_bytes) / 1024 / 1024;
+ uint64_t mbytes = (bytes - r
c->
restart_bytes) / 1024 / 1024;
struct timeval now_time;
double tdiff;
gettimeofday(&now_time, NULL);
struct timeval now_time;
double tdiff;
gettimeofday(&now_time, NULL);
- if (!final && time_diff(r
nc.
end_time, now_time) < 0.5)
+ if (!final && time_diff(r
c->
end_time, now_time) < 0.5)
return;
return;
- r
nc.
end_time = now_time;
+ r
c->
end_time = now_time;
if (opt_batch_mode)
return;
if (opt_batch_mode)
return;
- tdiff = time_diff(r
nc.start_time, rnc.
end_time);
+ tdiff = time_diff(r
c->start_time, rc->
end_time);
if (!tdiff)
return;
if (!tdiff)
return;
@@
-567,32
+565,33
@@
void print_progress(uint64_t bytes, int final)
log_err("\33[2K\r");
log_err(_("Progress: %5.1f%%, time elapsed %3.1f seconds, "
"%4llu MiB written, speed %5.1f MiB/s%s"),
log_err("\33[2K\r");
log_err(_("Progress: %5.1f%%, time elapsed %3.1f seconds, "
"%4llu MiB written, speed %5.1f MiB/s%s"),
- (double)bytes / r
nc.
device_size * 100,
- time_diff(r
nc.start_time, rnc.
end_time),
+ (double)bytes / r
c->
device_size * 100,
+ time_diff(r
c->start_time, rc->
end_time),
(unsigned long long)mbytes, (double)(mbytes) / tdiff,
final ? "\n" :"");
}
(unsigned long long)mbytes, (double)(mbytes) / tdiff,
final ? "\n" :"");
}
-static int copy_data_forward(int fd_old, int fd_new, size_t block_size, void *buf, uint64_t *bytes)
+static int copy_data_forward(struct reenc_ctx *rc, int fd_old, int fd_new,
+ size_t block_size, void *buf, uint64_t *bytes)
{
ssize_t s1, s2;
log_dbg("Reencrypting in forward direction.");
{
ssize_t s1, s2;
log_dbg("Reencrypting in forward direction.");
- if (lseek64(fd_old, r
nc.
device_offset, SEEK_SET) < 0 ||
- lseek64(fd_new, r
nc.
device_offset, SEEK_SET) < 0) {
+ if (lseek64(fd_old, r
c->
device_offset, SEEK_SET) < 0 ||
+ lseek64(fd_new, r
c->
device_offset, SEEK_SET) < 0) {
log_err(_("Cannot seek to device offset.\n"));
return -EIO;
}
log_err(_("Cannot seek to device offset.\n"));
return -EIO;
}
- r
nc.restart_bytes = *bytes = rnc.
device_offset;
+ r
c->restart_bytes = *bytes = rc->
device_offset;
- if (write_log() < 0)
+ if (write_log(
rc
) < 0)
return -EIO;
return -EIO;
- while (!quit && r
nc.device_offset < rnc.
device_size) {
+ while (!quit && r
c->device_offset < rc->
device_size) {
s1 = read(fd_old, buf, block_size);
s1 = read(fd_old, buf, block_size);
- if (s1 < 0 || (s1 != block_size && (r
nc.device_offset + s1) != rnc.
device_size)) {
+ if (s1 < 0 || (s1 != block_size && (r
c->device_offset + s1) != rc->
device_size)) {
log_dbg("Read error, expecting %d, got %d.", (int)block_size, (int)s1);
return -EIO;
}
log_dbg("Read error, expecting %d, got %d.", (int)block_size, (int)s1);
return -EIO;
}
@@
-601,42
+600,43
@@
static int copy_data_forward(int fd_old, int fd_new, size_t block_size, void *bu
log_dbg("Write error, expecting %d, got %d.", (int)block_size, (int)s2);
return -EIO;
}
log_dbg("Write error, expecting %d, got %d.", (int)block_size, (int)s2);
return -EIO;
}
- r
nc.
device_offset += s1;
- if (opt_write_log && write_log() < 0)
+ r
c->
device_offset += s1;
+ if (opt_write_log && write_log(
rc
) < 0)
return -EIO;
*bytes += (uint64_t)s2;
return -EIO;
*bytes += (uint64_t)s2;
- print_progress(*bytes, 0);
+ print_progress(
rc,
*bytes, 0);
}
return quit ? -EAGAIN : 0;
}
}
return quit ? -EAGAIN : 0;
}
-static int copy_data_backward(int fd_old, int fd_new, size_t block_size, void *buf, uint64_t *bytes)
+static int copy_data_backward(struct reenc_ctx *rc, int fd_old, int fd_new,
+ size_t block_size, void *buf, uint64_t *bytes)
{
ssize_t s1, s2, working_block;
off64_t working_offset;
log_dbg("Reencrypting in backward direction.");
{
ssize_t s1, s2, working_block;
off64_t working_offset;
log_dbg("Reencrypting in backward direction.");
- if (!r
nc.
in_progress) {
- r
nc.device_offset = rnc.
device_size;
- r
nc.
restart_bytes = 0;
+ if (!r
c->
in_progress) {
+ r
c->device_offset = rc->
device_size;
+ r
c->
restart_bytes = 0;
*bytes = 0;
} else {
*bytes = 0;
} else {
- r
nc.restart_bytes = rnc.device_size - rnc.
device_offset;
- *bytes = r
nc.
restart_bytes;
+ r
c->restart_bytes = rc->device_size - rc->
device_offset;
+ *bytes = r
c->
restart_bytes;
}
}
- if (write_log() < 0)
+ if (write_log(
rc
) < 0)
return -EIO;
return -EIO;
- while (!quit && r
nc.
device_offset) {
- if (r
nc.
device_offset < block_size) {
+ while (!quit && r
c->
device_offset) {
+ if (r
c->
device_offset < block_size) {
working_offset = 0;
working_offset = 0;
- working_block = r
nc.
device_offset;
+ working_block = r
c->
device_offset;
} else {
} else {
- working_offset = r
nc.
device_offset - block_size;
+ working_offset = r
c->
device_offset - block_size;
working_block = block_size;
}
working_block = block_size;
}
@@
-656,18
+656,18
@@
static int copy_data_backward(int fd_old, int fd_new, size_t block_size, void *b
log_dbg("Write error, expecting %d, got %d.", (int)block_size, (int)s2);
return -EIO;
}
log_dbg("Write error, expecting %d, got %d.", (int)block_size, (int)s2);
return -EIO;
}
- r
nc.
device_offset -= s1;
- if (opt_write_log && write_log() < 0)
+ r
c->
device_offset -= s1;
+ if (opt_write_log && write_log(
rc
) < 0)
return -EIO;
*bytes += (uint64_t)s2;
return -EIO;
*bytes += (uint64_t)s2;
- print_progress(*bytes, 0);
+ print_progress(
rc,
*bytes, 0);
}
return quit ? -EAGAIN : 0;
}
}
return quit ? -EAGAIN : 0;
}
-static int copy_data(
void
)
+static int copy_data(
struct reenc_ctx *rc
)
{
size_t block_size = opt_bsize * 1024 * 1024;
int fd_old = -1, fd_new = -1;
{
size_t block_size = opt_bsize * 1024 * 1024;
int fd_old = -1, fd_new = -1;
@@
-677,20
+677,20
@@
static int copy_data(void)
log_dbg("Data copy preparation.");
log_dbg("Data copy preparation.");
- fd_old = open(r
nc.
crypt_path_org, O_RDONLY | (opt_directio ? O_DIRECT : 0));
+ fd_old = open(r
c->
crypt_path_org, O_RDONLY | (opt_directio ? O_DIRECT : 0));
if (fd_old == -1) {
log_err(_("Cannot open temporary LUKS header file.\n"));
goto out;
}
if (fd_old == -1) {
log_err(_("Cannot open temporary LUKS header file.\n"));
goto out;
}
- fd_new = open(r
nc.
crypt_path_new, O_WRONLY | (opt_directio ? O_DIRECT : 0));
+ fd_new = open(r
c->
crypt_path_new, O_WRONLY | (opt_directio ? O_DIRECT : 0));
if (fd_new == -1) {
log_err(_("Cannot open temporary LUKS header file.\n"));
goto out;
}
/* Check size */
if (fd_new == -1) {
log_err(_("Cannot open temporary LUKS header file.\n"));
goto out;
}
/* Check size */
- if (ioctl(fd_old, BLKGETSIZE64, &r
nc.
device_size) < 0) {
+ if (ioctl(fd_old, BLKGETSIZE64, &r
c->
device_size) < 0) {
log_err(_("Cannot get device size.\n"));
goto out;
}
log_err(_("Cannot get device size.\n"));
goto out;
}
@@
-702,22
+702,22
@@
static int copy_data(void)
}
set_int_handler();
}
set_int_handler();
- gettimeofday(&r
nc.
start_time, NULL);
+ gettimeofday(&r
c->
start_time, NULL);
- if (r
nc.
reencrypt_direction == FORWARD)
- r = copy_data_forward(fd_old, fd_new, block_size, buf, &bytes);
+ if (r
c->
reencrypt_direction == FORWARD)
+ r = copy_data_forward(
rc,
fd_old, fd_new, block_size, buf, &bytes);
else
else
- r = copy_data_backward(fd_old, fd_new, block_size, buf, &bytes);
+ r = copy_data_backward(
rc,
fd_old, fd_new, block_size, buf, &bytes);
set_int_block(1);
set_int_block(1);
- print_progress(bytes, 1);
+ print_progress(
rc,
bytes, 1);
if (r == -EAGAIN)
log_err(_("Interrupted by a signal.\n"));
else if (r < 0)
log_err(_("IO error during reencryption.\n"));
if (r == -EAGAIN)
log_err(_("Interrupted by a signal.\n"));
else if (r < 0)
log_err(_("IO error during reencryption.\n"));
- (void)write_log();
+ (void)write_log(
rc
);
out:
if (fd_old != -1)
close(fd_old);
out:
if (fd_old != -1)
close(fd_old);
@@
-727,7
+727,7
@@
out:
return r;
}
return r;
}
-static int initialize_uuid(
void
)
+static int initialize_uuid(
struct reenc_ctx *rc
)
{
struct crypt_device *cd = NULL;
int r;
{
struct crypt_device *cd = NULL;
int r;
@@
-735,21
+735,22
@@
static int initialize_uuid(void)
log_dbg("Initialising UUID.");
/* Try to load LUKS from device */
log_dbg("Initialising UUID.");
/* Try to load LUKS from device */
- if ((r = crypt_init(&cd, r
nc.
device)))
+ if ((r = crypt_init(&cd, r
c->
device)))
return r;
crypt_set_log_callback(cd, _quiet_log, NULL);
r = crypt_load(cd, CRYPT_LUKS1, NULL);
if (!r)
return r;
crypt_set_log_callback(cd, _quiet_log, NULL);
r = crypt_load(cd, CRYPT_LUKS1, NULL);
if (!r)
- r
nc.
device_uuid = strdup(crypt_get_uuid(cd));
+ r
c->
device_uuid = strdup(crypt_get_uuid(cd));
else
/* Reencryption already in progress - magic header? */
else
/* Reencryption already in progress - magic header? */
- r = device_magic(CHECK_UNUSABLE);
+ r = device_magic(
rc,
CHECK_UNUSABLE);
crypt_free(cd);
return r;
}
crypt_free(cd);
return r;
}
-static int init_passphrase1(struct crypt_device *cd, const char *msg, int slot_check)
+static int init_passphrase1(struct reenc_ctx *rc, struct crypt_device *cd,
+ const char *msg, int slot_check)
{
int r = -EINVAL, slot, retry_count;
{
int r = -EINVAL, slot, retry_count;
@@
-757,25
+758,25
@@
static int init_passphrase1(struct crypt_device *cd, const char *msg, int slot_c
retry_count = opt_tries ?: 1;
while (retry_count--) {
retry_count = opt_tries ?: 1;
while (retry_count--) {
- r = crypt_get_key(msg, &r
nc.
p[slot].password,
- &r
nc.
p[slot].passwordLen,
+ r = crypt_get_key(msg, &r
c->
p[slot].password,
+ &r
c->
p[slot].passwordLen,
0, 0, NULL /*opt_key_file*/,
0, 0, cd);
if (r < 0)
return r;
r = crypt_activate_by_passphrase(cd, NULL, slot_check,
0, 0, NULL /*opt_key_file*/,
0, 0, cd);
if (r < 0)
return r;
r = crypt_activate_by_passphrase(cd, NULL, slot_check,
- r
nc.p[slot].password, rnc.
p[slot].passwordLen, 0);
+ r
c->p[slot].password, rc->
p[slot].passwordLen, 0);
if (r < 0) {
if (r < 0) {
- crypt_safe_free(r
nc.
p[slot].password);
- r
nc.
p[slot].password = NULL;
- r
nc.
p[slot].passwordLen = 0;
+ crypt_safe_free(r
c->
p[slot].password);
+ r
c->
p[slot].password = NULL;
+ r
c->
p[slot].passwordLen = 0;
}
if (r < 0 && r != -EPERM)
return r;
if (r >= 0) {
}
if (r < 0 && r != -EPERM)
return r;
if (r >= 0) {
- r
nc.
keyslot = slot;
+ r
c->
keyslot = slot;
break;
}
log_err(_("No key available with this passphrase.\n"));
break;
}
log_err(_("No key available with this passphrase.\n"));
@@
-783,18
+784,18
@@
static int init_passphrase1(struct crypt_device *cd, const char *msg, int slot_c
return r;
}
return r;
}
-static int init_keyfile(struct crypt_device *cd, int slot_check)
+static int init_keyfile(struct
reenc_ctx *rc, struct
crypt_device *cd, int slot_check)
{
int r, slot;
slot = (slot_check == CRYPT_ANY_SLOT) ? 0 : slot_check;
{
int r, slot;
slot = (slot_check == CRYPT_ANY_SLOT) ? 0 : slot_check;
- r = crypt_get_key(NULL, &r
nc.p[slot].password, &rnc.
p[slot].passwordLen,
+ r = crypt_get_key(NULL, &r
c->p[slot].password, &rc->
p[slot].passwordLen,
opt_keyfile_offset, opt_keyfile_size, opt_key_file, 0, 0, cd);
if (r < 0)
return r;
r = crypt_activate_by_passphrase(cd, NULL, slot_check,
opt_keyfile_offset, opt_keyfile_size, opt_key_file, 0, 0, cd);
if (r < 0)
return r;
r = crypt_activate_by_passphrase(cd, NULL, slot_check,
- r
nc.p[slot].password, rnc.
p[slot].passwordLen, 0);
+ r
c->p[slot].password, rc->
p[slot].passwordLen, 0);
/*
* Allow keyslot only if it is last slot or if user explicitly
/*
* Allow keyslot only if it is last slot or if user explicitly
@@
-808,19
+809,19
@@
static int init_keyfile(struct crypt_device *cd, int slot_check)
}
if (r < 0) {
}
if (r < 0) {
- crypt_safe_free(r
nc.
p[slot].password);
- r
nc.
p[slot].password = NULL;
- r
nc.
p[slot].passwordLen = 0;
+ crypt_safe_free(r
c->
p[slot].password);
+ r
c->
p[slot].password = NULL;
+ r
c->
p[slot].passwordLen = 0;
if (r == -EPERM)
log_err(_("No key available with this passphrase.\n"));
return r;
} else
if (r == -EPERM)
log_err(_("No key available with this passphrase.\n"));
return r;
} else
- r
nc.
keyslot = slot;
+ r
c->
keyslot = slot;
return r;
}
return r;
}
-static int initialize_passphrase(const char *device)
+static int initialize_passphrase(
struct reenc_ctx *rc,
const char *device)
{
struct crypt_device *cd = NULL;
crypt_keyslot_info ki;
{
struct crypt_device *cd = NULL;
crypt_keyslot_info ki;
@@
-831,22
+832,22
@@
static int initialize_passphrase(const char *device)
if ((r = crypt_init(&cd, device)) ||
(r = crypt_load(cd, CRYPT_LUKS1, NULL)) ||
if ((r = crypt_init(&cd, device)) ||
(r = crypt_load(cd, CRYPT_LUKS1, NULL)) ||
- (r = crypt_set_data_device(cd, r
nc.
device))) {
+ (r = crypt_set_data_device(cd, r
c->
device))) {
crypt_free(cd);
return r;
}
if (opt_key_file) {
crypt_free(cd);
return r;
}
if (opt_key_file) {
- r = init_keyfile(cd, opt_key_slot);
- } else if (r
nc.
in_progress) {
- r = init_passphrase1(cd, _("Enter any LUKS passphrase: "), CRYPT_ANY_SLOT);
+ r = init_keyfile(
rc,
cd, opt_key_slot);
+ } else if (r
c->
in_progress) {
+ r = init_passphrase1(
rc,
cd, _("Enter any LUKS passphrase: "), CRYPT_ANY_SLOT);
} else for (i = 0; i < MAX_SLOT; i++) {
ki = crypt_keyslot_status(cd, i);
if (ki != CRYPT_SLOT_ACTIVE && ki != CRYPT_SLOT_ACTIVE_LAST)
continue;
snprintf(msg, sizeof(msg), _("Enter LUKS passphrase for key slot %u): "), i);
} else for (i = 0; i < MAX_SLOT; i++) {
ki = crypt_keyslot_status(cd, i);
if (ki != CRYPT_SLOT_ACTIVE && ki != CRYPT_SLOT_ACTIVE_LAST)
continue;
snprintf(msg, sizeof(msg), _("Enter LUKS passphrase for key slot %u): "), i);
- r = init_passphrase1(cd, msg, i);
+ r = init_passphrase1(
rc,
cd, msg, i);
if (r < 0)
break;
}
if (r < 0)
break;
}
@@
-855,109
+856,111
@@
static int initialize_passphrase(const char *device)
return r > 0 ? 0 : r;
}
return r > 0 ? 0 : r;
}
-static int initialize_context(const char *device)
+static int initialize_context(
struct reenc_ctx *rc,
const char *device)
{
log_dbg("Initialising reencryption context.");
{
log_dbg("Initialising reencryption context.");
- r
nc.
log_fd =-1;
+ r
c->
log_fd =-1;
- if (!(r
nc.
device = strndup(device, PATH_MAX)))
+ if (!(r
c->
device = strndup(device, PATH_MAX)))
return -ENOMEM;
return -ENOMEM;
- if (initialize_uuid()) {
+ if (initialize_uuid(
rc
)) {
log_err(_("Device %s is not a valid LUKS device.\n"), device);
return -EINVAL;
}
/* Prepare device names */
log_err(_("Device %s is not a valid LUKS device.\n"), device);
return -EINVAL;
}
/* Prepare device names */
- if (snprintf(r
nc.
log_file, PATH_MAX,
- "LUKS-%s.log", r
nc.
device_uuid) < 0)
+ if (snprintf(r
c->
log_file, PATH_MAX,
+ "LUKS-%s.log", r
c->
device_uuid) < 0)
return -ENOMEM;
return -ENOMEM;
- if (snprintf(r
nc.
header_file_org, PATH_MAX,
- "LUKS-%s.org", r
nc.
device_uuid) < 0)
+ if (snprintf(r
c->
header_file_org, PATH_MAX,
+ "LUKS-%s.org", r
c->
device_uuid) < 0)
return -ENOMEM;
return -ENOMEM;
- if (snprintf(r
nc.
header_file_new, PATH_MAX,
- "LUKS-%s.new", r
nc.
device_uuid) < 0)
+ if (snprintf(r
c->
header_file_new, PATH_MAX,
+ "LUKS-%s.new", r
c->
device_uuid) < 0)
return -ENOMEM;
/* Paths to encrypted devices */
return -ENOMEM;
/* Paths to encrypted devices */
- if (snprintf(r
nc.
crypt_path_org, PATH_MAX,
- "%s/%s", crypt_get_dir(), r
nc.
header_file_org) < 0)
+ if (snprintf(r
c->
crypt_path_org, PATH_MAX,
+ "%s/%s", crypt_get_dir(), r
c->
header_file_org) < 0)
return -ENOMEM;
return -ENOMEM;
- if (snprintf(r
nc.
crypt_path_new, PATH_MAX,
- "%s/%s", crypt_get_dir(), r
nc.
header_file_new) < 0)
+ if (snprintf(r
c->
crypt_path_new, PATH_MAX,
+ "%s/%s", crypt_get_dir(), r
c->
header_file_new) < 0)
return -ENOMEM;
return -ENOMEM;
- remove_headers();
+ remove_headers(
rc
);
- if (open_log() < 0) {
+ if (open_log(
rc
) < 0) {
log_err(_("Cannot open reencryption log file.\n"));
return -EINVAL;
}
log_err(_("Cannot open reencryption log file.\n"));
return -EINVAL;
}
- if (!r
nc.
in_progress) {
+ if (!r
c->
in_progress) {
if (1 /*opt_new */)
if (1 /*opt_new */)
- r
nc.
reencrypt_direction = FORWARD;
+ r
c->
reencrypt_direction = FORWARD;
else {
else {
- r
nc.
reencrypt_direction = BACKWARD;
- r
nc.
device_offset = (uint64_t)~0;
+ r
c->
reencrypt_direction = BACKWARD;
+ r
c->
device_offset = (uint64_t)~0;
}
}
return 0;
}
}
}
return 0;
}
-static void destroy_context(
void
)
+static void destroy_context(
struct reenc_ctx *rc
)
{
int i;
log_dbg("Destroying reencryption context.");
{
int i;
log_dbg("Destroying reencryption context.");
- close_log();
- remove_headers();
+ close_log(
rc
);
+ remove_headers(
rc
);
- if ((r
nc.
reencrypt_direction == FORWARD &&
- r
nc.device_offset == rnc.
device_size) ||
- r
nc.
device_offset == 0) {
- unlink(r
nc.
log_file);
- unlink(r
nc.
header_file_org);
- unlink(r
nc.
header_file_new);
+ if ((r
c->
reencrypt_direction == FORWARD &&
+ r
c->device_offset == rc->
device_size) ||
+ r
c->
device_offset == 0) {
+ unlink(r
c->
log_file);
+ unlink(r
c->
header_file_org);
+ unlink(r
c->
header_file_new);
}
for (i = 0; i < MAX_SLOT; i++)
}
for (i = 0; i < MAX_SLOT; i++)
- crypt_safe_free(r
nc.
p[i].password);
+ crypt_safe_free(r
c->
p[i].password);
- free(r
nc.
device);
- free(r
nc.
device_uuid);
+ free(r
c->
device);
+ free(r
c->
device_uuid);
}
int run_reencrypt(const char *device)
{
int r = -EINVAL;
}
int run_reencrypt(const char *device)
{
int r = -EINVAL;
- if (initialize_context(device))
+ struct reenc_ctx rc = {};
+
+ if (initialize_context(&rc, device))
goto out;
log_dbg("Running reencryption.");
goto out;
log_dbg("Running reencryption.");
- if (!r
n
c.in_progress) {
- if ((r = initialize_passphrase(
rn
c.device)) ||
- (r = backup_luks_headers()) ||
- (r = device_magic(MAKE_UNUSABLE)))
+ if (!rc.in_progress) {
+ if ((r = initialize_passphrase(
&rc, r
c.device)) ||
+ (r = backup_luks_headers(
&rc
)) ||
+ (r = device_magic(
&rc,
MAKE_UNUSABLE)))
goto out;
} else {
goto out;
} else {
- if ((r = initialize_passphrase(
rn
c.header_file_new)))
+ if ((r = initialize_passphrase(
&rc, r
c.header_file_new)))
goto out;
}
goto out;
}
- if ((r = activate_luks_headers()))
+ if ((r = activate_luks_headers(
&rc
)))
goto out;
goto out;
- if ((r = copy_data()))
+ if ((r = copy_data(
&rc
)))
goto out;
goto out;
- r = restore_luks_header(
rn
c.header_file_new);
+ r = restore_luks_header(
&rc, r
c.header_file_new);
out:
out:
- destroy_context();
+ destroy_context(
&rc
);
return r;
}
return r;
}