log_dbg("Trying to activate PLAIN device %s using cipher %s.",
name, dmd.u.crypt.cipher);
- r = dm_create_device(name, CRYPT_PLAIN, &dmd, 0);
+ r = dm_create_device(cd, name, CRYPT_PLAIN, &dmd, 0);
// FIXME
- if (!cd->plain_uuid && dm_query_device(name, DM_ACTIVE_UUID, &dmd) >= 0)
+ if (!cd->plain_uuid && dm_query_device(cd, name, DM_ACTIVE_UUID, &dmd) >= 0)
cd->plain_uuid = CONST_CAST(char*)dmd.uuid;
free(dm_cipher);
if (r < 0)
goto bad;
- if (dm_init(h, 1) < 0) {
- r = -ENOSYS;
- goto bad;
- }
+ dm_backend_init();
h->iteration_time = 1000;
h->password_verify = 0;
if (r < 0)
return r;
- if (params->flags & CRYPT_VERITY_NO_HEADER)
+ if (params && params->flags & CRYPT_VERITY_NO_HEADER)
return -EINVAL;
if (params)
char cipher[MAX_CIPHER_LEN], cipher_mode[MAX_CIPHER_LEN];
int key_nums, r;
- r = dm_query_device(name, DM_ACTIVE_DEVICE |
- DM_ACTIVE_UUID |
- DM_ACTIVE_CRYPT_CIPHER |
- DM_ACTIVE_CRYPT_KEYSIZE, &dmd);
+ r = dm_query_device(cd, name,
+ DM_ACTIVE_DEVICE |
+ DM_ACTIVE_UUID |
+ DM_ACTIVE_CRYPT_CIPHER |
+ DM_ACTIVE_CRYPT_KEYSIZE, &dmd);
if (r < 0)
goto out;
};
int r;
- r = dm_query_device(name, DM_ACTIVE_DEVICE |
- DM_ACTIVE_UUID |
- DM_ACTIVE_VERITY_HASH_DEVICE |
- DM_ACTIVE_VERITY_PARAMS, &dmd);
+ r = dm_query_device(cd, name,
+ DM_ACTIVE_DEVICE |
+ DM_ACTIVE_UUID |
+ DM_ACTIVE_VERITY_HASH_DEVICE |
+ DM_ACTIVE_VERITY_PARAMS, &dmd);
if (r < 0)
goto out;
return -ENODEV;
}
- r = dm_query_device(name, DM_ACTIVE_DEVICE | DM_ACTIVE_UUID, &dmd);
+ r = dm_query_device(NULL, name, DM_ACTIVE_DEVICE | DM_ACTIVE_UUID, &dmd);
if (r < 0)
goto out;
&required_alignment,
&alignment_offset, DEFAULT_DISK_ALIGNMENT);
+ /* Check early if we cannot allocate block device for key slot access */
+ r = device_block_adjust(cd, cd->device, DEV_OK, 0, NULL, NULL);
+ if(r < 0)
+ return r;
+
r = LUKS_generate_phdr(&cd->hdr, cd->volume_key, cipher, cipher_mode,
(params && params->hash) ? params->hash : "sha1",
uuid, LUKS_STRIPES,
if (r == -EBUSY)
log_err(cd, _("Cannot format device %s which is still in use.\n"),
mdata_device_path(cd));
- else
+ else if (r == -EACCES) {
+ log_err(cd, _("Cannot format device %s, permission denied.\n"),
+ mdata_device_path(cd));
+ r = -EINVAL;
+ } else
log_err(cd, _("Cannot wipe header on device %s.\n"),
mdata_device_path(cd));
return -ENOMEM;
cd->verity_hdr.flags = params->flags;
- cd->verity_hdr.hash_name = strdup(params->hash_name);
+ if (!(cd->verity_hdr.hash_name = strdup(params->hash_name)))
+ return -ENOMEM;
cd->verity_hdr.data_device = NULL;
cd->verity_hdr.data_block_size = params->data_block_size;
cd->verity_hdr.hash_block_size = params->hash_block_size;
cd->verity_hdr.hash_type = params->hash_type;
cd->verity_hdr.flags = params->flags;
cd->verity_hdr.salt_size = params->salt_size;
- cd->verity_hdr.salt = malloc(params->salt_size);
+ if (!(cd->verity_hdr.salt = malloc(params->salt_size)))
+ return -ENOMEM;
+
if (params->salt)
memcpy(CONST_CAST(char*)cd->verity_hdr.salt, params->salt,
params->salt_size);
log_dbg("Resizing device %s to %" PRIu64 " sectors.", name, new_size);
- r = dm_query_device(name, DM_ACTIVE_DEVICE | DM_ACTIVE_CRYPT_CIPHER |
+ r = dm_query_device(cd, name, DM_ACTIVE_DEVICE | DM_ACTIVE_CRYPT_CIPHER |
DM_ACTIVE_UUID | DM_ACTIVE_CRYPT_KEYSIZE |
DM_ACTIVE_CRYPT_KEY, &dmd);
if (r < 0) {
r = 0;
} else {
dmd.size = new_size;
- r = dm_create_device(name, cd->type, &dmd, 1);
+ r = dm_create_device(cd, name, cd->type, &dmd, 1);
}
out:
if (dmd.target == DM_CRYPT) {
if (cd) {
log_dbg("Releasing crypt device %s context.", mdata_device_path(cd));
- dm_exit();
+ dm_backend_exit();
crypt_free_volume_key(cd->volume_key);
device_free(cd->device);
log_dbg("Suspending volume %s.", name);
- if (!isLUKS(cd->type)) {
+ if (!cd || !isLUKS(cd->type)) {
log_err(cd, _("This operation is supported only for LUKS device.\n"));
r = -EINVAL;
goto out;
return -EINVAL;
}
- if (!cd && dm_init(NULL, 1) < 0)
- return -ENOSYS;
+ dm_backend_init();
- r = dm_status_suspended(name);
+ r = dm_status_suspended(cd, name);
if (r < 0)
goto out;
goto out;
}
- r = dm_suspend_and_wipe_key(name);
+ r = dm_suspend_and_wipe_key(cd, name);
if (r == -ENOTSUP)
log_err(cd, "Suspend is not supported for device %s.\n", name);
else if (r)
log_err(cd, "Error during suspending device %s.\n", name);
out:
- if (!cd)
- dm_exit();
+ dm_backend_exit();
return r;
}
goto out;
}
- r = dm_status_suspended(name);
+ r = dm_status_suspended(cd, name);
if (r < 0)
return r;
if (r >= 0) {
keyslot = r;
- r = dm_resume_and_reinstate_key(name, vk->keylength, vk->key);
+ r = dm_resume_and_reinstate_key(cd, name, vk->keylength, vk->key);
if (r == -ENOTSUP)
log_err(cd, "Resume is not supported for device %s.\n", name);
else if (r)
goto out;
}
- r = dm_status_suspended(name);
+ r = dm_status_suspended(cd, name);
if (r < 0)
return r;
goto out;
keyslot = r;
- r = dm_resume_and_reinstate_key(name, vk->keylength, vk->key);
+ r = dm_resume_and_reinstate_key(cd, name, vk->keylength, vk->key);
if (r)
log_err(cd, "Error during resuming device %s.\n", name);
out:
log_dbg("Deactivating volume %s.", name);
- if (!cd && dm_init(NULL, 1) < 0)
- return -ENOSYS;
+ if (!cd)
+ dm_backend_init();
switch (crypt_status(cd, name)) {
case CRYPT_ACTIVE:
case CRYPT_BUSY:
- r = dm_remove_device(name, 0, 0);
+ r = dm_remove_device(cd, name, 0, 0);
break;
case CRYPT_INACTIVE:
log_err(cd, _("Device %s is not active.\n"), name);
}
if (!cd)
- dm_exit();
+ dm_backend_exit();
return r;
}
{
int r;
- if (!cd && dm_init(NULL, 1) < 0)
- return CRYPT_INVALID;
+ if (!cd)
+ dm_backend_init();
- r = dm_status_device(name);
+ r = dm_status_device(cd, name);
if (!cd)
- dm_exit();
+ dm_backend_exit();
if (r < 0 && r != -ENODEV)
return CRYPT_INVALID;
return -EINVAL;
}
+int crypt_keyslot_area(struct crypt_device *cd,
+ int keyslot,
+ uint64_t *offset,
+ uint64_t *length)
+{
+ if (!isLUKS(cd->type))
+ return -EINVAL;
+
+ return LUKS_keyslot_area(&cd->hdr, keyslot, offset, length);
+}
+
const char *crypt_get_type(struct crypt_device *cd)
{
return cd->type;
struct crypt_dm_active_device dmd;
int r;
- r = dm_query_device(name, 0, &dmd);
+ r = dm_query_device(cd, name, 0, &dmd);
if (r < 0)
return r;
projects / platform / upstream / cryptsetup.git / blobdiff