/*
* cryptsetup-reencrypt - crypt utility for offline re-encryption
*
- * Copyright (C) 2012, Milan Broz All rights reserved.
* Copyright (C) 2012, Red Hat, Inc. All rights reserved.
+ * Copyright (C) 2012-2013, Milan Broz All rights reserved.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
- * version 2 as published by the Free Software Foundation.
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
#include <sys/time.h>
#include <linux/fs.h>
#include <arpa/inet.h>
-#include <signal.h>
#define PACKAGE_REENC "crypt_reencrypt"
static const char **action_argv;
-static volatile int quit = 0;
-
#define MAX_SLOT 8
struct reenc_ctx {
char *device;
tool_log(level, msg, usrptr);
}
-static void int_handler(int sig __attribute__((__unused__)))
-{
- quit++;
-}
-
-static void set_int_block(int block)
-{
- sigset_t signals_open;
-
- sigemptyset(&signals_open);
- sigaddset(&signals_open, SIGINT);
- sigaddset(&signals_open, SIGTERM);
- sigprocmask(block ? SIG_SETMASK : SIG_UNBLOCK, &signals_open, NULL);
-}
-
-static void set_int_handler(void)
-{
- struct sigaction sigaction_open;
-
- memset(&sigaction_open, 0, sizeof(struct sigaction));
- sigaction_open.sa_handler = int_handler;
- sigaction(SIGINT, &sigaction_open, 0);
- sigaction(SIGTERM, &sigaction_open, 0);
- set_int_block(0);
-}
-
/* The difference in seconds between two times in "timeval" format. */
static double time_diff(struct timeval start, struct timeval end)
{
s = read(devfd, buf, SECTOR_SIZE);
if (s < 0 || s != SECTOR_SIZE) {
log_err(_("Cannot read device %s.\n"), rc->device);
- close(devfd);
- return -EIO;
+ r = -EIO;
+ goto out;
}
/* Be sure that we do not process new version of header */
1, rc->device_uuid, rc->reencrypt_direction,
rc->device_offset, rc->device_shift);
- lseek(rc->log_fd, 0, SEEK_SET);
+ if (lseek(rc->log_fd, 0, SEEK_SET) == -1)
+ return -EIO;
+
r = write(rc->log_fd, rc->log_buf, SECTOR_SIZE);
if (r < 0 || r != SECTOR_SIZE) {
log_err(_("Cannot write reencryption log file.\n"));
static int open_log(struct reenc_ctx *rc)
{
- int flags, create_new;
- struct stat st;
+ int flags = opt_directio ? O_DIRECT : 0;
- if (!stat(rc->log_file, &st))
- create_new = 0;
- else if (errno == ENOENT)
- create_new = 1;
- else
- return -EINVAL;
-
- if (create_new) {
- log_dbg("Creating LUKS reencryption log file %s.", rc->log_file);
- flags = opt_directio ? O_RDWR|O_CREAT|O_DIRECT : O_RDWR|O_CREAT;
- rc->log_fd = open(rc->log_file, flags, S_IRUSR|S_IWUSR);
- if (rc->log_fd == -1)
- return -EINVAL;
- } else {
+ rc->log_fd = open(rc->log_file, O_RDWR|O_EXCL|O_CREAT|flags, S_IRUSR|S_IWUSR);
+ if (rc->log_fd != -1) {
+ log_dbg("Created LUKS reencryption log file %s.", rc->log_file);
+ } else if (errno == EEXIST) {
log_std(_("Log file %s exists, resuming reencryption.\n"), rc->log_file);
- flags = opt_directio ? O_RDWR|O_DIRECT : O_RDWR;
- rc->log_fd = open(rc->log_file, flags);
- if (rc->log_fd == -1)
- return -EINVAL;
+ rc->log_fd = open(rc->log_file, O_RDWR|flags);
rc->in_progress = 1;
}
+ if (rc->log_fd == -1)
+ return -EINVAL;
+
if (posix_memalign((void *)&rc->log_buf, alignment(rc->log_fd), SECTOR_SIZE)) {
log_err(_("Allocation of aligned memory failed.\n"));
close_log(rc);
return -ENOMEM;
}
- if (create_new && write_log(rc) < 0) {
+ if (!rc->in_progress && write_log(rc) < 0) {
close_log(rc);
return -EIO;
}
(r = crypt_set_data_device(cd, rc->device)))
goto out;
+ log_verbose(_("Activating temporary device using old LUKS header.\n"));
if ((r = crypt_activate_by_passphrase(cd, rc->header_file_org,
opt_key_slot, rc->p[rc->keyslot].password, rc->p[rc->keyslot].passwordLen,
CRYPT_ACTIVATE_READONLY|CRYPT_ACTIVATE_PRIVATE)) < 0)
(r = crypt_set_data_device(cd_new, rc->device)))
goto out;
+ log_verbose(_("Activating temporary device using new LUKS header.\n"));
if ((r = crypt_activate_by_passphrase(cd_new, rc->header_file_new,
opt_key_slot, rc->p[rc->keyslot].password, rc->p[rc->keyslot].passwordLen,
CRYPT_ACTIVATE_SHARED|CRYPT_ACTIVATE_PRIVATE)) < 0)
if (!mib)
return;
+ /* FIXME: calculate this from last minute only and remaining space */
eta = (unsigned long long)(rc->device_size / 1024 / 1024 / mib - tdiff);
/* vt100 code clear line */
goto out;
}
- set_int_handler();
+ set_int_handler(0);
gettimeofday(&rc->start_time, NULL);
if (rc->reencrypt_direction == FORWARD)
retry_count = opt_tries ?: 1;
while (retry_count--) {
- set_int_handler();
+ set_int_handler(0);
r = crypt_get_key(msg, &rc->p[slot].password,
&rc->p[slot].passwordLen,
0, 0, NULL /*opt_key_file*/,
log_dbg("Passhrases initialization.");
if (opt_new && !rc->in_progress) {
- r = init_passphrase1(rc, cd, _("Enter new LUKS passphrase: "), 0, 0);
+ r = init_passphrase1(rc, cd, _("Enter new passphrase: "), 0, 0);
return r > 0 ? 0 : r;
}
if (opt_key_file) {
r = init_keyfile(rc, cd, opt_key_slot);
} else if (rc->in_progress) {
- r = init_passphrase1(rc, cd, _("Enter any LUKS passphrase: "),
+ r = init_passphrase1(rc, cd, _("Enter any existing passphrase: "),
CRYPT_ANY_SLOT, 1);
} else for (i = 0; i < MAX_SLOT; i++) {
ki = crypt_keyslot_status(cd, i);
if (ki != CRYPT_SLOT_ACTIVE && ki != CRYPT_SLOT_ACTIVE_LAST)
continue;
- snprintf(msg, sizeof(msg), _("Enter LUKS passphrase for key slot %u: "), i);
+ snprintf(msg, sizeof(msg), _("Enter passphrase for key slot %u: "), i);
r = init_passphrase1(rc, cd, msg, i, 1);
if (r < 0)
break;