From: Milan Broz Date: Mon, 25 Jun 2012 14:06:43 +0000 (+0200) Subject: Switch to use unit suffix for --reduce-device-size option. X-Git-Tag: upstream/1.6~222 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=b684fffdaf0ba1adf6a2656bbea8f24da8c58255;p=platform%2Fupstream%2Fcryptsetup.git Switch to use unit suffix for --reduce-device-size option. --- diff --git a/ChangeLog b/ChangeLog index 7cd9839..579dfc9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,6 @@ 2012-06-25 Milan Broz * Add --device-size option for reencryption tool. + * Switch to use unit suffix for --reduce-device-size option. 2012-06-20 Milan Broz * Version 1.5.0-rc2. diff --git a/lib/utils_crypt.c b/lib/utils_crypt.c index 4b1dc70..c2111c7 100644 --- a/lib/utils_crypt.c +++ b/lib/utils_crypt.c @@ -445,7 +445,7 @@ int crypt_string_to_size(struct crypt_device *cd, const char *s, uint64_t *size) (errno != 0 && *size == 0)) return -EINVAL; - if (!endp) + if (!endp || !*endp) return 0; len = strlen(endp); diff --git a/man/cryptsetup-reencrypt.8 b/man/cryptsetup-reencrypt.8 index b3ac6c0..d9a3202 100644 --- a/man/cryptsetup-reencrypt.8 +++ b/man/cryptsetup-reencrypt.8 @@ -108,22 +108,6 @@ Use re-encryption block size of in MiB. Values can be between 1 and 64 MiB. .TP -.B "\-\-reduce-device-size \fInumber of 512 bytes sectors\fR" -Enlarge data offset for specified value of sectors by shrinking -device size. - -This means that last sectors on the original device will be lost, -ciphertext data will be effectively shifted by specified -number of sectors. - -It can be usefull if you e.g. added some space to underlying -partition (so last sectors contains no data). - -WARNING: This is destructive operation and cannot be reverted. -Use with extreme care - shrinked filesystems are usually unrecoverable. - -You cannot shrink device more than by 64 MiB (131072 sectors). -.TP .B "\-\-device-size \fIsize[units]\fR" Instead of real device size, use specified value. @@ -138,6 +122,21 @@ Unit suffix can be S for 512 byte sectors, K/M/G/T (or KiB,MiB,GiB,TiB) for units with 1024 base or KB/MB/GB/TB for 1000 base (SI scale). WARNING: This is destructive operation. +.TP +.B "\-\-reduce-device-size \fIsize[units]\fR" +Enlarge data offset to specified value by shrinking device size. + +This means that last sectors on the original device will be lost, +ciphertext data will be effectively shifted by specified +number of sectors. + +It can be usefull if you e.g. added some space to underlying +partition (so last sectors contains no data). + +For units suffix see \-\-device-size parameter description. + +WARNING: This is destructive operation and cannot be reverted. +Use with extreme care - shrinked filesystems are usually unrecoverable. You cannot shrink device more than by 64 MiB (131072 sectors). .TP diff --git a/src/cryptsetup_reencrypt.c b/src/cryptsetup_reencrypt.c index c6b7e58..a7b4509 100644 --- a/src/cryptsetup_reencrypt.c +++ b/src/cryptsetup_reencrypt.c @@ -23,6 +23,7 @@ #define _LARGEFILE64_SOURCE #define _FILE_OFFSET_BITS 64 #define SECTOR_SIZE 512 +#define ROUND_SECTOR(x) (((x) + SECTOR_SIZE - 1) / SECTOR_SIZE) #define NO_UUID "cafecafe-cafe-cafe-cafe-cafecafeeeee" #define MAX_BCK_SECTORS 8192 @@ -58,7 +59,6 @@ static int opt_version_mode = 0; static int opt_random = 0; static int opt_urandom = 0; static int opt_bsize = 4; -static int opt_reduce_device_size = 0; static int opt_directio = 0; static int opt_fsync = 0; static int opt_write_log = 0; @@ -67,6 +67,9 @@ static int opt_key_slot = CRYPT_ANY_SLOT; static int opt_key_size = 0; static int opt_new = 0; +static const char *opt_reduce_size_str = NULL; +static uint64_t opt_reduce_size = 0; + static const char *opt_device_size_str = NULL; static uint64_t opt_device_size = 0; @@ -316,8 +319,8 @@ static int create_empty_header(const char *new_file, const char *old_file, size = data_sector * SECTOR_SIZE; /* if reducing size, be sure we have enough space */ - if (opt_reduce_device_size) - size += (opt_reduce_device_size * SECTOR_SIZE); + if (opt_reduce_size) + size += opt_reduce_size; log_dbg("Creating empty file %s of size %lu.", new_file, (unsigned long)size); @@ -571,7 +574,7 @@ static int backup_luks_headers(struct reenc_ctx *rc) params.hash = opt_hash ?: DEFAULT_LUKS1_HASH; params.data_alignment = crypt_get_data_offset(cd); - params.data_alignment += opt_reduce_device_size; + params.data_alignment += ROUND_SECTOR(opt_reduce_size); params.data_device = rc->device; if (opt_cipher) { @@ -643,7 +646,7 @@ static int backup_fake_header(struct reenc_ctx *rc) if (r < 0) goto out; - params.data_alignment = opt_reduce_device_size; + params.data_alignment = ROUND_SECTOR(opt_reduce_size); r = create_new_header(rc, opt_cipher ? cipher : DEFAULT_LUKS1_CIPHER, opt_cipher ? cipher_mode : DEFAULT_LUKS1_MODE, @@ -1100,7 +1103,7 @@ static int initialize_context(struct reenc_ctx *rc, const char *device) } if (!rc->in_progress) { - if (!opt_reduce_device_size) + if (!opt_reduce_size) rc->reencrypt_direction = FORWARD; else { rc->reencrypt_direction = BACKWARD; @@ -1239,7 +1242,7 @@ int main(int argc, const char **argv) { "key-slot", 'S', POPT_ARG_INT, &opt_key_slot, 0, N_("Use only this slot (others will be disabled)."), NULL }, { "keyfile-offset", '\0', POPT_ARG_LONG, &opt_keyfile_offset, 0, N_("Number of bytes to skip in keyfile"), N_("bytes") }, { "keyfile-size", 'l', POPT_ARG_LONG, &opt_keyfile_size, 0, N_("Limits the read from keyfile"), N_("bytes") }, - { "reduce-device-size",'\0', POPT_ARG_INT, &opt_reduce_device_size, 0, N_("Reduce data device size (move data offset). DANGEROUS!"), N_("SECTORS") }, + { "reduce-device-size",'\0', POPT_ARG_STRING, &opt_reduce_size_str, 0, N_("Reduce data device size (move data offset). DANGEROUS!"), N_("bytes") }, { "device-size", '\0', POPT_ARG_STRING, &opt_device_size_str, 0, N_("Use only specified device size (ignore rest of device). DANGEROUS!"), N_("bytes") }, { "new", 'N', POPT_ARG_NONE,&opt_new, 0, N_("Create new header on not encrypted device."), NULL }, POPT_TABLEEND @@ -1287,8 +1290,7 @@ int main(int argc, const char **argv) poptGetInvocationName(popt_context)); if (opt_bsize < 0 || opt_key_size < 0 || opt_iteration_time < 0 || - opt_tries < 0 || opt_keyfile_offset < 0 || opt_key_size < 0 || - opt_reduce_device_size < 0) { + opt_tries < 0 || opt_keyfile_offset < 0 || opt_key_size < 0) { usage(popt_context, EXIT_FAILURE, _("Negative number for option not permitted."), poptGetInvocationName(popt_context)); @@ -1299,11 +1301,6 @@ int main(int argc, const char **argv) _("Only values between 1MiB and 64 MiB allowed for reencryption block size."), poptGetInvocationName(popt_context)); - if (opt_reduce_device_size > (64 * 1024 * 1024 / SECTOR_SIZE)) - usage(popt_context, EXIT_FAILURE, - _("Maximum device reduce size is 64 MiB."), - poptGetInvocationName(popt_context)); - if (opt_key_size % 8) usage(popt_context, EXIT_FAILURE, _("Key size must be a multiple of 8 bits"), @@ -1318,15 +1315,26 @@ int main(int argc, const char **argv) usage(popt_context, EXIT_FAILURE, _("Only one of --use-[u]random options is allowed."), poptGetInvocationName(popt_context)); - if (opt_new && !opt_reduce_device_size) - usage(popt_context, EXIT_FAILURE, _("Option --new must be used together with --reduce_device_size."), - poptGetInvocationName(popt_context)); - if (opt_device_size_str && crypt_string_to_size(NULL, opt_device_size_str, &opt_device_size)) usage(popt_context, EXIT_FAILURE, _("Invalid device size specification."), poptGetInvocationName(popt_context)); + if (opt_reduce_size_str && + crypt_string_to_size(NULL, opt_reduce_size_str, &opt_reduce_size)) + usage(popt_context, EXIT_FAILURE, _("Invalid device size specification."), + poptGetInvocationName(popt_context)); + if (opt_reduce_size > 64 * 1024 * 1024) + usage(popt_context, EXIT_FAILURE, _("Maximum device reduce size is 64 MiB."), + poptGetInvocationName(popt_context)); + if (opt_reduce_size % SECTOR_SIZE) + usage(popt_context, EXIT_FAILURE, _("Reduce size must be multiple of 512 bytes sector."), + poptGetInvocationName(popt_context)); + + if (opt_new && !opt_reduce_size) + usage(popt_context, EXIT_FAILURE, _("Option --new must be used together with --reduce-device-size."), + poptGetInvocationName(popt_context)); + if (opt_debug) { opt_verbose = 1; crypt_set_debug_level(-1); diff --git a/tests/reencryption-compat-test b/tests/reencryption-compat-test index fd983e6..3169d8c 100755 --- a/tests/reencryption-compat-test +++ b/tests/reencryption-compat-test @@ -105,7 +105,7 @@ check_hash "key0" $HASH1 echo "[2] Reencryption with data shift" echo "key0" | $CRYPTSETUP -q luksFormat -s 128 -i 1 --align-payload 2048 $LOOPDEV1 || fail wipe "key0" -echo "key0" | $REENC $LOOPDEV1 -q -s 256 --reduce-device-size 1024 || fail +echo "key0" | $REENC $LOOPDEV1 -q -s 256 --reduce-device-size 1024S || fail check_hash "key0" $HASH2 echo "key0" | $REENC $LOOPDEV1 -q -i 1 || fail check_hash "key0" $HASH2 @@ -127,7 +127,7 @@ wipe_dev $LOOPDEV1 dmsetup create $DEV_NAME2 --table "0 $(($SIZE - $OFFSET)) linear $LOOPDEV1 0" || fail check_hash_dev /dev/mapper/$DEV_NAME2 $HASH3 dmsetup remove $DEV_NAME2 || fail -echo "key0" | $REENC $LOOPDEV1 -s 128 --new --reduce-device-size $OFFSET -q +echo "key0" | $REENC $LOOPDEV1 -s 128 --new --reduce-device-size "$OFFSET"S -q check_hash "key0" $HASH3 remove_mapping