diff options
| author | Maxim Fomin <maxim@fomin.one> | 2020-05-30 11:21:44 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2020-06-09 08:12:55 +0200 |
| commit | 6cc27c29adf09106a53da97ea919aedb67af9b21 (patch) | |
| tree | bde9ce05f790f81fa544a0a727175e3c25f9de71 | |
| parent | b11e98037c71b58a0efe0251b46242976b93870e (diff) | |
| download | systemd-6cc27c29adf09106a53da97ea919aedb67af9b21.tar.gz | |
Add 'bitlk' option to mount Bitlocker drives with cryptsetup.
| -rw-r--r-- | man/crypttab.xml | 7 | ||||
| -rw-r--r-- | src/cryptsetup/cryptsetup.c | 20 |
2 files changed, 24 insertions, 3 deletions
diff --git a/man/crypttab.xml b/man/crypttab.xml index 3170e5880f..2046911c78 100644 --- a/man/crypttab.xml +++ b/man/crypttab.xml @@ -178,6 +178,13 @@ </varlistentry> <varlistentry> + <term><option>bitlk</option></term> + + <listitem><para>Decrypt Bitlocker drive. Encryption parameters + are deduced by cryptsetup from Bitlocker header.</para></listitem> + </varlistentry> + + <varlistentry> <term><option>_netdev</option></term> <listitem><para>Marks this cryptsetup device as requiring network. It will be diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c index 5886f86db6..c05e2d1351 100644 --- a/src/cryptsetup/cryptsetup.c +++ b/src/cryptsetup/cryptsetup.c @@ -38,7 +38,7 @@ #define CRYPT_SECTOR_SIZE 512 #define CRYPT_MAX_SECTOR_SIZE 4096 -static const char *arg_type = NULL; /* ANY_LUKS, CRYPT_LUKS1, CRYPT_LUKS2, CRYPT_TCRYPT or CRYPT_PLAIN */ +static const char *arg_type = NULL; /* ANY_LUKS, CRYPT_LUKS1, CRYPT_LUKS2, CRYPT_TCRYPT, CRYPT_BITLK or CRYPT_PLAIN */ static char *arg_cipher = NULL; static unsigned arg_key_size = 0; static unsigned arg_sector_size = CRYPT_SECTOR_SIZE; @@ -220,6 +220,11 @@ static int parse_one_option(const char *option) { arg_submit_from_crypt_cpus = true; else if (streq(option, "luks")) arg_type = ANY_LUKS; +/* since cryptsetup 2.3.0 (Feb 2020) */ +#ifdef CRYPT_BITLK + else if (streq(option, "bitlk")) + arg_type = CRYPT_BITLK; +#endif else if (streq(option, "tcrypt")) arg_type = CRYPT_TCRYPT; else if (STR_IN_SET(option, "tcrypt-hidden", "tcrypthidden")) { @@ -545,7 +550,7 @@ static int attach_tcrypt( return 0; } -static int attach_luks_or_plain( +static int attach_luks_or_plain_or_bitlk( struct crypt_device *cd, const char *name, const char *key_file, @@ -950,6 +955,15 @@ static int run(int argc, char *argv[]) { } } +/* since cryptsetup 2.3.0 (Feb 2020) */ +#ifdef CRYPT_BITLK + if (!arg_type || STR_IN_SET(arg_type, ANY_LUKS, CRYPT_BITLK)) { + r = crypt_load(cd, CRYPT_BITLK, NULL); + if (r < 0) + return log_error_errno(r, "Failed to load Bitlocker superblock on device %s: %m", crypt_get_device_name(cd)); + } +#endif + for (tries = 0; arg_tries == 0 || tries < arg_tries; tries++) { _cleanup_strv_free_erase_ char **passwords = NULL; @@ -988,7 +1002,7 @@ static int run(int argc, char *argv[]) { if (streq_ptr(arg_type, CRYPT_TCRYPT)) r = attach_tcrypt(cd, argv[2], key_file, key_data, key_data_size, passwords, flags); else - r = attach_luks_or_plain(cd, argv[2], key_file, key_data, key_data_size, passwords, flags, until); + r = attach_luks_or_plain_or_bitlk(cd, argv[2], key_file, key_data, key_data_size, passwords, flags, until); if (r >= 0) break; if (r != -EAGAIN) |