diff options
author | Ondrej Kozina <okozina@redhat.com> | 2017-10-12 12:57:25 +0200 |
---|---|---|
committer | Ondrej Kozina <okozina@redhat.com> | 2017-10-13 15:30:05 +0200 |
commit | b3b4ebab02395933cde554b5a5d5c363dae3920d (patch) | |
tree | 293368efe750ad38ccf6e06dacc46f6097be2136 /src/cryptsetup | |
parent | a524f124570061e7532b5b9c1cebe61187a4973f (diff) | |
download | systemd-b3b4ebab02395933cde554b5a5d5c363dae3920d.tar.gz |
cryptsetup: support LUKS2 on-disk format
Allow cryptsetup utility to activate LUKS2 devices (with appropriate
libcryptsetup)
The change itself doesn't enforce new libcryptsetup 2.x and is backward
compatible with versions 1.x
Diffstat (limited to 'src/cryptsetup')
-rw-r--r-- | src/cryptsetup/cryptsetup.c | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c index 8fc35ad999..785bdff99d 100644 --- a/src/cryptsetup/cryptsetup.c +++ b/src/cryptsetup/cryptsetup.c @@ -38,7 +38,15 @@ #include "strv.h" #include "util.h" -static const char *arg_type = NULL; /* CRYPT_LUKS1, CRYPT_TCRYPT or CRYPT_PLAIN */ +/* libcryptsetup define for any LUKS version, compatible with libcryptsetup 1.x */ +#ifndef CRYPT_LUKS +#define CRYPT_LUKS NULL +#endif + +/* internal helper */ +#define ANY_LUKS "LUKS" + +static const char *arg_type = NULL; /* ANY_LUKS, CRYPT_LUKS1, CRYPT_LUKS2, CRYPT_TCRYPT or CRYPT_PLAIN */ static char *arg_cipher = NULL; static unsigned arg_key_size = 0; static int arg_key_slot = CRYPT_ANY_SLOT; @@ -102,7 +110,7 @@ static int parse_one_option(const char *option) { } else if ((val = startswith(option, "key-slot="))) { - arg_type = CRYPT_LUKS1; + arg_type = ANY_LUKS; r = safe_atoi(val, &arg_key_slot); if (r < 0) { log_error_errno(r, "Failed to parse %s, ignoring: %m", option); @@ -140,7 +148,7 @@ static int parse_one_option(const char *option) { return log_oom(); } else if ((val = startswith(option, "header="))) { - arg_type = CRYPT_LUKS1; + arg_type = ANY_LUKS; if (!path_is_absolute(val)) { log_error("Header path \"%s\" is not absolute, refusing.", val); @@ -171,7 +179,7 @@ static int parse_one_option(const char *option) { else if (STR_IN_SET(option, "allow-discards", "discard")) arg_discards = true; else if (streq(option, "luks")) - arg_type = CRYPT_LUKS1; + arg_type = ANY_LUKS; else if (streq(option, "tcrypt")) arg_type = CRYPT_TCRYPT; else if (streq(option, "tcrypt-hidden")) { @@ -491,8 +499,8 @@ static int attach_luks_or_plain(struct crypt_device *cd, assert(name); assert(key_file || passwords); - if (!arg_type || streq(arg_type, CRYPT_LUKS1)) { - r = crypt_load(cd, CRYPT_LUKS1, NULL); + if (!arg_type || STR_IN_SET(arg_type, ANY_LUKS, CRYPT_LUKS1)) { + r = crypt_load(cd, CRYPT_LUKS, NULL); if (r < 0) { log_error("crypt_load() failed on device %s.\n", crypt_get_device_name(cd)); return r; |