diff options
| author | Daan De Meyer <daan.j.demeyer@gmail.com> | 2022-10-09 20:46:59 +0200 |
|---|---|---|
| committer | Daan De Meyer <daan.j.demeyer@gmail.com> | 2022-11-15 20:07:54 +0100 |
| commit | 48a09a8fff480aab9a68e95e95cc37f6b1438751 (patch) | |
| tree | e6fcc7e9f49fd5c37ed9b73f2e885415336234c3 /src/shared/cryptsetup-util.h | |
| parent | 98e0456ec04c2b210291f41f6d8f8527263e0c67 (diff) | |
| download | systemd-48a09a8fff480aab9a68e95e95cc37f6b1438751.tar.gz | |
repart: Do offline encryption instead of online
Offline encryption can be done without mounting the luks device. For
now we still use loop devices to split out the partition we want to
write to but in a later commit we'll replace this with a regular file.
For offline encryption, we need to keep 2x the luks header size space
free at the end of the partition, so this means our encrypted partitions
will be 16M larger than before.
Diffstat (limited to 'src/shared/cryptsetup-util.h')
| -rw-r--r-- | src/shared/cryptsetup-util.h | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/src/shared/cryptsetup-util.h b/src/shared/cryptsetup-util.h index b390dc9a5c..5ff439d9c2 100644 --- a/src/shared/cryptsetup-util.h +++ b/src/shared/cryptsetup-util.h @@ -64,6 +64,18 @@ static inline int crypt_token_max(_unused_ const char *type) { #endif extern crypt_token_info (*sym_crypt_token_status)(struct crypt_device *cd, int token, const char **type); extern int (*sym_crypt_volume_key_get)(struct crypt_device *cd, int keyslot, char *volume_key, size_t *volume_key_size, const char *passphrase, size_t passphrase_size); +#if HAVE_CRYPT_REENCRYPT_INIT_BY_PASSPHRASE +extern int (*sym_crypt_reencrypt_init_by_passphrase)(struct crypt_device *cd, const char *name, const char *passphrase, size_t passphrase_size, int keyslot_old, int keyslot_new, const char *cipher, const char *cipher_mode, const struct crypt_params_reencrypt *params); +#endif +#if HAVE_CRYPT_REENCRYPT +extern int (*sym_crypt_reencrypt)(struct crypt_device *cd, int (*progress)(uint64_t size, uint64_t offset, void *usrptr)); +#endif +extern int (*sym_crypt_metadata_locking)(struct crypt_device *cd, int enable); +#if HAVE_CRYPT_SET_DATA_OFFSET +extern int (*sym_crypt_set_data_offset)(struct crypt_device *cd, uint64_t data_offset); +#endif +extern int (*sym_crypt_header_restore)(struct crypt_device *cd, const char *requested_type, const char *backup_file); +extern int (*sym_crypt_volume_key_keyring)(struct crypt_device *cd, int enable); DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(struct crypt_device *, crypt_free, NULL); DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(struct crypt_device *, sym_crypt_free, NULL); |