111 lines
4.2 KiB
Diff
111 lines
4.2 KiB
Diff
|
From ee689d88b4bd9584272e01f1c467aa4648280004 Mon Sep 17 00:00:00 2001
|
||
|
|
From: Ondrej Kozina <okozina@redhat.com>
|
||
|
|
Date: Mon, 24 Sep 2018 15:38:05 +0200
|
||
|
|
Subject: [PATCH 042/324] Add blkid scan when attemting to open plain device.
|
||
|
|
|
||
|
|
Warn user about existing device signatures on candidate ciphertext
|
||
|
|
device and prompt for action confirmation.
|
||
|
|
|
||
|
|
Fixes #411.
|
||
|
|
---
|
||
|
|
src/cryptsetup.c | 27 ++++++++++++++++++++++++---
|
||
|
|
tests/device-test | 6 +++---
|
||
|
|
tests/discards-test | 2 +-
|
||
|
|
3 files changed, 28 insertions(+), 7 deletions(-)
|
||
|
|
|
||
|
|
diff --git a/src/cryptsetup.c b/src/cryptsetup.c
|
||
|
|
index 371948f..90fc703 100644
|
||
|
|
--- a/src/cryptsetup.c
|
||
|
|
+++ b/src/cryptsetup.c
|
||
|
|
@@ -166,7 +166,7 @@ static void _set_activation_flags(uint32_t *flags)
|
||
|
|
static int action_open_plain(void)
|
||
|
|
{
|
||
|
|
struct crypt_device *cd = NULL;
|
||
|
|
- char cipher[MAX_CIPHER_LEN], cipher_mode[MAX_CIPHER_LEN];
|
||
|
|
+ char *msg, cipher[MAX_CIPHER_LEN], cipher_mode[MAX_CIPHER_LEN];
|
||
|
|
struct crypt_params_plain params = {
|
||
|
|
.hash = opt_hash ?: DEFAULT_PLAIN_HASH,
|
||
|
|
.skip = opt_skip,
|
||
|
|
@@ -175,8 +175,8 @@ static int action_open_plain(void)
|
||
|
|
.sector_size = opt_sector_size,
|
||
|
|
};
|
||
|
|
char *password = NULL;
|
||
|
|
- size_t passwordLen, key_size_max;
|
||
|
|
- size_t key_size = (opt_key_size ?: DEFAULT_PLAIN_KEYBITS) / 8;
|
||
|
|
+ size_t passwordLen, key_size_max, signatures,
|
||
|
|
+ key_size = (opt_key_size ?: DEFAULT_PLAIN_KEYBITS) / 8;
|
||
|
|
uint32_t activate_flags = 0;
|
||
|
|
int r;
|
||
|
|
|
||
|
|
@@ -205,6 +205,27 @@ static int action_open_plain(void)
|
||
|
|
if ((r = crypt_init(&cd, action_argv[0])))
|
||
|
|
goto out;
|
||
|
|
|
||
|
|
+ /* Skip blkid scan when activating plain device with offset */
|
||
|
|
+ if (!opt_offset) {
|
||
|
|
+ /* Print all present signatures in read-only mode */
|
||
|
|
+ r = tools_detect_signatures(action_argv[0], 0, &signatures);
|
||
|
|
+ if (r < 0)
|
||
|
|
+ goto out;
|
||
|
|
+ }
|
||
|
|
+
|
||
|
|
+ if (signatures) {
|
||
|
|
+ r = asprintf(&msg, _("Detected device signature(s) on %s. Proceeding further may damage existing data."), action_argv[0]);
|
||
|
|
+ if (r == -1) {
|
||
|
|
+ r = -ENOMEM;
|
||
|
|
+ goto out;
|
||
|
|
+ }
|
||
|
|
+
|
||
|
|
+ r = yesDialog(msg, _("Operation aborted.\n")) ? 0 : -EINVAL;
|
||
|
|
+ free(msg);
|
||
|
|
+ if (r < 0)
|
||
|
|
+ goto out;
|
||
|
|
+ }
|
||
|
|
+
|
||
|
|
r = crypt_format(cd, CRYPT_PLAIN,
|
||
|
|
cipher, cipher_mode,
|
||
|
|
NULL, NULL,
|
||
|
|
diff --git a/tests/device-test b/tests/device-test
|
||
|
|
index b9ba98d..c49eb84 100755
|
||
|
|
--- a/tests/device-test
|
||
|
|
+++ b/tests/device-test
|
||
|
|
@@ -97,11 +97,11 @@ if [ -z "$DM_PERF_CPU" ]; then
|
||
|
|
SKIP_COUNT=$((SKIP_COUNT+1))
|
||
|
|
else
|
||
|
|
# plain
|
||
|
|
- echo -e "$PWD1" | $CRYPTSETUP open --type plain $DEV $DEV_NAME --perf-same_cpu_crypt --perf-submit_from_crypt_cpus || fail
|
||
|
|
+ echo -e "$PWD1" | $CRYPTSETUP open -q --type plain $DEV $DEV_NAME --perf-same_cpu_crypt --perf-submit_from_crypt_cpus || fail
|
||
|
|
$CRYPTSETUP status $DEV_NAME | grep -q same_cpu_crypt || fail
|
||
|
|
$CRYPTSETUP status $DEV_NAME | grep -q submit_from_crypt_cpus || fail
|
||
|
|
$CRYPTSETUP close $DEV_NAME || fail
|
||
|
|
- echo -e "$PWD1" | $CRYPTSETUP open --type plain $DEV $DEV_NAME --perf-same_cpu_crypt --allow-discards || fail
|
||
|
|
+ echo -e "$PWD1" | $CRYPTSETUP open -q --type plain $DEV $DEV_NAME --perf-same_cpu_crypt --allow-discards || fail
|
||
|
|
$CRYPTSETUP status $DEV_NAME | grep -q same_cpu_crypt || fail
|
||
|
|
$CRYPTSETUP status $DEV_NAME | grep -q discards || fail
|
||
|
|
$CRYPTSETUP close $DEV_NAME || fail
|
||
|
|
@@ -152,7 +152,7 @@ else
|
||
|
|
echo -e "$PWD1" | $CRYPTSETUP open --type plain $DEV $DEV_NAME --sector-size 1234 >/dev/null 2>&1 && fail
|
||
|
|
for S in 512 1024 2048 4096; do
|
||
|
|
echo -n "[$S]"
|
||
|
|
- echo -e "$PWD1" | $CRYPTSETUP open --type plain $DEV $DEV_NAME --sector-size $S || fail
|
||
|
|
+ echo -e "$PWD1" | $CRYPTSETUP open -q --type plain $DEV $DEV_NAME --sector-size $S || fail
|
||
|
|
check_sector_size $S
|
||
|
|
$CRYPTSETUP close $DEV_NAME || fail
|
||
|
|
done
|
||
|
|
diff --git a/tests/discards-test b/tests/discards-test
|
||
|
|
index 5ffe7ab..476c04d 100755
|
||
|
|
--- a/tests/discards-test
|
||
|
|
+++ b/tests/discards-test
|
||
|
|
@@ -74,7 +74,7 @@ dmsetup table $DEV_NAME | grep allow_discards >/dev/null || fail
|
||
|
|
$CRYPTSETUP luksClose $DEV_NAME || fail
|
||
|
|
|
||
|
|
echo "[2] Allowing discards for plain device"
|
||
|
|
-echo $PWD1 | $CRYPTSETUP create $DEV_NAME $DEV --hash sha1 --allow-discards || fail
|
||
|
|
+echo $PWD1 | $CRYPTSETUP create -q $DEV_NAME $DEV --hash sha1 --allow-discards || fail
|
||
|
|
$CRYPTSETUP status $DEV_NAME | grep flags | grep discards >/dev/null || fail
|
||
|
|
$CRYPTSETUP resize $DEV_NAME --size 100 || fail
|
||
|
|
$CRYPTSETUP status $DEV_NAME | grep flags | grep discards >/dev/null || fail
|
||
|
|
--
|
||
|
|
2.19.1
|
||
|
|
|