packages/cryptsetup
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
cryptsetup/0003-Add-blkid-scan-when-attemting-to-open-plain-device.patch
Zhiqiang Liu 09085629c6 cryptsetup: renumber patches
2020-06-30 10:12:17 +08:00

111 lines
4.2 KiB
Diff
Raw Blame History

From ee689d88b4bd9584272e01f1c467aa4648280004 Mon Sep 17 00:00:00 2001
From: Ondrej Kozina <okozina@redhat.com>
Date: Mon, 24 Sep 2018 15:38:05 +0200
Subject: [PATCH 042/324] Add blkid scan when attemting to open plain device.
Warn user about existing device signatures on candidate ciphertext
device and prompt for action confirmation.
Fixes #411.
---
src/cryptsetup.c | 27 ++++++++++++++++++++++++---
tests/device-test | 6 +++---
tests/discards-test | 2 +-
3 files changed, 28 insertions(+), 7 deletions(-)
diff --git a/src/cryptsetup.c b/src/cryptsetup.c
index 371948f..90fc703 100644
--- a/src/cryptsetup.c
+++ b/src/cryptsetup.c
@@ -166,7 +166,7 @@ static void _set_activation_flags(uint32_t *flags)
static int action_open_plain(void)
{
struct crypt_device *cd = NULL;
- char cipher[MAX_CIPHER_LEN], cipher_mode[MAX_CIPHER_LEN];
+ char *msg, cipher[MAX_CIPHER_LEN], cipher_mode[MAX_CIPHER_LEN];
struct crypt_params_plain params = {
.hash = opt_hash ?: DEFAULT_PLAIN_HASH,
.skip = opt_skip,
@@ -175,8 +175,8 @@ static int action_open_plain(void)
.sector_size = opt_sector_size,
};
char *password = NULL;
- size_t passwordLen, key_size_max;
- size_t key_size = (opt_key_size ?: DEFAULT_PLAIN_KEYBITS) / 8;
+ size_t passwordLen, key_size_max, signatures,
+ key_size = (opt_key_size ?: DEFAULT_PLAIN_KEYBITS) / 8;
uint32_t activate_flags = 0;
int r;
@@ -205,6 +205,27 @@ static int action_open_plain(void)
if ((r = crypt_init(&cd, action_argv[0])))
goto out;
+ /* Skip blkid scan when activating plain device with offset */
+ if (!opt_offset) {
+ /* Print all present signatures in read-only mode */
+ r = tools_detect_signatures(action_argv[0], 0, &signatures);
+ if (r < 0)
+ goto out;
+ }
+
+ if (signatures) {
+ r = asprintf(&msg, _("Detected device signature(s) on %s. Proceeding further may damage existing data."), action_argv[0]);
+ if (r == -1) {
+ r = -ENOMEM;
+ goto out;
+ }
+
+ r = yesDialog(msg, _("Operation aborted.\n")) ? 0 : -EINVAL;
+ free(msg);
+ if (r < 0)
+ goto out;
+ }
+
r = crypt_format(cd, CRYPT_PLAIN,
cipher, cipher_mode,
NULL, NULL,
diff --git a/tests/device-test b/tests/device-test
index b9ba98d..c49eb84 100755
--- a/tests/device-test
+++ b/tests/device-test
@@ -97,11 +97,11 @@ if [ -z "$DM_PERF_CPU" ]; then
SKIP_COUNT=$((SKIP_COUNT+1))
else
# plain
- echo -e "$PWD1" | $CRYPTSETUP open --type plain $DEV $DEV_NAME --perf-same_cpu_crypt --perf-submit_from_crypt_cpus || fail
+ echo -e "$PWD1" | $CRYPTSETUP open -q --type plain $DEV $DEV_NAME --perf-same_cpu_crypt --perf-submit_from_crypt_cpus || fail
$CRYPTSETUP status $DEV_NAME | grep -q same_cpu_crypt || fail
$CRYPTSETUP status $DEV_NAME | grep -q submit_from_crypt_cpus || fail
$CRYPTSETUP close $DEV_NAME || fail
- echo -e "$PWD1" | $CRYPTSETUP open --type plain $DEV $DEV_NAME --perf-same_cpu_crypt --allow-discards || fail
+ echo -e "$PWD1" | $CRYPTSETUP open -q --type plain $DEV $DEV_NAME --perf-same_cpu_crypt --allow-discards || fail
$CRYPTSETUP status $DEV_NAME | grep -q same_cpu_crypt || fail
$CRYPTSETUP status $DEV_NAME | grep -q discards || fail
$CRYPTSETUP close $DEV_NAME || fail
@@ -152,7 +152,7 @@ else
echo -e "$PWD1" | $CRYPTSETUP open --type plain $DEV $DEV_NAME --sector-size 1234 >/dev/null 2>&1 && fail
for S in 512 1024 2048 4096; do
echo -n "[$S]"
- echo -e "$PWD1" | $CRYPTSETUP open --type plain $DEV $DEV_NAME --sector-size $S || fail
+ echo -e "$PWD1" | $CRYPTSETUP open -q --type plain $DEV $DEV_NAME --sector-size $S || fail
check_sector_size $S
$CRYPTSETUP close $DEV_NAME || fail
done
diff --git a/tests/discards-test b/tests/discards-test
index 5ffe7ab..476c04d 100755
--- a/tests/discards-test
+++ b/tests/discards-test
@@ -74,7 +74,7 @@ dmsetup table $DEV_NAME | grep allow_discards >/dev/null || fail
$CRYPTSETUP luksClose $DEV_NAME || fail
echo "[2] Allowing discards for plain device"
-echo $PWD1 | $CRYPTSETUP create $DEV_NAME $DEV --hash sha1 --allow-discards || fail
+echo $PWD1 | $CRYPTSETUP create -q $DEV_NAME $DEV --hash sha1 --allow-discards || fail
$CRYPTSETUP status $DEV_NAME | grep flags | grep discards >/dev/null || fail
$CRYPTSETUP resize $DEV_NAME --size 100 || fail
$CRYPTSETUP status $DEV_NAME | grep flags | grep discards >/dev/null || fail
--
2.19.1
Reference in New Issue View Git Blame Copy Permalink