1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-25 06:03:40 +03:00

cryptsetup: add support for sector-size= option (#9936)

Bug-Ubuntu: https://launchpad.net/bugs/1776626

Closes #8881.
This commit is contained in:
Dimitri John Ledkov 2018-08-29 15:38:09 +01:00 committed by Yu Watanabe
parent 030836923d
commit a9fc640671
3 changed files with 45 additions and 0 deletions

View File

@ -250,6 +250,15 @@
option.</para></listitem> option.</para></listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term><option>sector-size=</option></term>
<listitem><para>Specifies the sector size in bytes. See
<citerefentry project='die-net'><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
for possible values and the default value of this
option.</para></listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term><option>swap</option></term> <term><option>swap</option></term>

View File

@ -924,11 +924,17 @@ if want_libcryptsetup != 'false' and not fuzzer_build
version : '>= 1.6.0', version : '>= 1.6.0',
required : want_libcryptsetup == 'true') required : want_libcryptsetup == 'true')
have = libcryptsetup.found() have = libcryptsetup.found()
have_sector = cc.has_member(
'struct crypt_params_plain',
'sector_size',
prefix : '#include <libcryptsetup.h>')
else else
have = false have = false
have_sector = false
libcryptsetup = [] libcryptsetup = []
endif endif
conf.set10('HAVE_LIBCRYPTSETUP', have) conf.set10('HAVE_LIBCRYPTSETUP', have)
conf.set10('HAVE_LIBCRYPTSETUP_SECTOR_SIZE', have_sector)
want_libcurl = get_option('libcurl') want_libcurl = get_option('libcurl')
if want_libcurl != 'false' and not fuzzer_build if want_libcurl != 'false' and not fuzzer_build

View File

@ -24,10 +24,14 @@
/* internal helper */ /* internal helper */
#define ANY_LUKS "LUKS" #define ANY_LUKS "LUKS"
/* as in src/cryptsetup.h */
#define CRYPT_SECTOR_SIZE 512
#define CRYPT_MAX_SECTOR_SIZE 4096
static const char *arg_type = NULL; /* ANY_LUKS, CRYPT_LUKS1, CRYPT_LUKS2, CRYPT_TCRYPT or CRYPT_PLAIN */ static const char *arg_type = NULL; /* ANY_LUKS, CRYPT_LUKS1, CRYPT_LUKS2, CRYPT_TCRYPT or CRYPT_PLAIN */
static char *arg_cipher = NULL; static char *arg_cipher = NULL;
static unsigned arg_key_size = 0; static unsigned arg_key_size = 0;
static unsigned arg_sector_size = CRYPT_SECTOR_SIZE;
static int arg_key_slot = CRYPT_ANY_SLOT; static int arg_key_slot = CRYPT_ANY_SLOT;
static unsigned arg_keyfile_size = 0; static unsigned arg_keyfile_size = 0;
static uint64_t arg_keyfile_offset = 0; static uint64_t arg_keyfile_offset = 0;
@ -87,6 +91,29 @@ static int parse_one_option(const char *option) {
arg_key_size /= 8; arg_key_size /= 8;
} else if ((val = startswith(option, "sector-size="))) {
#if HAVE_LIBCRYPTSETUP_SECTOR_SIZE
r = safe_atou(val, &arg_sector_size);
if (r < 0) {
log_error_errno(r, "Failed to parse %s, ignoring: %m", option);
return 0;
}
if (arg_sector_size % 2) {
log_error("sector-size= not a multiple of 2, ignoring.");
return 0;
}
if (arg_sector_size < CRYPT_SECTOR_SIZE || arg_sector_size > CRYPT_MAX_SECTOR_SIZE) {
log_error("sector-size= is outside of %u and %u, ignoring.", CRYPT_SECTOR_SIZE, CRYPT_MAX_SECTOR_SIZE);
return 0;
}
#else
log_error("sector-size= is not supported, compiled with old libcryptsetup.");
return 0;
#endif
} else if ((val = startswith(option, "key-slot="))) { } else if ((val = startswith(option, "key-slot="))) {
arg_type = ANY_LUKS; arg_type = ANY_LUKS;
@ -472,6 +499,9 @@ static int attach_luks_or_plain(struct crypt_device *cd,
struct crypt_params_plain params = { struct crypt_params_plain params = {
.offset = arg_offset, .offset = arg_offset,
.skip = arg_skip, .skip = arg_skip,
#if HAVE_LIBCRYPTSETUP_SECTOR_SIZE
.sector_size = arg_sector_size,
#endif
}; };
const char *cipher, *cipher_mode; const char *cipher, *cipher_mode;
_cleanup_free_ char *truncated_cipher = NULL; _cleanup_free_ char *truncated_cipher = NULL;