summaryrefslogtreecommitdiffstats
path: root/lib/luks2/luks2_keyslot_reenc.c
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-17 08:35:41 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-17 08:35:41 +0000
commitf7458043ae6a2d2d54b911fac52e50341646bef2 (patch)
tree6c58e084cd8728490fd5bb8eead07db0be0038f4 /lib/luks2/luks2_keyslot_reenc.c
parentAdding upstream version 2:2.6.1. (diff)
downloadcryptsetup-f7458043ae6a2d2d54b911fac52e50341646bef2.tar.xz
cryptsetup-f7458043ae6a2d2d54b911fac52e50341646bef2.zip
Adding upstream version 2:2.7.0.upstream/2%2.7.0
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'lib/luks2/luks2_keyslot_reenc.c')
-rw-r--r--lib/luks2/luks2_keyslot_reenc.c21
1 files changed, 12 insertions, 9 deletions
diff --git a/lib/luks2/luks2_keyslot_reenc.c b/lib/luks2/luks2_keyslot_reenc.c
index 4291d0c..e847673 100644
--- a/lib/luks2/luks2_keyslot_reenc.c
+++ b/lib/luks2/luks2_keyslot_reenc.c
@@ -1,8 +1,8 @@
/*
* LUKS - Linux Unified Key Setup v2, reencryption keyslot handler
*
- * Copyright (C) 2016-2023 Red Hat, Inc. All rights reserved.
- * Copyright (C) 2016-2023 Ondrej Kozina
+ * Copyright (C) 2016-2024 Red Hat, Inc. All rights reserved.
+ * Copyright (C) 2016-2024 Ondrej Kozina
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
@@ -145,7 +145,12 @@ static int reenc_keyslot_alloc(struct crypt_device *cd,
else
json_object_object_add(jobj_keyslot, "direction", json_object_new_string("backward"));
- json_object_object_add_by_uint(jobj_keyslots, keyslot, jobj_keyslot);
+ r = json_object_object_add_by_uint(jobj_keyslots, keyslot, jobj_keyslot);
+ if (r) {
+ json_object_put(jobj_keyslot);
+ return r;
+ }
+
if (LUKS2_check_json_size(cd, hdr)) {
log_dbg(cd, "New keyslot too large to fit in free metadata space.");
json_object_object_del_by_uint(jobj_keyslots, keyslot);
@@ -371,8 +376,7 @@ static int reenc_keyslot_validate(struct crypt_device *cd, json_object *jobj_key
return 0;
}
-static int reenc_keyslot_update_needed(struct crypt_device *cd,
- json_object *jobj_keyslot,
+static int reenc_keyslot_update_needed(json_object *jobj_keyslot,
const struct crypt_params_reencrypt *params,
size_t alignment)
{
@@ -537,8 +541,7 @@ static int reenc_keyslot_load_resilience(struct crypt_device *cd,
return reenc_keyslot_load_resilience_secondary(cd, type, jobj_area, area_length, rp);
}
-static bool reenc_keyslot_update_is_valid(struct crypt_device *cd,
- json_object *jobj_area,
+static bool reenc_keyslot_update_is_valid(json_object *jobj_area,
const struct crypt_params_reencrypt *params)
{
const char *type;
@@ -589,7 +592,7 @@ static int reenc_keyslot_update(struct crypt_device *cd,
if (!params || !params->resilience)
jobj_area_new = reencrypt_keyslot_area_jobj_update_block_size(cd, jobj_area, alignment);
else {
- if (!reenc_keyslot_update_is_valid(cd, jobj_area, params)) {
+ if (!reenc_keyslot_update_is_valid(jobj_area, params)) {
log_err(cd, _("Invalid reencryption resilience mode change requested."));
return -EINVAL;
}
@@ -661,7 +664,7 @@ int LUKS2_keyslot_reencrypt_update_needed(struct crypt_device *cd,
strcmp(json_object_get_string(jobj_type), "reencrypt"))
return -EINVAL;
- r = reenc_keyslot_update_needed(cd, jobj_keyslot, params, alignment);
+ r = reenc_keyslot_update_needed(jobj_keyslot, params, alignment);
if (!r)
log_dbg(cd, "No update of reencrypt keyslot needed.");