summaryrefslogtreecommitdiffstats
path: root/src/shared/cryptsetup-util.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/shared/cryptsetup-util.c')
-rw-r--r--src/shared/cryptsetup-util.c106
1 files changed, 57 insertions, 49 deletions
diff --git a/src/shared/cryptsetup-util.c b/src/shared/cryptsetup-util.c
index ab5764d..d0dd434 100644
--- a/src/shared/cryptsetup-util.c
+++ b/src/shared/cryptsetup-util.c
@@ -9,58 +9,62 @@
#if HAVE_LIBCRYPTSETUP
static void *cryptsetup_dl = NULL;
-int (*sym_crypt_activate_by_passphrase)(struct crypt_device *cd, const char *name, int keyslot, const char *passphrase, size_t passphrase_size, uint32_t flags);
+DLSYM_FUNCTION(crypt_activate_by_passphrase);
#if HAVE_CRYPT_ACTIVATE_BY_SIGNED_KEY
-int (*sym_crypt_activate_by_signed_key)(struct crypt_device *cd, const char *name, const char *volume_key, size_t volume_key_size, const char *signature, size_t signature_size, uint32_t flags);
+DLSYM_FUNCTION(crypt_activate_by_signed_key);
#endif
-int (*sym_crypt_activate_by_volume_key)(struct crypt_device *cd, const char *name, const char *volume_key, size_t volume_key_size, uint32_t flags);
-int (*sym_crypt_deactivate_by_name)(struct crypt_device *cd, const char *name, uint32_t flags);
-int (*sym_crypt_format)(struct crypt_device *cd, const char *type, const char *cipher, const char *cipher_mode, const char *uuid, const char *volume_key, size_t volume_key_size, void *params);
-void (*sym_crypt_free)(struct crypt_device *cd);
-const char *(*sym_crypt_get_cipher)(struct crypt_device *cd);
-const char *(*sym_crypt_get_cipher_mode)(struct crypt_device *cd);
-uint64_t (*sym_crypt_get_data_offset)(struct crypt_device *cd);
-const char *(*sym_crypt_get_device_name)(struct crypt_device *cd);
-const char *(*sym_crypt_get_dir)(void);
-const char *(*sym_crypt_get_type)(struct crypt_device *cd);
-const char *(*sym_crypt_get_uuid)(struct crypt_device *cd);
-int (*sym_crypt_get_verity_info)(struct crypt_device *cd, struct crypt_params_verity *vp);
-int (*sym_crypt_get_volume_key_size)(struct crypt_device *cd);
-int (*sym_crypt_init)(struct crypt_device **cd, const char *device);
-int (*sym_crypt_init_by_name)(struct crypt_device **cd, const char *name);
-int (*sym_crypt_keyslot_add_by_volume_key)(struct crypt_device *cd, int keyslot, const char *volume_key, size_t volume_key_size, const char *passphrase, size_t passphrase_size);
-int (*sym_crypt_keyslot_destroy)(struct crypt_device *cd, int keyslot);
-int (*sym_crypt_keyslot_max)(const char *type);
-int (*sym_crypt_load)(struct crypt_device *cd, const char *requested_type, void *params);
-int (*sym_crypt_resize)(struct crypt_device *cd, const char *name, uint64_t new_size);
-int (*sym_crypt_resume_by_passphrase)(struct crypt_device *cd, const char *name, int keyslot, const char *passphrase, size_t passphrase_size);
-int (*sym_crypt_set_data_device)(struct crypt_device *cd, const char *device);
-void (*sym_crypt_set_debug_level)(int level);
-void (*sym_crypt_set_log_callback)(struct crypt_device *cd, void (*log)(int level, const char *msg, void *usrptr), void *usrptr);
+DLSYM_FUNCTION(crypt_activate_by_volume_key);
+DLSYM_FUNCTION(crypt_deactivate_by_name);
+DLSYM_FUNCTION(crypt_format);
+DLSYM_FUNCTION(crypt_free);
+DLSYM_FUNCTION(crypt_get_cipher);
+DLSYM_FUNCTION(crypt_get_cipher_mode);
+DLSYM_FUNCTION(crypt_get_data_offset);
+DLSYM_FUNCTION(crypt_get_device_name);
+DLSYM_FUNCTION(crypt_get_dir);
+DLSYM_FUNCTION(crypt_get_type);
+DLSYM_FUNCTION(crypt_get_uuid);
+DLSYM_FUNCTION(crypt_get_verity_info);
+DLSYM_FUNCTION(crypt_get_volume_key_size);
+DLSYM_FUNCTION(crypt_init);
+DLSYM_FUNCTION(crypt_init_by_name);
+DLSYM_FUNCTION(crypt_keyslot_add_by_volume_key);
+DLSYM_FUNCTION(crypt_keyslot_destroy);
+DLSYM_FUNCTION(crypt_keyslot_max);
+DLSYM_FUNCTION(crypt_load);
+DLSYM_FUNCTION(crypt_resize);
+#if HAVE_CRYPT_RESUME_BY_VOLUME_KEY
+DLSYM_FUNCTION(crypt_resume_by_volume_key);
+#endif
+DLSYM_FUNCTION(crypt_set_data_device);
+DLSYM_FUNCTION(crypt_set_debug_level);
+DLSYM_FUNCTION(crypt_set_log_callback);
#if HAVE_CRYPT_SET_METADATA_SIZE
-int (*sym_crypt_set_metadata_size)(struct crypt_device *cd, uint64_t metadata_size, uint64_t keyslots_size);
+DLSYM_FUNCTION(crypt_set_metadata_size);
#endif
-int (*sym_crypt_set_pbkdf_type)(struct crypt_device *cd, const struct crypt_pbkdf_type *pbkdf);
-int (*sym_crypt_suspend)(struct crypt_device *cd, const char *name);
-int (*sym_crypt_token_json_get)(struct crypt_device *cd, int token, const char **json);
-int (*sym_crypt_token_json_set)(struct crypt_device *cd, int token, const char *json);
+DLSYM_FUNCTION(crypt_set_pbkdf_type);
+DLSYM_FUNCTION(crypt_suspend);
+DLSYM_FUNCTION(crypt_token_json_get);
+DLSYM_FUNCTION(crypt_token_json_set);
#if HAVE_CRYPT_TOKEN_MAX
-int (*sym_crypt_token_max)(const char *type);
+DLSYM_FUNCTION(crypt_token_max);
#endif
-crypt_token_info (*sym_crypt_token_status)(struct crypt_device *cd, int token, const char **type);
-int (*sym_crypt_volume_key_get)(struct crypt_device *cd, int keyslot, char *volume_key, size_t *volume_key_size, const char *passphrase, size_t passphrase_size);
+DLSYM_FUNCTION(crypt_token_status);
+DLSYM_FUNCTION(crypt_volume_key_get);
#if HAVE_CRYPT_REENCRYPT_INIT_BY_PASSPHRASE
-int (*sym_crypt_reencrypt_init_by_passphrase)(struct crypt_device *cd, const char *name, const char *passphrase, size_t passphrase_size, int keyslot_old, int keyslot_new, const char *cipher, const char *cipher_mode, const struct crypt_params_reencrypt *params);
+DLSYM_FUNCTION(crypt_reencrypt_init_by_passphrase);
#endif
-#if HAVE_CRYPT_REENCRYPT
-int (*sym_crypt_reencrypt)(struct crypt_device *cd, int (*progress)(uint64_t size, uint64_t offset, void *usrptr));
+#if HAVE_CRYPT_REENCRYPT_RUN
+DLSYM_FUNCTION(crypt_reencrypt_run);
+#elif HAVE_CRYPT_REENCRYPT
+DLSYM_FUNCTION(crypt_reencrypt);
#endif
-int (*sym_crypt_metadata_locking)(struct crypt_device *cd, int enable);
+DLSYM_FUNCTION(crypt_metadata_locking);
#if HAVE_CRYPT_SET_DATA_OFFSET
-int (*sym_crypt_set_data_offset)(struct crypt_device *cd, uint64_t data_offset);
+DLSYM_FUNCTION(crypt_set_data_offset);
#endif
-int (*sym_crypt_header_restore)(struct crypt_device *cd, const char *requested_type, const char *backup_file);
-int (*sym_crypt_volume_key_keyring)(struct crypt_device *cd, int enable);
+DLSYM_FUNCTION(crypt_header_restore);
+DLSYM_FUNCTION(crypt_volume_key_keyring);
/* Unfortunately libcryptsetup provides neither an environment variable to redirect where to look for token
* modules, nor does it have an API to change the token lookup path at runtime. The maintainers suggest using
@@ -242,11 +246,13 @@ int dlopen_cryptsetup(void) {
/* libcryptsetup added crypt_reencrypt() in 2.2.0, and marked it obsolete in 2.4.0, replacing it with
* crypt_reencrypt_run(), which takes one extra argument but is otherwise identical. The old call is
- * still available though, and given we want to support 2.2.0 for a while longer, we'll stick to the
- * old symbol. However, the old symbols now has a GCC deprecation decorator, hence let's turn off
- * warnings about this for now. */
+ * still available though, and given we want to support 2.2.0 for a while longer, we'll use the old
+ * symbol if the new one is not available. */
- DISABLE_WARNING_DEPRECATED_DECLARATIONS;
+ ELF_NOTE_DLOPEN("cryptsetup",
+ "Support for disk encryption, integrity, and authentication",
+ ELF_NOTE_DLOPEN_PRIORITY_SUGGESTED,
+ "libcryptsetup.so.12");
r = dlopen_many_sym_or_warn(
&cryptsetup_dl, "libcryptsetup.so.12", LOG_DEBUG,
@@ -274,7 +280,9 @@ int dlopen_cryptsetup(void) {
DLSYM_ARG(crypt_keyslot_max),
DLSYM_ARG(crypt_load),
DLSYM_ARG(crypt_resize),
- DLSYM_ARG(crypt_resume_by_passphrase),
+#if HAVE_CRYPT_RESUME_BY_VOLUME_KEY
+ DLSYM_ARG(crypt_resume_by_volume_key),
+#endif
DLSYM_ARG(crypt_set_data_device),
DLSYM_ARG(crypt_set_debug_level),
DLSYM_ARG(crypt_set_log_callback),
@@ -293,7 +301,9 @@ int dlopen_cryptsetup(void) {
#if HAVE_CRYPT_REENCRYPT_INIT_BY_PASSPHRASE
DLSYM_ARG(crypt_reencrypt_init_by_passphrase),
#endif
-#if HAVE_CRYPT_REENCRYPT
+#if HAVE_CRYPT_REENCRYPT_RUN
+ DLSYM_ARG(crypt_reencrypt_run),
+#elif HAVE_CRYPT_REENCRYPT
DLSYM_ARG(crypt_reencrypt),
#endif
DLSYM_ARG(crypt_metadata_locking),
@@ -305,8 +315,6 @@ int dlopen_cryptsetup(void) {
if (r <= 0)
return r;
- REENABLE_WARNING;
-
/* Redirect the default logging calls of libcryptsetup to our own logging infra. (Note that
* libcryptsetup also maintains per-"struct crypt_device" log functions, which we'll also set
* whenever allocating a "struct crypt_device" context. Why set both? To be defensive: maybe some
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 08:02:52 +0000