|
|
33f49e |
From 18cb1eeeb9d320d9fb4f9bc3289a23f6694f9d60 Mon Sep 17 00:00:00 2001
|
|
|
33f49e |
From: Milan Broz <gmazyland@gmail.com>
|
|
|
33f49e |
Date: Sun, 2 Jan 2022 16:57:31 +0100
|
|
|
33f49e |
Subject: [PATCH 13/28] Do not run reencryption recovery when not needed.
|
|
|
33f49e |
|
|
|
33f49e |
---
|
|
|
33f49e |
src/cryptsetup.c | 20 +++++++++++++-------
|
|
|
33f49e |
1 file changed, 13 insertions(+), 7 deletions(-)
|
|
|
33f49e |
|
|
|
33f49e |
diff --git a/src/cryptsetup.c b/src/cryptsetup.c
|
|
|
33f49e |
index 5547b3cc..206575c7 100644
|
|
|
33f49e |
--- a/src/cryptsetup.c
|
|
|
33f49e |
+++ b/src/cryptsetup.c
|
|
|
33f49e |
@@ -1125,6 +1125,7 @@ static int _do_luks2_reencrypt_recovery(struct crypt_device *cd)
|
|
|
33f49e |
{
|
|
|
33f49e |
int r;
|
|
|
33f49e |
size_t passwordLen;
|
|
|
33f49e |
+ const char *msg;
|
|
|
33f49e |
char *password = NULL;
|
|
|
33f49e |
struct crypt_params_reencrypt recovery_params = {
|
|
|
33f49e |
.flags = CRYPT_REENCRYPT_RECOVERY
|
|
|
33f49e |
@@ -1133,12 +1134,8 @@ static int _do_luks2_reencrypt_recovery(struct crypt_device *cd)
|
|
|
33f49e |
crypt_reencrypt_info ri = crypt_reencrypt_status(cd, NULL);
|
|
|
33f49e |
switch (ri) {
|
|
|
33f49e |
case CRYPT_REENCRYPT_NONE:
|
|
|
33f49e |
- /* fall through */
|
|
|
33f49e |
+ return 0;
|
|
|
33f49e |
case CRYPT_REENCRYPT_CLEAN:
|
|
|
33f49e |
- r = noDialog(_("Seems device does not require reencryption recovery.\n"
|
|
|
33f49e |
- "Do you want to proceed anyway?"), NULL);
|
|
|
33f49e |
- if (!r)
|
|
|
33f49e |
- return 0;
|
|
|
33f49e |
break;
|
|
|
33f49e |
case CRYPT_REENCRYPT_CRASH:
|
|
|
33f49e |
r = yesDialog(_("Really proceed with LUKS2 reencryption recovery?"),
|
|
|
33f49e |
@@ -1150,8 +1147,12 @@ static int _do_luks2_reencrypt_recovery(struct crypt_device *cd)
|
|
|
33f49e |
return -EINVAL;
|
|
|
33f49e |
}
|
|
|
33f49e |
|
|
|
33f49e |
- r = tools_get_key(_("Enter passphrase for reencryption recovery: "),
|
|
|
33f49e |
- &password, &passwordLen, opt_keyfile_offset,
|
|
|
33f49e |
+ if (ri == CRYPT_REENCRYPT_CLEAN)
|
|
|
33f49e |
+ msg = _("Enter passphrase to verify reencryption metadata digest: ");
|
|
|
33f49e |
+ else
|
|
|
33f49e |
+ msg = _("Enter passphrase for reencryption recovery: ");
|
|
|
33f49e |
+
|
|
|
33f49e |
+ r = tools_get_key(msg, &password, &passwordLen, opt_keyfile_offset,
|
|
|
33f49e |
opt_keyfile_size, opt_key_file, opt_timeout,
|
|
|
33f49e |
_verify_passphrase(0), 0, cd);
|
|
|
33f49e |
if (r < 0)
|
|
|
33f49e |
@@ -1162,6 +1163,11 @@ static int _do_luks2_reencrypt_recovery(struct crypt_device *cd)
|
|
|
33f49e |
if (r < 0)
|
|
|
33f49e |
goto out;
|
|
|
33f49e |
|
|
|
33f49e |
+ if (ri == CRYPT_REENCRYPT_CLEAN) {
|
|
|
33f49e |
+ r = 0;
|
|
|
33f49e |
+ goto out;
|
|
|
33f49e |
+ }
|
|
|
33f49e |
+
|
|
|
33f49e |
r = crypt_reencrypt_init_by_passphrase(cd, NULL, password, passwordLen,
|
|
|
33f49e |
opt_key_slot, opt_key_slot, NULL, NULL, &recovery_params);
|
|
|
33f49e |
if (r > 0)
|
|
|
33f49e |
--
|
|
|
33f49e |
2.27.0
|
|
|
33f49e |
|