From 063a7a0071a0e6b01426088c8003e24e160937d1 Mon Sep 17 00:00:00 2001 From: Dimitri John Ledkov Date: Wed, 29 Aug 2018 15:38:09 +0100 Subject: [PATCH] cryptsetup: add support for sector-size= option (#9936) Bug-Ubuntu: https://launchpad.net/bugs/1776626 Closes #8881. (cherry picked from commit a9fc640671ef60ac949f1ace6fa687ff242fc233) Resolves: #1571801 --- configure.ac | 6 ++++++ man/crypttab.xml | 9 +++++++++ src/cryptsetup/cryptsetup.c | 35 ++++++++++++++++++++++++++++++++++- 3 files changed, 49 insertions(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac index ee147e28eb..19d42602c9 100644 --- a/configure.ac +++ b/configure.ac @@ -832,6 +832,12 @@ if test "x$enable_libcryptsetup" != "xno"; then if test "x$have_libcryptsetup" = xno -a "x$enable_libcryptsetup" = xyes; then AC_MSG_ERROR([*** libcryptsetup support requested but libraries not found]) fi + AC_CHECK_MEMBER( + [struct crypt_params_plain.sector_size], + [AC_DEFINE([HAVE_LIBCRYPTSETUP_SECTOR_SIZE], [1], [Define if libcryptsetup supports sector_size param])], + [], + [#include ] + ) fi AM_CONDITIONAL(HAVE_LIBCRYPTSETUP, [test "$have_libcryptsetup" = "yes"]) diff --git a/man/crypttab.xml b/man/crypttab.xml index e4ecab3dcb..df75007072 100644 --- a/man/crypttab.xml +++ b/man/crypttab.xml @@ -248,6 +248,15 @@ option. + + + + Specifies the sector size in bytes. See + cryptsetup8 + for possible values and the default value of this + option. + + diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c index 528c36c48b..fd8b9ba9ec 100644 --- a/src/cryptsetup/cryptsetup.c +++ b/src/cryptsetup/cryptsetup.c @@ -43,10 +43,14 @@ /* internal helper */ #define ANY_LUKS "LUKS" +/* as in src/cryptsetup.h */ +#define CRYPT_SECTOR_SIZE 512 +#define CRYPT_MAX_SECTOR_SIZE 4096 static const char *arg_type = NULL; /* ANY_LUKS, CRYPT_LUKS1, CRYPT_LUKS2, CRYPT_TCRYPT or CRYPT_PLAIN */ static char *arg_cipher = NULL; static unsigned arg_key_size = 0; +static unsigned arg_sector_size = CRYPT_SECTOR_SIZE; static int arg_key_slot = CRYPT_ANY_SLOT; static unsigned arg_keyfile_size = 0; static unsigned arg_keyfile_offset = 0; @@ -104,6 +108,31 @@ static int parse_one_option(const char *option) { arg_key_size /= 8; + } else if (startswith(option, "sector-size=")) { + +#if HAVE_LIBCRYPTSETUP_SECTOR_SIZE + int r; + + r = safe_atou(option+12, &arg_sector_size); + if (r < 0) { + log_error_errno(r, "Failed to parse %s, ignoring: %m", option); + return 0; + } + + if (arg_sector_size % 2) { + log_error("sector-size= not a multiple of 2, ignoring."); + return 0; + } + + if (arg_sector_size < CRYPT_SECTOR_SIZE || arg_sector_size > CRYPT_MAX_SECTOR_SIZE) { + log_error("sector-size= is outside of %u and %u, ignoring.", CRYPT_SECTOR_SIZE, CRYPT_MAX_SECTOR_SIZE); + return 0; + } +#else + log_error("sector-size= is not supported, compiled with old libcryptsetup."); + return 0; +#endif + } else if (startswith(option, "key-slot=")) { arg_type = ANY_LUKS; @@ -450,7 +479,11 @@ static int attach_luks_or_plain(struct crypt_device *cd, } if ((!arg_type && r < 0) || streq_ptr(arg_type, CRYPT_PLAIN)) { - struct crypt_params_plain params = {}; + struct crypt_params_plain params = { +#if HAVE_LIBCRYPTSETUP_SECTOR_SIZE + .sector_size = arg_sector_size, +#endif + }; const char *cipher, *cipher_mode; _cleanup_free_ char *truncated_cipher = NULL;