Commit 30d109c0 authored by Ondrej Kozina's avatar Ondrej Kozina Committed by Milan Broz

Add support for blkid scans and signature wiping in tools.

parent e8e1f844
noinst_LTLIBRARIES += libutils_tools.la
libutils_tools_la_SOURCES = \
src/utils_tools.c \
src/utils_password.c \
lib/utils_io.c \
lib/utils_blkid.c \
src/cryptsetup.h
libutils_tools_la_CFLAGS = $(AM_CFLAGS)
libutils_tools_la_LIBADD = -lm @BLKID_LIBS@
# cryptsetup
if CRYPTSETUP
cryptsetup_SOURCES = \
lib/utils_crypt.c \
lib/utils_loop.c \
lib/utils_io.c \
src/utils_tools.c \
src/utils_password.c \
src/cryptsetup.c \
src/cryptsetup.h
cryptsetup_LDADD = -lm \
cryptsetup_LDADD = \
libcryptsetup.la \
libutils_tools.la \
@POPT_LIBS@ \
@PWQUALITY_LIBS@ \
@PASSWDQC_LIBS@ \
......@@ -37,12 +48,12 @@ if VERITYSETUP
veritysetup_SOURCES = \
lib/utils_crypt.c \
lib/utils_loop.c \
src/utils_tools.c \
src/veritysetup.c \
src/cryptsetup.h
veritysetup_LDADD = -lm \
veritysetup_LDADD = \
libcryptsetup.la \
libutils_tools.la \
@POPT_LIBS@
sbin_PROGRAMS += veritysetup
......@@ -65,12 +76,12 @@ if INTEGRITYSETUP
integritysetup_SOURCES = \
lib/utils_crypt.c \
lib/utils_loop.c \
src/utils_tools.c \
src/integritysetup.c \
src/cryptsetup.h
integritysetup_LDADD = -lm \
integritysetup_LDADD = \
libcryptsetup.la \
libutils_tools.la \
@POPT_LIBS@ \
@UUID_LIBS@
......@@ -92,18 +103,17 @@ endif
if REENCRYPT
cryptsetup_reencrypt_SOURCES = \
lib/utils_crypt.c \
lib/utils_io.c \
src/utils_tools.c \
src/utils_password.c \
src/cryptsetup_reencrypt.c \
src/cryptsetup.h
cryptsetup_reencrypt_LDADD = -lm \
cryptsetup_reencrypt_LDADD = \
libcryptsetup.la \
libutils_tools.la \
@POPT_LIBS@ \
@PWQUALITY_LIBS@ \
@PASSWDQC_LIBS@ \
@UUID_LIBS@
@UUID_LIBS@ \
@BLKID_LIBS@
sbin_PROGRAMS += cryptsetup-reencrypt
......
......@@ -44,6 +44,7 @@
#include "lib/utils_loop.h"
#include "lib/utils_fips.h"
#include "lib/utils_io.h"
#include "lib/utils_blkid.h"
#include "libcryptsetup.h"
......@@ -102,6 +103,9 @@ int tools_wipe_progress(uint64_t size, uint64_t offset, void *usrptr);
int tools_read_mk(const char *file, char **key, int keysize);
int tools_write_mk(const char *file, const char *key, int keysize);
int tools_detect_signatures(const char *device, int ignore_luks, size_t *count);
int tools_wipe_all_signatures(const char *path);
/* Log */
#define log_dbg(x...) clogger(NULL, CRYPT_LOG_DEBUG, __FILE__, __LINE__, x)
#define log_std(x...) clogger(NULL, CRYPT_LOG_NORMAL, __FILE__, __LINE__, x)
......
......@@ -429,3 +429,132 @@ int tools_wipe_progress(uint64_t size, uint64_t offset, void *usrptr)
return r;
}
static void report_partition(const char *value, const char *device)
{
if (opt_batch_mode)
log_dbg("Detected '%s' partition signature on device %s.", value, device);
else
log_std(_("Detected '%s' partition signature on device %s.\n"), value, device);
}
static void report_superblock(const char *value, const char *device)
{
if (opt_batch_mode)
log_dbg("Detected '%s' superblock signature on device %s.", value, device);
else
log_std(_("Detected '%s' superblock signature on device %s.\n"), value, device);
}
int tools_detect_signatures(const char *device, int ignore_luks, size_t *count)
{
int r;
size_t tmp_count;
struct blkid_handle *h;
blk_probe_status pr;
if (!count)
count = &tmp_count;
*count = 0;
if (!blk_supported()) {
log_dbg("Blkid support disabled.");
return 0;
}
if ((r = blk_init_by_path(&h, device))) {
log_err(_("Failed to initialize device signature probes."));
return -EINVAL;
}
blk_set_chains_for_full_print(h);
if (ignore_luks && blk_superblocks_filter_luks(h)) {
r = -EINVAL;
goto out;
}
while ((pr = blk_probe(h)) < PRB_EMPTY) {
if (blk_is_partition(h))
report_partition(blk_get_partition_type(h), device);
else if (blk_is_superblock(h))
report_superblock(blk_get_superblock_type(h), device);
else {
log_dbg("Internal tools_detect_signatures() error.");
r = -EINVAL;
goto out;
}
(*count)++;
}
if (pr == PRB_FAIL)
r = -EINVAL;
out:
blk_free(h);
return r;
}
int tools_wipe_all_signatures(const char *path)
{
int fd, flags, r;
blk_probe_status pr;
struct stat st;
struct blkid_handle *h = NULL;
if (!blk_supported()) {
log_dbg("Blkid support disabled.");
return 0;
}
if (stat(path, &st)) {
log_err(_("Failed to stat device %s. Disappeared?"), path);
return -EINVAL;
}
flags = O_RDWR;
if (S_ISBLK(st.st_mode))
flags |= O_EXCL;
/* better than opening regular file with O_EXCL (undefined) */
/* coverity[toctou] */
fd = open(path, flags);
if (fd < 0) {
if (errno == EBUSY)
log_err(_("Device %s is in use. Can not proceed with format operation."), path);
else
log_err(_("Failed to open file %s in read/write mode."), path);
return -EINVAL;
}
if ((r = blk_init_by_fd(&h, fd))) {
log_err(_("Failed to initialize device signature probes."));
r = -EINVAL;
goto out;
}
blk_set_chains_for_wipes(h);
while ((pr = blk_probe(h)) < PRB_EMPTY) {
if (blk_is_partition(h))
log_verbose("Wiping '%s' partition signature from device %s.",
blk_get_partition_type(h), path);
if (blk_is_superblock(h))
log_verbose("Wiping '%s' superblock signature from device %s.",
blk_get_superblock_type(h), path);
if (blk_do_wipe(h)) {
log_err(_("Failed to wipe device signature."));
r = -EINVAL;
goto out;
}
}
if (pr != PRB_EMPTY) {
log_err(_("Failed to probe device %s for a signature."), path);
r = -EINVAL;
}
out:
close(fd);
blk_free(h);
return r;
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment