diff options
Diffstat (limited to 'sys-apps/systemd/files/252-rc1-cryptsetup.patch')
-rw-r--r-- | sys-apps/systemd/files/252-rc1-cryptsetup.patch | 226 |
1 files changed, 0 insertions, 226 deletions
diff --git a/sys-apps/systemd/files/252-rc1-cryptsetup.patch b/sys-apps/systemd/files/252-rc1-cryptsetup.patch deleted file mode 100644 index 54b4ce1ea0aa..000000000000 --- a/sys-apps/systemd/files/252-rc1-cryptsetup.patch +++ /dev/null @@ -1,226 +0,0 @@ -From bbf73b00697e77ca35ae60109418da77f257be52 Mon Sep 17 00:00:00 2001 -From: Daan De Meyer <daan.j.demeyer@gmail.com> -Date: Tue, 11 Oct 2022 20:35:34 +0200 -Subject: [PATCH 1/2] cryptsetup-util: Always define dlopen_cryptsetup() - ---- - src/shared/cryptsetup-util.c | 118 ++++++++++++++++++----------------- - src/shared/cryptsetup-util.h | 4 +- - 2 files changed, 63 insertions(+), 59 deletions(-) - -diff --git a/src/shared/cryptsetup-util.c b/src/shared/cryptsetup-util.c -index da6dcb2f093a..401e7a3f9c7d 100644 ---- a/src/shared/cryptsetup-util.c -+++ b/src/shared/cryptsetup-util.c -@@ -50,63 +50,6 @@ int (*sym_crypt_token_max)(const char *type); - crypt_token_info (*sym_crypt_token_status)(struct crypt_device *cd, int token, const char **type); - int (*sym_crypt_volume_key_get)(struct crypt_device *cd, int keyslot, char *volume_key, size_t *volume_key_size, const char *passphrase, size_t passphrase_size); - --int dlopen_cryptsetup(void) { -- int r; -- -- r = dlopen_many_sym_or_warn( -- &cryptsetup_dl, "libcryptsetup.so.12", LOG_DEBUG, -- DLSYM_ARG(crypt_activate_by_passphrase), --#if HAVE_CRYPT_ACTIVATE_BY_SIGNED_KEY -- DLSYM_ARG(crypt_activate_by_signed_key), --#endif -- DLSYM_ARG(crypt_activate_by_volume_key), -- DLSYM_ARG(crypt_deactivate_by_name), -- DLSYM_ARG(crypt_format), -- DLSYM_ARG(crypt_free), -- DLSYM_ARG(crypt_get_cipher), -- DLSYM_ARG(crypt_get_cipher_mode), -- DLSYM_ARG(crypt_get_data_offset), -- DLSYM_ARG(crypt_get_device_name), -- DLSYM_ARG(crypt_get_dir), -- DLSYM_ARG(crypt_get_type), -- DLSYM_ARG(crypt_get_uuid), -- DLSYM_ARG(crypt_get_verity_info), -- DLSYM_ARG(crypt_get_volume_key_size), -- DLSYM_ARG(crypt_init), -- DLSYM_ARG(crypt_init_by_name), -- DLSYM_ARG(crypt_keyslot_add_by_volume_key), -- DLSYM_ARG(crypt_keyslot_destroy), -- DLSYM_ARG(crypt_keyslot_max), -- DLSYM_ARG(crypt_load), -- DLSYM_ARG(crypt_resize), -- DLSYM_ARG(crypt_resume_by_passphrase), -- DLSYM_ARG(crypt_set_data_device), -- DLSYM_ARG(crypt_set_debug_level), -- DLSYM_ARG(crypt_set_log_callback), --#if HAVE_CRYPT_SET_METADATA_SIZE -- DLSYM_ARG(crypt_set_metadata_size), --#endif -- DLSYM_ARG(crypt_set_pbkdf_type), -- DLSYM_ARG(crypt_suspend), -- DLSYM_ARG(crypt_token_json_get), -- DLSYM_ARG(crypt_token_json_set), --#if HAVE_CRYPT_TOKEN_MAX -- DLSYM_ARG(crypt_token_max), --#endif -- DLSYM_ARG(crypt_token_status), -- DLSYM_ARG(crypt_volume_key_get)); -- if (r <= 0) -- return r; -- -- /* Redirect the default logging calls of libcryptsetup to our own logging infra. (Note that -- * libcryptsetup also maintains per-"struct crypt_device" log functions, which we'll also set -- * whenever allocating a "struct crypt_device" context. Why set both? To be defensive: maybe some -- * other code loaded into this process also changes the global log functions of libcryptsetup, who -- * knows? And if so, we still want our own objects to log via our own infra, at the very least.) */ -- cryptsetup_enable_logging(NULL); -- return 1; --} -- - static void cryptsetup_log_glue(int level, const char *msg, void *usrptr) { - - switch (level) { -@@ -246,6 +189,67 @@ int cryptsetup_add_token_json(struct crypt_device *cd, JsonVariant *v) { - } - #endif - -+int dlopen_cryptsetup(void) { -+#if HAVE_LIBCRYPTSETUP -+ int r; -+ -+ r = dlopen_many_sym_or_warn( -+ &cryptsetup_dl, "libcryptsetup.so.12", LOG_DEBUG, -+ DLSYM_ARG(crypt_activate_by_passphrase), -+#if HAVE_CRYPT_ACTIVATE_BY_SIGNED_KEY -+ DLSYM_ARG(crypt_activate_by_signed_key), -+#endif -+ DLSYM_ARG(crypt_activate_by_volume_key), -+ DLSYM_ARG(crypt_deactivate_by_name), -+ DLSYM_ARG(crypt_format), -+ DLSYM_ARG(crypt_free), -+ DLSYM_ARG(crypt_get_cipher), -+ DLSYM_ARG(crypt_get_cipher_mode), -+ DLSYM_ARG(crypt_get_data_offset), -+ DLSYM_ARG(crypt_get_device_name), -+ DLSYM_ARG(crypt_get_dir), -+ DLSYM_ARG(crypt_get_type), -+ DLSYM_ARG(crypt_get_uuid), -+ DLSYM_ARG(crypt_get_verity_info), -+ DLSYM_ARG(crypt_get_volume_key_size), -+ DLSYM_ARG(crypt_init), -+ DLSYM_ARG(crypt_init_by_name), -+ DLSYM_ARG(crypt_keyslot_add_by_volume_key), -+ DLSYM_ARG(crypt_keyslot_destroy), -+ DLSYM_ARG(crypt_keyslot_max), -+ DLSYM_ARG(crypt_load), -+ DLSYM_ARG(crypt_resize), -+ DLSYM_ARG(crypt_resume_by_passphrase), -+ DLSYM_ARG(crypt_set_data_device), -+ DLSYM_ARG(crypt_set_debug_level), -+ DLSYM_ARG(crypt_set_log_callback), -+#if HAVE_CRYPT_SET_METADATA_SIZE -+ DLSYM_ARG(crypt_set_metadata_size), -+#endif -+ DLSYM_ARG(crypt_set_pbkdf_type), -+ DLSYM_ARG(crypt_suspend), -+ DLSYM_ARG(crypt_token_json_get), -+ DLSYM_ARG(crypt_token_json_set), -+#if HAVE_CRYPT_TOKEN_MAX -+ DLSYM_ARG(crypt_token_max), -+#endif -+ DLSYM_ARG(crypt_token_status), -+ DLSYM_ARG(crypt_volume_key_get)); -+ if (r <= 0) -+ return r; -+ -+ /* Redirect the default logging calls of libcryptsetup to our own logging infra. (Note that -+ * libcryptsetup also maintains per-"struct crypt_device" log functions, which we'll also set -+ * whenever allocating a "struct crypt_device" context. Why set both? To be defensive: maybe some -+ * other code loaded into this process also changes the global log functions of libcryptsetup, who -+ * knows? And if so, we still want our own objects to log via our own infra, at the very least.) */ -+ cryptsetup_enable_logging(NULL); -+ return 1; -+#else -+ return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "cryptsetup support is not compiled in."); -+#endif -+} -+ - int cryptsetup_get_keyslot_from_token(JsonVariant *v) { - int keyslot, r; - JsonVariant *w; -diff --git a/src/shared/cryptsetup-util.h b/src/shared/cryptsetup-util.h -index b1ce07ec8a50..b390dc9a5cbb 100644 ---- a/src/shared/cryptsetup-util.h -+++ b/src/shared/cryptsetup-util.h -@@ -65,8 +65,6 @@ static inline int crypt_token_max(_unused_ const char *type) { - extern crypt_token_info (*sym_crypt_token_status)(struct crypt_device *cd, int token, const char **type); - extern int (*sym_crypt_volume_key_get)(struct crypt_device *cd, int keyslot, char *volume_key, size_t *volume_key_size, const char *passphrase, size_t passphrase_size); - --int dlopen_cryptsetup(void); -- - DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(struct crypt_device *, crypt_free, NULL); - DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(struct crypt_device *, sym_crypt_free, NULL); - -@@ -91,6 +89,8 @@ static inline void sym_crypt_freep(struct crypt_device** cd) {} - - #endif - -+int dlopen_cryptsetup(void); -+ - int cryptsetup_get_keyslot_from_token(JsonVariant *v); - - static inline const char *mangle_none(const char *s) { - -From 86bebe385f6e35ecec708e44dae2b896f5bfa770 Mon Sep 17 00:00:00 2001 -From: Daan De Meyer <daan.j.demeyer@gmail.com> -Date: Tue, 11 Oct 2022 20:36:03 +0200 -Subject: [PATCH 2/2] repart: Always define VerityMode from/to string functions - ---- - src/partition/repart.c | 3 +-- - 1 file changed, 1 insertion(+), 2 deletions(-) - -diff --git a/src/partition/repart.c b/src/partition/repart.c -index a0f7d4164500..dd544d6415a9 100644 ---- a/src/partition/repart.c -+++ b/src/partition/repart.c -@@ -255,12 +255,11 @@ static const char *verity_mode_table[_VERITY_MODE_MAX] = { - - #if HAVE_LIBCRYPTSETUP - DEFINE_PRIVATE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(encrypt_mode, EncryptMode, ENCRYPT_KEY_FILE); --DEFINE_PRIVATE_STRING_TABLE_LOOKUP(verity_mode, VerityMode); - #else - DEFINE_PRIVATE_STRING_TABLE_LOOKUP_FROM_STRING_WITH_BOOLEAN(encrypt_mode, EncryptMode, ENCRYPT_KEY_FILE); --DEFINE_PRIVATE_STRING_TABLE_LOOKUP_FROM_STRING(verity_mode, VerityMode); - #endif - -+DEFINE_PRIVATE_STRING_TABLE_LOOKUP(verity_mode, VerityMode); - - static uint64_t round_down_size(uint64_t v, uint64_t p) { - return (v / p) * p; -From 748367c72368031ca0ef32fadd394c4bcacc126a Mon Sep 17 00:00:00 2001 -From: David Seifert <soap@gentoo.org> -Date: Wed, 12 Oct 2022 21:47:29 +0200 -Subject: [PATCH] gpt-auto: allow using without cryptsetup - -Fixes #24978 ---- - src/gpt-auto-generator/gpt-auto-generator.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/src/gpt-auto-generator/gpt-auto-generator.c b/src/gpt-auto-generator/gpt-auto-generator.c -index 31377d877d5c..5584eb22af1a 100644 ---- a/src/gpt-auto-generator/gpt-auto-generator.c -+++ b/src/gpt-auto-generator/gpt-auto-generator.c -@@ -571,11 +571,15 @@ static int add_root_rw(DissectedPartition *p) { - - #if ENABLE_EFI - static int add_root_cryptsetup(void) { -+#if HAVE_LIBCRYPTSETUP - - /* If a device /dev/gpt-auto-root-luks appears, then make it pull in systemd-cryptsetup-root.service, which - * sets it up, and causes /dev/gpt-auto-root to appear which is all we are looking for. */ - - return add_cryptsetup("root", "/dev/gpt-auto-root-luks", true, false, NULL); -+#else -+ return 0; -+#endif - } - #endif - |