/src/cryptsetup/lib/utils_dm.h

Source
// SPDX-License-Identifier: GPL-2.0-or-later
/*
 * libdevmapper - device-mapper backend for cryptsetup
 *
 * Copyright (C) 2004 Jana Saout <jana@saout.de>
 * Copyright (C) 2004-2007 Clemens Fruhwirth <clemens@endorphin.org>
 * Copyright (C) 2009-2025 Red Hat, Inc. All rights reserved.
 * Copyright (C) 2009-2025 Milan Broz
 */

#ifndef _UTILS_DM_H
#define _UTILS_DM_H

/* device-mapper library helpers */
#include <stddef.h>
#include <stdint.h>

struct crypt_device;
struct volume_key;
struct crypt_params_verity;
struct device;
struct crypt_params_integrity;

/* Device mapper internal flags */
#define DM_RESUME_PRIVATE (UINT64_C(1) << 4) /* CRYPT_ACTIVATE_PRIVATE */
#define DM_SUSPEND_SKIP_LOCKFS (UINT64_C(1) << 5)
#define DM_SUSPEND_WIPE_KEY (UINT64_C(1) << 6)
#define DM_SUSPEND_NOFLUSH (UINT64_C(1) << 7)

static inline uint64_t act2dmflags(uint64_t act_flags)
{
  return (act_flags & DM_RESUME_PRIVATE);
}

/* Device mapper backend - kernel support flags */
#define DM_KEY_WIPE_SUPPORTED (UINT64_C(1) << 0) /* key wipe message */
#define DM_LMK_SUPPORTED (UINT64_C(1) << 1) /* lmk mode */
#define DM_SECURE_SUPPORTED (UINT64_C(1) << 2) /* wipe (secure) buffer flag */
#define DM_PLAIN64_SUPPORTED (UINT64_C(1) << 3) /* plain64 IV */
#define DM_DISCARDS_SUPPORTED (UINT64_C(1) << 4) /* discards/TRIM option is supported */
#define DM_VERITY_SUPPORTED (UINT64_C(1) << 5) /* dm-verity target supported */
#define DM_TCW_SUPPORTED (UINT64_C(1) << 6) /* tcw (TCRYPT CBC with whitening) */
#define DM_SAME_CPU_CRYPT_SUPPORTED (UINT64_C(1) << 7) /* same_cpu_crypt */
#define DM_SUBMIT_FROM_CRYPT_CPUS_SUPPORTED (UINT64_C(1) << 8) /* submit_from_crypt_cpus */
#define DM_VERITY_ON_CORRUPTION_SUPPORTED (UINT64_C(1) << 9) /* ignore/restart_on_corruption, ignore_zero_block */
#define DM_VERITY_FEC_SUPPORTED (UINT64_C(1) << 10) /* Forward Error Correction (FEC) */
#define DM_KERNEL_KEYRING_SUPPORTED (UINT64_C(1) << 11) /* dm-crypt allows loading kernel keyring keys */
#define DM_INTEGRITY_SUPPORTED (UINT64_C(1) << 12) /* dm-integrity target supported */
#define DM_SECTOR_SIZE_SUPPORTED (UINT64_C(1) << 13) /* support for sector size setting in dm-crypt/dm-integrity */
#define DM_CAPI_STRING_SUPPORTED (UINT64_C(1) << 14) /* support for cryptoapi format cipher definition */
#define DM_DEFERRED_SUPPORTED (UINT64_C(1) << 15) /* deferred removal of device */
#define DM_INTEGRITY_RECALC_SUPPORTED (UINT64_C(1) << 16) /* dm-integrity automatic recalculation supported */
#define DM_INTEGRITY_BITMAP_SUPPORTED (UINT64_C(1) << 17) /* dm-integrity bitmap mode supported */
#define DM_GET_TARGET_VERSION_SUPPORTED (UINT64_C(1) << 18) /* dm DM_GET_TARGET version ioctl supported */
#define DM_INTEGRITY_FIX_PADDING_SUPPORTED (UINT64_C(1) << 19) /* supports the parameter fix_padding that fixes a bug that caused excessive padding */
#define DM_BITLK_EBOIV_SUPPORTED (UINT64_C(1) << 20) /* EBOIV for BITLK supported */
#define DM_BITLK_ELEPHANT_SUPPORTED (UINT64_C(1) << 21) /* Elephant diffuser for BITLK supported */
#define DM_VERITY_SIGNATURE_SUPPORTED (UINT64_C(1) << 22) /* Verity option root_hash_sig_key_desc supported */
#define DM_INTEGRITY_DISCARDS_SUPPORTED (UINT64_C(1) << 23) /* dm-integrity discards/TRIM option is supported */
#define DM_INTEGRITY_RESIZE_SUPPORTED (UINT64_C(1) << 23) /* dm-integrity resize of the integrity device supported (introduced in the same version as discards)*/
#define DM_VERITY_PANIC_CORRUPTION_SUPPORTED (UINT64_C(1) << 24) /* dm-verity panic on corruption  */
#define DM_CRYPT_NO_WORKQUEUE_SUPPORTED (UINT64_C(1) << 25) /* dm-crypt support for bypassing workqueues  */
#define DM_INTEGRITY_FIX_HMAC_SUPPORTED (UINT64_C(1) << 26) /* hmac covers also superblock */
#define DM_INTEGRITY_RESET_RECALC_SUPPORTED (UINT64_C(1) << 27) /* dm-integrity automatic recalculation supported */
#define DM_VERITY_TASKLETS_SUPPORTED (UINT64_C(1) << 28) /* dm-verity tasklets supported */
#define DM_CRYPT_HIGH_PRIORITY_SUPPORTED (UINT64_C(1) << 29) /* dm-crypt high priority workqueue flag supported  */
#define DM_CRYPT_INTEGRITY_KEY_SIZE_OPT_SUPPORTED (UINT64_C(1) << 30) /* dm-crypt support for integrity_key_size option */
#define DM_VERITY_ERROR_AS_CORRUPTION_SUPPORTED (UINT64_C(1) << 31) /* dm-verity restart/panic on corruption supported */
#define DM_INTEGRITY_INLINE_MODE_SUPPORTED (UINT64_C(1) << 32) /* dm-integrity inline mode supported */

typedef enum { DM_CRYPT = 0, DM_VERITY, DM_INTEGRITY, DM_LINEAR, DM_ERROR, DM_ZERO, DM_UNKNOWN } dm_target_type;
enum tdirection { TARGET_EMPTY = 0, TARGET_SET, TARGET_QUERY };

int dm_flags(struct crypt_device *cd, dm_target_type target, uint64_t *flags);

#define DM_ACTIVE_DEVICE (UINT64_C(1) << 0)
#define DM_ACTIVE_UUID (UINT64_C(1) << 1)
#define DM_ACTIVE_HOLDERS (UINT64_C(1) << 2)
#define DM_ACTIVE_CRYPT_CIPHER (UINT64_C(1) << 3)
#define DM_ACTIVE_CRYPT_KEYSIZE (UINT64_C(1) << 4)
#define DM_ACTIVE_CRYPT_KEY (UINT64_C(1) << 5)
#define DM_ACTIVE_VERITY_ROOT_HASH (UINT64_C(1) << 6)
#define DM_ACTIVE_VERITY_HASH_DEVICE (UINT64_C(1) << 7)
#define DM_ACTIVE_VERITY_PARAMS (UINT64_C(1) << 8)
#define DM_ACTIVE_INTEGRITY_PARAMS (UINT64_C(1) << 9)
#define DM_ACTIVE_JOURNAL_CRYPT_KEY (UINT64_C(1) << 10)
#define DM_ACTIVE_JOURNAL_CRYPT_KEYSIZE (UINT64_C(1) << 11)
#define DM_ACTIVE_JOURNAL_MAC_KEY (UINT64_C(1) << 12)
#define DM_ACTIVE_JOURNAL_MAC_KEYSIZE (UINT64_C(1) << 13)

struct dm_target {
  dm_target_type type;
  enum tdirection direction;
  uint64_t offset;
  uint64_t size;
  struct device *data_device;
  union {
  struct {
    const char *cipher;
    const char *integrity;

    /* Active key for device */
    struct volume_key *vk;

    /* struct crypt_active_device */
    uint64_t offset;  /* offset in sectors */
    uint64_t iv_offset; /* IV initialisation sector */
    uint32_t tag_size;  /* additional on-disk tag size */
    uint32_t sector_size; /* encryption sector size */
    uint32_t integrity_key_size; /* explicit integrity key size (HMAC), 0 for default */
  } crypt;
  struct {
    struct device *hash_device;
    struct device *fec_device;

    const char *root_hash;
    uint32_t root_hash_size;
    const char *root_hash_sig_key_desc;

    uint64_t hash_offset; /* hash offset in blocks (not header) */
    uint64_t fec_offset;  /* FEC offset in blocks (not header) */
    uint64_t fec_blocks;  /* FEC blocks covering data + hash + padding (foreign metadata)*/
    struct crypt_params_verity *vp;
  } verity;
  struct {
    uint64_t journal_size;
    uint32_t journal_watermark;
    uint32_t journal_commit_time;
    uint32_t interleave_sectors;
    uint32_t tag_size;
    uint64_t offset;  /* offset in sectors */
    uint32_t sector_size; /* integrity sector size */
    uint32_t buffer_sectors;

    const char *integrity;
    /* Active key for device */
    struct volume_key *vk;

    const char *journal_integrity;
    struct volume_key *journal_integrity_key;

    const char *journal_crypt;
    struct volume_key *journal_crypt_key;

    struct device *meta_device;

    bool fix_padding;
    bool fix_hmac;
    bool legacy_recalc;
  } integrity;
  struct {
    uint64_t offset;
  } linear;
  struct {
  } zero;
  } u;

  char *params;
  struct dm_target *next;
};

struct crypt_dm_active_device {
  uint64_t size;    /* active device size */
  uint32_t flags;   /* activation flags */
  const char *uuid;

  unsigned holders:1; /* device holders detected (on query only) */

  struct dm_target segment;
};

static inline bool single_segment(const struct crypt_dm_active_device *dmd)
{
  return dmd && !dmd->segment.next;
}

void dm_backend_init(struct crypt_device *cd);
void dm_backend_exit(struct crypt_device *cd);

int dm_targets_allocate(struct dm_target *first, unsigned count);
void dm_targets_free(struct crypt_device *cd, struct crypt_dm_active_device *dmd);

int dm_crypt_target_set(struct dm_target *tgt, uint64_t seg_offset, uint64_t seg_size,
  struct device *data_device, struct volume_key *vk, const char *cipher,
  uint64_t iv_offset, uint64_t data_offset,
  const char *integrity, uint32_t integrity_key_size, uint32_t tag_size,
  uint32_t sector_size);
int dm_verity_target_set(struct dm_target *tgt, uint64_t seg_offset, uint64_t seg_size,
  struct device *data_device, struct device *hash_device, struct device *fec_device,
  const char *root_hash, uint32_t root_hash_size, const char* root_hash_sig_key_desc,
  uint64_t hash_offset_block, uint64_t fec_blocks, struct crypt_params_verity *vp);
int dm_integrity_target_set(struct crypt_device *cd,
  struct dm_target *tgt, uint64_t seg_offset, uint64_t seg_size,
  struct device *meta_device,
  struct device *data_device, uint64_t tag_size, uint64_t offset, uint32_t sector_size,
  struct volume_key *vk,
  struct volume_key *journal_crypt_key, struct volume_key *journal_mac_key,
  const struct crypt_params_integrity *ip);
int dm_linear_target_set(struct dm_target *tgt, uint64_t seg_offset, uint64_t seg_size,
  struct device *data_device, uint64_t data_offset);
int dm_zero_target_set(struct dm_target *tgt, uint64_t seg_offset, uint64_t seg_size);

int dm_remove_device(struct crypt_device *cd, const char *name, uint32_t flags);
int dm_status_device(struct crypt_device *cd, const char *name);
int dm_status_suspended(struct crypt_device *cd, const char *name);
int dm_status_verity_ok(struct crypt_device *cd, const char *name);
int dm_status_integrity_failures(struct crypt_device *cd, const char *name, uint64_t *count);
int dm_status_verity_repaired(struct crypt_device *cd, const char *name, uint64_t *repaired);
int dm_query_device(struct crypt_device *cd, const char *name,
        uint64_t get_flags, struct crypt_dm_active_device *dmd);
int dm_device_deps(struct crypt_device *cd, const char *name, const char *prefix,
       char **names, size_t names_length);
int dm_create_device(struct crypt_device *cd, const char *name,
         const char *type, struct crypt_dm_active_device *dmd);
int dm_reload_device(struct crypt_device *cd, const char *name,
         struct crypt_dm_active_device *dmd, uint64_t dmflags, unsigned resume);
int dm_suspend_device(struct crypt_device *cd, const char *name, uint64_t dmflags);
int dm_resume_device(struct crypt_device *cd, const char *name, uint64_t dmflags);
int dm_resume_and_reinstate_key(struct crypt_device *cd, const char *name,
        const struct volume_key *vk);
int dm_error_device(struct crypt_device *cd, const char *name);
int dm_clear_device(struct crypt_device *cd, const char *name);
int dm_cancel_deferred_removal(const char *name);

const char *dm_get_dir(void);
int dm_get_iname(const char *name, char **iname, bool with_path);
char *dm_get_active_iname(struct crypt_device *cd, const char *name);

int dm_uuid_cmp(const char *dm_uuid, const char *hdr_uuid);
int dm_uuid_type_cmp(const char *dm_uuid, const char *type);
int dm_uuid_integrity_cmp(const char *dm_uuid, const char *dmi_uuid);

int lookup_dm_dev_by_uuid(struct crypt_device *cd, const char *uuid, const char *type);

/* These are DM helpers used only by utils_devpath file */
int dm_is_dm_device(int major);
int dm_is_dm_kernel_name(const char *name);
char *dm_device_path(const char *prefix, int major, int minor);
char *dm_device_name(const char *path);

#endif /* _UTILS_DM_H */

Coverage Report

Created: 2025-12-10 06:24

Line	Count	Source
1		// SPDX-License-Identifier: GPL-2.0-or-later
2		/*
3		* libdevmapper - device-mapper backend for cryptsetup
4		*
5		* Copyright (C) 2004 Jana Saout <jana@saout.de>
6		* Copyright (C) 2004-2007 Clemens Fruhwirth <clemens@endorphin.org>
7		* Copyright (C) 2009-2025 Red Hat, Inc. All rights reserved.
8		* Copyright (C) 2009-2025 Milan Broz
9		*/
10
11		#ifndef _UTILS_DM_H
12		#define _UTILS_DM_H
13
14		/* device-mapper library helpers */
15		#include <stddef.h>
16		#include <stdint.h>
17
18		struct crypt_device;
19		struct volume_key;
20		struct crypt_params_verity;
21		struct device;
22		struct crypt_params_integrity;
23
24		/* Device mapper internal flags */
25	0	#define DM_RESUME_PRIVATE (UINT64_C(1) << 4) /* CRYPT_ACTIVATE_PRIVATE */
26	0	#define DM_SUSPEND_SKIP_LOCKFS (UINT64_C(1) << 5)
27	0	#define DM_SUSPEND_WIPE_KEY (UINT64_C(1) << 6)
28	0	#define DM_SUSPEND_NOFLUSH (UINT64_C(1) << 7)
29
30		static inline uint64_t act2dmflags(uint64_t act_flags)
31	0	{
32	0	return (act_flags & DM_RESUME_PRIVATE);
33	0	} Unexecuted instantiation: setup.c:act2dmflags Unexecuted instantiation: utils.c:act2dmflags Unexecuted instantiation: utils_devpath.c:act2dmflags Unexecuted instantiation: utils_wipe.c:act2dmflags Unexecuted instantiation: utils_device.c:act2dmflags Unexecuted instantiation: utils_device_locking.c:act2dmflags Unexecuted instantiation: utils_pbkdf.c:act2dmflags Unexecuted instantiation: utils_safe_memory.c:act2dmflags Unexecuted instantiation: libdevmapper.c:act2dmflags Unexecuted instantiation: volumekey.c:act2dmflags Unexecuted instantiation: random.c:act2dmflags Unexecuted instantiation: crypt_plain.c:act2dmflags Unexecuted instantiation: integrity.c:act2dmflags Unexecuted instantiation: loopaes.c:act2dmflags Unexecuted instantiation: tcrypt.c:act2dmflags Unexecuted instantiation: keyslot_context.c:act2dmflags Unexecuted instantiation: keymanage.c:act2dmflags Unexecuted instantiation: verity_hash.c:act2dmflags Unexecuted instantiation: verity_fec.c:act2dmflags Unexecuted instantiation: verity.c:act2dmflags Unexecuted instantiation: luks2_disk_metadata.c:act2dmflags Unexecuted instantiation: luks2_json_format.c:act2dmflags Unexecuted instantiation: luks2_json_metadata.c:act2dmflags Unexecuted instantiation: luks2_luks1_convert.c:act2dmflags Unexecuted instantiation: luks2_digest.c:act2dmflags Unexecuted instantiation: luks2_digest_pbkdf2.c:act2dmflags Unexecuted instantiation: luks2_keyslot.c:act2dmflags Unexecuted instantiation: luks2_keyslot_luks2.c:act2dmflags Unexecuted instantiation: luks2_keyslot_reenc.c:act2dmflags Unexecuted instantiation: luks2_reencrypt.c:act2dmflags Unexecuted instantiation: luks2_reencrypt_digest.c:act2dmflags Unexecuted instantiation: luks2_segment.c:act2dmflags Unexecuted instantiation: luks2_token_keyring.c:act2dmflags Unexecuted instantiation: luks2_token.c:act2dmflags Unexecuted instantiation: hw_opal.c:act2dmflags Unexecuted instantiation: bitlk.c:act2dmflags Unexecuted instantiation: fvault2.c:act2dmflags Unexecuted instantiation: utils_benchmark.c:act2dmflags Unexecuted instantiation: utils_storage_wrappers.c:act2dmflags Unexecuted instantiation: af.c:act2dmflags Unexecuted instantiation: keyencryption.c:act2dmflags
34
35		/* Device mapper backend - kernel support flags */
36	0	#define DM_KEY_WIPE_SUPPORTED (UINT64_C(1) << 0) /* key wipe message */
37	0	#define DM_LMK_SUPPORTED (UINT64_C(1) << 1) /* lmk mode */
38	0	#define DM_SECURE_SUPPORTED (UINT64_C(1) << 2) /* wipe (secure) buffer flag */
39	0	#define DM_PLAIN64_SUPPORTED (UINT64_C(1) << 3) /* plain64 IV */
40	0	#define DM_DISCARDS_SUPPORTED (UINT64_C(1) << 4) /* discards/TRIM option is supported */
41	0	#define DM_VERITY_SUPPORTED (UINT64_C(1) << 5) /* dm-verity target supported */
42	0	#define DM_TCW_SUPPORTED (UINT64_C(1) << 6) /* tcw (TCRYPT CBC with whitening) */
43	0	#define DM_SAME_CPU_CRYPT_SUPPORTED (UINT64_C(1) << 7) /* same_cpu_crypt */
44	0	#define DM_SUBMIT_FROM_CRYPT_CPUS_SUPPORTED (UINT64_C(1) << 8) /* submit_from_crypt_cpus */
45	0	#define DM_VERITY_ON_CORRUPTION_SUPPORTED (UINT64_C(1) << 9) /* ignore/restart_on_corruption, ignore_zero_block */
46	0	#define DM_VERITY_FEC_SUPPORTED (UINT64_C(1) << 10) /* Forward Error Correction (FEC) */
47	0	#define DM_KERNEL_KEYRING_SUPPORTED (UINT64_C(1) << 11) /* dm-crypt allows loading kernel keyring keys */
48	0	#define DM_INTEGRITY_SUPPORTED (UINT64_C(1) << 12) /* dm-integrity target supported */
49	0	#define DM_SECTOR_SIZE_SUPPORTED (UINT64_C(1) << 13) /* support for sector size setting in dm-crypt/dm-integrity */
50	0	#define DM_CAPI_STRING_SUPPORTED (UINT64_C(1) << 14) /* support for cryptoapi format cipher definition */
51	0	#define DM_DEFERRED_SUPPORTED (UINT64_C(1) << 15) /* deferred removal of device */
52	0	#define DM_INTEGRITY_RECALC_SUPPORTED (UINT64_C(1) << 16) /* dm-integrity automatic recalculation supported */
53	0	#define DM_INTEGRITY_BITMAP_SUPPORTED (UINT64_C(1) << 17) /* dm-integrity bitmap mode supported */
54	0	#define DM_GET_TARGET_VERSION_SUPPORTED (UINT64_C(1) << 18) /* dm DM_GET_TARGET version ioctl supported */
55	0	#define DM_INTEGRITY_FIX_PADDING_SUPPORTED (UINT64_C(1) << 19) /* supports the parameter fix_padding that fixes a bug that caused excessive padding */
56	0	#define DM_BITLK_EBOIV_SUPPORTED (UINT64_C(1) << 20) /* EBOIV for BITLK supported */
57	0	#define DM_BITLK_ELEPHANT_SUPPORTED (UINT64_C(1) << 21) /* Elephant diffuser for BITLK supported */
58	0	#define DM_VERITY_SIGNATURE_SUPPORTED (UINT64_C(1) << 22) /* Verity option root_hash_sig_key_desc supported */
59	0	#define DM_INTEGRITY_DISCARDS_SUPPORTED (UINT64_C(1) << 23) /* dm-integrity discards/TRIM option is supported */
60	0	#define DM_INTEGRITY_RESIZE_SUPPORTED (UINT64_C(1) << 23) /* dm-integrity resize of the integrity device supported (introduced in the same version as discards)*/
61	0	#define DM_VERITY_PANIC_CORRUPTION_SUPPORTED (UINT64_C(1) << 24) /* dm-verity panic on corruption */
62	0	#define DM_CRYPT_NO_WORKQUEUE_SUPPORTED (UINT64_C(1) << 25) /* dm-crypt support for bypassing workqueues */
63	0	#define DM_INTEGRITY_FIX_HMAC_SUPPORTED (UINT64_C(1) << 26) /* hmac covers also superblock */
64	0	#define DM_INTEGRITY_RESET_RECALC_SUPPORTED (UINT64_C(1) << 27) /* dm-integrity automatic recalculation supported */
65	0	#define DM_VERITY_TASKLETS_SUPPORTED (UINT64_C(1) << 28) /* dm-verity tasklets supported */
66	0	#define DM_CRYPT_HIGH_PRIORITY_SUPPORTED (UINT64_C(1) << 29) /* dm-crypt high priority workqueue flag supported */
67	0	#define DM_CRYPT_INTEGRITY_KEY_SIZE_OPT_SUPPORTED (UINT64_C(1) << 30) /* dm-crypt support for integrity_key_size option */
68	0	#define DM_VERITY_ERROR_AS_CORRUPTION_SUPPORTED (UINT64_C(1) << 31) /* dm-verity restart/panic on corruption supported */
69	0	#define DM_INTEGRITY_INLINE_MODE_SUPPORTED (UINT64_C(1) << 32) /* dm-integrity inline mode supported */
70
71		typedef enum { DM_CRYPT = 0, DM_VERITY, DM_INTEGRITY, DM_LINEAR, DM_ERROR, DM_ZERO, DM_UNKNOWN } dm_target_type;
72		enum tdirection { TARGET_EMPTY = 0, TARGET_SET, TARGET_QUERY };
73
74		int dm_flags(struct crypt_device cd, dm_target_type target, uint64_t flags);
75
76	0	#define DM_ACTIVE_DEVICE (UINT64_C(1) << 0)
77	0	#define DM_ACTIVE_UUID (UINT64_C(1) << 1)
78	0	#define DM_ACTIVE_HOLDERS (UINT64_C(1) << 2)
79	0	#define DM_ACTIVE_CRYPT_CIPHER (UINT64_C(1) << 3)
80	0	#define DM_ACTIVE_CRYPT_KEYSIZE (UINT64_C(1) << 4)
81	0	#define DM_ACTIVE_CRYPT_KEY (UINT64_C(1) << 5)
82	0	#define DM_ACTIVE_VERITY_ROOT_HASH (UINT64_C(1) << 6)
83	0	#define DM_ACTIVE_VERITY_HASH_DEVICE (UINT64_C(1) << 7)
84	0	#define DM_ACTIVE_VERITY_PARAMS (UINT64_C(1) << 8)
85	0	#define DM_ACTIVE_INTEGRITY_PARAMS (UINT64_C(1) << 9)
86	0	#define DM_ACTIVE_JOURNAL_CRYPT_KEY (UINT64_C(1) << 10)
87	0	#define DM_ACTIVE_JOURNAL_CRYPT_KEYSIZE (UINT64_C(1) << 11)
88	0	#define DM_ACTIVE_JOURNAL_MAC_KEY (UINT64_C(1) << 12)
89	0	#define DM_ACTIVE_JOURNAL_MAC_KEYSIZE (UINT64_C(1) << 13)
90
91		struct dm_target {
92		dm_target_type type;
93		enum tdirection direction;
94		uint64_t offset;
95		uint64_t size;
96		struct device *data_device;
97		union {
98		struct {
99		const char *cipher;
100		const char *integrity;
101
102		/* Active key for device */
103		struct volume_key *vk;
104
105		/* struct crypt_active_device */
106		uint64_t offset; /* offset in sectors */
107		uint64_t iv_offset; /* IV initialisation sector */
108		uint32_t tag_size; /* additional on-disk tag size */
109		uint32_t sector_size; /* encryption sector size */
110		uint32_t integrity_key_size; /* explicit integrity key size (HMAC), 0 for default */
111		} crypt;
112		struct {
113		struct device *hash_device;
114		struct device *fec_device;
115
116		const char *root_hash;
117		uint32_t root_hash_size;
118		const char *root_hash_sig_key_desc;
119
120		uint64_t hash_offset; /* hash offset in blocks (not header) */
121		uint64_t fec_offset; /* FEC offset in blocks (not header) */
122		uint64_t fec_blocks; /* FEC blocks covering data + hash + padding (foreign metadata)*/
123		struct crypt_params_verity *vp;
124		} verity;
125		struct {
126		uint64_t journal_size;
127		uint32_t journal_watermark;
128		uint32_t journal_commit_time;
129		uint32_t interleave_sectors;
130		uint32_t tag_size;
131		uint64_t offset; /* offset in sectors */
132		uint32_t sector_size; /* integrity sector size */
133		uint32_t buffer_sectors;
134
135		const char *integrity;
136		/* Active key for device */
137		struct volume_key *vk;
138
139		const char *journal_integrity;
140		struct volume_key *journal_integrity_key;
141
142		const char *journal_crypt;
143		struct volume_key *journal_crypt_key;
144
145		struct device *meta_device;
146
147		bool fix_padding;
148		bool fix_hmac;
149		bool legacy_recalc;
150		} integrity;
151		struct {
152		uint64_t offset;
153		} linear;
154		struct {
155		} zero;
156		} u;
157
158		char *params;
159		struct dm_target *next;
160		};
161
162		struct crypt_dm_active_device {
163		uint64_t size; /* active device size */
164		uint32_t flags; /* activation flags */
165		const char *uuid;
166
167		unsigned holders:1; /* device holders detected (on query only) */
168
169		struct dm_target segment;
170		};
171
172		static inline bool single_segment(const struct crypt_dm_active_device *dmd)
173	0	{
174	0	return dmd && !dmd->segment.next;
175	0	} Unexecuted instantiation: setup.c:single_segment Unexecuted instantiation: utils.c:single_segment Unexecuted instantiation: utils_devpath.c:single_segment Unexecuted instantiation: utils_wipe.c:single_segment Unexecuted instantiation: utils_device.c:single_segment Unexecuted instantiation: utils_device_locking.c:single_segment Unexecuted instantiation: utils_pbkdf.c:single_segment Unexecuted instantiation: utils_safe_memory.c:single_segment Unexecuted instantiation: libdevmapper.c:single_segment Unexecuted instantiation: volumekey.c:single_segment Unexecuted instantiation: random.c:single_segment Unexecuted instantiation: crypt_plain.c:single_segment Unexecuted instantiation: integrity.c:single_segment Unexecuted instantiation: loopaes.c:single_segment Unexecuted instantiation: tcrypt.c:single_segment Unexecuted instantiation: keyslot_context.c:single_segment Unexecuted instantiation: keymanage.c:single_segment Unexecuted instantiation: verity_hash.c:single_segment Unexecuted instantiation: verity_fec.c:single_segment Unexecuted instantiation: verity.c:single_segment Unexecuted instantiation: luks2_disk_metadata.c:single_segment Unexecuted instantiation: luks2_json_format.c:single_segment Unexecuted instantiation: luks2_json_metadata.c:single_segment Unexecuted instantiation: luks2_luks1_convert.c:single_segment Unexecuted instantiation: luks2_digest.c:single_segment Unexecuted instantiation: luks2_digest_pbkdf2.c:single_segment Unexecuted instantiation: luks2_keyslot.c:single_segment Unexecuted instantiation: luks2_keyslot_luks2.c:single_segment Unexecuted instantiation: luks2_keyslot_reenc.c:single_segment Unexecuted instantiation: luks2_reencrypt.c:single_segment Unexecuted instantiation: luks2_reencrypt_digest.c:single_segment Unexecuted instantiation: luks2_segment.c:single_segment Unexecuted instantiation: luks2_token_keyring.c:single_segment Unexecuted instantiation: luks2_token.c:single_segment Unexecuted instantiation: hw_opal.c:single_segment Unexecuted instantiation: bitlk.c:single_segment Unexecuted instantiation: fvault2.c:single_segment Unexecuted instantiation: utils_benchmark.c:single_segment Unexecuted instantiation: utils_storage_wrappers.c:single_segment Unexecuted instantiation: af.c:single_segment Unexecuted instantiation: keyencryption.c:single_segment
176
177		void dm_backend_init(struct crypt_device *cd);
178		void dm_backend_exit(struct crypt_device *cd);
179
180		int dm_targets_allocate(struct dm_target *first, unsigned count);
181		void dm_targets_free(struct crypt_device cd, struct crypt_dm_active_device dmd);
182
183		int dm_crypt_target_set(struct dm_target *tgt, uint64_t seg_offset, uint64_t seg_size,
184		struct device data_device, struct volume_key vk, const char *cipher,
185		uint64_t iv_offset, uint64_t data_offset,
186		const char *integrity, uint32_t integrity_key_size, uint32_t tag_size,
187		uint32_t sector_size);
188		int dm_verity_target_set(struct dm_target *tgt, uint64_t seg_offset, uint64_t seg_size,
189		struct device data_device, struct device hash_device, struct device *fec_device,
190		const char root_hash, uint32_t root_hash_size, const char root_hash_sig_key_desc,
191		uint64_t hash_offset_block, uint64_t fec_blocks, struct crypt_params_verity *vp);
192		int dm_integrity_target_set(struct crypt_device *cd,
193		struct dm_target *tgt, uint64_t seg_offset, uint64_t seg_size,
194		struct device *meta_device,
195		struct device *data_device, uint64_t tag_size, uint64_t offset, uint32_t sector_size,
196		struct volume_key *vk,
197		struct volume_key journal_crypt_key, struct volume_key journal_mac_key,
198		const struct crypt_params_integrity *ip);
199		int dm_linear_target_set(struct dm_target *tgt, uint64_t seg_offset, uint64_t seg_size,
200		struct device *data_device, uint64_t data_offset);
201		int dm_zero_target_set(struct dm_target *tgt, uint64_t seg_offset, uint64_t seg_size);
202
203		int dm_remove_device(struct crypt_device cd, const char name, uint32_t flags);
204		int dm_status_device(struct crypt_device cd, const char name);
205		int dm_status_suspended(struct crypt_device cd, const char name);
206		int dm_status_verity_ok(struct crypt_device cd, const char name);
207		int dm_status_integrity_failures(struct crypt_device cd, const char name, uint64_t *count);
208		int dm_status_verity_repaired(struct crypt_device cd, const char name, uint64_t *repaired);
209		int dm_query_device(struct crypt_device cd, const char name,
210		uint64_t get_flags, struct crypt_dm_active_device *dmd);
211		int dm_device_deps(struct crypt_device cd, const char name, const char *prefix,
212		char **names, size_t names_length);
213		int dm_create_device(struct crypt_device cd, const char name,
214		const char type, struct crypt_dm_active_device dmd);
215		int dm_reload_device(struct crypt_device cd, const char name,
216		struct crypt_dm_active_device *dmd, uint64_t dmflags, unsigned resume);
217		int dm_suspend_device(struct crypt_device cd, const char name, uint64_t dmflags);
218		int dm_resume_device(struct crypt_device cd, const char name, uint64_t dmflags);
219		int dm_resume_and_reinstate_key(struct crypt_device cd, const char name,
220		const struct volume_key *vk);
221		int dm_error_device(struct crypt_device cd, const char name);
222		int dm_clear_device(struct crypt_device cd, const char name);
223		int dm_cancel_deferred_removal(const char *name);
224
225		const char *dm_get_dir(void);
226		int dm_get_iname(const char name, char *iname, bool with_path);
227		char dm_get_active_iname(struct crypt_device cd, const char *name);
228
229		int dm_uuid_cmp(const char dm_uuid, const char hdr_uuid);
230		int dm_uuid_type_cmp(const char dm_uuid, const char type);
231		int dm_uuid_integrity_cmp(const char dm_uuid, const char dmi_uuid);
232
233		int lookup_dm_dev_by_uuid(struct crypt_device cd, const char uuid, const char *type);
234
235		/* These are DM helpers used only by utils_devpath file */
236		int dm_is_dm_device(int major);
237		int dm_is_dm_kernel_name(const char *name);
238		char dm_device_path(const char prefix, int major, int minor);
239		char dm_device_name(const char path);
240
241		#endif /* _UTILS_DM_H */