[thirdparty/systemd.git] / src / shared / cryptsetup-util.c

/* SPDX-License-Identifier: LGPL-2.1-or-later */

#if HAVE_LIBCRYPTSETUP
#include "alloc-util.h"
#include "cryptsetup-util.h"
#include "dlfcn-util.h"
#include "log.h"

static void *cryptsetup_dl = NULL;

int (*sym_crypt_activate_by_passphrase)(struct crypt_device *cd, const char *name, int keyslot, const char *passphrase, size_t passphrase_size, uint32_t flags);
#if HAVE_CRYPT_ACTIVATE_BY_SIGNED_KEY
int (*sym_crypt_activate_by_signed_key)(struct crypt_device *cd, const char *name, const char *volume_key, size_t volume_key_size, const char *signature, size_t signature_size, uint32_t flags);
#endif
int (*sym_crypt_activate_by_volume_key)(struct crypt_device *cd, const char *name, const char *volume_key, size_t volume_key_size, uint32_t flags);
int (*sym_crypt_deactivate_by_name)(struct crypt_device *cd, const char *name, uint32_t flags);
int (*sym_crypt_format)(struct crypt_device *cd, const char *type, const char *cipher, const char *cipher_mode, const char *uuid, const char *volume_key, size_t volume_key_size, void *params);
void (*sym_crypt_free)(struct crypt_device *cd);
const char *(*sym_crypt_get_dir)(void);
int (*sym_crypt_get_verity_info)(struct crypt_device *cd, struct crypt_params_verity *vp);
int (*sym_crypt_init)(struct crypt_device **cd, const char *device);
int (*sym_crypt_init_by_name)(struct crypt_device **cd, const char *name);
int (*sym_crypt_keyslot_add_by_volume_key)(struct crypt_device *cd, int keyslot, const char *volume_key, size_t volume_key_size, const char *passphrase, size_t passphrase_size);
int (*sym_crypt_load)(struct crypt_device *cd, const char *requested_type, void *params);
int (*sym_crypt_resize)(struct crypt_device *cd, const char *name, uint64_t new_size);
int (*sym_crypt_set_data_device)(struct crypt_device *cd, const char *device);
void (*sym_crypt_set_debug_level)(int level);
void (*sym_crypt_set_log_callback)(struct crypt_device *cd, void (*log)(int level, const char *msg, void *usrptr), void *usrptr);
int (*sym_crypt_volume_key_get)(struct crypt_device *cd, int keyslot, char *volume_key, size_t *volume_key_size, const char *passphrase, size_t passphrase_size);

int dlopen_cryptsetup(void) {
        _cleanup_(dlclosep) void *dl = NULL;
        int r;

        if (cryptsetup_dl)
                return 0; /* Already loaded */

        dl = dlopen("libcryptsetup.so.12", RTLD_LAZY);
        if (!dl)
                return log_debug_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
                                       "libcryptsetup support is not installed: %s", dlerror());

        r = dlsym_many_and_warn(
                        dl,
                        LOG_DEBUG,
                        &sym_crypt_activate_by_passphrase, "crypt_activate_by_passphrase",
#if HAVE_CRYPT_ACTIVATE_BY_SIGNED_KEY
                        &sym_crypt_activate_by_signed_key, "crypt_activate_by_signed_key",
#endif
                        &sym_crypt_activate_by_volume_key, "crypt_activate_by_volume_key",
                        &sym_crypt_deactivate_by_name, "crypt_deactivate_by_name",
                        &sym_crypt_format, "crypt_format",
                        &sym_crypt_free, "crypt_free",
                        &sym_crypt_get_dir, "crypt_get_dir",
                        &sym_crypt_get_verity_info, "crypt_get_verity_info",
                        &sym_crypt_init, "crypt_init",
                        &sym_crypt_init_by_name, "crypt_init_by_name",
                        &sym_crypt_keyslot_add_by_volume_key, "crypt_keyslot_add_by_volume_key",
                        &sym_crypt_load, "crypt_load",
                        &sym_crypt_resize, "crypt_resize",
                        &sym_crypt_set_data_device, "crypt_set_data_device",
                        &sym_crypt_set_debug_level, "crypt_set_debug_level",
                        &sym_crypt_set_log_callback, "crypt_set_log_callback",
                        &sym_crypt_volume_key_get, "crypt_volume_key_get",
                        NULL);
        if (r < 0)
                return r;

        /* Note that we never release the reference here, because there's no real reason to, after all this
         * was traditionally a regular shared library dependency which lives forever too. */
        cryptsetup_dl = TAKE_PTR(dl);
        return 1;
}

static void cryptsetup_log_glue(int level, const char *msg, void *usrptr) {

        switch (level) {
        case CRYPT_LOG_NORMAL:
                level = LOG_NOTICE;
                break;
        case CRYPT_LOG_ERROR:
                level = LOG_ERR;
                break;
        case CRYPT_LOG_VERBOSE:
                level = LOG_INFO;
                break;
        case CRYPT_LOG_DEBUG:
                level = LOG_DEBUG;
                break;
        default:
                log_error("Unknown libcryptsetup log level: %d", level);
                level = LOG_ERR;
        }

        log_full(level, "%s", msg);
}

void cryptsetup_enable_logging(struct crypt_device *cd) {
        if (!cd)
                return;

        if (dlopen_cryptsetup() < 0) /* If this fails, let's gracefully ignore the issue, this is just debug
                                      * logging after all, and if this failed we already generated a debug
                                      * log message that should help to track things down. */
                return;

        sym_crypt_set_log_callback(cd, cryptsetup_log_glue, NULL);
        sym_crypt_set_debug_level(DEBUG_LOGGING ? CRYPT_DEBUG_ALL : CRYPT_DEBUG_NONE);
}

#endif
Commit	Line	Data
db9ecf05	1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
691c2e2e ZJS	2
691c2e2e ZJS	3	#if HAVE_LIBCRYPTSETUP
0d12936d	4	#include "alloc-util.h"
1e2f3230	5	#include "cryptsetup-util.h"
0d12936d	6	#include "dlfcn-util.h"
691c2e2e ZJS	7	#include "log.h"
691c2e2e ZJS	8
0d12936d LP	9	static void *cryptsetup_dl = NULL;
	10
	11	int (sym_crypt_activate_by_passphrase)(struct crypt_device cd, const char name, int keyslot, const char passphrase, size_t passphrase_size, uint32_t flags);
	12	#if HAVE_CRYPT_ACTIVATE_BY_SIGNED_KEY
	13	int (sym_crypt_activate_by_signed_key)(struct crypt_device cd, const char name, const char volume_key, size_t volume_key_size, const char *signature, size_t signature_size, uint32_t flags);
	14	#endif
	15	int (sym_crypt_activate_by_volume_key)(struct crypt_device cd, const char name, const char volume_key, size_t volume_key_size, uint32_t flags);
	16	int (sym_crypt_deactivate_by_name)(struct crypt_device cd, const char *name, uint32_t flags);
	17	int (sym_crypt_format)(struct crypt_device cd, const char type, const char cipher, const char cipher_mode, const char uuid, const char volume_key, size_t volume_key_size, void params);
	18	void (sym_crypt_free)(struct crypt_device cd);
	19	const char (sym_crypt_get_dir)(void);
	20	int (sym_crypt_get_verity_info)(struct crypt_device cd, struct crypt_params_verity *vp);
	21	int (sym_crypt_init)(struct crypt_device cd, const char device);
	22	int (sym_crypt_init_by_name)(struct crypt_device cd, const char name);
	23	int (sym_crypt_keyslot_add_by_volume_key)(struct crypt_device cd, int keyslot, const char volume_key, size_t volume_key_size, const char passphrase, size_t passphrase_size);
	24	int (sym_crypt_load)(struct crypt_device cd, const char requested_type, void params);
	25	int (sym_crypt_resize)(struct crypt_device cd, const char *name, uint64_t new_size);
	26	int (sym_crypt_set_data_device)(struct crypt_device cd, const char *device);
	27	void (*sym_crypt_set_debug_level)(int level);
	28	void (sym_crypt_set_log_callback)(struct crypt_device cd, void (log)(int level, const char msg, void usrptr), void usrptr);
	29	int (sym_crypt_volume_key_get)(struct crypt_device cd, int keyslot, char volume_key, size_t volume_key_size, const char *passphrase, size_t passphrase_size);
	30
	31	int dlopen_cryptsetup(void) {
	32	_cleanup_(dlclosep) void *dl = NULL;
	33	int r;
	34
	35	if (cryptsetup_dl)
	36	return 0; /* Already loaded */
	37
	38	dl = dlopen("libcryptsetup.so.12", RTLD_LAZY);
	39	if (!dl)
	40	return log_debug_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
	41	"libcryptsetup support is not installed: %s", dlerror());
	42
	43	r = dlsym_many_and_warn(
	44	dl,
	45	LOG_DEBUG,
	46	&sym_crypt_activate_by_passphrase, "crypt_activate_by_passphrase",
	47	#if HAVE_CRYPT_ACTIVATE_BY_SIGNED_KEY
	48	&sym_crypt_activate_by_signed_key, "crypt_activate_by_signed_key",
	49	#endif
	50	&sym_crypt_activate_by_volume_key, "crypt_activate_by_volume_key",
	51	&sym_crypt_deactivate_by_name, "crypt_deactivate_by_name",
	52	&sym_crypt_format, "crypt_format",
	53	&sym_crypt_free, "crypt_free",
	54	&sym_crypt_get_dir, "crypt_get_dir",
	55	&sym_crypt_get_verity_info, "crypt_get_verity_info",
	56	&sym_crypt_init, "crypt_init",
	57	&sym_crypt_init_by_name, "crypt_init_by_name",
	58	&sym_crypt_keyslot_add_by_volume_key, "crypt_keyslot_add_by_volume_key",
	59	&sym_crypt_load, "crypt_load",
	60	&sym_crypt_resize, "crypt_resize",
	61	&sym_crypt_set_data_device, "crypt_set_data_device",
	62	&sym_crypt_set_debug_level, "crypt_set_debug_level",
	63	&sym_crypt_set_log_callback, "crypt_set_log_callback",
	64	&sym_crypt_volume_key_get, "crypt_volume_key_get",
	65	NULL);
	66	if (r < 0)
	67	return r;
	68
	69	/* Note that we never release the reference here, because there's no real reason to, after all this
	70	* was traditionally a regular shared library dependency which lives forever too. */
	71	cryptsetup_dl = TAKE_PTR(dl);
	72	return 1;
73	}
74
efc3b12f	75	static void cryptsetup_log_glue(int level, const char msg, void usrptr) {
0d12936d	76
aa2cc005 JJ	77	switch (level) {
	78	case CRYPT_LOG_NORMAL:
	79	level = LOG_NOTICE;
	80	break;
	81	case CRYPT_LOG_ERROR:
	82	level = LOG_ERR;
	83	break;
	84	case CRYPT_LOG_VERBOSE:
	85	level = LOG_INFO;
	86	break;
	87	case CRYPT_LOG_DEBUG:
	88	level = LOG_DEBUG;
	89	break;
	90	default:
	91	log_error("Unknown libcryptsetup log level: %d", level);
	92	level = LOG_ERR;
	93	}
	94
	95	log_full(level, "%s", msg);
691c2e2e	96	}
efc3b12f LB	97
efc3b12f LB	98	void cryptsetup_enable_logging(struct crypt_device *cd) {
0d12936d LP	99	if (!cd)
	100	return;
	101
	102	if (dlopen_cryptsetup() < 0) /* If this fails, let's gracefully ignore the issue, this is just debug
	103	* logging after all, and if this failed we already generated a debug
	104	* log message that should help to track things down. */
	105	return;
	106
	107	sym_crypt_set_log_callback(cd, cryptsetup_log_glue, NULL);
	108	sym_crypt_set_debug_level(DEBUG_LOGGING ? CRYPT_DEBUG_ALL : CRYPT_DEBUG_NONE);
efc3b12f LB	109	}
efc3b12f LB	110
691c2e2e	111	#endif