]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/cryptsetup/cryptsetup-generator.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
cryptsetup-generator: Add warn_uuid_invalid helper
[thirdparty/systemd.git] / src / cryptsetup / cryptsetup-generator.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2
3 #include <errno.h>
4 #include <fcntl.h>
5 #include <sys/stat.h>
6 #include <sys/types.h>
7
8 #include "alloc-util.h"
9 #include "dropin.h"
10 #include "escape.h"
11 #include "fd-util.h"
12 #include "fileio.h"
13 #include "fstab-util.h"
14 #include "generator.h"
15 #include "hashmap.h"
16 #include "id128-util.h"
17 #include "log.h"
18 #include "mkdir.h"
19 #include "parse-util.h"
20 #include "path-util.h"
21 #include "proc-cmdline.h"
22 #include "specifier.h"
23 #include "string-util.h"
24 #include "strv.h"
25 #include "unit-name.h"
26 #include "util.h"
27
28 typedef struct crypto_device {
29 char *uuid;
30 char *keyfile;
31 char *keydev;
32 char *name;
33 char *options;
34 bool create;
35 } crypto_device;
36
37 static const char *arg_dest = NULL;
38 static bool arg_enabled = true;
39 static bool arg_read_crypttab = true;
40 static const char *arg_crypttab = NULL;
41 static const char *arg_runtime_directory = NULL;
42 static bool arg_allow_list = false;
43 static Hashmap *arg_disks = NULL;
44 static char *arg_default_options = NULL;
45 static char *arg_default_keyfile = NULL;
46
47 STATIC_DESTRUCTOR_REGISTER(arg_disks, hashmap_freep);
48 STATIC_DESTRUCTOR_REGISTER(arg_default_options, freep);
49 STATIC_DESTRUCTOR_REGISTER(arg_default_keyfile, freep);
50
51 static int split_keyspec(const char *keyspec, char **ret_keyfile, char **ret_keydev) {
52 _cleanup_free_ char *keyfile = NULL, *keydev = NULL;
53 const char *c;
54
55 assert(ret_keyfile);
56 assert(ret_keydev);
57
58 if (!keyspec) {
59 *ret_keyfile = *ret_keydev = NULL;
60 return 0;
61 }
62
63 c = strrchr(keyspec, ':');
64 if (c) {
65 /* The keydev part has to be either an absolute path to device node (/dev/something,
66 * /dev/foo/something, or even possibly /dev/foo/something:part), or a fstab device
67 * specification starting with LABEL= or similar. The keyfile part has the same syntax.
68 *
69 * Let's try to guess if the second part looks like a keydev specification, or just part of a
70 * filename with a colon. fstab_node_to_udev_node() will convert the fstab device syntax to
71 * an absolute path. If we didn't get an absolute path, assume that it is just part of the
72 * first keyfile argument. */
73
74 keydev = fstab_node_to_udev_node(c + 1);
75 if (!keydev)
76 return log_oom();
77
78 if (path_is_absolute(keydev))
79 keyfile = strndup(keyspec, c-keyspec);
80 else {
81 log_debug("Keyspec argument contains a colon, but \"%s\" doesn't look like a device specification.\n"
82 "Assuming that \"%s\" is a single device specification.",
83 c + 1, keyspec);
84 keydev = mfree(keydev);
85 c = NULL;
86 }
87 }
88
89 if (!c)
90 /* No keydev specified */
91 keyfile = strdup(keyspec);
92
93 if (!keyfile)
94 return log_oom();
95
96 *ret_keyfile = TAKE_PTR(keyfile);
97 *ret_keydev = TAKE_PTR(keydev);
98
99 return 0;
100 }
101
102 static int generate_device_mount(
103 const char *name,
104 const char *device,
105 const char *type_prefix, /* "keydev" or "headerdev" */
106 const char *device_timeout,
107 bool canfail,
108 bool readonly,
109 char **unit,
110 char **mount) {
111
112 _cleanup_free_ char *u = NULL, *where = NULL, *name_escaped = NULL, *device_unit = NULL;
113 _cleanup_fclose_ FILE *f = NULL;
114 int r;
115 usec_t timeout_us;
116
117 assert(name);
118 assert(device);
119 assert(unit);
120 assert(mount);
121
122 r = mkdir_parents(arg_runtime_directory, 0755);
123 if (r < 0)
124 return r;
125
126 r = mkdir(arg_runtime_directory, 0700);
127 if (r < 0 && errno != EEXIST)
128 return -errno;
129
130 name_escaped = cescape(name);
131 if (!name_escaped)
132 return -ENOMEM;
133
134 where = strjoin(arg_runtime_directory, "/", type_prefix, "-", name_escaped);
135 if (!where)
136 return -ENOMEM;
137
138 r = mkdir(where, 0700);
139 if (r < 0 && errno != EEXIST)
140 return -errno;
141
142 r = unit_name_from_path(where, ".mount", &u);
143 if (r < 0)
144 return r;
145
146 r = generator_open_unit_file(arg_dest, NULL, u, &f);
147 if (r < 0)
148 return r;
149
150 fprintf(f,
151 "[Unit]\n"
152 "DefaultDependencies=no\n\n"
153 "[Mount]\n"
154 "What=%s\n"
155 "Where=%s\n"
156 "Options=%s%s\n", device, where, readonly ? "ro" : "rw", canfail ? ",nofail" : "");
157
158 if (device_timeout) {
159 r = parse_sec_fix_0(device_timeout, &timeout_us);
160 if (r >= 0) {
161 r = unit_name_from_path(device, ".device", &device_unit);
162 if (r < 0)
163 return log_error_errno(r, "Failed to generate unit name: %m");
164
165 r = write_drop_in_format(arg_dest, device_unit, 90, "device-timeout",
166 "# Automatically generated by systemd-cryptsetup-generator \n\n"
167 "[Unit]\nJobRunningTimeoutSec=%s", device_timeout);
168 if (r < 0)
169 return log_error_errno(r, "Failed to write device drop-in: %m");
170
171 } else
172 log_warning_errno(r, "Failed to parse %s, ignoring: %m", device_timeout);
173
174 }
175
176 r = fflush_and_check(f);
177 if (r < 0)
178 return r;
179
180 *unit = TAKE_PTR(u);
181 *mount = TAKE_PTR(where);
182
183 return 0;
184 }
185
186 static int generate_device_umount(const char *name,
187 const char *device_mount,
188 const char *type_prefix, /* "keydev" or "headerdev" */
189 char **ret_umount_unit) {
190 _cleanup_fclose_ FILE *f = NULL;
191 _cleanup_free_ char *u = NULL, *name_escaped = NULL, *mount = NULL;
192 int r;
193
194 assert(name);
195 assert(ret_umount_unit);
196
197 name_escaped = cescape(name);
198 if (!name_escaped)
199 return -ENOMEM;
200
201 u = strjoin(type_prefix, "-", name_escaped, "-umount.service");
202 if (!u)
203 return -ENOMEM;
204
205 r = unit_name_from_path(device_mount, ".mount", &mount);
206 if (r < 0)
207 return r;
208
209 r = generator_open_unit_file(arg_dest, NULL, u, &f);
210 if (r < 0)
211 return r;
212
213 fprintf(f,
214 "[Unit]\n"
215 "DefaultDependencies=no\n"
216 "After=%s\n\n"
217 "[Service]\n"
218 "ExecStart=-" UMOUNT_PATH " %s\n\n", mount, device_mount);
219
220 r = fflush_and_check(f);
221 if (r < 0)
222 return r;
223
224 *ret_umount_unit = TAKE_PTR(u);
225 return 0;
226 }
227
228 static int print_dependencies(FILE *f, const char* device_path) {
229 int r;
230
231 if (STR_IN_SET(device_path, "-", "none"))
232 /* None, nothing to do */
233 return 0;
234
235 if (PATH_IN_SET(device_path,
236 "/dev/urandom",
237 "/dev/random",
238 "/dev/hw_random",
239 "/dev/hwrng")) {
240 /* RNG device, add random dep */
241 fputs("After=systemd-random-seed.service\n", f);
242 return 0;
243 }
244
245 _cleanup_free_ char *udev_node = fstab_node_to_udev_node(device_path);
246 if (!udev_node)
247 return log_oom();
248
249 if (path_equal(udev_node, "/dev/null"))
250 return 0;
251
252 if (path_startswith(udev_node, "/dev/")) {
253 /* We are dealing with a block device, add dependency for corresponding unit */
254 _cleanup_free_ char *unit = NULL;
255
256 r = unit_name_from_path(udev_node, ".device", &unit);
257 if (r < 0)
258 return log_error_errno(r, "Failed to generate unit name: %m");
259
260 fprintf(f,
261 "After=%1$s\n"
262 "Requires=%1$s\n", unit);
263 } else {
264 /* Regular file, add mount dependency */
265 _cleanup_free_ char *escaped_path = specifier_escape(device_path);
266 if (!escaped_path)
267 return log_oom();
268
269 fprintf(f, "RequiresMountsFor=%s\n", escaped_path);
270 }
271
272 return 0;
273 }
274
275 static int create_disk(
276 const char *name,
277 const char *device,
278 const char *password,
279 const char *keydev,
280 const char *options,
281 const char *source) {
282
283 _cleanup_free_ char *n = NULL, *d = NULL, *u = NULL, *e = NULL,
284 *keydev_mount = NULL, *keyfile_timeout_value = NULL,
285 *filtered = NULL, *u_escaped = NULL, *name_escaped = NULL, *header_path = NULL, *password_buffer = NULL,
286 *tmp_fstype = NULL;
287 _cleanup_fclose_ FILE *f = NULL;
288 const char *dmname;
289 bool noauto, nofail, swap, netdev, attach_in_initrd;
290 int r, detached_header, keyfile_can_timeout, tmp;
291
292 assert(name);
293 assert(device);
294
295 noauto = fstab_test_yes_no_option(options, "noauto\0" "auto\0");
296 nofail = fstab_test_yes_no_option(options, "nofail\0" "fail\0");
297 swap = fstab_test_option(options, "swap\0");
298 netdev = fstab_test_option(options, "_netdev\0");
299 attach_in_initrd = fstab_test_option(options, "x-initrd.attach\0");
300
301 keyfile_can_timeout = fstab_filter_options(options, "keyfile-timeout\0", NULL, &keyfile_timeout_value, NULL);
302 if (keyfile_can_timeout < 0)
303 return log_error_errno(keyfile_can_timeout, "Failed to parse keyfile-timeout= option value: %m");
304
305 detached_header = fstab_filter_options(options, "header\0", NULL, &header_path, NULL);
306 if (detached_header < 0)
307 return log_error_errno(detached_header, "Failed to parse header= option value: %m");
308
309 tmp = fstab_filter_options(options, "tmp\0", NULL, &tmp_fstype, NULL);
310 if (tmp < 0)
311 return log_error_errno(tmp, "Failed to parse tmp= option value: %m");
312
313 if (tmp && swap)
314 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
315 "Device '%s' cannot be both 'tmp' and 'swap'. Ignoring.",
316 name);
317
318 name_escaped = specifier_escape(name);
319 if (!name_escaped)
320 return log_oom();
321
322 e = unit_name_escape(name);
323 if (!e)
324 return log_oom();
325
326 u = fstab_node_to_udev_node(device);
327 if (!u)
328 return log_oom();
329
330 r = unit_name_build("systemd-cryptsetup", e, ".service", &n);
331 if (r < 0)
332 return log_error_errno(r, "Failed to generate unit name: %m");
333
334 u_escaped = specifier_escape(u);
335 if (!u_escaped)
336 return log_oom();
337
338 r = unit_name_from_path(u, ".device", &d);
339 if (r < 0)
340 return log_error_errno(r, "Failed to generate unit name: %m");
341
342 if (keydev && !password)
343 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
344 "Key device is specified, but path to the password file is missing.");
345
346 r = generator_open_unit_file(arg_dest, NULL, n, &f);
347 if (r < 0)
348 return r;
349
350 r = generator_write_cryptsetup_unit_section(f, source);
351 if (r < 0)
352 return r;
353
354 if (netdev)
355 fprintf(f, "After=remote-fs-pre.target\n");
356
357 /* If initrd takes care of attaching the disk then it should also detach it during shutdown. */
358 if (!attach_in_initrd)
359 fprintf(f, "Conflicts=umount.target\n");
360
361 if (keydev) {
362 _cleanup_free_ char *unit = NULL, *umount_unit = NULL;
363
364 r = generate_device_mount(
365 name,
366 keydev,
367 "keydev",
368 keyfile_timeout_value,
369 /* canfail = */ keyfile_can_timeout > 0,
370 /* readonly= */ true,
371 &unit,
372 &keydev_mount);
373 if (r < 0)
374 return log_error_errno(r, "Failed to generate keydev mount unit: %m");
375
376 r = generate_device_umount(name, keydev_mount, "keydev", &umount_unit);
377 if (r < 0)
378 return log_error_errno(r, "Failed to generate keydev umount unit: %m");
379
380 password_buffer = path_join(keydev_mount, password);
381 if (!password_buffer)
382 return log_oom();
383
384 password = password_buffer;
385
386 fprintf(f, "After=%s\n", unit);
387 if (keyfile_can_timeout > 0)
388 fprintf(f, "Wants=%s\n", unit);
389 else
390 fprintf(f, "Requires=%s\n", unit);
391
392 if (umount_unit) {
393 fprintf(f,
394 "Wants=%s\n"
395 "Before=%s\n",
396 umount_unit,
397 umount_unit
398 );
399 }
400 }
401
402 if (!nofail)
403 fprintf(f,
404 "Before=%s\n",
405 netdev ? "remote-cryptsetup.target" : "cryptsetup.target");
406
407 if (password && !keydev) {
408 r = print_dependencies(f, password);
409 if (r < 0)
410 return r;
411 }
412
413 /* Check if a header option was specified */
414 if (detached_header > 0) {
415 r = print_dependencies(f, header_path);
416 if (r < 0)
417 return r;
418 }
419
420 if (path_startswith(u, "/dev/"))
421 fprintf(f,
422 "BindsTo=%s\n"
423 "After=%s\n"
424 "Before=umount.target\n",
425 d, d);
426 else
427 /* For loopback devices, add systemd-tmpfiles-setup-dev.service
428 dependency to ensure that loopback support is available in
429 the kernel (/dev/loop-control needs to exist) */
430 fprintf(f,
431 "RequiresMountsFor=%s\n"
432 "Requires=systemd-tmpfiles-setup-dev.service\n"
433 "After=systemd-tmpfiles-setup-dev.service\n",
434 u_escaped);
435
436 r = generator_write_timeouts(arg_dest, device, name, options, &filtered);
437 if (r < 0)
438 log_warning_errno(r, "Failed to write device timeout drop-in: %m");
439
440 r = generator_write_cryptsetup_service_section(f, name, u, password, filtered);
441 if (r < 0)
442 return r;
443
444 if (tmp) {
445 _cleanup_free_ char *tmp_fstype_escaped = NULL;
446
447 if (tmp_fstype) {
448 tmp_fstype_escaped = specifier_escape(tmp_fstype);
449 if (!tmp_fstype_escaped)
450 return log_oom();
451 }
452
453 fprintf(f,
454 "ExecStartPost=" ROOTLIBEXECDIR "/systemd-makefs '%s' '/dev/mapper/%s'\n",
455 tmp_fstype_escaped ?: "ext4", name_escaped);
456 }
457
458 if (swap)
459 fprintf(f,
460 "ExecStartPost=" ROOTLIBEXECDIR "/systemd-makefs swap '/dev/mapper/%s'\n",
461 name_escaped);
462
463 r = fflush_and_check(f);
464 if (r < 0)
465 return log_error_errno(r, "Failed to write unit file %s: %m", n);
466
467 if (!noauto) {
468 r = generator_add_symlink(arg_dest,
469 netdev ? "remote-cryptsetup.target" : "cryptsetup.target",
470 nofail ? "wants" : "requires", n);
471 if (r < 0)
472 return r;
473 }
474
475 dmname = strjoina("dev-mapper-", e, ".device");
476 r = generator_add_symlink(arg_dest, dmname, "requires", n);
477 if (r < 0)
478 return r;
479
480 if (!noauto && !nofail) {
481 r = write_drop_in(arg_dest, dmname, 40, "device-timeout",
482 "# Automatically generated by systemd-cryptsetup-generator\n\n"
483 "[Unit]\nJobTimeoutSec=0");
484 if (r < 0)
485 log_warning_errno(r, "Failed to write device timeout drop-in: %m");
486 }
487
488 return 0;
489 }
490
491 static crypto_device* crypt_device_free(crypto_device *d) {
492 if (!d)
493 return NULL;
494
495 free(d->uuid);
496 free(d->keyfile);
497 free(d->keydev);
498 free(d->name);
499 free(d->options);
500 return mfree(d);
501 }
502
503 static crypto_device *get_crypto_device(const char *uuid) {
504 int r;
505 crypto_device *d;
506
507 assert(uuid);
508
509 d = hashmap_get(arg_disks, uuid);
510 if (!d) {
511 d = new0(struct crypto_device, 1);
512 if (!d)
513 return NULL;
514
515 d->uuid = strdup(uuid);
516 if (!d->uuid)
517 return mfree(d);
518
519 r = hashmap_put(arg_disks, d->uuid, d);
520 if (r < 0) {
521 free(d->uuid);
522 return mfree(d);
523 }
524 }
525
526 return d;
527 }
528
529 static bool warn_uuid_invalid(const char *uuid, const char *key) {
530 assert(key);
531
532 if (!id128_is_valid(uuid)) {
533 log_warning("Failed to parse %s= kernel command line switch. UUID is invalid, ignoring.", key);
534 return true;
535 }
536
537 return false;
538 }
539
540 static int parse_proc_cmdline_item(const char *key, const char *value, void *data) {
541 _cleanup_free_ char *uuid = NULL, *uuid_value = NULL;
542 crypto_device *d;
543 int r;
544
545 if (streq(key, "luks")) {
546
547 r = value ? parse_boolean(value) : 1;
548 if (r < 0)
549 log_warning("Failed to parse luks= kernel command line switch %s. Ignoring.", value);
550 else
551 arg_enabled = r;
552
553 } else if (streq(key, "luks.crypttab")) {
554
555 r = value ? parse_boolean(value) : 1;
556 if (r < 0)
557 log_warning("Failed to parse luks.crypttab= kernel command line switch %s. Ignoring.", value);
558 else
559 arg_read_crypttab = r;
560
561 } else if (streq(key, "luks.uuid")) {
562
563 if (proc_cmdline_value_missing(key, value))
564 return 0;
565
566 d = get_crypto_device(startswith(value, "luks-") ?: value);
567 if (!d)
568 return log_oom();
569
570 d->create = arg_allow_list = true;
571
572 } else if (streq(key, "luks.options")) {
573
574 if (proc_cmdline_value_missing(key, value))
575 return 0;
576
577 r = sscanf(value, "%m[0-9a-fA-F-]=%ms", &uuid, &uuid_value);
578 if (r == 2) {
579 d = get_crypto_device(uuid);
580 if (!d)
581 return log_oom();
582
583 free_and_replace(d->options, uuid_value);
584 } else if (free_and_strdup(&arg_default_options, value) < 0)
585 return log_oom();
586
587 } else if (streq(key, "luks.key")) {
588 size_t n;
589 _cleanup_free_ char *keyfile = NULL, *keydev = NULL;
590 const char *keyspec;
591
592 if (proc_cmdline_value_missing(key, value))
593 return 0;
594
595 n = strspn(value, ALPHANUMERICAL "-");
596 if (value[n] != '=') {
597 if (free_and_strdup(&arg_default_keyfile, value) < 0)
598 return log_oom();
599 return 0;
600 }
601
602 uuid = strndup(value, n);
603 if (!uuid)
604 return log_oom();
605
606 if (warn_uuid_invalid(uuid, key))
607 return 0;
608
609 d = get_crypto_device(uuid);
610 if (!d)
611 return log_oom();
612
613 keyspec = value + n + 1;
614 r = split_keyspec(keyspec, &keyfile, &keydev);
615 if (r < 0)
616 return r;
617
618 free_and_replace(d->keyfile, keyfile);
619 free_and_replace(d->keydev, keydev);
620
621 } else if (streq(key, "luks.name")) {
622
623 if (proc_cmdline_value_missing(key, value))
624 return 0;
625
626 r = sscanf(value, "%m[0-9a-fA-F-]=%ms", &uuid, &uuid_value);
627 if (r == 2) {
628 d = get_crypto_device(uuid);
629 if (!d)
630 return log_oom();
631
632 d->create = arg_allow_list = true;
633
634 free_and_replace(d->name, uuid_value);
635 } else
636 log_warning("Failed to parse luks name switch %s. Ignoring.", value);
637 }
638
639 return 0;
640 }
641
642 static int add_crypttab_devices(void) {
643 _cleanup_fclose_ FILE *f = NULL;
644 unsigned crypttab_line = 0;
645 struct stat st;
646 int r;
647
648 if (!arg_read_crypttab)
649 return 0;
650
651 r = fopen_unlocked(arg_crypttab, "re", &f);
652 if (r < 0) {
653 if (errno != ENOENT)
654 log_error_errno(errno, "Failed to open %s: %m", arg_crypttab);
655 return 0;
656 }
657
658 if (fstat(fileno(f), &st) < 0) {
659 log_error_errno(errno, "Failed to stat %s: %m", arg_crypttab);
660 return 0;
661 }
662
663 for (;;) {
664 _cleanup_free_ char *line = NULL, *name = NULL, *device = NULL, *keyspec = NULL, *options = NULL, *keyfile = NULL, *keydev = NULL;
665 crypto_device *d = NULL;
666 char *l, *uuid;
667 int k;
668
669 r = read_line(f, LONG_LINE_MAX, &line);
670 if (r < 0)
671 return log_error_errno(r, "Failed to read %s: %m", arg_crypttab);
672 if (r == 0)
673 break;
674
675 crypttab_line++;
676
677 l = strstrip(line);
678 if (IN_SET(l[0], 0, '#'))
679 continue;
680
681 k = sscanf(l, "%ms %ms %ms %ms", &name, &device, &keyspec, &options);
682 if (k < 2 || k > 4) {
683 log_error("Failed to parse %s:%u, ignoring.", arg_crypttab, crypttab_line);
684 continue;
685 }
686
687 uuid = startswith(device, "UUID=");
688 if (!uuid)
689 uuid = path_startswith(device, "/dev/disk/by-uuid/");
690 if (!uuid)
691 uuid = startswith(name, "luks-");
692 if (uuid)
693 d = hashmap_get(arg_disks, uuid);
694
695 if (arg_allow_list && !d) {
696 log_info("Not creating device '%s' because it was not specified on the kernel command line.", name);
697 continue;
698 }
699
700 r = split_keyspec(keyspec, &keyfile, &keydev);
701 if (r < 0)
702 return r;
703
704 r = create_disk(name, device, keyfile, keydev, (d && d->options) ? d->options : options, arg_crypttab);
705 if (r < 0)
706 return r;
707
708 if (d)
709 d->create = false;
710 }
711
712 return 0;
713 }
714
715 static int add_proc_cmdline_devices(void) {
716 int r;
717 crypto_device *d;
718
719 HASHMAP_FOREACH(d, arg_disks) {
720 _cleanup_free_ char *device = NULL;
721
722 if (!d->create)
723 continue;
724
725 if (!d->name) {
726 d->name = strjoin("luks-", d->uuid);
727 if (!d->name)
728 return log_oom();
729 }
730
731 device = strjoin("UUID=", d->uuid);
732 if (!device)
733 return log_oom();
734
735 r = create_disk(d->name,
736 device,
737 d->keyfile ?: arg_default_keyfile,
738 d->keydev,
739 d->options ?: arg_default_options,
740 "/proc/cmdline");
741 if (r < 0)
742 return r;
743 }
744
745 return 0;
746 }
747
748 DEFINE_PRIVATE_HASH_OPS_WITH_VALUE_DESTRUCTOR(crypt_device_hash_ops, char, string_hash_func, string_compare_func,
749 crypto_device, crypt_device_free);
750
751 static int run(const char *dest, const char *dest_early, const char *dest_late) {
752 int r;
753
754 assert_se(arg_dest = dest);
755
756 arg_crypttab = getenv("SYSTEMD_CRYPTTAB") ?: "/etc/crypttab";
757 arg_runtime_directory = getenv("RUNTIME_DIRECTORY") ?: "/run/systemd/cryptsetup";
758
759 arg_disks = hashmap_new(&crypt_device_hash_ops);
760 if (!arg_disks)
761 return log_oom();
762
763 r = proc_cmdline_parse(parse_proc_cmdline_item, NULL, PROC_CMDLINE_STRIP_RD_PREFIX);
764 if (r < 0)
765 return log_warning_errno(r, "Failed to parse kernel command line: %m");
766
767 if (!arg_enabled)
768 return 0;
769
770 r = add_crypttab_devices();
771 if (r < 0)
772 return r;
773
774 r = add_proc_cmdline_devices();
775 if (r < 0)
776 return r;
777
778 return 0;
779 }
780
781 DEFINE_MAIN_GENERATOR_FUNCTION(run);
Unnamed repository; edit this file 'description' to name the repository.