STRV_FOREACH(pp, passwords) {
size_t vks = *volume_key_size;
- r = crypt_volume_key_get(
+ r = sym_crypt_volume_key_get(
cd,
CRYPT_ANY_SLOT,
volume_key,
void **ret_volume_key,
size_t *ret_volume_key_size) {
- _cleanup_(crypt_freep) struct crypt_device *cd = NULL;
+ _cleanup_(sym_crypt_freep) struct crypt_device *cd = NULL;
_cleanup_(erase_and_freep) void *vk = NULL;
sd_id128_t p;
size_t vks;
assert(dm_name);
assert(ret);
- r = crypt_init(&cd, node);
+ r = sym_crypt_init(&cd, node);
if (r < 0)
return log_error_errno(r, "Failed to allocate libcryptsetup context: %m");
cryptsetup_enable_logging(cd);
- r = crypt_load(cd, CRYPT_LUKS2, NULL);
+ r = sym_crypt_load(cd, CRYPT_LUKS2, NULL);
if (r < 0)
return log_error_errno(r, "Failed to load LUKS superblock: %m");
- r = crypt_get_volume_key_size(cd);
+ r = sym_crypt_get_volume_key_size(cd);
if (r <= 0)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to determine LUKS volume key size");
vks = (size_t) r;
if (!sd_id128_is_null(uuid) || ret_found_uuid) {
const char *s;
- s = crypt_get_uuid(cd);
+ s = sym_crypt_get_uuid(cd);
if (!s)
return log_error_errno(SYNTHETIC_ERRNO(EMEDIUMTYPE), "LUKS superblock has no UUID.");
return log_error_errno(SYNTHETIC_ERRNO(EMEDIUMTYPE), "LUKS superblock has wrong UUID.");
}
- if (cipher && !streq_ptr(cipher, crypt_get_cipher(cd)))
+ if (cipher && !streq_ptr(cipher, sym_crypt_get_cipher(cd)))
return log_error_errno(SYNTHETIC_ERRNO(EMEDIUMTYPE), "LUKS superblock declares wrong cipher.");
- if (cipher_mode && !streq_ptr(cipher_mode, crypt_get_cipher_mode(cd)))
+ if (cipher_mode && !streq_ptr(cipher_mode, sym_crypt_get_cipher_mode(cd)))
return log_error_errno(SYNTHETIC_ERRNO(EMEDIUMTYPE), "LUKS superblock declares wrong cipher mode.");
if (volume_key_size != UINT64_MAX && vks != volume_key_size)
if (r < 0)
return log_error_errno(r, "Failed to unlocks LUKS superblock: %m");
- r = crypt_activate_by_volume_key(
+ r = sym_crypt_activate_by_volume_key(
cd,
dm_name,
vk, vks,
void **ret_volume_key,
size_t *ret_volume_key_size) {
- _cleanup_(crypt_freep) struct crypt_device *cd = NULL;
+ _cleanup_(sym_crypt_freep) struct crypt_device *cd = NULL;
_cleanup_(erase_and_freep) void *vk = NULL;
sd_id128_t p;
char **list;
/* Opens a LUKS device that is already set up. Re-validates the password while doing so (which also
* provides us with the volume key, which we want). */
- r = crypt_init_by_name(&cd, dm_name);
+ r = sym_crypt_init_by_name(&cd, dm_name);
if (r < 0)
return log_error_errno(r, "Failed to initialize cryptsetup context for %s: %m", dm_name);
cryptsetup_enable_logging(cd);
- r = crypt_load(cd, CRYPT_LUKS2, NULL);
+ r = sym_crypt_load(cd, CRYPT_LUKS2, NULL);
if (r < 0)
return log_error_errno(r, "Failed to load LUKS superblock: %m");
- r = crypt_get_volume_key_size(cd);
+ r = sym_crypt_get_volume_key_size(cd);
if (r <= 0)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to determine LUKS volume key size");
vks = (size_t) r;
if (ret_found_uuid) {
const char *s;
- s = crypt_get_uuid(cd);
+ s = sym_crypt_get_uuid(cd);
if (!s)
return log_error_errno(SYNTHETIC_ERRNO(EMEDIUMTYPE), "LUKS superblock has no UUID.");
/* This is needed so that crypt_resize() can operate correctly for pre-existing LUKS devices. We need
* to tell libcryptsetup the volume key explicitly, so that it is in the kernel keyring. */
- r = crypt_activate_by_volume_key(cd, NULL, vk, vks, CRYPT_ACTIVATE_KEYRING_KEY);
+ r = sym_crypt_activate_by_volume_key(cd, NULL, vk, vks, CRYPT_ACTIVATE_KEYRING_KEY);
if (r < 0)
return log_error_errno(r, "Failed to upload volume key again: %m");
/* Let's find the right OpenSSL EVP_CIPHER object that matches the encryption settings of the LUKS
* device */
- cipher = crypt_get_cipher(cd);
+ cipher = sym_crypt_get_cipher(cd);
if (!cipher)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Cannot get cipher from LUKS device.");
- cipher_mode = crypt_get_cipher_mode(cd);
+ cipher_mode = sym_crypt_get_cipher_mode(cd);
if (!cipher_mode)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Cannot get cipher mode from LUKS device.");
if (e)
cipher_mode = strndupa(cipher_mode, e - cipher_mode);
- r = crypt_get_volume_key_size(cd);
+ r = sym_crypt_get_volume_key_size(cd);
if (r <= 0)
return log_error_errno(r < 0 ? r : SYNTHETIC_ERRNO(EINVAL), "Cannot get volume key size from LUKS device.");
unsigned line, column;
const EVP_CIPHER *cc;
- state = crypt_token_status(cd, token, &type);
+ state = sym_crypt_token_status(cd, token, &type);
if (state == CRYPT_TOKEN_INACTIVE) /* First unconfigured token, give up */
break;
if (IN_SET(state, CRYPT_TOKEN_INTERNAL, CRYPT_TOKEN_INTERNAL_UNKNOWN, CRYPT_TOKEN_EXTERNAL))
if (!streq(type, "systemd-homed"))
continue;
- r = crypt_token_json_get(cd, token, &text);
+ r = sym_crypt_token_json_get(cd, token, &text);
if (r < 0)
return log_error_errno(r, "Failed to read LUKS token %i: %m", token);
crypt_token_info state;
const char *type;
- state = crypt_token_status(setup->crypt_device, token, &type);
+ state = sym_crypt_token_status(setup->crypt_device, token, &type);
if (state == CRYPT_TOKEN_INACTIVE) /* First unconfigured token, we are done */
break;
if (IN_SET(state, CRYPT_TOKEN_INTERNAL, CRYPT_TOKEN_INTERNAL_UNKNOWN, CRYPT_TOKEN_EXTERNAL))
if (!streq(type, "systemd-homed"))
continue;
- r = crypt_token_json_set(setup->crypt_device, token, text);
+ r = sym_crypt_token_json_set(setup->crypt_device, token, text);
if (r < 0)
return log_error_errno(r, "Failed to set JSON token for slot %i: %m", token);
sd_id128_t found_partition_uuid, found_luks_uuid, found_fs_uuid;
_cleanup_(user_record_unrefp) UserRecord *luks_home = NULL;
_cleanup_(loop_device_unrefp) LoopDevice *loop = NULL;
- _cleanup_(crypt_freep) struct crypt_device *cd = NULL;
+ _cleanup_(sym_crypt_freep) struct crypt_device *cd = NULL;
_cleanup_(erase_and_freep) void *volume_key = NULL;
_cleanup_close_ int root_fd = -1, image_fd = -1;
bool dm_activated = false, mounted = false;
assert(user_record_storage(h) == USER_LUKS);
+ r = dlopen_cryptsetup();
+ if (r < 0)
+ return r;
+
if (already_activated) {
struct loop_info64 info;
const char *n;
if (r < 0)
return r;
- n = crypt_get_device_name(cd);
+ n = sym_crypt_get_device_name(cd);
if (!n)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to determine backing device for DM %s.", setup->dm_name);
(void) umount_verbose(LOG_ERR, "/run/systemd/user-home-mount", UMOUNT_NOFOLLOW);
if (dm_activated)
- (void) crypt_deactivate(cd, setup->dm_name);
+ (void) sym_crypt_deactivate_by_name(cd, setup->dm_name, 0);
if (image_fd >= 0 && marked_dirty)
(void) run_mark_dirty(image_fd, false);
assert(user_record_storage(h) == USER_LUKS);
assert(ret_home);
+ r = dlopen_cryptsetup();
+ if (r < 0)
+ return r;
+
assert_se(hdo = user_record_home_directory(h));
hd = strdupa(hdo); /* copy the string out, since it might change later in the home record object */
loop_device_relinquish(setup.loop);
- r = crypt_deactivate_by_name(NULL, setup.dm_name, CRYPT_DEACTIVATE_DEFERRED);
+ r = sym_crypt_deactivate_by_name(NULL, setup.dm_name, CRYPT_DEACTIVATE_DEFERRED);
if (r < 0)
log_warning_errno(r, "Failed to relinquish DM device, ignoring: %m");
}
int home_deactivate_luks(UserRecord *h) {
- _cleanup_(crypt_freep) struct crypt_device *cd = NULL;
+ _cleanup_(sym_crypt_freep) struct crypt_device *cd = NULL;
_cleanup_free_ char *dm_name = NULL, *dm_node = NULL;
bool we_detached;
int r;
* don't bother about the loopback device because unlike the DM device it doesn't have a fixed
* name. */
+ r = dlopen_cryptsetup();
+ if (r < 0)
+ return r;
+
r = make_dm_names(h->user_name, &dm_name, &dm_node);
if (r < 0)
return r;
- r = crypt_init_by_name(&cd, dm_name);
+ r = sym_crypt_init_by_name(&cd, dm_name);
if (IN_SET(r, -ENODEV, -EINVAL, -ENOENT)) {
log_debug_errno(r, "LUKS device %s has already been detached.", dm_name);
we_detached = false;
cryptsetup_enable_logging(cd);
- r = crypt_deactivate(cd, dm_name);
+ r = sym_crypt_deactivate_by_name(cd, dm_name, 0);
if (IN_SET(r, -ENODEV, -EINVAL, -ENOENT)) {
log_debug_errno(r, "LUKS device %s is already detached.", dm_node);
we_detached = false;
struct crypt_device **ret) {
_cleanup_(user_record_unrefp) UserRecord *reduced = NULL;
- _cleanup_(crypt_freep) struct crypt_device *cd = NULL;
+ _cleanup_(sym_crypt_freep) struct crypt_device *cd = NULL;
_cleanup_(erase_and_freep) void *volume_key = NULL;
struct crypt_pbkdf_type good_pbkdf, minimal_pbkdf;
char suuid[ID128_UUID_STRING_MAX], **pp;
assert(hr);
assert(ret);
- r = crypt_init(&cd, node);
+ r = sym_crypt_init(&cd, node);
if (r < 0)
return log_error_errno(r, "Failed to allocate libcryptsetup context: %m");
#if HAVE_CRYPT_SET_METADATA_SIZE
/* Increase the metadata space to 4M, the largest LUKS2 supports */
- r = crypt_set_metadata_size(cd, 4096U*1024U, 0);
+ r = sym_crypt_set_metadata_size(cd, 4096U*1024U, 0);
if (r < 0)
return log_error_errno(r, "Failed to change LUKS2 metadata size: %m");
#endif
build_good_pbkdf(&good_pbkdf, hr);
build_minimal_pbkdf(&minimal_pbkdf, hr);
- r = crypt_format(cd,
+ r = sym_crypt_format(cd,
CRYPT_LUKS2,
user_record_luks_cipher(hr),
user_record_luks_cipher_mode(hr),
if (strv_contains(cache->pkcs11_passwords, *pp) ||
strv_contains(cache->fido2_passwords, *pp)) {
log_debug("Using minimal PBKDF for slot %i", slot);
- r = crypt_set_pbkdf_type(cd, &minimal_pbkdf);
+ r = sym_crypt_set_pbkdf_type(cd, &minimal_pbkdf);
} else {
log_debug("Using good PBKDF for slot %i", slot);
- r = crypt_set_pbkdf_type(cd, &good_pbkdf);
+ r = sym_crypt_set_pbkdf_type(cd, &good_pbkdf);
}
if (r < 0)
return log_error_errno(r, "Failed to tweak PBKDF for slot %i: %m", slot);
- r = crypt_keyslot_add_by_volume_key(
+ r = sym_crypt_keyslot_add_by_volume_key(
cd,
slot,
volume_key,
slot++;
}
- r = crypt_activate_by_volume_key(
+ r = sym_crypt_activate_by_volume_key(
cd,
dm_name,
volume_key,
if (r < 0)
return r;
- r = crypt_token_json_set(cd, CRYPT_ANY_TOKEN, text);
+ r = sym_crypt_token_json_set(cd, CRYPT_ANY_TOKEN, text);
if (r < 0)
return log_error_errno(r, "Failed to set LUKS JSON token: %m");
_cleanup_(user_record_unrefp) UserRecord *new_home = NULL;
sd_id128_t partition_uuid, fs_uuid, luks_uuid, disk_uuid;
_cleanup_(loop_device_unrefp) LoopDevice *loop = NULL;
- _cleanup_(crypt_freep) struct crypt_device *cd = NULL;
+ _cleanup_(sym_crypt_freep) struct crypt_device *cd = NULL;
_cleanup_close_ int image_fd = -1, root_fd = -1;
const char *fstype, *ip;
struct statfs sfs;
assert(h->storage < 0 || h->storage == USER_LUKS);
assert(ret_home);
+ r = dlopen_cryptsetup();
+ if (r < 0)
+ return r;
+
assert_se(ip = user_record_image_path(h));
fstype = user_record_file_system_type(h);
partition_uuid,
luks_uuid,
fs_uuid,
- crypt_get_cipher(cd),
- crypt_get_cipher_mode(cd),
+ sym_crypt_get_cipher(cd),
+ sym_crypt_get_cipher_mode(cd),
luks_volume_key_size_convert(cd),
fstype,
NULL,
mounted = false;
- r = crypt_deactivate(cd, dm_name);
+ r = sym_crypt_deactivate_by_name(cd, dm_name, 0);
if (r < 0) {
log_error_errno(r, "Failed to deactivate LUKS device: %m");
goto fail;
}
- crypt_free(cd);
+ sym_crypt_free(cd);
cd = NULL;
dm_activated = false;
(void) umount_verbose(LOG_WARNING, "/run/systemd/user-home-mount", UMOUNT_NOFOLLOW);
if (dm_activated)
- (void) crypt_deactivate(cd, dm_name);
+ (void) sym_crypt_deactivate_by_name(cd, dm_name, 0);
loop = loop_device_unref(loop);
assert(setup);
assert(ret_home);
+ r = dlopen_cryptsetup();
+ if (r < 0)
+ return r;
+
assert_se(ipo = user_record_image_path(h));
ip = strdupa(ipo); /* copy out since original might change later in home record object */
setup->partition_offset + new_partition_size > new_image_size)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "New partition doesn't fit into backing storage, refusing.");
- crypto_offset = crypt_get_data_offset(setup->crypt_device);
+ crypto_offset = sym_crypt_get_data_offset(setup->crypt_device);
if (setup->partition_size / 512U <= crypto_offset)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Weird, old crypto payload offset doesn't actually fit in partition size?");
if (new_partition_size / 512U <= crypto_offset)
log_debug_errno(errno, "BLKRRPART failed on block device, ignoring: %m");
/* Tell LUKS about the new bigger size too */
- r = crypt_resize(setup->crypt_device, setup->dm_name, new_fs_size / 512U);
+ r = sym_crypt_resize(setup->crypt_device, setup->dm_name, new_fs_size / 512U);
if (r < 0)
return log_error_errno(r, "Failed to grow LUKS device: %m");
if (new_fs_size < old_fs_size) {
/* Shrink the LUKS device now, matching the new file system size */
- r = crypt_resize(setup->crypt_device, setup->dm_name, new_fs_size / 512);
+ r = sym_crypt_resize(setup->crypt_device, setup->dm_name, new_fs_size / 512);
if (r < 0)
return log_error_errno(r, "Failed to shrink LUKS device: %m");
assert(user_record_storage(h) == USER_LUKS);
assert(setup);
- type = crypt_get_type(setup->crypt_device);
+ r = dlopen_cryptsetup();
+ if (r < 0)
+ return r;
+
+ type = sym_crypt_get_type(setup->crypt_device);
if (!type)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to determine crypto device type.");
- r = crypt_keyslot_max(type);
+ r = sym_crypt_keyslot_max(type);
if (r <= 0)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to determine number of key slots.");
max_key_slots = r;
- r = crypt_get_volume_key_size(setup->crypt_device);
+ r = sym_crypt_get_volume_key_size(setup->crypt_device);
if (r <= 0)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to determine volume key size.");
volume_key_size = (size_t) r;
build_minimal_pbkdf(&minimal_pbkdf, h);
for (size_t i = 0; i < max_key_slots; i++) {
- r = crypt_keyslot_destroy(setup->crypt_device, i);
+ r = sym_crypt_keyslot_destroy(setup->crypt_device, i);
if (r < 0 && !IN_SET(r, -ENOENT, -EINVAL)) /* Returns EINVAL or ENOENT if there's no key in this slot already */
return log_error_errno(r, "Failed to destroy LUKS password: %m");
if (strv_contains(cache->pkcs11_passwords, effective_passwords[i]) ||
strv_contains(cache->fido2_passwords, effective_passwords[i])) {
log_debug("Using minimal PBKDF for slot %zu", i);
- r = crypt_set_pbkdf_type(setup->crypt_device, &minimal_pbkdf);
+ r = sym_crypt_set_pbkdf_type(setup->crypt_device, &minimal_pbkdf);
} else {
log_debug("Using good PBKDF for slot %zu", i);
- r = crypt_set_pbkdf_type(setup->crypt_device, &good_pbkdf);
+ r = sym_crypt_set_pbkdf_type(setup->crypt_device, &good_pbkdf);
}
if (r < 0)
return log_error_errno(r, "Failed to tweak PBKDF for slot %zu: %m", i);
- r = crypt_keyslot_add_by_volume_key(
+ r = sym_crypt_keyslot_add_by_volume_key(
setup->crypt_device,
i,
volume_key,
}
int home_lock_luks(UserRecord *h) {
- _cleanup_(crypt_freep) struct crypt_device *cd = NULL;
+ _cleanup_(sym_crypt_freep) struct crypt_device *cd = NULL;
_cleanup_free_ char *dm_name = NULL, *dm_node = NULL;
_cleanup_close_ int root_fd = -1;
const char *p;
if (r < 0)
return r;
- r = crypt_init_by_name(&cd, dm_name);
+ r = dlopen_cryptsetup();
+ if (r < 0)
+ return r;
+
+ r = sym_crypt_init_by_name(&cd, dm_name);
if (r < 0)
return log_error_errno(r, "Failed to initialize cryptsetup context for %s: %m", dm_name);
/* Note that we don't invoke FIFREEZE here, it appears libcryptsetup/device-mapper already does that on its own for us */
- r = crypt_suspend(cd, dm_name);
+ r = sym_crypt_suspend(cd, dm_name);
if (r < 0)
return log_error_errno(r, "Failed to suspend cryptsetup device: %s: %m", dm_node);
assert(dm_name);
STRV_FOREACH(pp, password) {
- r = crypt_resume_by_passphrase(
+ r = sym_crypt_resume_by_passphrase(
cd,
dm_name,
CRYPT_ANY_SLOT,
int home_unlock_luks(UserRecord *h, PasswordCache *cache) {
_cleanup_free_ char *dm_name = NULL, *dm_node = NULL;
- _cleanup_(crypt_freep) struct crypt_device *cd = NULL;
+ _cleanup_(sym_crypt_freep) struct crypt_device *cd = NULL;
char **list;
int r;
if (r < 0)
return r;
- r = crypt_init_by_name(&cd, dm_name);
+ r = dlopen_cryptsetup();
+ if (r < 0)
+ return r;
+
+ r = sym_crypt_init_by_name(&cd, dm_name);
if (r < 0)
return log_error_errno(r, "Failed to initialize cryptsetup context for %s: %m", dm_name);
int (*sym_crypt_deactivate_by_name)(struct crypt_device *cd, const char *name, uint32_t flags);
int (*sym_crypt_format)(struct crypt_device *cd, const char *type, const char *cipher, const char *cipher_mode, const char *uuid, const char *volume_key, size_t volume_key_size, void *params);
void (*sym_crypt_free)(struct crypt_device *cd);
+const char *(*sym_crypt_get_cipher)(struct crypt_device *cd);
+const char *(*sym_crypt_get_cipher_mode)(struct crypt_device *cd);
+uint64_t (*sym_crypt_get_data_offset)(struct crypt_device *cd);
+const char *(*sym_crypt_get_device_name)(struct crypt_device *cd);
const char *(*sym_crypt_get_dir)(void);
+const char *(*sym_crypt_get_type)(struct crypt_device *cd);
+const char *(*sym_crypt_get_uuid)(struct crypt_device *cd);
int (*sym_crypt_get_verity_info)(struct crypt_device *cd, struct crypt_params_verity *vp);
+int (*sym_crypt_get_volume_key_size)(struct crypt_device *cd);
int (*sym_crypt_init)(struct crypt_device **cd, const char *device);
int (*sym_crypt_init_by_name)(struct crypt_device **cd, const char *name);
int (*sym_crypt_keyslot_add_by_volume_key)(struct crypt_device *cd, int keyslot, const char *volume_key, size_t volume_key_size, const char *passphrase, size_t passphrase_size);
+int (*sym_crypt_keyslot_destroy)(struct crypt_device *cd, int keyslot);
+int (*sym_crypt_keyslot_max)(const char *type);
int (*sym_crypt_load)(struct crypt_device *cd, const char *requested_type, void *params);
int (*sym_crypt_resize)(struct crypt_device *cd, const char *name, uint64_t new_size);
+int (*sym_crypt_resume_by_passphrase)(struct crypt_device *cd, const char *name, int keyslot, const char *passphrase, size_t passphrase_size);
int (*sym_crypt_set_data_device)(struct crypt_device *cd, const char *device);
void (*sym_crypt_set_debug_level)(int level);
void (*sym_crypt_set_log_callback)(struct crypt_device *cd, void (*log)(int level, const char *msg, void *usrptr), void *usrptr);
-int (*sym_crypt_set_pbkdf_type)(struct crypt_device *cd, const struct crypt_pbkdf_type *pbkdf) = NULL;
-int (*sym_crypt_token_json_get)(struct crypt_device *cd, int token, const char **json) = NULL;
-int (*sym_crypt_token_json_set)(struct crypt_device *cd, int token, const char *json) = NULL;
-int (*sym_crypt_volume_key_get)(struct crypt_device *cd, int keyslot, char *volume_key, size_t *volume_key_size, const char *passphrase, size_t passphrase_size);
+#if HAVE_CRYPT_SET_METADATA_SIZE
+int (*sym_crypt_set_metadata_size)(struct crypt_device *cd, uint64_t metadata_size, uint64_t keyslots_size);
+#endif
+int (*sym_crypt_set_pbkdf_type)(struct crypt_device *cd, const struct crypt_pbkdf_type *pbkdf);
+int (*sym_crypt_suspend)(struct crypt_device *cd, const char *name);
+int (*sym_crypt_token_json_get)(struct crypt_device *cd, int token, const char **json);
+int (*sym_crypt_token_json_set)(struct crypt_device *cd, int token, const char *json);
#if HAVE_CRYPT_TOKEN_MAX
int (*sym_crypt_token_max)(const char *type);
#endif
+crypt_token_info (*sym_crypt_token_status)(struct crypt_device *cd, int token, const char **type);
+int (*sym_crypt_volume_key_get)(struct crypt_device *cd, int keyslot, char *volume_key, size_t *volume_key_size, const char *passphrase, size_t passphrase_size);
int dlopen_cryptsetup(void) {
_cleanup_(dlclosep) void *dl = NULL;
DLSYM_ARG(crypt_deactivate_by_name),
DLSYM_ARG(crypt_format),
DLSYM_ARG(crypt_free),
+ DLSYM_ARG(crypt_get_cipher),
+ DLSYM_ARG(crypt_get_cipher_mode),
+ DLSYM_ARG(crypt_get_data_offset),
+ DLSYM_ARG(crypt_get_device_name),
DLSYM_ARG(crypt_get_dir),
+ DLSYM_ARG(crypt_get_type),
+ DLSYM_ARG(crypt_get_uuid),
DLSYM_ARG(crypt_get_verity_info),
+ DLSYM_ARG(crypt_get_volume_key_size),
DLSYM_ARG(crypt_init),
DLSYM_ARG(crypt_init_by_name),
DLSYM_ARG(crypt_keyslot_add_by_volume_key),
+ DLSYM_ARG(crypt_keyslot_destroy),
+ DLSYM_ARG(crypt_keyslot_max),
DLSYM_ARG(crypt_load),
DLSYM_ARG(crypt_resize),
+ DLSYM_ARG(crypt_resume_by_passphrase),
DLSYM_ARG(crypt_set_data_device),
DLSYM_ARG(crypt_set_debug_level),
DLSYM_ARG(crypt_set_log_callback),
+#if HAVE_CRYPT_SET_METADATA_SIZE
+ DLSYM_ARG(crypt_set_metadata_size),
+#endif
DLSYM_ARG(crypt_set_pbkdf_type),
+ DLSYM_ARG(crypt_suspend),
DLSYM_ARG(crypt_token_json_get),
DLSYM_ARG(crypt_token_json_set),
- DLSYM_ARG(crypt_volume_key_get),
#if HAVE_CRYPT_TOKEN_MAX
DLSYM_ARG(crypt_token_max),
#endif
+ DLSYM_ARG(crypt_token_status),
+ DLSYM_ARG(crypt_volume_key_get),
NULL);
if (r < 0)
return r;