From 70f5fb2f7ab585458008b1d3144e4ebaf98db42e Mon Sep 17 00:00:00 2001 From: Daan De Meyer Date: Sun, 2 Jun 2024 16:24:52 +0200 Subject: [PATCH] repart: Use crypt_reencrypt_run() if available crypt_reencrypt() is deprecated, so let's look for and prefer crypt_reencrypt_run() if it is available. (cherry picked from commit b99b2941276a74878a23470b36c75b0c21dbdd4a) --- meson.build | 1 + src/partition/repart.c | 6 +++++- src/shared/cryptsetup-util.c | 19 ++++++++----------- src/shared/cryptsetup-util.h | 6 +++--- 4 files changed, 17 insertions(+), 15 deletions(-) diff --git a/meson.build b/meson.build index ea4e12aa1c..e42151998b 100644 --- a/meson.build +++ b/meson.build @@ -1262,6 +1262,7 @@ foreach ident : ['crypt_set_metadata_size', 'crypt_token_max', 'crypt_reencrypt_init_by_passphrase', 'crypt_reencrypt', + 'crypt_reencrypt_run', 'crypt_set_data_offset', 'crypt_set_keyring_to_link', 'crypt_resume_by_volume_key'] diff --git a/src/partition/repart.c b/src/partition/repart.c index 6f67d46025..2ecae4ca03 100644 --- a/src/partition/repart.c +++ b/src/partition/repart.c @@ -3913,7 +3913,7 @@ static int partition_target_sync(Context *context, Partition *p, PartitionTarget } static int partition_encrypt(Context *context, Partition *p, PartitionTarget *target, bool offline) { -#if HAVE_LIBCRYPTSETUP && HAVE_CRYPT_SET_DATA_OFFSET && HAVE_CRYPT_REENCRYPT_INIT_BY_PASSPHRASE && HAVE_CRYPT_REENCRYPT +#if HAVE_LIBCRYPTSETUP && HAVE_CRYPT_SET_DATA_OFFSET && HAVE_CRYPT_REENCRYPT_INIT_BY_PASSPHRASE && (HAVE_CRYPT_REENCRYPT_RUN || HAVE_CRYPT_REENCRYPT) const char *node = partition_target_path(target); struct crypt_params_luks2 luks_params = { .label = strempty(ASSERT_PTR(p)->new_label), @@ -4220,7 +4220,11 @@ static int partition_encrypt(Context *context, Partition *p, PartitionTarget *ta if (r < 0) return log_error_errno(r, "Failed to load reencryption context: %m"); +#if HAVE_CRYPT_REENCRYPT_RUN + r = sym_crypt_reencrypt_run(cd, NULL, NULL); +#else r = sym_crypt_reencrypt(cd, NULL); +#endif if (r < 0) return log_error_errno(r, "Failed to encrypt %s: %m", node); } else { diff --git a/src/shared/cryptsetup-util.c b/src/shared/cryptsetup-util.c index 288e6e8942..d0dd434df8 100644 --- a/src/shared/cryptsetup-util.c +++ b/src/shared/cryptsetup-util.c @@ -54,10 +54,10 @@ DLSYM_FUNCTION(crypt_volume_key_get); #if HAVE_CRYPT_REENCRYPT_INIT_BY_PASSPHRASE DLSYM_FUNCTION(crypt_reencrypt_init_by_passphrase); #endif -#if HAVE_CRYPT_REENCRYPT -DISABLE_WARNING_DEPRECATED_DECLARATIONS; +#if HAVE_CRYPT_REENCRYPT_RUN +DLSYM_FUNCTION(crypt_reencrypt_run); +#elif HAVE_CRYPT_REENCRYPT DLSYM_FUNCTION(crypt_reencrypt); -REENABLE_WARNING; #endif DLSYM_FUNCTION(crypt_metadata_locking); #if HAVE_CRYPT_SET_DATA_OFFSET @@ -246,11 +246,8 @@ int dlopen_cryptsetup(void) { /* libcryptsetup added crypt_reencrypt() in 2.2.0, and marked it obsolete in 2.4.0, replacing it with * crypt_reencrypt_run(), which takes one extra argument but is otherwise identical. The old call is - * still available though, and given we want to support 2.2.0 for a while longer, we'll stick to the - * old symbol. However, the old symbols now has a GCC deprecation decorator, hence let's turn off - * warnings about this for now. */ - - DISABLE_WARNING_DEPRECATED_DECLARATIONS; + * still available though, and given we want to support 2.2.0 for a while longer, we'll use the old + * symbol if the new one is not available. */ ELF_NOTE_DLOPEN("cryptsetup", "Support for disk encryption, integrity, and authentication", @@ -304,7 +301,9 @@ int dlopen_cryptsetup(void) { #if HAVE_CRYPT_REENCRYPT_INIT_BY_PASSPHRASE DLSYM_ARG(crypt_reencrypt_init_by_passphrase), #endif -#if HAVE_CRYPT_REENCRYPT +#if HAVE_CRYPT_REENCRYPT_RUN + DLSYM_ARG(crypt_reencrypt_run), +#elif HAVE_CRYPT_REENCRYPT DLSYM_ARG(crypt_reencrypt), #endif DLSYM_ARG(crypt_metadata_locking), @@ -316,8 +315,6 @@ int dlopen_cryptsetup(void) { if (r <= 0) return r; - REENABLE_WARNING; - /* Redirect the default logging calls of libcryptsetup to our own logging infra. (Note that * libcryptsetup also maintains per-"struct crypt_device" log functions, which we'll also set * whenever allocating a "struct crypt_device" context. Why set both? To be defensive: maybe some diff --git a/src/shared/cryptsetup-util.h b/src/shared/cryptsetup-util.h index f00ac367b6..d255e59004 100644 --- a/src/shared/cryptsetup-util.h +++ b/src/shared/cryptsetup-util.h @@ -70,10 +70,10 @@ DLSYM_PROTOTYPE(crypt_volume_key_get); #if HAVE_CRYPT_REENCRYPT_INIT_BY_PASSPHRASE DLSYM_PROTOTYPE(crypt_reencrypt_init_by_passphrase); #endif -#if HAVE_CRYPT_REENCRYPT -DISABLE_WARNING_DEPRECATED_DECLARATIONS; +#if HAVE_CRYPT_REENCRYPT_RUN +DLSYM_PROTOTYPE(crypt_reencrypt_run); +#elif HAVE_CRYPT_REENCRYPT DLSYM_PROTOTYPE(crypt_reencrypt); -REENABLE_WARNING; #endif DLSYM_PROTOTYPE(crypt_metadata_locking); #if HAVE_CRYPT_SET_DATA_OFFSET