Data Structures
struct	crypt_active_device

Macros
#define	CRYPT_ACTIVATE_READONLY (1 << 0)

#define	CRYPT_ACTIVATE_NO_UUID (1 << 1)

#define	CRYPT_ACTIVATE_SHARED (1 << 2)

#define	CRYPT_ACTIVATE_ALLOW_DISCARDS (1 << 3)

#define	CRYPT_ACTIVATE_PRIVATE (1 << 4)

#define	CRYPT_ACTIVATE_CORRUPTED (1 << 5)

#define	CRYPT_ACTIVATE_SAME_CPU_CRYPT (1 << 6)

#define	CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS (1 << 7)

#define	CRYPT_ACTIVATE_IGNORE_CORRUPTION (1 << 8)

#define	CRYPT_ACTIVATE_RESTART_ON_CORRUPTION (1 << 9)

#define	CRYPT_ACTIVATE_IGNORE_ZERO_BLOCKS (1 << 10)

#define	CRYPT_ACTIVATE_KEYRING_KEY (1 << 11)

#define	CRYPT_ACTIVATE_NO_JOURNAL (1 << 12)

#define	CRYPT_ACTIVATE_RECOVERY (1 << 13)

#define	CRYPT_ACTIVATE_IGNORE_PERSISTENT (1 << 14)

#define	CRYPT_ACTIVATE_CHECK_AT_MOST_ONCE (1 << 15)

#define	CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY (1 << 16)

#define	CRYPT_ACTIVATE_RECALCULATE (1 << 17)

#define	CRYPT_ACTIVATE_REFRESH (1 << 18)

#define	CRYPT_ACTIVATE_SERIALIZE_MEMORY_HARD_PBKDF (1 << 19)

#define	CRYPT_ACTIVATE_NO_JOURNAL_BITMAP (1 << 20)

#define	CRYPT_ACTIVATE_SUSPENDED (1 << 21)

#define	CRYPT_ACTIVATE_IV_LARGE_SECTORS (1 << 22)

#define	CRYPT_ACTIVATE_PANIC_ON_CORRUPTION (1 << 23)

#define	CRYPT_ACTIVATE_NO_READ_WORKQUEUE (1 << 24)

#define	CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE (1 << 25)

#define	CRYPT_ACTIVATE_RECALCULATE_RESET (1 << 26)

Functions
int	crypt_get_active_device (struct crypt_device cd, const char name, struct crypt_active_device *cad)

uint64_t	crypt_get_active_integrity_failures (struct crypt_device cd, const char name)

Detailed Description

Activation flags

Macro Definition Documentation

◆ CRYPT_ACTIVATE_ALLOW_DISCARDS

#define CRYPT_ACTIVATE_ALLOW_DISCARDS (1 << 3)

enable discards aka TRIM

◆ CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY

#define CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY (1 << 16)

allow activation check including unbound keyslots (keyslots without segments)

◆ CRYPT_ACTIVATE_CHECK_AT_MOST_ONCE

#define CRYPT_ACTIVATE_CHECK_AT_MOST_ONCE (1 << 15)

dm-verity: check_at_most_once - check data blocks only the first time

◆ CRYPT_ACTIVATE_CORRUPTED

#define CRYPT_ACTIVATE_CORRUPTED (1 << 5)

corruption detected (verity), output only

◆ CRYPT_ACTIVATE_IGNORE_CORRUPTION

#define CRYPT_ACTIVATE_IGNORE_CORRUPTION (1 << 8)

dm-verity: ignore_corruption flag - ignore corruption, log it only

◆ CRYPT_ACTIVATE_IGNORE_PERSISTENT

#define CRYPT_ACTIVATE_IGNORE_PERSISTENT (1 << 14)

ignore persistently stored flags

◆ CRYPT_ACTIVATE_IGNORE_ZERO_BLOCKS

#define CRYPT_ACTIVATE_IGNORE_ZERO_BLOCKS (1 << 10)

dm-verity: ignore_zero_blocks - do not verify zero blocks

◆ CRYPT_ACTIVATE_IV_LARGE_SECTORS

#define CRYPT_ACTIVATE_IV_LARGE_SECTORS (1 << 22)

use IV sector counted in sector_size instead of default 512 bytes sectors

◆ CRYPT_ACTIVATE_KEYRING_KEY

#define CRYPT_ACTIVATE_KEYRING_KEY (1 << 11)

key loaded in kernel keyring instead directly in dm-crypt

◆ CRYPT_ACTIVATE_NO_JOURNAL

#define CRYPT_ACTIVATE_NO_JOURNAL (1 << 12)

dm-integrity: direct writes, do not use journal

◆ CRYPT_ACTIVATE_NO_JOURNAL_BITMAP

#define CRYPT_ACTIVATE_NO_JOURNAL_BITMAP (1 << 20)

dm-integrity: direct writes, use bitmap to track dirty sectors

◆ CRYPT_ACTIVATE_NO_READ_WORKQUEUE

#define CRYPT_ACTIVATE_NO_READ_WORKQUEUE (1 << 24)

dm-crypt: bypass internal workqueue and process read requests synchronously.

◆ CRYPT_ACTIVATE_NO_UUID

#define CRYPT_ACTIVATE_NO_UUID (1 << 1)

only reported for device without uuid

◆ CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE

#define CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE (1 << 25)

dm-crypt: bypass internal workqueue and process write requests synchronously.

◆ CRYPT_ACTIVATE_PANIC_ON_CORRUPTION

#define CRYPT_ACTIVATE_PANIC_ON_CORRUPTION (1 << 23)

dm-verity: panic_on_corruption flag - panic kernel on corruption

◆ CRYPT_ACTIVATE_PRIVATE

#define CRYPT_ACTIVATE_PRIVATE (1 << 4)

skip global udev rules in activation ("private device"), input only

◆ CRYPT_ACTIVATE_READONLY

#define CRYPT_ACTIVATE_READONLY (1 << 0)

device is read only

Examples: crypt_luks_usage.c.

◆ CRYPT_ACTIVATE_RECALCULATE

#define CRYPT_ACTIVATE_RECALCULATE (1 << 17)

dm-integrity: activate automatic recalculation

◆ CRYPT_ACTIVATE_RECALCULATE_RESET

#define CRYPT_ACTIVATE_RECALCULATE_RESET (1 << 26)

dm-integrity: reset automatic recalculation

◆ CRYPT_ACTIVATE_RECOVERY

#define CRYPT_ACTIVATE_RECOVERY (1 << 13)

dm-integrity: recovery mode - no journal, no integrity checks

◆ CRYPT_ACTIVATE_REFRESH

#define CRYPT_ACTIVATE_REFRESH (1 << 18)

reactivate existing and update flags, input only

◆ CRYPT_ACTIVATE_RESTART_ON_CORRUPTION

#define CRYPT_ACTIVATE_RESTART_ON_CORRUPTION (1 << 9)

dm-verity: restart_on_corruption flag - restart kernel on corruption

◆ CRYPT_ACTIVATE_SAME_CPU_CRYPT

#define CRYPT_ACTIVATE_SAME_CPU_CRYPT (1 << 6)

use same_cpu_crypt option for dm-crypt

◆ CRYPT_ACTIVATE_SERIALIZE_MEMORY_HARD_PBKDF

#define CRYPT_ACTIVATE_SERIALIZE_MEMORY_HARD_PBKDF (1 << 19)

Use global lock to serialize memory hard KDF on activation (OOM workaround)

◆ CRYPT_ACTIVATE_SHARED

#define CRYPT_ACTIVATE_SHARED (1 << 2)

activate even if cannot grant exclusive access (DANGEROUS)

◆ CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS

#define CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS (1 << 7)

use submit_from_crypt_cpus for dm-crypt

◆ CRYPT_ACTIVATE_SUSPENDED

#define CRYPT_ACTIVATE_SUSPENDED (1 << 21)

device is suspended (key should be wiped from memory), output only

Function Documentation

◆ crypt_get_active_device()

int crypt_get_active_device	(	struct crypt_device *	cd,
		const char *	name,
		struct crypt_active_device *	cad
	)

Receive runtime attributes of active crypt device.

Parameters

cd	crypt device handle (can be NULL)
name	name of active device
cad	preallocated active device attributes to fill

Returns: 0 on success or negative errno value otherwise

Examples: crypt_luks_usage.c.

◆ crypt_get_active_integrity_failures()

uint64_t crypt_get_active_integrity_failures	(	struct crypt_device *	cd,
		const char *	name
	)

Get detected number of integrity failures.