cryptsetup API
Public cryptsetup API
Loading...
Searching...
No Matches
Data Structures | Macros | Functions
Device runtime attributes

Data Structures

struct  crypt_active_device
 

Macros

#define CRYPT_ACTIVATE_READONLY   (UINT32_C(1) << 0)
 
#define CRYPT_ACTIVATE_NO_UUID   (UINT32_C(1) << 1)
 
#define CRYPT_ACTIVATE_SHARED   (UINT32_C(1) << 2)
 
#define CRYPT_ACTIVATE_ALLOW_DISCARDS   (UINT32_C(1) << 3)
 
#define CRYPT_ACTIVATE_PRIVATE   (UINT32_C(1) << 4)
 
#define CRYPT_ACTIVATE_CORRUPTED   (UINT32_C(1) << 5)
 
#define CRYPT_ACTIVATE_SAME_CPU_CRYPT   (UINT32_C(1) << 6)
 
#define CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS   (UINT32_C(1) << 7)
 
#define CRYPT_ACTIVATE_IGNORE_CORRUPTION   (UINT32_C(1) << 8)
 
#define CRYPT_ACTIVATE_RESTART_ON_CORRUPTION   (UINT32_C(1) << 9)
 
#define CRYPT_ACTIVATE_IGNORE_ZERO_BLOCKS   (UINT32_C(1) << 10)
 
#define CRYPT_ACTIVATE_KEYRING_KEY   (UINT32_C(1) << 11)
 
#define CRYPT_ACTIVATE_NO_JOURNAL   (UINT32_C(1) << 12)
 
#define CRYPT_ACTIVATE_RECOVERY   (UINT32_C(1) << 13)
 
#define CRYPT_ACTIVATE_IGNORE_PERSISTENT   (UINT32_C(1) << 14)
 
#define CRYPT_ACTIVATE_CHECK_AT_MOST_ONCE   (UINT32_C(1) << 15)
 
#define CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY   (UINT32_C(1) << 16)
 
#define CRYPT_ACTIVATE_RECALCULATE   (UINT32_C(1) << 17)
 
#define CRYPT_ACTIVATE_REFRESH   (UINT32_C(1) << 18)
 
#define CRYPT_ACTIVATE_SERIALIZE_MEMORY_HARD_PBKDF   (UINT32_C(1) << 19)
 
#define CRYPT_ACTIVATE_NO_JOURNAL_BITMAP   (UINT32_C(1) << 20)
 
#define CRYPT_ACTIVATE_SUSPENDED   (UINT32_C(1) << 21)
 
#define CRYPT_ACTIVATE_IV_LARGE_SECTORS   (UINT32_C(1) << 22)
 
#define CRYPT_ACTIVATE_PANIC_ON_CORRUPTION   (UINT32_C(1) << 23)
 
#define CRYPT_ACTIVATE_NO_READ_WORKQUEUE   (UINT32_C(1) << 24)
 
#define CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE   (UINT32_C(1) << 25)
 
#define CRYPT_ACTIVATE_RECALCULATE_RESET   (UINT32_C(1) << 26)
 
#define CRYPT_ACTIVATE_TASKLETS   (UINT32_C(1) << 27)
 
#define CRYPT_ACTIVATE_HIGH_PRIORITY   (UINT32_C(1) << 28)
 
#define CRYPT_ACTIVATE_ERROR_AS_CORRUPTION   (UINT32_C(1) << 29)
 
#define CRYPT_ACTIVATE_INLINE_MODE   (UINT32_C(1) << 30)
 

Functions

int crypt_get_active_device (struct crypt_device *cd, const char *name, struct crypt_active_device *cad)
 
uint64_t crypt_get_active_integrity_failures (struct crypt_device *cd, const char *name)
 

Detailed Description

Activation flags

Macro Definition Documentation

◆ CRYPT_ACTIVATE_ALLOW_DISCARDS

#define CRYPT_ACTIVATE_ALLOW_DISCARDS   (UINT32_C(1) << 3)

enable discards aka TRIM

◆ CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY

#define CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY   (UINT32_C(1) << 16)

allow activation check including unbound keyslots (keyslots without segments)

◆ CRYPT_ACTIVATE_CHECK_AT_MOST_ONCE

#define CRYPT_ACTIVATE_CHECK_AT_MOST_ONCE   (UINT32_C(1) << 15)

dm-verity: check_at_most_once - check data blocks only the first time

◆ CRYPT_ACTIVATE_CORRUPTED

#define CRYPT_ACTIVATE_CORRUPTED   (UINT32_C(1) << 5)

corruption detected (verity), output only

◆ CRYPT_ACTIVATE_ERROR_AS_CORRUPTION

#define CRYPT_ACTIVATE_ERROR_AS_CORRUPTION   (UINT32_C(1) << 29)

dm-verity: also restart/panic on error, use with RESTART_ON_CORRUPTION or PANIC_ON_CORRUPTION

◆ CRYPT_ACTIVATE_HIGH_PRIORITY

#define CRYPT_ACTIVATE_HIGH_PRIORITY   (UINT32_C(1) << 28)

dm-crypt: use high-priority workqueues

◆ CRYPT_ACTIVATE_IGNORE_CORRUPTION

#define CRYPT_ACTIVATE_IGNORE_CORRUPTION   (UINT32_C(1) << 8)

dm-verity: ignore_corruption flag - ignore corruption, log it only

◆ CRYPT_ACTIVATE_IGNORE_PERSISTENT

#define CRYPT_ACTIVATE_IGNORE_PERSISTENT   (UINT32_C(1) << 14)

ignore persistently stored flags

◆ CRYPT_ACTIVATE_IGNORE_ZERO_BLOCKS

#define CRYPT_ACTIVATE_IGNORE_ZERO_BLOCKS   (UINT32_C(1) << 10)

dm-verity: ignore_zero_blocks - do not verify zero blocks

◆ CRYPT_ACTIVATE_INLINE_MODE

#define CRYPT_ACTIVATE_INLINE_MODE   (UINT32_C(1) << 30)

dm-integrity: inline mode for compatible hardware profile

◆ CRYPT_ACTIVATE_IV_LARGE_SECTORS

#define CRYPT_ACTIVATE_IV_LARGE_SECTORS   (UINT32_C(1) << 22)

use IV sector counted in sector_size instead of default 512 bytes sectors

◆ CRYPT_ACTIVATE_KEYRING_KEY

#define CRYPT_ACTIVATE_KEYRING_KEY   (UINT32_C(1) << 11)

key loaded in kernel keyring instead directly in dm-crypt

◆ CRYPT_ACTIVATE_NO_JOURNAL

#define CRYPT_ACTIVATE_NO_JOURNAL   (UINT32_C(1) << 12)

dm-integrity: direct writes, do not use journal

◆ CRYPT_ACTIVATE_NO_JOURNAL_BITMAP

#define CRYPT_ACTIVATE_NO_JOURNAL_BITMAP   (UINT32_C(1) << 20)

dm-integrity: direct writes, use bitmap to track dirty sectors

◆ CRYPT_ACTIVATE_NO_READ_WORKQUEUE

#define CRYPT_ACTIVATE_NO_READ_WORKQUEUE   (UINT32_C(1) << 24)

dm-crypt: bypass internal workqueue and process read requests synchronously.

◆ CRYPT_ACTIVATE_NO_UUID

#define CRYPT_ACTIVATE_NO_UUID   (UINT32_C(1) << 1)

only reported for device without uuid

◆ CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE

#define CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE   (UINT32_C(1) << 25)

dm-crypt: bypass internal workqueue and process write requests synchronously.

◆ CRYPT_ACTIVATE_PANIC_ON_CORRUPTION

#define CRYPT_ACTIVATE_PANIC_ON_CORRUPTION   (UINT32_C(1) << 23)

dm-verity: panic_on_corruption flag - panic kernel on corruption

◆ CRYPT_ACTIVATE_PRIVATE

#define CRYPT_ACTIVATE_PRIVATE   (UINT32_C(1) << 4)

skip global udev rules in activation ("private device"), input only

◆ CRYPT_ACTIVATE_READONLY

#define CRYPT_ACTIVATE_READONLY   (UINT32_C(1) << 0)

device is read only

Examples
crypt_luks_usage.c.

◆ CRYPT_ACTIVATE_RECALCULATE

#define CRYPT_ACTIVATE_RECALCULATE   (UINT32_C(1) << 17)

dm-integrity: activate automatic recalculation

◆ CRYPT_ACTIVATE_RECALCULATE_RESET

#define CRYPT_ACTIVATE_RECALCULATE_RESET   (UINT32_C(1) << 26)

dm-integrity: reset automatic recalculation

◆ CRYPT_ACTIVATE_RECOVERY

#define CRYPT_ACTIVATE_RECOVERY   (UINT32_C(1) << 13)

dm-integrity: recovery mode - no journal, no integrity checks

◆ CRYPT_ACTIVATE_REFRESH

#define CRYPT_ACTIVATE_REFRESH   (UINT32_C(1) << 18)

reactivate existing and update flags, input only

◆ CRYPT_ACTIVATE_RESTART_ON_CORRUPTION

#define CRYPT_ACTIVATE_RESTART_ON_CORRUPTION   (UINT32_C(1) << 9)

dm-verity: restart_on_corruption flag - restart kernel on corruption

◆ CRYPT_ACTIVATE_SAME_CPU_CRYPT

#define CRYPT_ACTIVATE_SAME_CPU_CRYPT   (UINT32_C(1) << 6)

use same_cpu_crypt option for dm-crypt

◆ CRYPT_ACTIVATE_SERIALIZE_MEMORY_HARD_PBKDF

#define CRYPT_ACTIVATE_SERIALIZE_MEMORY_HARD_PBKDF   (UINT32_C(1) << 19)

Use global lock to serialize memory hard KDF on activation (OOM workaround)

◆ CRYPT_ACTIVATE_SHARED

#define CRYPT_ACTIVATE_SHARED   (UINT32_C(1) << 2)

activate even if cannot grant exclusive access (DANGEROUS)

◆ CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS

#define CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS   (UINT32_C(1) << 7)

use submit_from_crypt_cpus for dm-crypt

◆ CRYPT_ACTIVATE_SUSPENDED

#define CRYPT_ACTIVATE_SUSPENDED   (UINT32_C(1) << 21)

device is suspended (key should be wiped from memory), output only

◆ CRYPT_ACTIVATE_TASKLETS

#define CRYPT_ACTIVATE_TASKLETS   (UINT32_C(1) << 27)

dm-verity: try to use tasklets

Function Documentation

◆ crypt_get_active_device()

int crypt_get_active_device ( struct crypt_device *  cd,
const char *  name,
struct crypt_active_device cad 
)

Receive runtime attributes of active crypt device.

Parameters
cdcrypt device handle (can be NULL)
namename of active device
cadpreallocated active device attributes to fill
Returns
0 on success or negative errno value otherwise
Examples
crypt_luks_usage.c.

◆ crypt_get_active_integrity_failures()

uint64_t crypt_get_active_integrity_failures ( struct crypt_device *  cd,
const char *  name 
)

Get detected number of integrity failures.

Parameters
cdcrypt device handle (can be NULL)
namename of active device
Returns
number of integrity failures or 0 otherwise
Generated by doxygen 1.9.8