Attachment #181827 for bug #258456

View | Details | Raw Unified | Return to bug 258456
Collapse All | Expand All




// I retain copyright in this code but I encourage its free use provided
// that I don't carry any responsibility for the results. I am especially 
// happy to see it used in free and open source software. If you do use 
// it I would appreciate an acknowledgement of its origin in the code or
// the product that results and I would also appreciate knowing a little
// about the use to which it is being put. I am grateful to Frank Yellin
// for some ideas that are used in this implementation.
//
// Dr B. R. Gladman <brg@gladman.uk.net> 6th April 2001.
//
// This is an implementation of the AES encryption algorithm (Rijndael)
// designed by Joan Daemen and Vincent Rijmen. This version is designed
// to provide both fixed and dynamic block and key lengths and can also 
// run with either big or little endian internal byte order (see aes.h). 
// It inputs block and key lengths in bytes with the legal values being 
// 16, 24 and 32.

/*
 * Modified by Jari Ruusu,  May 1 2001
 *  - Fixed some compile warnings, code was ok but gcc warned anyway.
 *  - Changed basic types: byte -> unsigned char, word -> u_int32_t
 *  - Major name space cleanup: Names visible to outside now begin
 *    with "aes_" or "AES_". A lot of stuff moved from aes.h to aes.c
 *  - Removed C++ and DLL support as part of name space cleanup.
 *  - Eliminated unnecessary recomputation of tables. (actual bug fix)
 *  - Merged precomputed constant tables to aes.c file.
 *  - Removed data alignment restrictions for portability reasons.
 *  - Made block and key lengths accept bit count (128/192/256)
 *    as well byte count (16/24/32).
 *  - Removed all error checks. This change also eliminated the need
 *    to preinitialize the context struct to zero.
 *  - Removed some totally unused constants.
 */

/*
 * Modified by Jari Ruusu,  June 9 2003
 *  - Removed all code not necessary for small size
 *    optimized encryption using 256 bit keys.
 */

#include "aes.h"

#if AES_BLOCK_SIZE != 16
#error an illegal block size has been specified
#endif  

// upr(x,n): rotates bytes within words by n positions, moving bytes 
// to higher index positions with wrap around into low positions
// bval(x,n): extracts a byte from a word

#define upr(x,n)        (((x) << 8 * (n)) | ((x) >> (32 - 8 * (n))))
#define bval(x,n)       ((unsigned char)((x) >> 8 * (n)))
#define bytes2word(b0, b1, b2, b3)  \
        ((u_int32_t)(b3) << 24 | (u_int32_t)(b2) << 16 | (u_int32_t)(b1) << 8 | (b0))

#if defined(i386) || defined(_I386) || defined(__i386__) || defined(__i386)
/* little endian processor without data alignment restrictions */
#define word_in(x)      *(u_int32_t*)(x)
#define word_out(x,v)   *(u_int32_t*)(x) = (v)
#else
/* slower but generic big endian or with data alignment restrictions */
#define word_in(x)      ((u_int32_t)(((unsigned char *)(x))[0])|((u_int32_t)(((unsigned char *)(x))[1])<<8)|((u_int32_t)(((unsigned char *)(x))[2])<<16)|((u_int32_t)(((unsigned char *)(x))[3])<<24))
#define word_out(x,v)   ((unsigned char *)(x))[0]=(v),((unsigned char *)(x))[1]=((v)>>8),((unsigned char *)(x))[2]=((v)>>16),((unsigned char *)(x))[3]=((v)>>24)
#endif

// the finite field modular polynomial and elements

#define ff_poly 0x011b
#define ff_hi   0x80

static int tab_gen = 0;
static unsigned char  s_box[256];            // the S box
static u_int32_t  rcon_tab[AES_RC_LENGTH];   // table of round constants
static u_int32_t  ft_tab[4][256];
static u_int32_t  fl_tab[4][256];

// Generate the tables for the dynamic table option

// It will generally be sensible to use tables to compute finite 
// field multiplies and inverses but where memory is scarse this 
// code might sometimes be better.

// return 2 ^ (n - 1) where n is the bit number of the highest bit
// set in x with x in the range 1 < x < 0x00000200.   This form is
// used so that locals within FFinv can be bytes rather than words

static unsigned char hibit(const u_int32_t x)
{   unsigned char r = (unsigned char)((x >> 1) | (x >> 2));
    
    r |= (r >> 2);
    r |= (r >> 4);
    return (r + 1) >> 1;
}

// return the inverse of the finite field element x

static unsigned char FFinv(const unsigned char x)
{   unsigned char    p1 = x, p2 = 0x1b, n1 = hibit(x), n2 = 0x80, v1 = 1, v2 = 0;

    if(x < 2) return x;

    for(;;)
    {
        if(!n1) return v1;

        while(n2 >= n1)
        {   
            n2 /= n1; p2 ^= p1 * n2; v2 ^= v1 * n2; n2 = hibit(p2);
        }
        
        if(!n2) return v2;

        while(n1 >= n2)
        {   
            n1 /= n2; p1 ^= p2 * n1; v1 ^= v2 * n1; n1 = hibit(p1);
        }
    }
}

// define the finite field multiplies required for Rijndael

#define FFmul02(x)  ((((x) & 0x7f) << 1) ^ ((x) & 0x80 ? 0x1b : 0))
#define FFmul03(x)  ((x) ^ FFmul02(x))

// The forward and inverse affine transformations used in the S-box

#define fwd_affine(x) \
    (w = (u_int32_t)x, w ^= (w<<1)^(w<<2)^(w<<3)^(w<<4), 0x63^(unsigned char)(w^(w>>8)))

static void gen_tabs(void)
{   u_int32_t  i, w;

    for(i = 0, w = 1; i < AES_RC_LENGTH; ++i)
    {
        rcon_tab[i] = bytes2word(w, 0, 0, 0);
        w = (w << 1) ^ (w & ff_hi ? ff_poly : 0);
    }

    for(i = 0; i < 256; ++i)
    {   unsigned char    b;

        s_box[i] = b = fwd_affine(FFinv((unsigned char)i));

        w = bytes2word(b, 0, 0, 0);
        fl_tab[0][i] = w;
        fl_tab[1][i] = upr(w,1);
        fl_tab[2][i] = upr(w,2);
        fl_tab[3][i] = upr(w,3);
        w = bytes2word(FFmul02(b), b, b, FFmul03(b));
        ft_tab[0][i] = w;
        ft_tab[1][i] = upr(w,1);
        ft_tab[2][i] = upr(w,2);
        ft_tab[3][i] = upr(w,3);
    }
}

#define four_tables(x,tab,vf,rf,c) \
 (  tab[0][bval(vf(x,0,c),rf(0,c))] \
  ^ tab[1][bval(vf(x,1,c),rf(1,c))] \
  ^ tab[2][bval(vf(x,2,c),rf(2,c))] \
  ^ tab[3][bval(vf(x,3,c),rf(3,c))])

#define vf1(x,r,c)  (x)
#define rf1(r,c)    (r)
#define rf2(r,c)    ((r-c)&3)

#define ls_box(x,c)     four_tables(x,fl_tab,vf1,rf2,c)

#define nc   (AES_BLOCK_SIZE / 4)

// Initialise the key schedule from the user supplied key.
// The key length is now specified in bytes, 32.
// This corresponds to bit length of 256 bits, and
// to Nk value of 8 respectively.

void aes_set_key(aes_context *cx, const unsigned char in_key[], int n_bytes, const int f)
{   u_int32_t    *kf, *kt, rci;

    if(!tab_gen) { gen_tabs(); tab_gen = 1; }

    cx->aes_Nkey = 8;
    cx->aes_Nrnd = (cx->aes_Nkey > nc ? cx->aes_Nkey : nc) + 6; 

    cx->aes_e_key[0] = word_in(in_key     );
    cx->aes_e_key[1] = word_in(in_key +  4);
    cx->aes_e_key[2] = word_in(in_key +  8);
    cx->aes_e_key[3] = word_in(in_key + 12);

    kf = cx->aes_e_key; 
    kt = kf + nc * (cx->aes_Nrnd + 1) - cx->aes_Nkey; 
    rci = 0;

    switch(cx->aes_Nkey)
    {
    case 8: cx->aes_e_key[4] = word_in(in_key + 16);
            cx->aes_e_key[5] = word_in(in_key + 20);
            cx->aes_e_key[6] = word_in(in_key + 24);
            cx->aes_e_key[7] = word_in(in_key + 28);
            do
            {   kf[ 8] = kf[0] ^ ls_box(kf[7],3) ^ rcon_tab[rci++];
                kf[ 9] = kf[1] ^ kf[ 8];
                kf[10] = kf[2] ^ kf[ 9];
                kf[11] = kf[3] ^ kf[10];
                kf[12] = kf[4] ^ ls_box(kf[11],0);
                kf[13] = kf[5] ^ kf[12];
                kf[14] = kf[6] ^ kf[13];
                kf[15] = kf[7] ^ kf[14];
                kf += 8;
            }
            while (kf < kt);
            break;
    }
}

// y = output word, x = input word, r = row, c = column
// for r = 0, 1, 2 and 3 = column accessed for row r

#define s(x,c) x[c]

// I am grateful to Frank Yellin for the following constructions
// which, given the column (c) of the output state variable that
// is being computed, return the input state variables which are
// needed for each row (r) of the state

// For the fixed block size options, compilers reduce these two 
// expressions to fixed variable references. For variable block 
// size code conditional clauses will sometimes be returned

#define fwd_var(x,r,c) \
 ( r==0 ?			\
    ( c==0 ? s(x,0) \
    : c==1 ? s(x,1) \
    : c==2 ? s(x,2) \
    : c==3 ? s(x,3) \
    : c==4 ? s(x,4) \
    : c==5 ? s(x,5) \
    : c==6 ? s(x,6) \
    : s(x,7))		\
 : r==1 ?			\
    ( c==0 ? s(x,1) \
    : c==1 ? s(x,2) \
    : c==2 ? s(x,3) \
    : c==3 ? nc==4 ? s(x,0) : s(x,4) \
    : c==4 ? s(x,5) \
    : c==5 ? nc==8 ? s(x,6) : s(x,0) \
    : c==6 ? s(x,7) \
    : s(x,0))		\
 : r==2 ?			\
    ( c==0 ? nc==8 ? s(x,3) : s(x,2) \
    : c==1 ? nc==8 ? s(x,4) : s(x,3) \
    : c==2 ? nc==4 ? s(x,0) : nc==8 ? s(x,5) : s(x,4) \
    : c==3 ? nc==4 ? s(x,1) : nc==8 ? s(x,6) : s(x,5) \
    : c==4 ? nc==8 ? s(x,7) : s(x,0) \
    : c==5 ? nc==8 ? s(x,0) : s(x,1) \
    : c==6 ? s(x,1) \
    : s(x,2))		\
 :					\
    ( c==0 ? nc==8 ? s(x,4) : s(x,3) \
    : c==1 ? nc==4 ? s(x,0) : nc==8 ? s(x,5) : s(x,4) \
    : c==2 ? nc==4 ? s(x,1) : nc==8 ? s(x,6) : s(x,5) \
    : c==3 ? nc==4 ? s(x,2) : nc==8 ? s(x,7) : s(x,0) \
    : c==4 ? nc==8 ? s(x,0) : s(x,1) \
    : c==5 ? nc==8 ? s(x,1) : s(x,2) \
    : c==6 ? s(x,2) \
    : s(x,3)))

#define si(y,x,k,c) s(y,c) = word_in(x + 4 * c) ^ k[c]
#define so(y,x,c)   word_out(y + 4 * c, s(x,c))

#define fwd_rnd(y,x,k,c)    s(y,c)= (k)[c] ^ four_tables(x,ft_tab,fwd_var,rf1,c)
#define fwd_lrnd(y,x,k,c)   s(y,c)= (k)[c] ^ four_tables(x,fl_tab,fwd_var,rf1,c)

#define locals(y,x)     x[4],y[4]

#define l_copy(y, x)    s(y,0) = s(x,0); s(y,1) = s(x,1); \
                        s(y,2) = s(x,2); s(y,3) = s(x,3);
#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3)
#define state_out(y,x)  so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3)
#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3)

void aes_encrypt(const aes_context *cx, const unsigned char in_blk[], unsigned char out_blk[])
{   u_int32_t        locals(b0, b1);
    const u_int32_t  *kp = cx->aes_e_key;

    state_in(b0, in_blk, kp); kp += nc;

    {   u_int32_t    rnd;

        for(rnd = 0; rnd < cx->aes_Nrnd - 1; ++rnd)
        {
            round(fwd_rnd, b1, b0, kp); 
            l_copy(b0, b1); kp += nc;
        }

        round(fwd_lrnd, b0, b1, kp);
    }

    state_out(out_blk, b0);
}




// I retain copyright in this code but I encourage its free use provided
// that I don't carry any responsibility for the results. I am especially 
// happy to see it used in free and open source software. If you do use 
// it I would appreciate an acknowledgement of its origin in the code or
// the product that results and I would also appreciate knowing a little
// about the use to which it is being put. I am grateful to Frank Yellin
// for some ideas that are used in this implementation.
//
// Dr B. R. Gladman <brg@gladman.uk.net> 6th April 2001.
//
// This is an implementation of the AES encryption algorithm (Rijndael)
// designed by Joan Daemen and Vincent Rijmen. This version is designed
// to provide both fixed and dynamic block and key lengths and can also 
// run with either big or little endian internal byte order (see aes.h). 
// It inputs block and key lengths in bytes with the legal values being 
// 16, 24 and 32.

/*
 * Modified by Jari Ruusu,  May 1 2001
 *  - Fixed some compile warnings, code was ok but gcc warned anyway.
 *  - Changed basic types: byte -> unsigned char, word -> u_int32_t
 *  - Major name space cleanup: Names visible to outside now begin
 *    with "aes_" or "AES_". A lot of stuff moved from aes.h to aes.c
 *  - Removed C++ and DLL support as part of name space cleanup.
 *  - Eliminated unnecessary recomputation of tables. (actual bug fix)
 *  - Merged precomputed constant tables to aes.c file.
 *  - Removed data alignment restrictions for portability reasons.
 *  - Made block and key lengths accept bit count (128/192/256)
 *    as well byte count (16/24/32).
 *  - Removed all error checks. This change also eliminated the need
 *    to preinitialize the context struct to zero.
 *  - Removed some totally unused constants.
 */

#ifndef _AES_H
#define _AES_H

#if defined(__linux__) && defined(__KERNEL__)
#  include <linux/types.h>
#else 
#  include <sys/types.h>
#endif

// CONFIGURATION OPTIONS (see also aes.c)
//
// Define AES_BLOCK_SIZE to set the cipher block size (16, 24 or 32) or
// leave this undefined for dynamically variable block size (this will
// result in much slower code).
// IMPORTANT NOTE: AES_BLOCK_SIZE is in BYTES (16, 24, 32 or undefined). If
// left undefined a slower version providing variable block length is compiled

#define AES_BLOCK_SIZE  16

// The number of key schedule words for different block and key lengths
// allowing for method of computation which requires the length to be a
// multiple of the key length
//
// Nk =       4   6   8
//        -------------
// Nb = 4 |  60  60  64
//      6 |  96  90  96
//      8 | 120 120 120

#if !defined(AES_BLOCK_SIZE) || (AES_BLOCK_SIZE == 32)
#define AES_KS_LENGTH   120
#define AES_RC_LENGTH    29
#else
#define AES_KS_LENGTH   4 * AES_BLOCK_SIZE
#define AES_RC_LENGTH   (9 * AES_BLOCK_SIZE) / 8 - 8
#endif

typedef struct
{
    u_int32_t    aes_Nkey;      // the number of words in the key input block
    u_int32_t    aes_Nrnd;      // the number of cipher rounds
    u_int32_t    aes_e_key[AES_KS_LENGTH];   // the encryption key schedule
    u_int32_t    aes_d_key[AES_KS_LENGTH];   // the decryption key schedule
#if !defined(AES_BLOCK_SIZE)
    u_int32_t    aes_Ncol;      // the number of columns in the cipher state
#endif
} aes_context;

// THE CIPHER INTERFACE

#if !defined(AES_BLOCK_SIZE)
extern void aes_set_blk(aes_context *, const int);
#endif
extern void aes_set_key(aes_context *, const unsigned char [], const int, const int);
extern void aes_encrypt(const aes_context *, const unsigned char [], unsigned char []);
extern void aes_decrypt(const aes_context *, const unsigned char [], unsigned char []);

// The block length inputs to aes_set_block and aes_set_key are in numbers
// of bytes or bits.  The calls to subroutines must be made in the above
// order but multiple calls can be made without repeating earlier calls
// if their parameters have not changed.

#endif  // _AES_H




/* Taken from Ted's losetup.c - Mitch <m.dsouza@mrc-apu.cam.ac.uk> */
/* Added vfs mount options - aeb - 960223 */
/* Removed lomount - aeb - 960224 */

/*
 * 1999-02-22 Arkadiusz Mi¶kiewicz <misiek@pld.ORG.PL>
 * - added Native Language Support
 * 1999-03-21 Arnaldo Carvalho de Melo <acme@conectiva.com.br>
 * - fixed strerr(errno) in gettext calls
 * 2001-04-11 Jari Ruusu
 * - added AES support
 */

#define LOOPMAJOR	7

/*
 * losetup.c - setup and control loop devices
 */

#include <stdio.h>

#include <ctype.h>
#include <fcntl.h>
#include <errno.h>
#include <stdlib.h>
#include <unistd.h>
#include <pwd.h>
#include <sys/types.h>
#include <sys/ioctl.h>
#include <sys/stat.h>
#include <sys/mman.h>
#include <sys/sysmacros.h>
#include <sys/wait.h>
#include <limits.h>
#include <fcntl.h>
#include <mntent.h>
#include <locale.h>
#include <sys/time.h>
#include <sys/utsname.h>
#include <signal.h>

#include "loop.h"
#include "lomount.h"
#include "xstrncpy.h"
#include "nls.h"
#include "sha512.h"
#include "rmd160.h"
#include "aes.h"

#if !defined(BLKGETSIZE64)
# define BLKGETSIZE64 _IOR(0x12,114,size_t)
#endif

extern int verbose;
extern char *xstrdup (const char *s);	/* not: #include "sundries.h" */
extern void error (const char *fmt, ...);	/* idem */
extern void show_all_loops(void);
extern int read_options_from_fstab(char *, char **);
extern int recompute_loop_dev_size(char *);

#if !defined(LOOP_PASSWORD_MIN_LENGTH)
# define  LOOP_PASSWORD_MIN_LENGTH   20
#endif

char    *passFDnumber = (char *)0;
char    *passAskTwice = (char *)0;
char    *passSeedString = (char *)0;
char    *passHashFuncName = (char *)0;
char    *passIterThousands = (char *)0;
char    *loInitValue = (char *)0;
char    *gpgKeyFile = (char *)0;
char    *gpgHomeDir = (char *)0;
char    *clearTextKeyFile = (char *)0;
char    *loopOffsetBytes = (char *)0;
char    *loopSizeBytes = (char *)0;
char    *loopEncryptionType = (char *)0;

static int  multiKeyMode = 0;   /* 0=single-key 64=multi-key-v2 65=multi-key-v3 1000=any */
static char *multiKeyPass[66];
static char *loopFileName;
        else
                memcpy(info->lo_name, info64->lo_file_name, LO_NAME_SIZE);
        memcpy(info->lo_encrypt_key, info64->lo_encrypt_key, LO_KEY_SIZE);

        /* error in case values were truncated */
        if (info->lo_device != info64->lo_device ||
            info->lo_rdevice != info64->lo_rdevice ||
            info->lo_inode != info64->lo_inode ||
            info->lo_offset != info64->lo_offset)
                return -EOVERFLOW;

        return 0;
}

#define DEV_LOOP_PATH		"/dev/loop"
#define DEV_PATH		"/dev"
#define SYSFS_BLOCK_PATH	"/sys/block"
#define LOOPMAJOR		7
#define NLOOPS_DEFAULT		8	/* /dev/loop[0-7] */

struct looplist {
	int		flag;		/* scanning options */
	int		ndef;		/* number of tested default devices */
	struct dirent   **names;	/* scandir-like list of loop devices */
	int		nnames;		/* number of items in names */
	int		ncur;		/* current possition in direcotry */
	char		name[32];	/* device name */
	int		ct_perm;	/* count permission problems */
	int		ct_succ;	/* count number of successfully
					   detected devices */
};

#define LLFLG_USEDONLY	(1 << 1)	/* return used devices only */
#define LLFLG_FREEONLY	(1 << 2)	/* return non-used devices */
#define LLFLG_DONE	(1 << 3)	/* all is done */
#define LLFLG_SYSFS	(1 << 4)	/* try to use /sys/block */
#define LLFLG_SUBDIR	(1 << 5)	/* /dev/loop/N */
#define LLFLG_DFLT	(1 << 6)	/* directly try to check default loops */

#ifdef MAIN
static char *
crypt_name (int id, int *flags) {
	int i;

	for (i = 0; loop_crypt_type_tbl[i].id != -1; i++)
		if(id == loop_crypt_type_tbl[i].id) {
			*flags = loop_crypt_type_tbl[i].flags;
			return loop_crypt_type_tbl[i].name;
		}
	*flags = 0;
	if(id == 18)
		return "CryptoAPI";
	return "undefined";
}

static int
show_loop(char *device) {
	struct loop_info64 loopinfo;
	int fd;

	if ((fd = open(device, O_RDONLY)) < 0) {
		int errsv = errno;
		fprintf(stderr, _("loop: can't open device %s: %s\n"),
			device, strerror (errsv));
		return 2;
	}
	if (loop_get_status64_ioctl(fd, &loopinfo) < 0) {
		int errsv = errno;
		fprintf(stderr, _("loop: can't get info on device %s: %s\n"),
			device, strerror (errsv));
		close (fd);
		return 1;
	}
	loopinfo.lo_file_name[LO_NAME_SIZE-1] = 0;
	loopinfo.lo_crypt_name[LO_NAME_SIZE-1] = 0;
	printf("%s: [%04llx]:%llu (%s)", device, (unsigned long long)loopinfo.lo_device,
		(unsigned long long)loopinfo.lo_inode, loopinfo.lo_file_name);
	if (loopinfo.lo_offset) {
		if ((long long)loopinfo.lo_offset < 0) {
			printf(_(" offset=@%llu"), -((unsigned long long)loopinfo.lo_offset));
		} else {
			printf(_(" offset=%llu"), (unsigned long long)loopinfo.lo_offset);
		}
	}
	if (loopinfo.lo_sizelimit)
		printf(_(" sizelimit=%llu"), (unsigned long long)loopinfo.lo_sizelimit);
	if (loopinfo.lo_encrypt_type) {
		int flags;
		char *s = crypt_name (loopinfo.lo_encrypt_type, &flags);

		printf(_(" encryption=%s"), s);
		/* type 18 == LO_CRYPT_CRYPTOAPI */
		if (loopinfo.lo_encrypt_type == 18) {
			printf("/%s", loopinfo.lo_crypt_name);
		} else {
			if(flags & 2)
				printf("-");
			if(flags & 1)
				printf("%u", (unsigned int)loopinfo.lo_encrypt_key_size << 3);
		}
	}
	switch(loopinfo.lo_flags & 0x180000) {
	case 0x180000:
		printf(_(" multi-key-v3"));
		break;
	case 0x100000:
		printf(_(" multi-key-v2"));
		break;
	}
	/* type 2 == LO_CRYPT_DES */
	if (loopinfo.lo_init[0] && (loopinfo.lo_encrypt_type != 2))
		printf(_(" loinit=%llu"), (unsigned long long)loopinfo.lo_init[0]);
	if (loopinfo.lo_flags & 0x200000)
		printf(_(" read-only"));
	printf("\n");
	close (fd);

	return 0;
}
#endif

#define SIZE(a) (sizeof(a)/sizeof(a[0]))
is_loop_autoclear(const char *device)
{
	struct loop_info lo;
	struct loop_info64 lo64;
	int fd, rc = 0;

char *
find_unused_loop_device (void) {
	/* Just creating a device, say in /tmp, is probably a bad idea -
	   people might have problems with backup or so.
	   So, we just try /dev/loop[0-7]. */
	char dev[20];
	char *loop_formats[] = { "/dev/loop%d", "/dev/loop/%d" };
	int i, j, fd, somedev = 0, someloop = 0;
	struct stat statbuf;

	for (j = 0; j < SIZE(loop_formats); j++) {
	    for(i = 0; i < 256; i++) {
		sprintf(dev, loop_formats[j], i);
		if (stat (dev, &statbuf) == 0 && S_ISBLK(statbuf.st_mode)) {
			somedev++;
			fd = open (dev, O_RDONLY);
			if (fd >= 0) {
				if (is_unused_loop_device(fd) == 0)
					someloop++;		/* in use */
				else if (errno == ENXIO) {
					close (fd);
					return xstrdup(dev);/* probably free */
				}
				close (fd);
			}
			continue;/* continue trying as long as devices exist */
		}
		break;
	    }
	}

	if (!somedev)
		error(_("mount: could not find any device /dev/loop#"));
	else if (!someloop)
                error(_("mount: Could not find any loop device. Maybe this kernel does not know\n"
			"       about the loop device? (If so, recompile or `modprobe loop'.)"));
looplist_mk_devname(struct looplist *ll, int num)
{
	if (ll->flag & LLFLG_SUBDIR)
		snprintf(ll->name, sizeof(ll->name),
				DEV_LOOP_PATH "/%d", num);
	else
		error(_("mount: could not find any free loop device"));
	return 0;

	return is_loop_device(ll->name) ? ll->name : NULL;
}

#if !defined(MAIN)
int is_loop_active(const char *dev, const char *backdev)
filter_loop(const struct dirent *d)
{
	int fd;
	int ret = 0;
	struct stat statbuf;
	struct loop_info64 loopinfo;
	if (stat (dev, &statbuf) == 0 && S_ISBLK(statbuf.st_mode)) {
		fd = open (dev, O_RDONLY);
		if (fd < 0)
			return 0;
		if ((loop_get_status64_ioctl(fd, &loopinfo) == 0)
		    && (stat (backdev, &statbuf) == 0)
		    && (statbuf.st_dev == loopinfo.lo_device)
		    && (statbuf.st_ino == loopinfo.lo_inode))
			ret = 1; /* backing device matches */
		memset(&loopinfo, 0, sizeof(loopinfo));
		close(fd);
	}
	return ret;
}
#endif

static int rd_wr_retry(int fd, char *buf, int cnt, int w)
static int
filter_loop_ndflt(const struct dirent *d)
{
	int x, y, z;

	x = 0;
	while(x < cnt) {
		y = cnt - x;
		if(w) {
			z = write(fd, buf + x, y);
		} else {
			z = read(fd, buf + x, y);
			if (!z) return x;
		}
		if(z < 0) {
			if ((errno == EAGAIN) || (errno == ENOMEM) || (errno == ERESTART) || (errno == EINTR)) {
				continue;
			}
			return x;
		}
		x += z;
	}
	return x;
}

static char *get_FD_pass(int fd)
filter_loop_num(const struct dirent *d)
{
	char *p = NULL, *n;
	int x = 0, y = 0;

	do {
		if(y >= (x - 1)) {
			x += 128;
			/* Must enforce some max limit here -- this code   */
			/* runs as part of mount, and mount is setuid root */
			/* and has used mlockall(MCL_CURRENT | MCL_FUTURE) */
			if(x > (4*1024)) return(NULL);
			n = malloc(x);
			if(!n) return(NULL);
			if(p) {
				memcpy(n, p, y);
				memset(p, 0, y);
				free(p);
			}
			p = n;
		}
		if(rd_wr_retry(fd, p + y, 1, 0) != 1) break;
		if((p[y] == '\n') || !p[y]) break;
		y++;
	} while(1);
	if(p) p[y] = 0;
	return p;
}

static unsigned long long mystrtoull(char *s, int acceptAT)
looplist_open(struct looplist *ll, int flag)
{
	unsigned long long v = 0;
	int negative = 0;

	while ((*s == ' ') || (*s == '\t'))
		s++;
	if (acceptAT && (*s == '@')) {
		s++;
		negative = 1;
	}
	if (*s == '0') {
		s++;
		if ((*s == 'x') || (*s == 'X')) {
			s++;
			sscanf(s, "%llx", &v);
		} else {
			sscanf(s, "%llo", &v);
		}
	} else {
		sscanf(s, "%llu", &v);
	}
	return negative ? -v : v;
}

static void warnAboutBadKeyData(int x)
looplist_close(struct looplist *ll)
{
	if((x > 1) && (x != 64) && (x != 65)) {
		fprintf(stderr, _("Warning: Unknown key data format - using it anyway\n"));
			free(ll->names[ll->ncur]);

		free(ll->names);
		ll->names = NULL;
		ll->nnames = 0;
	}
	ll->ncur = -1;
	ll->flag |= LLFLG_DONE;
}

static int are_these_files_same(const char *name1, const char *name2)
looplist_is_wanted(struct looplist *ll, int fd)
{
	struct stat statbuf1;
	struct stat statbuf2;
	if (!(ll->flag & (LLFLG_USEDONLY | LLFLG_FREEONLY)))
		return 1;
	ret = is_loop_used(fd);

	if(!name1 || !*name1 || !name2 || !*name2) return 0;
	if(stat(name1, &statbuf1)) return 0;
	if(stat(name2, &statbuf2)) return 0;
	if(statbuf1.st_dev != statbuf2.st_dev) return 0;
	if(statbuf1.st_ino != statbuf2.st_ino) return 0;
	return 1;   /* are same */
}

static char *do_GPG_pipe(char *pass)
looplist_next(struct looplist *ll)
{
	int     x, pfdi[2], pfdo[2];
	char    str[10], *a[16], *e[2], *h;
	pid_t   gpid;
	struct passwd *p;
	void    *oldSigPipeHandler;
		return -1;

	if((getuid() == 0) && gpgHomeDir && gpgHomeDir[0]) {
		h = gpgHomeDir;
	} else {
		if(!(p = getpwuid(getuid()))) {
			fprintf(stderr, _("Error: Unable to detect home directory for uid %d\n"), (int)getuid());
			return NULL;
			ll->nnames = scandir(SYSFS_BLOCK_PATH, &ll->names,
						filter_loop, versionsort);
			ll->ncur = -1;
		}
		for(++ll->ncur; ll->ncur < ll->nnames; ll->ncur++) {
			ret = sscanf(ll->names[ll->ncur]->d_name, "loop%d", &mn);
			free(ll->names[ll->ncur]);
			if (ret != 1)
				continue;
			dev = looplist_mk_devname(ll, mn);
			if (dev) {
				ll->ct_succ++;
				if ((fd = open(dev, O_RDONLY)) > -1) {
					if (looplist_is_wanted(ll, fd))
						return fd;
					close(fd);
				} else if (errno == EACCES)
					ll->ct_perm++;
			}
		}
		h = p->pw_dir;
			free(ll->names);
		ll->names = NULL;
		ll->ncur = -1;
		ll->nnames = 0;
		ll->flag &= ~LLFLG_SYSFS;
		goto done;
	}
	if(!(e[0] = malloc(strlen(h) + 6))) {
		nomem1:
		fprintf(stderr, _("Error: Unable to allocate memory\n"));
		return NULL;
	if (ll->flag & LLFLG_DFLT) {
		for (++ll->ncur; ll->ncur < NLOOPS_DEFAULT; ll->ncur++) {
			dev = looplist_mk_devname(ll, ll->ncur);
			if (dev) {
				ll->ct_succ++;
				if ((fd = open(dev, O_RDONLY)) > -1) {
					if (looplist_is_wanted(ll, fd))
						return fd;
					close(fd);
				} else if (errno == EACCES)
					ll->ct_perm++;
			}
		}
		ll->flag &= ~LLFLG_DFLT;
		ll->ncur = -1;
	}
	sprintf(e[0], "HOME=%s", h);
	e[1] = 0;

	if(pipe(&pfdi[0])) {
		nomem2:
		free(e[0]);
		goto nomem1;
	}
	if(pipe(&pfdo[0])) {
		close(pfdi[0]);
		close(pfdi[1]);
		goto nomem2;
	}

	/*
	 * When this code is run as part of losetup, normal read permissions
	 * affect the open() below because losetup is not setuid-root.
	 *
	 * When this code is run as part of mount, only root can set
	 * 'gpgKeyFile' and as such, only root can decide what file is opened
	 * below. However, since mount is usually setuid-root all non-root
	 * users can also open() the file too, but that file's contents are
	 * only piped to gpg. This readable-for-all is intended behaviour,
	 * and is very useful in situations where non-root users mount loop
	 * devices with their own gpg private key, and yet don't have access
	 * to the actual key used to encrypt loop device.
	 */
	if((x = open(gpgKeyFile, O_RDONLY)) == -1) {
		fprintf(stderr, _("Error: unable to open %s for reading\n"), gpgKeyFile);
		nomem3:
		free(e[0]);
		close(pfdo[0]);
		close(pfdo[1]);
		close(pfdi[0]);
		close(pfdi[1]);
		return NULL;
	}

	/*
	 * If someone puts a gpg key file at beginning of device and
	 * puts the real file system at some offset into the device,
	 * this code extracts that gpg key file into a temp file so gpg
	 * won't end up reading whole device when decrypting the key file.
	 *
	 * Example of encrypted cdrom mount with 8192 bytes reserved for gpg key file:
	 * mount -t iso9660 /dev/cdrom /cdrom -o loop=/dev/loop0,encryption=AES128,gpgkey=/dev/cdrom,offset=8192
	 *                  ^^^^^^^^^^                                                    ^^^^^^^^^^        ^^^^
	 */
	if(loopOffsetBytes && are_these_files_same(loopFileName, gpgKeyFile)) {
		FILE *f;
		char b[1024];
		long long cnt;
		int cnt2, cnt3;

		cnt = mystrtoull(loopOffsetBytes, 1);
		if(cnt < 0) cnt = -cnt;
		if(cnt > (1024 * 1024)) cnt = 1024 * 1024; /* sanity check */
		f = tmpfile();
		if(!f) {
			fprintf(stderr, _("Error: unable to create temp file\n"));
			close(x);
			goto nomem3;
		}
		while(cnt > 0) {
			cnt2 = sizeof(b);
			if(cnt < cnt2) cnt2 = cnt;
			cnt3 = rd_wr_retry(x, b, cnt2, 0);
			if(cnt3 && (fwrite(b, cnt3, 1, f) != 1)) {
				tmpWrErr:
				fprintf(stderr, _("Error: unable to write to temp file\n"));
				fclose(f);
				close(x);
				goto nomem3;
			}
			if(cnt2 != cnt3) break;
			cnt -= cnt3;
		}
		if(fflush(f)) goto tmpWrErr;
		close(x);
		x = dup(fileno(f));
		fclose(f);
		lseek(x, 0L, SEEK_SET);
	}

	sprintf(str, "%d", pfdi[0]);
	if(!(gpid = fork())) {
		dup2(x, 0);
		dup2(pfdo[1], 1);
		close(x);
		close(pfdi[1]);
		close(pfdo[0]);
		close(pfdo[1]);
		if((x = open("/dev/null", O_WRONLY)) >= 0) {
			dup2(x, 2);
			close(x);
		}
		x = 0;
		a[x++] = "gpg";
		if(gpgHomeDir && gpgHomeDir[0]) {
			a[x++] = "--homedir";
			a[x++] = gpgHomeDir;
		}
		a[x++] = "--no-options";
		a[x++] = "--quiet";
		a[x++] = "--batch";
		a[x++] = "--no-tty";
		a[x++] = "--passphrase-fd";
		a[x++] = str;
		a[x++] = "--decrypt";
		a[x] = 0;
		if(setgid(getgid())) exit(1);
		if(setuid(getuid())) exit(1);
		for(x = 3; x < 1024; x++) {
			if(x == pfdi[0]) continue;
			close(x);
		}
		execve("/bin/gpg", &a[0], &e[0]);
		execve("/usr/bin/gpg", &a[0], &e[0]);
		execve("/usr/local/bin/gpg", &a[0], &e[0]);
		exit(1);
	}
	free(e[0]);
	close(x);
	close(pfdi[0]);
	close(pfdo[1]);
	if(gpid == -1) {
		close(pfdi[1]);
		close(pfdo[0]);
		goto nomem1;
	}

	x = strlen(pass);

	/* ignore possible SIGPIPE signal while writing to gpg */
	oldSigPipeHandler = signal(SIGPIPE, SIG_IGN);
	rd_wr_retry(pfdi[1], pass, x, 1);
	rd_wr_retry(pfdi[1], "\n", 1, 1);
	if(oldSigPipeHandler != SIG_ERR) signal(SIGPIPE, oldSigPipeHandler);

	close(pfdi[1]);
	memset(pass, 0, x);
	x = 0;
	while(x < 66) {
		multiKeyPass[x] = get_FD_pass(pfdo[0]);
		if(!multiKeyPass[x]) {
			/* mem alloc failed - abort */
			multiKeyPass[0] = 0;
			break;
		}
		if(strlen(multiKeyPass[x]) < LOOP_PASSWORD_MIN_LENGTH) break;
		x++;
	}
	warnAboutBadKeyData(x);
	if(x >= 65)
		multiKeyMode = 65;
	if(x == 64)
		multiKeyMode = 64;
	close(pfdo[0]);
	waitpid(gpid, &x, 0);
	if(!multiKeyPass[0]) goto nomem1;
	return multiKeyPass[0];
}

static char *sGetPass(int minLen, int warnLen)
{
	char *p, *s, *seed;
	int i, ask2, close_i_fd = 0;
	struct loop_info loopinfo;
	struct loop_info64 loopinfo64;
	int errsv;

	if (ioctl(fd, LOOP_GET_STATUS64, &loopinfo64) == 0) {

		loopinfo64.lo_file_name[LO_NAME_SIZE-2] = '*';
		loopinfo64.lo_file_name[LO_NAME_SIZE-1] = 0;
		loopinfo64.lo_crypt_name[LO_NAME_SIZE-1] = 0;

		printf("%s: [%04" PRIx64 "]:%" PRIu64 " (%s)",
		       device, loopinfo64.lo_device, loopinfo64.lo_inode,
		       loopinfo64.lo_file_name);

		if (loopinfo64.lo_offset)
			printf(_(", offset %" PRIu64 ), loopinfo64.lo_offset);

		if (loopinfo64.lo_sizelimit)
			printf(_(", sizelimit %" PRIu64 ), loopinfo64.lo_sizelimit);

		if (loopinfo64.lo_encrypt_type ||
		    loopinfo64.lo_crypt_name[0]) {
			char *e = (char *)loopinfo64.lo_crypt_name;

	if(!passFDnumber) {
		if(clearTextKeyFile) {
			if((i = open(clearTextKeyFile, O_RDONLY)) == -1) {
				fprintf(stderr, _("Error: unable to open %s for reading\n"), clearTextKeyFile);
				return NULL;
			}
			close_i_fd = 1;
			goto contReadFrom_i;
		}
		p = getpass(_("Password: "));
		ask2 = passAskTwice ? 1 : 0;
	} else {
		i = atoi(passFDnumber);
		contReadFrom_i:
		if(gpgKeyFile && gpgKeyFile[0]) {
			p = get_FD_pass(i);
			if(close_i_fd) close(i);
		} else {
			int x = 0;
			while(x < 66) {
				multiKeyPass[x] = get_FD_pass(i);
				if(!multiKeyPass[x]) goto nomem;
				if(strlen(multiKeyPass[x]) < LOOP_PASSWORD_MIN_LENGTH) break;
				x++;
			}
			if(close_i_fd) close(i);
			warnAboutBadKeyData(x);
			if(x >= 65) {
				multiKeyMode = 65;
				return multiKeyPass[0];
			}
			if(x == 64) {
				multiKeyMode = 64;
				return multiKeyPass[0];
			}
			p = multiKeyPass[0];
		}
		ask2 = 0;
	}
	if(!p) goto nomem;
	if(gpgKeyFile && gpgKeyFile[0]) {
		if(ask2) {
			i = strlen(p);
			s = malloc(i + 1);
			if(!s) goto nomem;
			strcpy(s, p);
			p = getpass(_("Retype password: "));
			if(!p) goto nomem;
			if(strcmp(s, p)) goto compareErr;
			memset(s, 0, i);
			free(s);
			ask2 = 0;
		}
		p = do_GPG_pipe(p);
		if(!p) return(NULL);
		if(!p[0]) {
			fprintf(stderr, _("Error: gpg key file decryption failed\n"));
			return(NULL);
		}
		if(multiKeyMode) return(p);
	}
	i = strlen(p);
	if(i < minLen) {
		fprintf(stderr, _("Error: Password must be at least %d characters.\n"), minLen);
		return(NULL);
	}
	seed = passSeedString;
	if(!seed) seed = "";
	s = malloc(i + strlen(seed) + 1);
	if(!s) {
		nomem:
		fprintf(stderr, _("Error: Unable to allocate memory\n"));
		return(NULL);
	}
	strcpy(s, p);
	memset(p, 0, i);
	if(ask2) {
		p = getpass(_("Retype password: "));
		if(!p) goto nomem;
		if(strcmp(s, p)) {
			compareErr:
			fprintf(stderr, _("Error: Passwords are not identical\n"));
			return(NULL);
		}
		memset(p, 0, i);
	}
	if(i < warnLen) {
		fprintf(stderr, _("WARNING - Please use longer password (%d or more characters)\n"), LOOP_PASSWORD_MIN_LENGTH);
	}
	strcat(s, seed);
	return(s);
}

/* this is for compatibility with historic loop-AES version */
static void unhashed1_key_setup(unsigned char *keyStr, int ile, unsigned char *keyBuf, int bufSize)
{
	register int    x, y, z, cnt = ile;
	unsigned char   *kp;

	memset(keyBuf, 0, bufSize);
	kp = keyStr;
	for(x = 0; x < (bufSize * 8); x += 6) {
		y = *kp++;
		if(--cnt <= 0) {
			kp = keyStr;
			cnt = ile;
		}
		if((y >= '0') && (y <= '9')) y -= '0';
		else if((y >= 'A') && (y <= 'Z')) y -= ('A' - 10);
		else if((y >= 'a') && (y <= 'z')) y -= ('a' - 36);
		else if((y == '.') || (y == '/')) y += (62 - '.');
		else y &= 63;
		z = x >> 3;
		if(z < bufSize) {
			keyBuf[z] |= y << (x & 7);
		}
		z++;
		if(z < bufSize) {
			keyBuf[z] |= y >> (8 - (x & 7));
		}
	}
	ret = show_loop_fd(fd, device);
	close(fd);
	return ret;
}

/* this is for compatibility with mainline mount */
static void unhashed2_key_setup(unsigned char *keyStr, int ile, unsigned char *keyBuf, int bufSize)
{
	memset(keyBuf, 0, bufSize);
	strncpy((char *)keyBuf, (char *)keyStr, bufSize - 1);
	keyBuf[bufSize - 1] = 0;
}

static void rmd160HashTwiceWithA(unsigned char *ib, int ile, unsigned char *ob, int ole)
{
	char tmpBuf[20 + 20];
	char pwdCopy[130];

	if(ole < 1) return;
	memset(ob, 0, ole);
	if(ole > 40) ole = 40;
	rmd160_hash_buffer(&tmpBuf[0], (char *)ib, ile);
	pwdCopy[0] = 'A';
	if(ile > sizeof(pwdCopy) - 1) ile = sizeof(pwdCopy) - 1;
	memcpy(pwdCopy + 1, ib, ile);
	rmd160_hash_buffer(&tmpBuf[20], pwdCopy, ile + 1);
	memcpy(ob, tmpBuf, ole);
	memset(tmpBuf, 0, sizeof(tmpBuf));
	memset(pwdCopy, 0, sizeof(pwdCopy));
}

extern long long llseek(int, long long, int);
		show_loop_fd(fd, ll.name);
		close(fd);
	}
	looplist_close(&ll);

static long long xx_lseek(int fd, long long offset, int whence)
{
	if(sizeof(off_t) >= 8) {
		return lseek(fd, offset, whence);
	} else {
		return llseek(fd, offset, whence);
	}
	return 0;
}

static int loop_create_random_keys(char *partition, long long offset, long long sizelimit, int loopro, unsigned char *k)
static int
show_associated_loop_devices(char *filename, unsigned long long offset, int isoff)
{
	int x, y, fd;
	sha512_context s;
	unsigned char b[4096];

	if(loopro) {
		fprintf(stderr, _("Error: read-only device %s\n"), partition);
		return 1;
	}

	/*
	 * Compute SHA-512 over first 40 KB of old fs data. SHA-512 hash
	 * output is then used as entropy for new fs encryption key.
	 */
	if((fd = open(partition, O_RDWR)) == -1) {
		seekFailed:
		fprintf(stderr, _("Error: unable to open/seek device %s\n"), partition);
		return 1;
	}
	if(offset < 0) offset = -offset;
	if(xx_lseek(fd, offset, SEEK_SET) == -1) {
		if (is_associated(fd, &filestat, offset, isoff) == 1)
			show_loop_fd(fd, ll.name);
		close(fd);
		goto seekFailed;
	}
	sha512_init(&s);
	for(x = 1; x <= 10; x++) {
		if((sizelimit > 0) && ((sizeof(b) * x) > sizelimit)) break;
		if(rd_wr_retry(fd, &b[0], sizeof(b), 0) != sizeof(b)) break;
		sha512_write(&s, &b[0], sizeof(b));
#endif /* MAIN */

/* check if the loopfile is already associated with the same given
 * parameters.
 *
 * returns: -1 error
 *           0 unused
 *           1 loop device already used
 */
static int
is_associated(int dev, struct stat *file, unsigned long long offset, int isoff)
{
	struct loop_info64 linfo64;
	struct loop_info64 linfo;
	int ret = 0;

	if (ioctl(dev, LOOP_GET_STATUS64, &linfo64) == 0) {
		if (file->st_dev == linfo64.lo_device &&
	            file->st_ino == linfo64.lo_inode &&
		    (isoff == 0 || offset == linfo64.lo_offset))
			ret = 1;
		return ret;
	}
	if (ioctl(dev, LOOP_GET_STATUS, &linfo) == 0) {
		if (file->st_dev == linfo.lo_device &&
	            file->st_ino == linfo.lo_inode &&
		    (isoff == 0 || offset == linfo.lo_offset))
			ret = 1;
		return ret;
	}

	return errno == ENXIO ? 0 : -1;
}

/* check if the loop file is already used with the same given
 * parameters. We check for device no, inode and offset.
 * returns: associated devname or NULL
 */
char *
loopfile_used (const char *filename, unsigned long long offset) {
	struct looplist ll;
	char *devname = NULL;
	struct stat filestat;
	int fd;

	if (stat(filename, &filestat) == -1) {
		perror(filename);
		return NULL;
	}

	if (looplist_open(&ll, LLFLG_USEDONLY) == -1) {
		error(_("%s: /dev directory does not exist."), progname);
		return NULL;
	}
	sha512_final(&s);

	/*
	 * Overwrite 40 KB of old fs data 20 times so that recovering
	 * SHA-512 output beyond this point is difficult and expensive.
	 */
	for(y = 0; y < 20; y++) {
		int z;
		struct {
			struct timeval tv;
			unsigned char h[64];
			int x,y,z;
		} j;
		if(xx_lseek(fd, offset, SEEK_SET) == -1) break;
		memcpy(&j.h[0], &s.sha_out[0], 64);
		gettimeofday(&j.tv, NULL);
		j.y = y;
		for(x = 1; x <= 10; x++) {
			j.x = x;
			for(z = 0; z < sizeof(b); z += 64) {
				j.z = z;
				sha512_hash_buffer((unsigned char *)&j, sizeof(j), &b[z], 64);
			}
			if((sizelimit > 0) && ((sizeof(b) * x) > sizelimit)) break;
			if(rd_wr_retry(fd, &b[0], sizeof(b), 1) != sizeof(b)) break;
		}
		memset(&j, 0, sizeof(j));
		if(fsync(fd)) break;
	}
	close(fd);

	return devname;
}

int
loopfile_used_with(char *devname, const char *filename, unsigned long long offset)
{
	struct stat statbuf;
	int fd, ret;

	/*
	 * Use all 512 bits of hash output
	 */
	memcpy(&b[0], &s.sha_out[0], 64);
	memset(&s, 0, sizeof(s));

	/*
	 * Read 32 bytes of random entropy from kernel's random
	 * number generator. This code may be executed early on startup
	 * scripts and amount of random entropy may be non-existent.
	 * SHA-512 of old fs data is used as workaround for missing
	 * entropy in kernel's random number generator.
	 */
	if((fd = open("/dev/urandom", O_RDONLY)) == -1) {
		fprintf(stderr, _("Error: unable to open /dev/urandom\n"));
		return 1;
	}
	rd_wr_retry(fd, &b[64], 32, 0);

	/* generate multi-key hashes */
	x = 0;
	while(x < 65) {
		rd_wr_retry(fd, &b[64+32], 16, 0);
		sha512_hash_buffer(&b[0], 64+32+16, k, 32);
		k += 32;
		x++;
	}
	ret = is_associated(fd, &statbuf, offset, 1);

	close(fd);
	memset(&b[0], 0, sizeof(b));
	return 0;
}

#if !defined(MAIN)
static int loop_fork_mkfs_command(char *device, char *fstype)
{
	int x, y = 0;
	char *a[10], *e[1];

	sync();
	if(!(x = fork())) {
		if((x = open("/dev/null", O_WRONLY)) >= 0) {
			dup2(x, 0);
			dup2(x, 1);
			dup2(x, 2);
			close(x);
		}
		x = 0;
		a[x++] = "mkfs";
		a[x++] = "-t";
		a[x++] = fstype;
		/* mkfs.reiserfs and mkfs.xfs need -f option */
		if(!strcmp(fstype, "reiserfs") || !strcmp(fstype, "xfs")) {
			a[x++] = "-f";
		}
		a[x++] = device;
		a[x] = 0;
		e[0] = 0;
		if(setgid(getgid())) exit(1);
		if(setuid(getuid())) exit(1);
		for(x = 3; x < 1024; x++) {
			close(x);
		}
		execve("/sbin/mkfs", &a[0], &e[0]);
		exit(1);
	}
	if(x == -1) {
		fprintf(stderr, _("Error: fork failed\n"));
		return 1;
		devname = xstrdup(ll.name);
	}
	waitpid(x, &y, 0);
	sync();
	if(!WIFEXITED(y) || (WEXITSTATUS(y) != 0)) {
		fprintf(stderr, _("Error: encrypted file system mkfs failed\n"));
		return 1;
		error(_("%s: no permission to look at /dev/loop#"), progname);
	else if (ll.ct_succ)
		error(_("%s: could not find any free loop device"), progname);
	else
		error(_(
		    "%s: Could not find any loop device. Maybe this kernel "
		    "does not know\n"
		    "       about the loop device? (If so, recompile or "
		    "`modprobe loop'.)"), progname);
	return NULL;
}

/*
 * A function to read the passphrase either from the terminal or from
 * an open file descriptor.
 */
static char *
xgetpass(int pfd, const char *prompt) {
	char *pass;
	int buflen, i;

        if (pfd < 0) /* terminal */
		return getpass(prompt);

	pass = NULL;
	buflen = 0;
	for (i=0; ; i++) {
		if (i >= buflen-1) {
				/* we're running out of space in the buffer.
				 * Make it bigger: */
			char *tmppass = pass;
			buflen += 128;
			pass = realloc(tmppass, buflen);
			if (pass == NULL) {
				/* realloc failed. Stop reading. */
				error(_("Out of memory while reading passphrase"));
				pass = tmppass; /* the old buffer hasn't changed */
				break;
			}
		}
		if (read(pfd, pass+i, 1) != 1 ||
		    pass[i] == '\n' || pass[i] == 0)
			break;
	}
	return 0;
	if (pass == NULL)
		return "";

	pass[i] = 0;
	return pass;
}

static int
digits_only(const char *s) {
	while (*s)
		if (!isdigit(*s++))
			return 0;
	return 1;
}
#endif

/*
 * return codes:
 *	0	- success
 *	1	- error
 *	2	- error (EBUSY)
 */
int
set_loop(const char *device, const char *file, int *loopro, const char **fstype, unsigned int *AutoChmodPtr, int busyRetVal) {
	struct loop_info64 loopinfo;
	int fd, ffd, mode, i, errRetVal = 1;
	char *pass, *apiName = NULL;
	void (*hashFunc)(unsigned char *, int, unsigned char *, int);
	unsigned char multiKeyBits[65][32];
	int minPassLen = LOOP_PASSWORD_MIN_LENGTH;
	int run_mkfs_command = 0;

	loopFileName = (char *)file;
	multiKeyMode = 0;
	mode = (*loopro ? O_RDONLY : O_RDWR);
					file, xdev);
			free(xdev);
		}
	}

	mode = (*options & SETLOOP_RDONLY) ? O_RDONLY : O_RDWR;
	if ((ffd = open(file, mode)) < 0) {
		if (!(*loopro) && 
 		    (errno == EROFS || errno == EACCES))
			ffd = open(file, mode = O_RDONLY);
		if (ffd < 0) {
			perror(file);
			return 1;
		}
		if (verbose)
			printf(_("warning: %s: is write-protected, using read-only.\n"),
					file);
		*options |= SETLOOP_RDONLY;
	}
	if ((fd = open(device, mode)) < 0) {
		perror (device);
		goto close_ffd_return1;
		return 1;
	}
	*loopro = (mode == O_RDONLY);

	if (ioctl(fd, LOOP_SET_FD, ffd) < 0) {
		if(errno == EBUSY)
			errRetVal = busyRetVal;
		if((errRetVal != 2) || verbose)
			perror("ioctl: LOOP_SET_FD");
keyclean_close_fd_ffd_return1:
		memset(loopinfo.lo_encrypt_key, 0, sizeof(loopinfo.lo_encrypt_key));
		memset(&multiKeyBits[0][0], 0, sizeof(multiKeyBits));
		close (fd);
close_ffd_return1:
		close (ffd);
		return errRetVal;
	}

	memset (&loopinfo, 0, sizeof (loopinfo));
	xstrncpy ((char *)loopinfo.lo_file_name, file, LO_NAME_SIZE);
	if (loopEncryptionType)
		loopinfo.lo_encrypt_type = loop_crypt_type (loopEncryptionType, &loopinfo.lo_encrypt_key_size, &apiName);
	if (loopOffsetBytes)
		loopinfo.lo_offset = mystrtoull(loopOffsetBytes, 1);
	if (loopSizeBytes)
		loopinfo.lo_sizelimit = mystrtoull(loopSizeBytes, 0);

#ifdef MCL_FUTURE
	/*
	 * Oh-oh, sensitive data coming up. Better lock into memory to prevent
	 * passwd etc being swapped out and left somewhere on disk.
	 */

	if(loopinfo.lo_encrypt_type && mlockall(MCL_CURRENT | MCL_FUTURE)) {
		perror("memlock");
		ioctl (fd, LOOP_CLR_FD, 0);
		fprintf(stderr, _("Couldn't lock into memory, exiting.\n"));
		exit(1);
	}
#endif

	switch (loopinfo.lo_encrypt_type) {
	case LO_CRYPT_NONE:
		loopinfo.lo_encrypt_key_size = 0;
		break;
	case LO_CRYPT_XOR:
		pass = sGetPass (1, 0);
		if(!pass) goto loop_clr_fd_out;
		xstrncpy ((char *)loopinfo.lo_encrypt_key, pass, LO_KEY_SIZE);
		loopinfo.lo_encrypt_key_size = strlen((char*)loopinfo.lo_encrypt_key);
		break;
	case 3:   /* LO_CRYPT_FISH2 */
	case 4:   /* LO_CRYPT_BLOW */
	case 7:   /* LO_CRYPT_SERPENT */
	case 8:   /* LO_CRYPT_MARS */
	case 11:  /* LO_CRYPT_RC6 */
	case 12:  /* LO_CRYPT_DES_EDE3 */
	case 16:  /* LO_CRYPT_AES */
	case 18:  /* LO_CRYPT_CRYPTOAPI */
		/* set default hash function */
		hashFunc = sha256_hash_buffer;
		if(loopinfo.lo_encrypt_key_size == 24) hashFunc = sha384_hash_buffer;
		if(loopinfo.lo_encrypt_key_size == 32) hashFunc = sha512_hash_buffer;
		/* possibly override default hash function */
		if(passHashFuncName) {
			if(!strcasecmp(passHashFuncName, "sha256")) {
				hashFunc = sha256_hash_buffer;
			} else if(!strcasecmp(passHashFuncName, "sha384")) {
				hashFunc = sha384_hash_buffer;
			} else if(!strcasecmp(passHashFuncName, "sha512")) {
				hashFunc = sha512_hash_buffer;
			} else if(!strcasecmp(passHashFuncName, "rmd160")) {
				hashFunc = rmd160HashTwiceWithA;
				minPassLen = 1;
			} else if(!strcasecmp(passHashFuncName, "unhashed1")) {
				hashFunc = unhashed1_key_setup;
			} else if(!strcasecmp(passHashFuncName, "unhashed2")) {
				hashFunc = unhashed2_key_setup;
				minPassLen = 1;
			} else if(!strcasecmp(passHashFuncName, "unhashed3") && passFDnumber && !gpgKeyFile) {
				/* unhashed3 hash type reads binary key from file descriptor. */
				/* This is not compatible with gpgkey= mount option */
				if(rd_wr_retry(atoi(passFDnumber), (char *)&loopinfo.lo_encrypt_key[0], LO_KEY_SIZE, 0) < 1) {
					fprintf(stderr, _("Error: couldn't read binary key\n"));
					goto loop_clr_fd_out;
				}
				break; /* out of switch(loopinfo.lo_encrypt_type) */
			} else if(!strncasecmp(passHashFuncName, "random", 6) && ((passHashFuncName[6] == 0) || (passHashFuncName[6] == '/'))) {
				/* random hash type sets up 65 random keys */
				/* WARNING! DO NOT USE RANDOM HASH TYPE ON PARTITION WITH EXISTING */
				/* IMPORTANT DATA ON IT. RANDOM HASH TYPE WILL DESTROY YOUR DATA.  */
				if(loop_create_random_keys((char*)file, loopinfo.lo_offset, loopinfo.lo_sizelimit, *loopro, &multiKeyBits[0][0])) {
					goto loop_clr_fd_out;
				}
				memcpy(&loopinfo.lo_encrypt_key[0], &multiKeyBits[0][0], sizeof(loopinfo.lo_encrypt_key));
				run_mkfs_command = multiKeyMode = 1000;
				break; /* out of switch(loopinfo.lo_encrypt_type) */
			}
		}
		pass = sGetPass (minPassLen, LOOP_PASSWORD_MIN_LENGTH);
		if(!pass) goto loop_clr_fd_out;
		i = strlen(pass);
		if(hashFunc == unhashed1_key_setup) {
			/* this is for compatibility with historic loop-AES version */
			loopinfo.lo_encrypt_key_size = 16;             /* 128 bits */
			if(i >= 32) loopinfo.lo_encrypt_key_size = 24; /* 192 bits */
			if(i >= 43) loopinfo.lo_encrypt_key_size = 32; /* 256 bits */
		}
		(*hashFunc)((unsigned char *)pass, i, &loopinfo.lo_encrypt_key[0], sizeof(loopinfo.lo_encrypt_key));
		if(multiKeyMode) {
			int r = 0, t;
			while(r < multiKeyMode) {
				t = strlen(multiKeyPass[r]);
				(*hashFunc)((unsigned char *)multiKeyPass[r], t, &multiKeyBits[r][0], 32);
				memset(multiKeyPass[r], 0, t);
				/*
				 * MultiKeyMode uses md5 IV. One key mode uses sector IV. Sector IV
				 * and md5 IV v2 and v3 are all computed differently. This first key
				 * byte XOR with 0x55/0xF4 is needed to cause complete decrypt failure
				 * in cases where data is encrypted with one type of IV and decrypted
				 * with another type IV. If identical key was used but only IV was
				 * computed differently, only first plaintext block of 512 byte CBC
				 * chain would decrypt incorrectly and rest would decrypt correctly.
				 * Partially correct decryption is dangerous. Decrypting all blocks
				 * incorrectly is safer because file system mount will simply fail.
				 */
				if(multiKeyMode == 65) {
					multiKeyBits[r][0] ^= 0xF4; /* version 3 */
				} else {
					multiKeyBits[r][0] ^= 0x55; /* version 2 */
				}
				r++;
			}
		} else if(passIterThousands) {
			aes_context ctx;
			unsigned long iter = 0;
			unsigned char tempkey[32];
			/*
			 * Set up AES-256 encryption key using same password and hash function
			 * as before but with password bit 0 flipped before hashing. That key
			 * is then used to encrypt actual loop key 'itercountk' thousand times.
			 */
			pass[0] ^= 1;
			(*hashFunc)((unsigned char *)pass, i, &tempkey[0], 32);
			aes_set_key(&ctx, &tempkey[0], 32, 0);
			sscanf(passIterThousands, "%lu", &iter);
			iter *= 1000;
			while(iter > 0) {
				/* encrypt both 128bit blocks with AES-256 */
				aes_encrypt(&ctx, &loopinfo.lo_encrypt_key[ 0], &loopinfo.lo_encrypt_key[ 0]);
				aes_encrypt(&ctx, &loopinfo.lo_encrypt_key[16], &loopinfo.lo_encrypt_key[16]);
				/* exchange upper half of first block with lower half of second block */
				memcpy(&tempkey[0], &loopinfo.lo_encrypt_key[8], 8);
				memcpy(&loopinfo.lo_encrypt_key[8], &loopinfo.lo_encrypt_key[16], 8);
				memcpy(&loopinfo.lo_encrypt_key[16], &tempkey[0], 8);
				iter--;
			}
			memset(&ctx, 0, sizeof(ctx));
			memset(&tempkey[0], 0, sizeof(tempkey));
		}
		memset(pass, 0, i);   /* erase original password */
		break;
	default:
		fprintf (stderr, _("Error: don't know how to get key for encryption system %d\n"), loopinfo.lo_encrypt_type);
		goto loop_clr_fd_out;
		memset(loopinfo64.lo_encrypt_key, 0, LO_KEY_SIZE);
		xstrncpy((char *)loopinfo64.lo_encrypt_key, pass, LO_KEY_SIZE);
		memset(pass, 0, strlen(pass));
		loopinfo64.lo_encrypt_key_size = LO_KEY_SIZE;
	}

	if(loInitValue) {
		/* cipher modules are free to do whatever they want with this value */
		i = 0;
		sscanf(loInitValue, "%d", &i);
		loopinfo.lo_init[0] = i;
	}

	/* type 18 == LO_CRYPT_CRYPTOAPI */
	if ((loopinfo.lo_encrypt_type == 18) || (loop_set_status64_ioctl(fd, &loopinfo) < 0)) {
		/* direct cipher interface failed - try CryptoAPI interface now */
		if(!apiName || (try_cryptoapi_loop_interface(fd, &loopinfo, apiName) < 0)) {
			fprintf(stderr, _("ioctl: LOOP_SET_STATUS: %s, requested cipher or key length (%d bits) not supported by kernel\n"), strerror(errno), loopinfo.lo_encrypt_key_size << 3);
			loop_clr_fd_out:
			(void) ioctl (fd, LOOP_CLR_FD, 0);
			goto keyclean_close_fd_ffd_return1;
		}
	}
	if(multiKeyMode >= 65) {
		if(ioctl(fd, LOOP_MULTI_KEY_SETUP_V3, &multiKeyBits[0][0]) < 0) {
			if(multiKeyMode == 1000) goto try_v2_setup;
			perror("ioctl: LOOP_MULTI_KEY_SETUP_V3");
			goto loop_clr_fd_out;
		}
	} else if(multiKeyMode == 64) {
		try_v2_setup:
		if((ioctl(fd, LOOP_MULTI_KEY_SETUP, &multiKeyBits[0][0]) < 0) && (multiKeyMode != 1000)) {
			perror("ioctl: LOOP_MULTI_KEY_SETUP");
			goto loop_clr_fd_out;
		}
	}
	close (ffd);

	if (*options & SETLOOP_AUTOCLEAR)
		loopinfo64.lo_flags = LO_FLAGS_AUTOCLEAR;

	memset(loopinfo.lo_encrypt_key, 0, sizeof(loopinfo.lo_encrypt_key));
	memset(&multiKeyBits[0][0], 0, sizeof(multiKeyBits));
	close (fd);
	close (ffd);

#if !defined(MAIN)
	if(run_mkfs_command && fstype && *fstype && **fstype && (getuid() == 0)) {
		if(!loop_fork_mkfs_command((char *)device, (char *)(*fstype))) {
			/* !strncasecmp(passHashFuncName, "random", 6) test matched */
			/* This reads octal mode for newly created file system root */
			/* directory node from '-o phash=random/1777' mount option. */
			/*                          octal mode--^^^^                */
			sscanf(passHashFuncName + 6, "/%o", AutoChmodPtr);
		} else {
			if((fd = open(device, mode)) >= 0) {
				ioctl(fd, LOOP_CLR_FD, 0);
				close(fd);
				return 1;
			{
				i = ioctl(fd, LOOP_GET_STATUS, &loopinfo);
				if (i || !(loopinfo.lo_flags & LO_FLAGS_AUTOCLEAR))
					*options &= ~SETLOOP_AUTOCLEAR;
			}
		}
		memset(&loopinfo, 0, sizeof(loopinfo));
	}
#endif
	{
		i = ioctl(fd, LOOP_GET_STATUS64, &loopinfo64);
		if (i || !(loopinfo64.lo_flags & LO_FLAGS_AUTOCLEAR))
			*options &= ~SETLOOP_AUTOCLEAR;
	}
	memset(&loopinfo64, 0, sizeof(loopinfo64));


	if (i) {
		ioctl (fd, LOOP_CLR_FD, 0);
		close (fd);
		if (file != filename)
			free(filename);
		return 1;
	}

	/*
	 * HACK: here we're leeking a file descriptor,
	 * but mount is a short-lived process anyway.
	 */
	if (!(*options & SETLOOP_AUTOCLEAR))
		close (fd);

	if (verbose > 1)
		printf(_("set_loop(%s,%s): success\n"), device, file);
		       device, filename, offset, sizelimit);
	if (file != filename)
		free(filename);
	return 0;
}

#ifdef MAIN
del_loop (const char *device) {
	int fd;

#include <getopt.h>
#include <stdarg.h>

int verbose = 0;
static char *progname;
	}
	if (ioctl (fd, LOOP_CLR_FD, 0) < 0) {
		perror ("ioctl: LOOP_CLR_FD");
		close(fd);
		return 1;
	}
	close (fd);
	if (verbose > 1)
		printf(_("del_loop(%s): success\n"), device);
	return 0;
}

#else /* no LOOP_SET_FD defined */
static void
usage(void) {
	fprintf(stderr, _("usage:\n\
  %s [options] loop_device file        # setup\n\
  %s -F [options] loop_device [file]   # setup, read /etc/fstab\n\
  %s loop_device                       # give info\n\
  %s -a                                # give info of all loops\n\
  %s -f                                # show next free loop device\n\
  %s -d loop_device                    # delete\n\
  %s -R loop_device                    # resize\n\
options:  -e encryption  -o offset  -s sizelimit  -p passwdfd  -T  -S pseed\n\
          -H phash  -I loinit  -K gpgkey  -G gpghome  -C itercountk  -v  -r\n\
          -P cleartextkey\n"),
		progname, progname, progname, progname, progname, progname, progname);
	exit(1);
}

void
show_all_loops(void)
{
	char dev[20];
	char *lfmt[] = { "/dev/loop%d", "/dev/loop/%d" };
	int i, j, fd, x;
	struct stat statbuf;

	for(i = 0; i < 256; i++) {
		for(j = (sizeof(lfmt) / sizeof(lfmt[0])) - 1; j >= 0; j--) {
			sprintf(dev, lfmt[j], i);
			if(stat(dev, &statbuf) == 0 && S_ISBLK(statbuf.st_mode)) {
				fd = open(dev, O_RDONLY);
				if(fd >= 0) {
					x = is_unused_loop_device(fd);
					close(fd);
					if(x == 0) {
						show_loop(dev);
						j = 0;
					}
				}
			}
		}
	}
}

int
read_options_from_fstab(char *loopToFind, char **partitionPtr)
{
	FILE *f;
	struct mntent *m;
	int y, foundMatch = 0;
	char *opt, *fr1, *fr2;
	struct options {
		char *name;	/* name of /etc/fstab option */
		char **dest;	/* destination where it is written to */
		char *line;	/* temp */
	};
	struct options tbl[] = {
		{ "device/file name ",	partitionPtr },	/* must be index 0 */
		{ "loop=",		&loopToFind },	/* must be index 1 */
		{ "offset=",		&loopOffsetBytes },
		{ "sizelimit=",		&loopSizeBytes },
		{ "encryption=",	&loopEncryptionType },
		{ "pseed=",		&passSeedString },
		{ "phash=",		&passHashFuncName },
		{ "loinit=",		&loInitValue },
		{ "gpgkey=",		&gpgKeyFile },
		{ "gpghome=",		&gpgHomeDir },
		{ "cleartextkey=",	&clearTextKeyFile },
		{ "itercountk=",	&passIterThousands },
	};
	struct options *p;

	if (!(f = setmntent("/etc/fstab", "r"))) {
		fprintf(stderr, _("Error: unable to open /etc/fstab for reading\n"));
		return 0;
	}
	while ((m = getmntent(f)) != NULL) {
		tbl[0].line = fr1 = xstrdup(m->mnt_fsname);
		p = &tbl[1];
		do {
			p->line = NULL;
		} while (++p < &tbl[sizeof(tbl) / sizeof(struct options)]);
		opt = fr2 = xstrdup(m->mnt_opts);
		for (opt = strtok(opt, ","); opt != NULL; opt = strtok(NULL, ",")) {
			p = &tbl[1];
			do {
				y = strlen(p->name);
				if (!strncmp(opt, p->name, y))
					p->line = opt + y;
			} while (++p < &tbl[sizeof(tbl) / sizeof(struct options)]);
		}
		if (tbl[1].line && !strcmp(loopToFind, tbl[1].line)) {
			if (++foundMatch > 1) {
				fprintf(stderr, _("Error: multiple loop=%s options found in /etc/fstab\n"), loopToFind);
				endmntent(f);
				return 0;
			}
			p = &tbl[0];
			do {
				if (!*p->dest && p->line) {
					*p->dest = p->line;
					if (verbose)
						printf(_("using %s%s from /etc/fstab\n"), p->name, p->line);
				}
			} while (++p < &tbl[sizeof(tbl) / sizeof(struct options)]);
			fr1 = fr2 = NULL;
		}
		if(fr1) free(fr1);
		if(fr2) free(fr2);
	}
	endmntent(f);
	if (foundMatch == 0) {
		fprintf(stderr, _("Error: loop=%s option not found in /etc/fstab\n"), loopToFind);
	}
	return foundMatch;
}

int
recompute_loop_dev_size(char *device)
{
	int fd, err1 = 0, err2, err3;
	long long oldBytes = -1, newBytes = -1;

#include <getopt.h>
#include <stdarg.h>

	fd = open(device, O_RDONLY);
	if(fd < 0) {
		perror(device);
		return 1;
	}
	if(verbose) {
		err1 = ioctl(fd, BLKGETSIZE64, &oldBytes);
	}
	err2 = ioctl(fd, LOOP_RECOMPUTE_DEV_SIZE, 0);
	if(err2) {
		perror(device);
		goto done1;
	}
	if(verbose) {
		err3 = ioctl(fd, BLKGETSIZE64, &newBytes);
		if(!err1 && (oldBytes >= 0)) {
			printf("%s: old size %lld bytes\n", device, oldBytes);
		}
		if(!err3 && (newBytes >= 0)) {
			printf("%s: new size %lld bytes\n", device, newBytes);
		}
	}
done1:
	close(fd);
	return err2;
}

int
main(int argc, char **argv) {
	char *partitionName = NULL;
	char *device = NULL;
	int delete,find,c,option_a=0,option_F=0,option_R=0,setup_o=0;
	int res = 0;
	int showdev = 0;
	int ro = 0;
	int pfd = -1;
	unsigned long long off, slimit;
	struct option longopts[] = {
		{ "all", 0, 0, 'a' },
		{ "detach", 0, 0, 'd' },
		{ "encryption", 1, 0, 'e' },
		{ "find", 0, 0, 'f' },
		{ "help", 0, 0, 'h' },
		{ "associated", 1, 0, 'j' },
		{ "offset", 1, 0, 'o' },
		{ "sizelimit", 1, 0, 128 },
		{ "pass-fd", 1, 0, 'p' },
		{ "read-only", 0, 0, 'r' },
	        { "show", 0, 0, 's' },
		{ "verbose", 0, 0, 'v' },
		{ NULL, 0, 0, 0 }
	};

	setlocale(LC_ALL, "");
	bindtextdomain(PACKAGE, LOCALEDIR);
	textdomain(PACKAGE);

	delete = find = 0;
	off = 0;
        slimit = 0;
	assoc = offset = sizelimit = encryption = passfd = NULL;

	progname = argv[0];
	while ((c = getopt(argc,argv,"aC:de:fFG:H:I:K:o:p:P:rRs:S:Tv")) != -1) {
		progname = p+1;

	while ((c = getopt_long(argc, argv, "ade:E:fhj:o:p:rsv",
				longopts, NULL)) != -1) {
		switch (c) {
		case 'a':		/* show status of all loops */
			option_a = 1;
			break;
		case 'C':
			passIterThousands = optarg;
			setup_o = 1;
			break;
		case 'd':
			delete = 1;
			break;
		case 'E':
		case 'e':
			loopEncryptionType = optarg;
			setup_o = 1;
			break;
		case 'f':		/* find free loop */
			find = 1;
			break;
		case 'F':		/* read loop related options from /etc/fstab */
			option_F = 1;
			setup_o = 1;
			break;
		case 'G':               /* GnuPG home dir */
			gpgHomeDir = optarg;
			setup_o = 1;
			break;
		case 'H':               /* passphrase hash function name */
			passHashFuncName = optarg;
			setup_o = 1;
			break;
		case 'I':               /* lo_init[0] value (in string form)  */
			loInitValue = optarg;
			setup_o = 1;
			break;
		case 'K':               /* GnuPG key file name */
			gpgKeyFile = optarg;
			setup_o = 1;
			break;
		case 'o':
			loopOffsetBytes = optarg;
			setup_o = 1;
			break;
		case 'p':               /* read passphrase from given fd */
			passFDnumber = optarg;
			setup_o = 1;
			break;
		case 'P':               /* read passphrase from given file */
			clearTextKeyFile = optarg;
			setup_o = 1;
			break;
		case 'r':               /* read-only */
			ro = 1;
			setup_o = 1;
			break;
		case 'R':               /* recompute loop dev size */
			option_R = 1;
			break;
		case 's':
			loopSizeBytes = optarg;
			setup_o = 1;
			break;
		case 'S':               /* optional seed for passphrase */
			passSeedString = optarg;
			setup_o = 1;
			break;
		case 'T':               /* ask passphrase _twice_ */
			passAskTwice = "T";
			setup_o = 1;
			break;
		case 'v':
			verbose++;
			break;

	        case 128:			/* --sizelimit */
			sizelimit = optarg;
                        break;

		default:
			usage();
		}
	}
	if (option_a + delete + option_R + setup_o + find > 1) usage();
	if (option_a) {
		/* show all loops */
		if (argc != optind) usage();
		show_all_loops();
		res = 0;
			usage();
	} else if (find) {
		if (argc != optind)
			usage();
	} else if (all) {
		if (argc > 2)
			usage();
	} else if (assoc) {
		if (encryption || showdev || passfd || ro)
			usage();
	} else {
		if (argc < optind+1 || argc > optind+2)
			usage();
	}

	if (offset && sscanf(offset, "%llu", &off) != 1)
		usage();

	if (sizelimit && sscanf(sizelimit, "%llu", &slimit) != 1)
		usage();

	if (all)
		return show_used_loop_devices();
	else if (assoc)
		return show_associated_loop_devices(assoc, off, offset ? 1 : 0);
	else if (find) {
		device = find_unused_loop_device();
		if (device == NULL)
			return -1;
		if (verbose)
			printf("Loop device is %s\n", device);
		printf("%s\n", device);
		res = 0;
	} else if (delete) {
		/* delete loop */
		if (argc != optind+1) usage();
		res = del_loop(argv[optind]);
	} else if (option_R) {
		/* resize existing loop */
		if (argc != optind+1) usage();
		res = recompute_loop_dev_size(argv[optind]);
	} else if ((argc == optind+1) && !setup_o) {
		/* show one loop */
		res = show_loop(argv[optind]);
	} else {
		/* set up new loop */
		if ((argc < optind+1) || ((argc == optind+1) && !option_F) || (argc > optind+2))
			file = NULL;
		else
			file = argv[optind+1];
	}

	if (delete)
		res = del_loop(device);
	else if (file == NULL)
		res = show_loop(device);
	else {
		if (passfd && sscanf(passfd, "%d", &pfd) != 1)
			usage();
		if (argc > optind+1)
			partitionName = argv[optind+1];
		if (option_F && (read_options_from_fstab(argv[optind], &partitionName) != 1))
			exit(1);
		res = set_loop(argv[optind],partitionName,&ro,(const char**)0,(unsigned int *)0, 1);
						device);
				free(device);
				if (!(device = find_unused_loop_device()))
					return -1;
			}
		} while (find && res == 2);

		if (device) {
			if (res == 2)
				error(_("%s: %s: device is busy"), progname, device);
			else if (res == 0) {
				if (verbose)
					printf(_("Loop device is %s\n"), device);
				if (showdev && find)
					printf("%s\n", device);
			}
		}
	}
	return res;
}
#endif
#else /* LOOP_SET_FD not defined */

int
main(int argc, char **argv) {
	fprintf(stderr,
		_("No loop support was available at compile time. "
		  "Please recompile.\n"));
	return -1;
}
#endif /* !LOOP_SET_FD*/
#endif /* MAIN */




extern int verbose;
extern int set_loop(const char *, const char *, int *, const char **, unsigned int *, int);
extern int del_loop(const char *);
extern int is_loop_device(const char *);
extern int is_loop_active(const char *, const char *);
extern char * find_unused_loop_device(void);

extern char *passFDnumber;
extern char *passAskTwice;
extern char *passSeedString;
extern char *passHashFuncName;
extern char *passIterThousands;
extern char *loInitValue;
extern char *gpgKeyFile;
extern char *gpgHomeDir;
extern char *clearTextKeyFile;
extern char *loopOffsetBytes;
extern char *loopSizeBytes;
extern char *loopEncryptionType;




/*
 *  loop.c
 *
 *  Copyright 2003 by Jari Ruusu.
 *  Redistribution of this file is permitted under the GNU GPL
 */

/* collection of loop helper functions used by losetup, mount and swapon */

#include <stdio.h>
#include <string.h>
#include <ctype.h>
#include <sys/ioctl.h>
#include <sys/types.h>
#include <errno.h>
#include "loop.h"

static void convert_info_to_info64(struct loop_info *info, struct loop_info64 *info64)
{
	memset(info64, 0, sizeof(*info64));
	info64->lo_number = info->lo_number;
	info64->lo_device = info->lo_device;
	info64->lo_inode = info->lo_inode;
	info64->lo_rdevice = info->lo_rdevice;
	info64->lo_offset = info->lo_offset;
	info64->lo_encrypt_type = info->lo_encrypt_type;
	info64->lo_encrypt_key_size = info->lo_encrypt_key_size;
	info64->lo_flags = info->lo_flags;
	info64->lo_init[0] = info->lo_init[0];
	info64->lo_init[1] = info->lo_init[1];
	info64->lo_sizelimit = 0;
	if (info->lo_encrypt_type == 18) /* LO_CRYPT_CRYPTOAPI */
		memcpy(info64->lo_crypt_name, info->lo_name, sizeof(info64->lo_crypt_name));
	else
		memcpy(info64->lo_file_name, info->lo_name, sizeof(info64->lo_file_name));
	memcpy(info64->lo_encrypt_key, info->lo_encrypt_key, sizeof(info64->lo_encrypt_key));
}

static int convert_info64_to_info(struct loop_info64 *info64, struct loop_info *info)
{
	memset(info, 0, sizeof(*info));
	info->lo_number = info64->lo_number;
	info->lo_device = info64->lo_device;
	info->lo_inode = info64->lo_inode;
	info->lo_rdevice = info64->lo_rdevice;
	info->lo_offset = info64->lo_offset;
	info->lo_encrypt_type = info64->lo_encrypt_type;
	info->lo_encrypt_key_size = info64->lo_encrypt_key_size;
	info->lo_flags = info64->lo_flags;
	info->lo_init[0] = info64->lo_init[0];
	info->lo_init[1] = info64->lo_init[1];
	if (info->lo_encrypt_type == 18) /* LO_CRYPT_CRYPTOAPI */
		memcpy(info->lo_name, info64->lo_crypt_name, sizeof(info->lo_name));
	else
		memcpy(info->lo_name, info64->lo_file_name, sizeof(info->lo_name));
	memcpy(info->lo_encrypt_key, info64->lo_encrypt_key, sizeof(info->lo_encrypt_key));

	/* error in case values were truncated */
	if (info->lo_device != info64->lo_device ||
	    info->lo_rdevice != info64->lo_rdevice ||
	    info->lo_inode != info64->lo_inode ||
	    info->lo_offset != info64->lo_offset ||
	    info64->lo_sizelimit) {
		errno = EOVERFLOW;
		return -1;
	}
	return 0;
}

int loop_set_status64_ioctl(int fd, struct loop_info64 *info64)
{
	struct loop_info info;
	struct loop_info64 tmp;
	int r;

	/*
	 * This ugly work around is needed because some
	 * Red Hat kernels are using same ioctl code:
	 *  	#define LOOP_CHANGE_FD 0x4C04
	 * vs.
	 *	#define LOOP_SET_STATUS64 0x4C04
	 * that is used by modern loop driver.
	 *
	 * Attempt to detect presense of LOOP_GET_STATUS64
	 * ioctl before issuing LOOP_SET_STATUS64 ioctl.
	 * Red Hat kernels with above LOOP_CHANGE_FD damage
	 * should return -1 and set errno to EINVAL.
	 */
	r = ioctl(fd, LOOP_GET_STATUS64, &tmp);
	memset(&tmp, 0, sizeof(tmp));
	if ((r == 0) || (errno != EINVAL)) {
		r = ioctl(fd, LOOP_SET_STATUS64, info64);
		if (!r)
			return 0;
	}
	r = convert_info64_to_info(info64, &info);
	if (!r)
		r = ioctl(fd, LOOP_SET_STATUS, &info);

	/* don't leave copies of encryption key on stack */
	memset(&info, 0, sizeof(info));
	return r;
}

int loop_get_status64_ioctl(int fd, struct loop_info64 *info64)
{
	struct loop_info info;
	int r;

	memset(info64, 0, sizeof(*info64));
	r = ioctl(fd, LOOP_GET_STATUS64, info64);
	if (!r)
		return 0;
	r = ioctl(fd, LOOP_GET_STATUS, &info);
	if (!r)
		convert_info_to_info64(&info, info64);

	/* don't leave copies of encryption key on stack */
	memset(&info, 0, sizeof(info));
	return r;
}

/* returns: 1=unused 0=busy */
int is_unused_loop_device(int fd)
{
	struct loop_info64 info64;
	struct loop_info info;
	int r;

	r = ioctl(fd, LOOP_GET_STATUS64, &info64);
	memset(&info64, 0, sizeof(info64));
	if (!r)
		return 0;
	if (errno == ENXIO)
		return 1;

	r = ioctl(fd, LOOP_GET_STATUS, &info);
	memset(&info, 0, sizeof(info));
	if (!r)
		return 0;
	if (errno == ENXIO)
		return 1;
	if (errno == EOVERFLOW)
		return 0;
	return 1;
}

struct loop_crypt_type_struct loop_crypt_type_tbl[] = {
	{  0, 0,  0, "no" },
	{  0, 0,  0, "none" },
	{  1, 0,  0, "xor" },
	{  3, 1, 16, "twofish" },
	{  4, 1, 16, "blowfish" },
	{  7, 1, 16, "serpent" },
	{  8, 1, 16, "mars" },
	{ 11, 3, 16, "rc6" },
	{ 12, 0, 21, "tripleDES" },
	{ 12, 0, 24, "3des" },
	{ 12, 0, 24, "des3_ede" },
	{ 16, 1, 16, "AES" },
	{ -1, 0,  0, NULL }
};

static char *getApiName(char *e, int *len)
{
	int x, y, z = 1, q = -1;
	unsigned char *s;

	*len = y = 0;
	s = (unsigned char *)strdup(e);
	if(!s)
		return "";
	x = strlen((char *)s);
	while(x > 0) {
		x--;
		if(!isdigit(s[x]))
			break;
		y += (s[x] - '0') * z;
		z *= 10;
		q = x;
	}
	while(x >= 0) {
		s[x] = tolower(s[x]);
		if(s[x] == '-')
			s[x] = 0;
		x--;
	}
	if(y >= 40) {
		if(q >= 0)
			s[q] = 0;
		*len = y;
	}
	return((char *)s);
}

int loop_crypt_type(const char *name, u_int32_t *kbyp, char **apiName)
{
	int i, k;

	*apiName = getApiName((char *)name, &k);
	if(k < 0)
		k = 0;
	if(k > 256)
		k = 256;
	for (i = 0; loop_crypt_type_tbl[i].id != -1; i++) {
		if (!strcasecmp (*apiName , loop_crypt_type_tbl[i].name)) {
			*kbyp = k ? k >> 3 : loop_crypt_type_tbl[i].keyBytes;
			return loop_crypt_type_tbl[i].id;
		}
	}
	*kbyp = 16; /* 128 bits */
	return 18; /* LO_CRYPT_CRYPTOAPI */
}

int try_cryptoapi_loop_interface(int fd, struct loop_info64 *loopinfo, char *apiName)
{
	snprintf((char *)loopinfo->lo_crypt_name, sizeof(loopinfo->lo_crypt_name), "%s-cbc", apiName);
	loopinfo->lo_crypt_name[LO_NAME_SIZE - 1] = 0;
	loopinfo->lo_encrypt_type = 18; /* LO_CRYPT_CRYPTOAPI */
	return(loop_set_status64_ioctl(fd, loopinfo));
}




/*
 *  loop.h
 *
 *  Copyright 2003 by Jari Ruusu.
 *  Redistribution of this file is permitted under the GNU GPL
 */

#ifndef _LOOP_H
#define _LOOP_H 1
#include "linux_version.h"

#include <sys/types.h>
#include <linux/version.h>
#include <linux/posix_types.h>
#define my_dev_t __kernel_old_dev_t
#endif

#define LO_CRYPT_NONE   0
#define LO_CRYPT_XOR    1
#define LO_CRYPT_DES    2
#define LO_CRYPT_CRYPTOAPI 18

#define LOOP_SET_FD		0x4C00
#define LOOP_CLR_FD		0x4C01
#define LOOP_SET_STATUS		0x4C02
#define LOOP_GET_STATUS		0x4C03
#define LOOP_SET_STATUS64	0x4C04
#define LOOP_GET_STATUS64	0x4C05
#define LOOP_MULTI_KEY_SETUP 	0x4C4D
#define LOOP_MULTI_KEY_SETUP_V3	0x4C4E
#define LOOP_RECOMPUTE_DEV_SIZE 0x4C52

#define LO_NAME_SIZE    64
#define LO_KEY_SIZE     32
	LO_FLAGS_READ_ONLY  = 1,
	LO_FLAGS_USE_AOPS   = 2,
	LO_FLAGS_AUTOCLEAR  = 4, /* New in 2.6.25 */
};

#define LO_NAME_SIZE	64
#define LO_KEY_SIZE	32

struct loop_info {
	int		lo_number;
#if LINUX_VERSION_CODE >= 0x20600
	__kernel_old_dev_t lo_device;
#else
	__kernel_dev_t	lo_device;
#endif
	unsigned long	lo_inode;
#if LINUX_VERSION_CODE >= 0x20600
	__kernel_old_dev_t lo_rdevice;
#else
	__kernel_dev_t	lo_rdevice;
#endif
	int		lo_offset;
	int		lo_encrypt_type;
	int		lo_encrypt_key_size;
	int		lo_flags;
	char		lo_name[LO_NAME_SIZE];

	unsigned long	lo_init[2];
	char		reserved[4];
};

struct loop_info64 {
	u_int64_t	lo_device; 		/* ioctl r/o */
	u_int64_t	lo_inode; 		/* ioctl r/o */
	u_int64_t	lo_rdevice; 		/* ioctl r/o */
	u_int64_t	lo_offset;		/* bytes */
	u_int64_t	lo_sizelimit;		/* bytes, 0 == max available */
	u_int32_t	lo_number;		/* ioctl r/o */
	u_int32_t	lo_encrypt_type;
	u_int32_t	lo_encrypt_key_size; 	/* ioctl w/o */
	u_int32_t	lo_flags;		/* ioctl r/o */
	unsigned char	lo_file_name[LO_NAME_SIZE];
	unsigned char	lo_crypt_name[LO_NAME_SIZE];
	unsigned char	lo_encrypt_key[LO_KEY_SIZE]; /* ioctl w/o */
	u_int64_t	lo_init[2];
};

extern int loop_set_status64_ioctl(int, struct loop_info64 *);
extern int loop_get_status64_ioctl(int, struct loop_info64 *);
extern int is_unused_loop_device(int);

struct loop_crypt_type_struct {
	short int id;
	unsigned char flags; /* bit0 = show keybits, bit1 = add '-' before keybits */
	unsigned char keyBytes;
	char *name;
};

extern struct loop_crypt_type_struct loop_crypt_type_tbl[];
extern int loop_crypt_type(const char *, u_int32_t *, char **);
extern int try_cryptoapi_loop_interface(int, struct loop_info64 *, char *);

#endif




.TH LOSETUP 8 "2008-10-15" "Linux" "MAINTENANCE COMMANDS"
.SH NAME
losetup \- set up and control loop devices
.SH SYNOPSIS
.ad l
Get info:
.sp
.in +5
.B losetup
[options]
.I loop_device
file
.br
.B losetup -F
[options]
.I loop_device
[file]
.br
.B losetup
[
.B \-d
]
.I loop_device
.br
.B losetup -a
.br
.B losetup -f
.br
.B losetup
.B \-R
.sp
.in +5
.B "losetup \-d"
.I loop_device
.sp
.in -5
Print name of first unused loop device:
.sp
.in +5
.B "losetup \-f"
.sp
.in -5
Setup loop device:
.sp
.in +5
.B losetup
.RB [{\-e | \-E}
.IR encryption ]
.RB [ \-o
.IR offset ]
.RB [ \-\-sizelimit
.IR limit ]
.RB [ \-p
.IR pfd ]
.RB [ \-r ]
.in +8
.RB { \-f [ \-\-show ] | \fIloop_device\fP }
.I file
.in -13
.ad b
.SH DESCRIPTION
.B losetup
is used to associate loop devices with regular files or block devices,
to detach loop devices and to query the status of a loop device. If only the
\fIloop_device\fP argument is given, the status of the corresponding loop
device is shown.

.SS "Encryption"
It is possible to specify transfer functions (for encryption/decryption
or other purposes) using one of the
.B \-E
and
.B \-e
options.
There are two mechanisms to specify the desired encryption: by number
and by name. If an encryption is specified by number then one
has to make sure that the Linux kernel knows about the encryption with that
number, probably by patching the kernel. Standard numbers that are
always present are 0 (no encryption) and 1 (XOR encryption).
When the cryptoloop module is loaded (or compiled in), it uses number 18.
This cryptoloop module will take the name of an arbitrary encryption type
and finds the module that knows how to perform that encryption.
.SH OPTIONS
.IP \fB\-a\fP
Show status of all loop devices.
.IP "\fB\-C \fIitercountk\fP"
Runs hashed passphrase through \fIitercountk\fP thousand iterations of AES-256
before using it for loop encryption. This consumes lots of CPU cycles at
loop setup/mount time but not thereafter. In combination with passphrase seed
this slows down dictionary attacks. Iteration is not done in multi-key mode.
.IP "\fB\-d\fP"
Detach the file or device associated with the specified loop device.
.IP "\fB\-e \fIencryption\fP"
.RS
Enable data encryption. Following encryption types are recognized:
.IP \fBNONE\fP
Use no encryption (default).
.PD 0
.IP \fBXOR\fP
Use a simple XOR encryption.
.IP "\fBAES128 AES\fP"
Use 128 bit AES encryption. Passphrase is hashed with SHA-256 by default.
.IP \fBAES192\fP
Use 192 bit AES encryption. Passphrase is hashed with SHA-384 by default.
.IP \fBAES256\fP
Use 256 bit AES encryption. Passphrase is hashed with SHA-512 by default.

.IP "\fBtwofish128 twofish160 twofish192 twofish256\fP"
.IP "\fBblowfish128 blowfish160 blowfish192 blowfish256\fP"
.IP "\fBserpent128 serpent192 serpent256 mars128 mars192\fP"
.IP "\fBmars256 rc6-128 rc6-192 rc6-256 tripleDES\fP"
These encryption types are available if they are enabled in kernel
configuration or corresponding modules have been loaded to kernel.
.PD
.RE
.IP "\fB\-f\fP"
Find and show next unused loop device.
.IP "\fB\-F\fP"
Reads and uses mount options from /etc/fstab that match specified loop
device, including offset= sizelimit= encryption= pseed= phash= loinit=
gpgkey= gpghome= cleartextkey= itercountk= and looped to device/file name.
loop= option in /etc/fstab must match specified loop device name. Command
line options take precedence in case of conflict.
.IP "\fB\-G \fIgpghome\fP"
Set gpg home directory to \fIgpghome\fP, so that gpg uses public/private
keys on \fIgpghome\fP directory. This is only used when gpgkey file needs to
be decrypted using public/private keys. If gpgkey file is encrypted with
symmetric cipher only, public/private keys are not required and this option
has no effect.
.IP "\fB\-H \fIphash\fP"
Uses \fIphash\fP function to hash passphrase. Available hash functions are
sha256, sha384, sha512 and rmd160. unhashed1, unhashed2 and unhashed3
functions also exist for compatibility with some obsolete implementations.

Hash function random does not ask for passphrase but sets up random keys and
attempts to put loop to multi-key mode. When random/1777 hash type is used
as mount option for mount program, mount program will create new file system
on the loop device and construct initial permissions of file system root
directory from octal digits that follow the slash character.

WARNING! DO NOT USE RANDOM HASH TYPE ON PARTITION WITH EXISTING IMPORTANT
DATA ON IT. RANDOM HASH TYPE WILL DESTROY YOUR DATA.
.IP "\fB\-I \fIloinit\fP"
Passes a numeric value of \fIloinit\fP as a parameter to cipher transfer
function. Cipher transfer functions are free to interpret value as they
want.
.IP "\fB\-K \fIgpgkey\fP"
Passphrase is piped to gpg so that gpg can decrypt file \fIgpgkey\fP which
contains the real keys that are used to encrypt loop device. If decryption
requires public/private keys and gpghome is not specified, all users use
their own gpg public/private keys to decrypt \fIgpgkey\fP. Decrypted
\fIgpgkey\fP should contain 1 or 64 or 65 keys, each key at least 20
characters and separated by newline. If decrypted \fIgpgkey\fP contains 64
or 65 keys, then loop device is put to multi-key mode. In multi-key mode
first key is used for first sector, second key for second sector, and so on.
65th key, if present, is used as additional input to MD5 IV computation.
.IP "\fB\-o \fIoffset\fP"
The data start is moved \fIoffset\fP bytes into the specified file or
device. Normally offset is included in IV (initialization vector)
computations. If offset is prefixed with @ character, then offset is not
included in IV computations. @ prefix functionality may not be supported on
some older kernels and/or loop drivers.
.IP "\fB\-p \fIpasswdfd\fP"
Read the passphrase from file descriptor \fIpasswdfd\fP instead of the
terminal. If -K option is not being used (no gpg key file), then losetup
attempts to read 65 keys from \fIpasswdfd\fP, each key at least 20
characters and separated by newline. If losetup successfully reads 64 or 65
keys, then loop device is put to multi-key mode. If losetup encounters
end-of-file before 64 keys are read, then only first key is used in
single-key mode.

echo SecretPassphraseHere | losetup -p0 -K foo.gpg -e AES128 ...

In above example, losetup reads passphrase from file descriptor 0 (stdin).
.IP "\fB\-P \fIcleartextkey\fP"
Read the passphrase from file \fIcleartextkey\fP instead of the
terminal. If -K option is not being used (no gpg key file), then losetup
attempts to read 65 keys from \fIcleartextkey\fP, each key at least 20
characters and separated by newline. If losetup successfully reads 64 or 65
keys, then loop device is put to multi-key mode. If losetup encounters
end-of-file before 64 keys are read, then only first key is used in
single-key mode. If both -p and -P options are used, then -p option takes
precedence. These are equivalent:

losetup -p3 -K foo.gpg -e AES128 ...   3<someFileName

losetup -P someFileName -K foo.gpg -e AES128 ...

In first line of above example, in addition to normal open file descriptors
(0==stdin 1==stdout 2==stderr), shell opens the file and passes open file
descriptor to started losetup program. In second line of above example,
losetup opens the file itself.
.IP "\fB\-r\fP"
Read-only mode.
.IP "\fB\-R\fP"
Resize existing, already set up loop device, to new changed underlying
device size. This option is for changing mounted live file system size on
LVM volume. This functionality may not be supported on some older kernels
and/or loop drivers.
.IP "\fB\-s \fIsizelimit\fP"
Size of loop device is limited to \fIsizelimit\fP bytes. If unspecified or
set to zero, loop device size is set to maximum available (file size minus
offset). This option may not be supported on some older kernels and/or loop
drivers.
.IP "\fB\-S \fIpseed\fP"
Sets encryption passphrase seed \fIpseed\fP which is appended to user supplied
passphrase before hashing. Using different seeds for different partitions
makes dictionary attacks slower but does not prevent them if user supplied
passphrase is guessable. Seed is not used in multi-key mode.
.IP "\fB\-T\fP"
Asks passphrase twice.
.IP "\fB\-v\fP"
Verbose mode.
.SH RETURN VALUE
.B losetup
returns 0 on success, nonzero on failure. When
.B losetup
displays the status of a loop device, it returns 1 if the device

.B losetup
from determining the status of the device.

.SH FILES
.nf
/dev/loop0,/dev/loop1,...   loop devices (major=7)
.fi
.SH EXAMPLE
If you are using the loadable module you must have the module loaded
first with the command
.IP
# insmod loop.o
.LP
Maybe also encryption modules are needed.
.IP
# insmod des.o
# insmod cryptoloop.o
.LP
The following commands can be used as an example of using the loop device.
.nf

dd if=/dev/zero of=/file bs=1k count=500
head -c 3705 /dev/random | uuencode -m - | head -n 66 \\
    | tail -n 65 | gpg --symmetric -a >/etc/fskey9.gpg
losetup -e AES128 -K /etc/fskey9.gpg /dev/loop0 /file
mkfs -t ext2 /dev/loop0
mount -t ext2 /dev/loop0 /mnt
 ...
umount /dev/loop0
losetup -d /dev/loop0
.fi
.LP
If you are using the loadable module you may remove the module with
the command
.IP
# rmmod loop
.LP
.fi
.SH RESTRICTION
XOR encryption is terribly weak.
.SH AUTHORS
.nf
Original version: Theodore Ts'o <tytso@athena.mit.edu>
AES support: Jari Ruusu
.fi
ftp://ftp.kernel.org/pub/linux/utils/util-linux-ng/.
.\" .SH AUTHORS
.\" .nf
.\" Original version: Theodore Ts'o <tytso@athena.mit.edu>
.\" Original DES by: Eric Young <eay@psych.psy.uq.oz.au>
.\" .fi




/*
 *  loumount.c
 *
 *  This code was extracted to separate file from lomount.c so that umount
 *  program doesn't have to link with all loop related setup code
 */

#define LOOPMAJOR      7

#include <stdio.h>
#include <string.h>
#include <ctype.h>
#include <fcntl.h>
#include <errno.h>
#include <stdlib.h>
#include <unistd.h>
#include <pwd.h>
#include <sys/types.h>
#include <sys/ioctl.h>
#include <sys/stat.h>
#include <sys/mman.h>
#include <sys/sysmacros.h>
#include <sys/wait.h>
#include <fcntl.h>
#include <mntent.h>
#include <locale.h>

#include "loop.h"
#include "lomount.h"
#include "xstrncpy.h"
#include "nls.h"

int
is_loop_device (const char *device) {
	struct stat statbuf;

	return (stat(device, &statbuf) == 0 &&
		S_ISBLK(statbuf.st_mode) &&
		major(statbuf.st_rdev) == LOOPMAJOR);
}

int 
del_loop (const char *device) {
	int fd;

	if ((fd = open (device, O_RDONLY)) < 0) {
		int errsv = errno;
		fprintf(stderr, _("loop: can't delete device %s: %s\n"),
			device, strerror (errsv));
		return 1;
	}
	if (ioctl (fd, LOOP_CLR_FD, 0) < 0) {
		perror ("ioctl: LOOP_CLR_FD");
		return 1;
	}
	close (fd);
	if (verbose > 1)
		printf(_("del_loop(%s): success\n"), device);
	return 0;
}





headers_common = fstab.h mount_mntent.h mount_constants.h \
	lomount.h fsprobe.h realpath.h xmalloc.h \
	getusername.h loop.h sundries.h

mount_common = fstab.c mount_mntent.c getusername.c \
	$(utils_common) $(headers_common) ../lib/env.c ../lib/linux_version.c \
	../lib/blkdev.c $(fallback)


mount_SOURCES = mount.c lomount.c loumount.c loop.c sha512.c rmd160.c aes.c $(mount_common) ../lib/setproctitle.c
mount_CFLAGS = $(SUID_CFLAGS) $(AM_CFLAGS)
mount_LDFLAGS = $(SUID_LDFLAGS) $(AM_LDFLAGS)

umount_SOURCES = umount.c loumount.c $(mount_common)
umount_CFLAGS = $(SUID_CFLAGS) $(AM_CFLAGS)
umount_LDFLAGS = $(SUID_LDFLAGS) $(AM_LDFLAGS)

swapon_SOURCES = swapon.c loop.c sha512.c swap_constants.h $(utils_common)

losetup_SOURCES = lomount.c loumount.c loop.c sha512.c rmd160.c aes.c sundries.c xmalloc.c \
	loop.h lomount.h xmalloc.h sundries.h realpath.h $(fallback)
losetup_CPPFLAGS = -DMAIN $(AM_CPPFLAGS)


mount_LDADD = $(LDADD_common)




# Makefile.in generated by automake 1.10.2 from Makefile.am.
# @configure_input@

# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
# 2003, 2004, 2005, 2006, 2007, 2008  Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation

	"$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"
binPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
@HAVE_PIVOT_ROOT_TRUE@am__EXEEXT_4 = pivot_root$(EXEEXT)
sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
PROGRAMS = $(bin_PROGRAMS) $(noinst_PROGRAMS) $(sbin_PROGRAMS)
am__losetup_SOURCES_DIST = lomount.c loumount.c loop.c sha512.c \
	rmd160.c aes.c sundries.c xmalloc.c loop.h lomount.h xmalloc.h \
	sundries.h realpath.h ../lib/strverscmp.c
@HAVE_VERSIONSORT_FALSE@am__objects_1 = losetup-strverscmp.$(OBJEXT)
am_losetup_OBJECTS = losetup-lomount.$(OBJEXT) \
	losetup-loumount.$(OBJEXT) losetup-loop.$(OBJEXT) \
	losetup-sha512.$(OBJEXT) losetup-rmd160.$(OBJEXT) \
	losetup-aes.$(OBJEXT) losetup-sundries.$(OBJEXT) \
	losetup-xmalloc.$(OBJEXT) $(am__objects_1)
losetup_OBJECTS = $(am_losetup_OBJECTS)
losetup_LDADD = $(LDADD)
am__losetup_static_SOURCES_DIST = lomount.c loumount.c loop.c sha512.c \
	rmd160.c aes.c sundries.c xmalloc.c loop.h lomount.h xmalloc.h \
	sundries.h realpath.h ../lib/strverscmp.c
@HAVE_VERSIONSORT_FALSE@am__objects_2 =  \
@HAVE_VERSIONSORT_FALSE@	losetup_static-strverscmp.$(OBJEXT)
am__objects_3 = losetup_static-lomount.$(OBJEXT) \
	losetup_static-loumount.$(OBJEXT) \
	losetup_static-loop.$(OBJEXT) losetup_static-sha512.$(OBJEXT) \
	losetup_static-rmd160.$(OBJEXT) losetup_static-aes.$(OBJEXT) \
	losetup_static-sundries.$(OBJEXT) \
	losetup_static-xmalloc.$(OBJEXT) $(am__objects_2)
	losetup_static-realpath.$(OBJEXT) $(am__objects_2)
@HAVE_STATIC_LOSETUP_TRUE@am_losetup_static_OBJECTS =  \
@HAVE_STATIC_LOSETUP_TRUE@	$(am__objects_3)
losetup_static_OBJECTS = $(am_losetup_static_OBJECTS)
losetup_static_LDADD = $(LDADD)
losetup_static_LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
	$(losetup_static_LDFLAGS) $(LDFLAGS) -o $@
am__mount_SOURCES_DIST = mount.c lomount.c loumount.c loop.c sha512.c \
	rmd160.c aes.c fstab.c mount_mntent.c getusername.c sundries.c \
	xmalloc.c realpath.c fsprobe.c fsprobe_blkid.c \
	fsprobe_volumeid.c fstab.h mount_mntent.h mount_constants.h \
	lomount.h fsprobe.h realpath.h xmalloc.h getusername.h loop.h \
	sundries.h ../lib/env.c ../lib/linux_version.c ../lib/blkdev.c \
	../lib/strverscmp.c ../lib/setproctitle.c
@HAVE_BLKID_TRUE@am__objects_4 = mount-fsprobe_blkid.$(OBJEXT)
@HAVE_VOLUME_ID_TRUE@am__objects_5 = mount-fsprobe_volumeid.$(OBJEXT)
am__objects_6 = mount-sundries.$(OBJEXT) mount-xmalloc.$(OBJEXT) \
	mount-realpath.$(OBJEXT) mount-fsprobe.$(OBJEXT) \
	$(am__objects_4) $(am__objects_5)
am__objects_7 =
@HAVE_VERSIONSORT_FALSE@am__objects_8 = mount-strverscmp.$(OBJEXT)
am__objects_9 = mount-fstab.$(OBJEXT) mount-mount_mntent.$(OBJEXT) \
	mount-getusername.$(OBJEXT) $(am__objects_6) $(am__objects_7) \
	mount-env.$(OBJEXT) mount-linux_version.$(OBJEXT) \
	mount-blkdev.$(OBJEXT) $(am__objects_8)
am_mount_OBJECTS = mount-mount.$(OBJEXT) mount-lomount.$(OBJEXT) \
	mount-loumount.$(OBJEXT) mount-loop.$(OBJEXT) \
	mount-sha512.$(OBJEXT) mount-rmd160.$(OBJEXT) \
	mount-aes.$(OBJEXT) $(am__objects_9) \
	mount-setproctitle.$(OBJEXT)
mount_OBJECTS = $(am_mount_OBJECTS)
am__DEPENDENCIES_1 =
@HAVE_BLKID_TRUE@am__DEPENDENCIES_2 = $(am__DEPENDENCIES_1)
@HAVE_VOLUME_ID_TRUE@am__DEPENDENCIES_3 = $(am__DEPENDENCIES_1)
am__DEPENDENCIES_4 = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_3)
@HAVE_SELINUX_TRUE@am__DEPENDENCIES_5 = $(am__DEPENDENCIES_1)
mount_DEPENDENCIES = $(am__DEPENDENCIES_4) $(am__DEPENDENCIES_5)
mount_LINK = $(CCLD) $(mount_CFLAGS) $(CFLAGS) $(mount_LDFLAGS) \
	$(LDFLAGS) -o $@
am__mount_static_SOURCES_DIST = mount.c lomount.c loumount.c loop.c \
	sha512.c rmd160.c aes.c fstab.c mount_mntent.c getusername.c \
	sundries.c xmalloc.c realpath.c fsprobe.c fsprobe_blkid.c \
	fsprobe_volumeid.c fstab.h mount_mntent.h mount_constants.h \
	lomount.h fsprobe.h realpath.h xmalloc.h getusername.h loop.h \
	sundries.h ../lib/env.c ../lib/linux_version.c ../lib/blkdev.c \
	../lib/strverscmp.c ../lib/setproctitle.c
@HAVE_BLKID_TRUE@am__objects_10 = fsprobe_blkid.$(OBJEXT)
@HAVE_VOLUME_ID_TRUE@am__objects_11 = fsprobe_volumeid.$(OBJEXT)
am__objects_12 = sundries.$(OBJEXT) xmalloc.$(OBJEXT) \
	realpath.$(OBJEXT) fsprobe.$(OBJEXT) $(am__objects_10) \
	$(am__objects_11)
@HAVE_VERSIONSORT_FALSE@am__objects_13 = strverscmp.$(OBJEXT)
am__objects_14 = fstab.$(OBJEXT) mount_mntent.$(OBJEXT) \
	getusername.$(OBJEXT) $(am__objects_12) $(am__objects_7) \
	env.$(OBJEXT) linux_version.$(OBJEXT) blkdev.$(OBJEXT) \
	$(am__objects_13)
am__objects_15 = mount.$(OBJEXT) lomount.$(OBJEXT) loumount.$(OBJEXT) \
	loop.$(OBJEXT) sha512.$(OBJEXT) rmd160.$(OBJEXT) aes.$(OBJEXT) \
	$(am__objects_14) setproctitle.$(OBJEXT)
@HAVE_STATIC_MOUNT_TRUE@am_mount_static_OBJECTS = $(am__objects_15)
mount_static_OBJECTS = $(am_mount_static_OBJECTS)
@HAVE_STATIC_MOUNT_TRUE@am__DEPENDENCIES_6 = $(am__DEPENDENCIES_4)
mount_static_DEPENDENCIES = $(am__DEPENDENCIES_6) \
	$(am__DEPENDENCIES_5)

mtab_lock_test_OBJECTS = $(am_mtab_lock_test_OBJECTS)
mtab_lock_test_LDADD = $(LDADD)
pivot_root_SOURCES = pivot_root.c
pivot_root_OBJECTS = pivot_root.$(OBJEXT)
pivot_root_LDADD = $(LDADD)
am__swapon_SOURCES_DIST = swapon.c loop.c sha512.c swap_constants.h \
	sundries.c xmalloc.c realpath.c fsprobe.c fsprobe_blkid.c \
	fsprobe_volumeid.c ../lib/linux_version.c ../lib/blkdev.c
@HAVE_VOLUME_ID_TRUE@am__objects_16 = linux_version.$(OBJEXT) \
@HAVE_VOLUME_ID_TRUE@	blkdev.$(OBJEXT)
am_swapon_OBJECTS = swapon.$(OBJEXT) loop.$(OBJEXT) sha512.$(OBJEXT) \
	$(am__objects_12) $(am__objects_16)
swapon_OBJECTS = $(am_swapon_OBJECTS)
swapon_DEPENDENCIES = $(am__DEPENDENCIES_4)
am__umount_SOURCES_DIST = umount.c loumount.c fstab.c mount_mntent.c \
	getusername.c sundries.c xmalloc.c realpath.c fsprobe.c \
	fsprobe_blkid.c fsprobe_volumeid.c fstab.h mount_mntent.h \
	mount_constants.h lomount.h fsprobe.h realpath.h xmalloc.h \
	getusername.h loop.h sundries.h ../lib/env.c \
	../lib/linux_version.c ../lib/blkdev.c ../lib/strverscmp.c
	../lib/strverscmp.c
@HAVE_BLKID_TRUE@am__objects_17 = umount-fsprobe_blkid.$(OBJEXT)
@HAVE_VOLUME_ID_TRUE@am__objects_18 =  \
@HAVE_VOLUME_ID_TRUE@	umount-fsprobe_volumeid.$(OBJEXT)
am__objects_19 = umount-sundries.$(OBJEXT) umount-xmalloc.$(OBJEXT) \
	umount-realpath.$(OBJEXT) umount-fsprobe.$(OBJEXT) \
	$(am__objects_17) $(am__objects_18)
@HAVE_VERSIONSORT_FALSE@am__objects_20 = umount-strverscmp.$(OBJEXT)
am__objects_21 = umount-fstab.$(OBJEXT) umount-mount_mntent.$(OBJEXT) \
	umount-getusername.$(OBJEXT) $(am__objects_19) \
	$(am__objects_7) umount-env.$(OBJEXT) \
	umount-linux_version.$(OBJEXT) umount-blkdev.$(OBJEXT) \
	$(am__objects_20)
am_umount_OBJECTS = umount-umount.$(OBJEXT) umount-loumount.$(OBJEXT) \
	$(am__objects_21)
umount_OBJECTS = $(am_umount_OBJECTS)
umount_DEPENDENCIES = $(am__DEPENDENCIES_4)
umount_LINK = $(CCLD) $(umount_CFLAGS) $(CFLAGS) $(umount_LDFLAGS) \
	$(LDFLAGS) -o $@
am__umount_static_SOURCES_DIST = umount.c loumount.c fstab.c \
	mount_mntent.c getusername.c sundries.c xmalloc.c realpath.c \
	fsprobe.c fsprobe_blkid.c fsprobe_volumeid.c fstab.h \
	mount_mntent.h mount_constants.h lomount.h fsprobe.h \
	realpath.h xmalloc.h getusername.h loop.h sundries.h \
	../lib/env.c ../lib/linux_version.c ../lib/blkdev.c \
	../lib/strverscmp.c
am__objects_22 = umount.$(OBJEXT) loumount.$(OBJEXT) $(am__objects_14)
@HAVE_STATIC_UMOUNT_TRUE@am_umount_static_OBJECTS = $(am__objects_22)
umount_static_OBJECTS = $(am_umount_static_OBJECTS)
@HAVE_STATIC_UMOUNT_TRUE@umount_static_DEPENDENCIES =  \
@HAVE_STATIC_UMOUNT_TRUE@	$(am__DEPENDENCIES_4)
umount_static_LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) \

@HAVE_VERSIONSORT_FALSE@fallback = ../lib/strverscmp.c
headers_common = fstab.h mount_mntent.h mount_constants.h \
	lomount.h fsprobe.h realpath.h xmalloc.h \
	getusername.h loop.h sundries.h

mount_common = fstab.c mount_mntent.c getusername.c \
	$(utils_common) $(headers_common) ../lib/env.c ../lib/linux_version.c \
	../lib/blkdev.c $(fallback)

mount_SOURCES = mount.c lomount.c loumount.c loop.c sha512.c rmd160.c aes.c $(mount_common) ../lib/setproctitle.c
mount_CFLAGS = $(SUID_CFLAGS) $(AM_CFLAGS)
mount_LDFLAGS = $(SUID_LDFLAGS) $(AM_LDFLAGS)
umount_SOURCES = umount.c loumount.c $(mount_common)
umount_CFLAGS = $(SUID_CFLAGS) $(AM_CFLAGS)
umount_LDFLAGS = $(SUID_LDFLAGS) $(AM_LDFLAGS)
swapon_SOURCES = swapon.c loop.c sha512.c swap_constants.h \
	$(utils_common) $(am__append_11)
losetup_SOURCES = lomount.c loumount.c loop.c sha512.c rmd160.c aes.c sundries.c xmalloc.c \
	loop.h lomount.h xmalloc.h sundries.h realpath.h $(fallback)

losetup_CPPFLAGS = -DMAIN $(AM_CPPFLAGS)
mount_LDADD = $(LDADD_common) $(am__append_8)
umount_LDADD = $(LDADD_common)

.SUFFIXES: .c .o .obj
$(srcdir)/Makefile.in:  $(srcdir)/Makefile.am $(top_srcdir)/config/include-Makefile.am $(am__configure_deps)
	@for dep in $?; do \
	  case '$(am__configure_deps)' in \
	    *$$dep*) \
	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
	        && { if test -f $@; then exit 0; else break; fi; }; \
	      exit 1;; \
	  esac; \
	done; \
	echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign  mount/Makefile'; \
	cd $(top_srcdir) && \

	-rm -f *.$(OBJEXT)

distclean-compile:
	-rm -f *.tab.c

@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aes.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/blkdev.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/env.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fsprobe.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fsprobe_blkid.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fsprobe_volumeid.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fstab.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/getusername.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/linux_version.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lomount.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/loop.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/losetup-aes.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/losetup-lomount.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/losetup-loop.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/losetup-loumount.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/losetup-rmd160.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/losetup-sha512.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/losetup-strverscmp.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/losetup-sundries.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/losetup-xmalloc.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/losetup_static-aes.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/losetup_static-lomount.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/losetup_static-loop.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/losetup_static-loumount.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/losetup_static-rmd160.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/losetup_static-sha512.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/losetup_static-strverscmp.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/losetup_static-sundries.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/losetup_static-xmalloc.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/loumount.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount-aes.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount-blkdev.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount-env.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount-fsprobe.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount-fsprobe_blkid.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount-fsprobe_volumeid.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount-fstab.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount-getusername.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount-linux_version.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount-lomount.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount-loop.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount-loumount.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount-mount.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount-mount_mntent.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount-realpath.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount-rmd160.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount-setproctitle.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount-sha512.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount-strverscmp.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount-sundries.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount-xmalloc.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mount_mntent.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mtab_lock_test-fstab.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mtab_lock_test-sundries.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mtab_lock_test-xmalloc.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pivot_root.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/realpath.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rmd160.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/setproctitle.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha512.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strverscmp.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sundries.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/swapon.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/umount-blkdev.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/umount-env.Po@am__quote@

@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/umount-fsprobe_blkid.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/umount-fsprobe_volumeid.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/umount-fstab.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/umount-getusername.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/umount-linux_version.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/umount-loumount.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/umount-mount_mntent.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/umount-realpath.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/umount-strverscmp.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/umount-sundries.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/umount-umount.Po@am__quote@

@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup-lomount.Tpo $(DEPDIR)/losetup-lomount.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='lomount.c' object='losetup-lomount.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup-lomount.obj `if test -f 'lomount.c'; then $(CYGPATH_W) 'lomount.c'; else $(CYGPATH_W) '$(srcdir)/lomount.c'; fi`

losetup-loumount.o: loumount.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup-loumount.o -MD -MP -MF $(DEPDIR)/losetup-loumount.Tpo -c -o losetup-loumount.o `test -f 'loumount.c' || echo '$(srcdir)/'`loumount.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup-loumount.Tpo $(DEPDIR)/losetup-loumount.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='loumount.c' object='losetup-loumount.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup-loumount.o `test -f 'loumount.c' || echo '$(srcdir)/'`loumount.c

losetup-loumount.obj: loumount.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup-loumount.obj -MD -MP -MF $(DEPDIR)/losetup-loumount.Tpo -c -o losetup-loumount.obj `if test -f 'loumount.c'; then $(CYGPATH_W) 'loumount.c'; else $(CYGPATH_W) '$(srcdir)/loumount.c'; fi`
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup-loumount.Tpo $(DEPDIR)/losetup-loumount.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='loumount.c' object='losetup-loumount.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup-loumount.obj `if test -f 'loumount.c'; then $(CYGPATH_W) 'loumount.c'; else $(CYGPATH_W) '$(srcdir)/loumount.c'; fi`

losetup-loop.o: loop.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup-loop.o -MD -MP -MF $(DEPDIR)/losetup-loop.Tpo -c -o losetup-loop.o `test -f 'loop.c' || echo '$(srcdir)/'`loop.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup-loop.Tpo $(DEPDIR)/losetup-loop.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='loop.c' object='losetup-loop.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup-loop.o `test -f 'loop.c' || echo '$(srcdir)/'`loop.c

losetup-loop.obj: loop.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup-loop.obj -MD -MP -MF $(DEPDIR)/losetup-loop.Tpo -c -o losetup-loop.obj `if test -f 'loop.c'; then $(CYGPATH_W) 'loop.c'; else $(CYGPATH_W) '$(srcdir)/loop.c'; fi`
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup-loop.Tpo $(DEPDIR)/losetup-loop.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='loop.c' object='losetup-loop.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup-loop.obj `if test -f 'loop.c'; then $(CYGPATH_W) 'loop.c'; else $(CYGPATH_W) '$(srcdir)/loop.c'; fi`

losetup-sha512.o: sha512.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup-sha512.o -MD -MP -MF $(DEPDIR)/losetup-sha512.Tpo -c -o losetup-sha512.o `test -f 'sha512.c' || echo '$(srcdir)/'`sha512.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup-sha512.Tpo $(DEPDIR)/losetup-sha512.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='sha512.c' object='losetup-sha512.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup-sha512.o `test -f 'sha512.c' || echo '$(srcdir)/'`sha512.c

losetup-sha512.obj: sha512.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup-sha512.obj -MD -MP -MF $(DEPDIR)/losetup-sha512.Tpo -c -o losetup-sha512.obj `if test -f 'sha512.c'; then $(CYGPATH_W) 'sha512.c'; else $(CYGPATH_W) '$(srcdir)/sha512.c'; fi`
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup-sha512.Tpo $(DEPDIR)/losetup-sha512.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='sha512.c' object='losetup-sha512.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup-sha512.obj `if test -f 'sha512.c'; then $(CYGPATH_W) 'sha512.c'; else $(CYGPATH_W) '$(srcdir)/sha512.c'; fi`

losetup-rmd160.o: rmd160.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup-rmd160.o -MD -MP -MF $(DEPDIR)/losetup-rmd160.Tpo -c -o losetup-rmd160.o `test -f 'rmd160.c' || echo '$(srcdir)/'`rmd160.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup-rmd160.Tpo $(DEPDIR)/losetup-rmd160.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='rmd160.c' object='losetup-rmd160.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup-rmd160.o `test -f 'rmd160.c' || echo '$(srcdir)/'`rmd160.c

losetup-rmd160.obj: rmd160.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup-rmd160.obj -MD -MP -MF $(DEPDIR)/losetup-rmd160.Tpo -c -o losetup-rmd160.obj `if test -f 'rmd160.c'; then $(CYGPATH_W) 'rmd160.c'; else $(CYGPATH_W) '$(srcdir)/rmd160.c'; fi`
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup-rmd160.Tpo $(DEPDIR)/losetup-rmd160.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='rmd160.c' object='losetup-rmd160.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup-rmd160.obj `if test -f 'rmd160.c'; then $(CYGPATH_W) 'rmd160.c'; else $(CYGPATH_W) '$(srcdir)/rmd160.c'; fi`

losetup-aes.o: aes.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup-aes.o -MD -MP -MF $(DEPDIR)/losetup-aes.Tpo -c -o losetup-aes.o `test -f 'aes.c' || echo '$(srcdir)/'`aes.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup-aes.Tpo $(DEPDIR)/losetup-aes.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='aes.c' object='losetup-aes.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup-aes.o `test -f 'aes.c' || echo '$(srcdir)/'`aes.c

losetup-aes.obj: aes.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup-aes.obj -MD -MP -MF $(DEPDIR)/losetup-aes.Tpo -c -o losetup-aes.obj `if test -f 'aes.c'; then $(CYGPATH_W) 'aes.c'; else $(CYGPATH_W) '$(srcdir)/aes.c'; fi`
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup-aes.Tpo $(DEPDIR)/losetup-aes.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='aes.c' object='losetup-aes.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup-aes.obj `if test -f 'aes.c'; then $(CYGPATH_W) 'aes.c'; else $(CYGPATH_W) '$(srcdir)/aes.c'; fi`

losetup-sundries.o: sundries.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup-sundries.o -MD -MP -MF $(DEPDIR)/losetup-sundries.Tpo -c -o losetup-sundries.o `test -f 'sundries.c' || echo '$(srcdir)/'`sundries.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup-sundries.Tpo $(DEPDIR)/losetup-sundries.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='sundries.c' object='losetup-sundries.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@

@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup-xmalloc.Tpo $(DEPDIR)/losetup-xmalloc.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='xmalloc.c' object='losetup-xmalloc.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup-xmalloc.obj `if test -f 'xmalloc.c'; then $(CYGPATH_W) 'xmalloc.c'; else $(CYGPATH_W) '$(srcdir)/xmalloc.c'; fi`

losetup-realpath.o: realpath.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup-realpath.o -MD -MP -MF $(DEPDIR)/losetup-realpath.Tpo -c -o losetup-realpath.o `test -f 'realpath.c' || echo '$(srcdir)/'`realpath.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup-realpath.Tpo $(DEPDIR)/losetup-realpath.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='realpath.c' object='losetup-realpath.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup-realpath.o `test -f 'realpath.c' || echo '$(srcdir)/'`realpath.c

losetup-realpath.obj: realpath.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup-realpath.obj -MD -MP -MF $(DEPDIR)/losetup-realpath.Tpo -c -o losetup-realpath.obj `if test -f 'realpath.c'; then $(CYGPATH_W) 'realpath.c'; else $(CYGPATH_W) '$(srcdir)/realpath.c'; fi`
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup-realpath.Tpo $(DEPDIR)/losetup-realpath.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='realpath.c' object='losetup-realpath.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup-realpath.obj `if test -f 'realpath.c'; then $(CYGPATH_W) 'realpath.c'; else $(CYGPATH_W) '$(srcdir)/realpath.c'; fi`

losetup-strverscmp.o: ../lib/strverscmp.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup-strverscmp.o -MD -MP -MF $(DEPDIR)/losetup-strverscmp.Tpo -c -o losetup-strverscmp.o `test -f '../lib/strverscmp.c' || echo '$(srcdir)/'`../lib/strverscmp.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup-strverscmp.Tpo $(DEPDIR)/losetup-strverscmp.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='../lib/strverscmp.c' object='losetup-strverscmp.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@

@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup_static-lomount.Tpo $(DEPDIR)/losetup_static-lomount.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='lomount.c' object='losetup_static-lomount.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup_static-lomount.obj `if test -f 'lomount.c'; then $(CYGPATH_W) 'lomount.c'; else $(CYGPATH_W) '$(srcdir)/lomount.c'; fi`

losetup_static-loumount.o: loumount.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup_static-loumount.o -MD -MP -MF $(DEPDIR)/losetup_static-loumount.Tpo -c -o losetup_static-loumount.o `test -f 'loumount.c' || echo '$(srcdir)/'`loumount.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup_static-loumount.Tpo $(DEPDIR)/losetup_static-loumount.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='loumount.c' object='losetup_static-loumount.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup_static-loumount.o `test -f 'loumount.c' || echo '$(srcdir)/'`loumount.c

losetup_static-loumount.obj: loumount.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup_static-loumount.obj -MD -MP -MF $(DEPDIR)/losetup_static-loumount.Tpo -c -o losetup_static-loumount.obj `if test -f 'loumount.c'; then $(CYGPATH_W) 'loumount.c'; else $(CYGPATH_W) '$(srcdir)/loumount.c'; fi`
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup_static-loumount.Tpo $(DEPDIR)/losetup_static-loumount.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='loumount.c' object='losetup_static-loumount.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup_static-loumount.obj `if test -f 'loumount.c'; then $(CYGPATH_W) 'loumount.c'; else $(CYGPATH_W) '$(srcdir)/loumount.c'; fi`

losetup_static-loop.o: loop.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup_static-loop.o -MD -MP -MF $(DEPDIR)/losetup_static-loop.Tpo -c -o losetup_static-loop.o `test -f 'loop.c' || echo '$(srcdir)/'`loop.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup_static-loop.Tpo $(DEPDIR)/losetup_static-loop.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='loop.c' object='losetup_static-loop.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup_static-loop.o `test -f 'loop.c' || echo '$(srcdir)/'`loop.c

losetup_static-loop.obj: loop.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup_static-loop.obj -MD -MP -MF $(DEPDIR)/losetup_static-loop.Tpo -c -o losetup_static-loop.obj `if test -f 'loop.c'; then $(CYGPATH_W) 'loop.c'; else $(CYGPATH_W) '$(srcdir)/loop.c'; fi`
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup_static-loop.Tpo $(DEPDIR)/losetup_static-loop.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='loop.c' object='losetup_static-loop.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup_static-loop.obj `if test -f 'loop.c'; then $(CYGPATH_W) 'loop.c'; else $(CYGPATH_W) '$(srcdir)/loop.c'; fi`

losetup_static-sha512.o: sha512.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup_static-sha512.o -MD -MP -MF $(DEPDIR)/losetup_static-sha512.Tpo -c -o losetup_static-sha512.o `test -f 'sha512.c' || echo '$(srcdir)/'`sha512.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup_static-sha512.Tpo $(DEPDIR)/losetup_static-sha512.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='sha512.c' object='losetup_static-sha512.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup_static-sha512.o `test -f 'sha512.c' || echo '$(srcdir)/'`sha512.c

losetup_static-sha512.obj: sha512.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup_static-sha512.obj -MD -MP -MF $(DEPDIR)/losetup_static-sha512.Tpo -c -o losetup_static-sha512.obj `if test -f 'sha512.c'; then $(CYGPATH_W) 'sha512.c'; else $(CYGPATH_W) '$(srcdir)/sha512.c'; fi`
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup_static-sha512.Tpo $(DEPDIR)/losetup_static-sha512.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='sha512.c' object='losetup_static-sha512.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup_static-sha512.obj `if test -f 'sha512.c'; then $(CYGPATH_W) 'sha512.c'; else $(CYGPATH_W) '$(srcdir)/sha512.c'; fi`

losetup_static-rmd160.o: rmd160.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup_static-rmd160.o -MD -MP -MF $(DEPDIR)/losetup_static-rmd160.Tpo -c -o losetup_static-rmd160.o `test -f 'rmd160.c' || echo '$(srcdir)/'`rmd160.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup_static-rmd160.Tpo $(DEPDIR)/losetup_static-rmd160.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='rmd160.c' object='losetup_static-rmd160.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup_static-rmd160.o `test -f 'rmd160.c' || echo '$(srcdir)/'`rmd160.c

losetup_static-rmd160.obj: rmd160.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup_static-rmd160.obj -MD -MP -MF $(DEPDIR)/losetup_static-rmd160.Tpo -c -o losetup_static-rmd160.obj `if test -f 'rmd160.c'; then $(CYGPATH_W) 'rmd160.c'; else $(CYGPATH_W) '$(srcdir)/rmd160.c'; fi`
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup_static-rmd160.Tpo $(DEPDIR)/losetup_static-rmd160.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='rmd160.c' object='losetup_static-rmd160.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup_static-rmd160.obj `if test -f 'rmd160.c'; then $(CYGPATH_W) 'rmd160.c'; else $(CYGPATH_W) '$(srcdir)/rmd160.c'; fi`

losetup_static-aes.o: aes.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup_static-aes.o -MD -MP -MF $(DEPDIR)/losetup_static-aes.Tpo -c -o losetup_static-aes.o `test -f 'aes.c' || echo '$(srcdir)/'`aes.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup_static-aes.Tpo $(DEPDIR)/losetup_static-aes.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='aes.c' object='losetup_static-aes.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup_static-aes.o `test -f 'aes.c' || echo '$(srcdir)/'`aes.c

losetup_static-aes.obj: aes.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup_static-aes.obj -MD -MP -MF $(DEPDIR)/losetup_static-aes.Tpo -c -o losetup_static-aes.obj `if test -f 'aes.c'; then $(CYGPATH_W) 'aes.c'; else $(CYGPATH_W) '$(srcdir)/aes.c'; fi`
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup_static-aes.Tpo $(DEPDIR)/losetup_static-aes.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='aes.c' object='losetup_static-aes.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup_static-aes.obj `if test -f 'aes.c'; then $(CYGPATH_W) 'aes.c'; else $(CYGPATH_W) '$(srcdir)/aes.c'; fi`

losetup_static-sundries.o: sundries.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup_static-sundries.o -MD -MP -MF $(DEPDIR)/losetup_static-sundries.Tpo -c -o losetup_static-sundries.o `test -f 'sundries.c' || echo '$(srcdir)/'`sundries.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup_static-sundries.Tpo $(DEPDIR)/losetup_static-sundries.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='sundries.c' object='losetup_static-sundries.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@

@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup_static-xmalloc.Tpo $(DEPDIR)/losetup_static-xmalloc.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='xmalloc.c' object='losetup_static-xmalloc.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup_static-xmalloc.obj `if test -f 'xmalloc.c'; then $(CYGPATH_W) 'xmalloc.c'; else $(CYGPATH_W) '$(srcdir)/xmalloc.c'; fi`

losetup_static-realpath.o: realpath.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup_static-realpath.o -MD -MP -MF $(DEPDIR)/losetup_static-realpath.Tpo -c -o losetup_static-realpath.o `test -f 'realpath.c' || echo '$(srcdir)/'`realpath.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup_static-realpath.Tpo $(DEPDIR)/losetup_static-realpath.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='realpath.c' object='losetup_static-realpath.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup_static-realpath.o `test -f 'realpath.c' || echo '$(srcdir)/'`realpath.c

losetup_static-realpath.obj: realpath.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup_static-realpath.obj -MD -MP -MF $(DEPDIR)/losetup_static-realpath.Tpo -c -o losetup_static-realpath.obj `if test -f 'realpath.c'; then $(CYGPATH_W) 'realpath.c'; else $(CYGPATH_W) '$(srcdir)/realpath.c'; fi`
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup_static-realpath.Tpo $(DEPDIR)/losetup_static-realpath.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='realpath.c' object='losetup_static-realpath.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o losetup_static-realpath.obj `if test -f 'realpath.c'; then $(CYGPATH_W) 'realpath.c'; else $(CYGPATH_W) '$(srcdir)/realpath.c'; fi`

losetup_static-strverscmp.o: ../lib/strverscmp.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(losetup_static_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT losetup_static-strverscmp.o -MD -MP -MF $(DEPDIR)/losetup_static-strverscmp.Tpo -c -o losetup_static-strverscmp.o `test -f '../lib/strverscmp.c' || echo '$(srcdir)/'`../lib/strverscmp.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/losetup_static-strverscmp.Tpo $(DEPDIR)/losetup_static-strverscmp.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='../lib/strverscmp.c' object='losetup_static-strverscmp.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@

@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/mount-mount.Tpo $(DEPDIR)/mount-mount.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='mount.c' object='mount-mount.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -c -o mount-mount.obj `if test -f 'mount.c'; then $(CYGPATH_W) 'mount.c'; else $(CYGPATH_W) '$(srcdir)/mount.c'; fi`

mount-lomount.o: lomount.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -MT mount-lomount.o -MD -MP -MF $(DEPDIR)/mount-lomount.Tpo -c -o mount-lomount.o `test -f 'lomount.c' || echo '$(srcdir)/'`lomount.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/mount-lomount.Tpo $(DEPDIR)/mount-lomount.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='lomount.c' object='mount-lomount.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -c -o mount-lomount.o `test -f 'lomount.c' || echo '$(srcdir)/'`lomount.c

mount-lomount.obj: lomount.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -MT mount-lomount.obj -MD -MP -MF $(DEPDIR)/mount-lomount.Tpo -c -o mount-lomount.obj `if test -f 'lomount.c'; then $(CYGPATH_W) 'lomount.c'; else $(CYGPATH_W) '$(srcdir)/lomount.c'; fi`
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/mount-lomount.Tpo $(DEPDIR)/mount-lomount.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='lomount.c' object='mount-lomount.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -c -o mount-lomount.obj `if test -f 'lomount.c'; then $(CYGPATH_W) 'lomount.c'; else $(CYGPATH_W) '$(srcdir)/lomount.c'; fi`

mount-loumount.o: loumount.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -MT mount-loumount.o -MD -MP -MF $(DEPDIR)/mount-loumount.Tpo -c -o mount-loumount.o `test -f 'loumount.c' || echo '$(srcdir)/'`loumount.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/mount-loumount.Tpo $(DEPDIR)/mount-loumount.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='loumount.c' object='mount-loumount.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -c -o mount-loumount.o `test -f 'loumount.c' || echo '$(srcdir)/'`loumount.c

mount-loumount.obj: loumount.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -MT mount-loumount.obj -MD -MP -MF $(DEPDIR)/mount-loumount.Tpo -c -o mount-loumount.obj `if test -f 'loumount.c'; then $(CYGPATH_W) 'loumount.c'; else $(CYGPATH_W) '$(srcdir)/loumount.c'; fi`
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/mount-loumount.Tpo $(DEPDIR)/mount-loumount.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='loumount.c' object='mount-loumount.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -c -o mount-loumount.obj `if test -f 'loumount.c'; then $(CYGPATH_W) 'loumount.c'; else $(CYGPATH_W) '$(srcdir)/loumount.c'; fi`

mount-loop.o: loop.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -MT mount-loop.o -MD -MP -MF $(DEPDIR)/mount-loop.Tpo -c -o mount-loop.o `test -f 'loop.c' || echo '$(srcdir)/'`loop.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/mount-loop.Tpo $(DEPDIR)/mount-loop.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='loop.c' object='mount-loop.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -c -o mount-loop.o `test -f 'loop.c' || echo '$(srcdir)/'`loop.c

mount-loop.obj: loop.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -MT mount-loop.obj -MD -MP -MF $(DEPDIR)/mount-loop.Tpo -c -o mount-loop.obj `if test -f 'loop.c'; then $(CYGPATH_W) 'loop.c'; else $(CYGPATH_W) '$(srcdir)/loop.c'; fi`
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/mount-loop.Tpo $(DEPDIR)/mount-loop.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='loop.c' object='mount-loop.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -c -o mount-loop.obj `if test -f 'loop.c'; then $(CYGPATH_W) 'loop.c'; else $(CYGPATH_W) '$(srcdir)/loop.c'; fi`

mount-sha512.o: sha512.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -MT mount-sha512.o -MD -MP -MF $(DEPDIR)/mount-sha512.Tpo -c -o mount-sha512.o `test -f 'sha512.c' || echo '$(srcdir)/'`sha512.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/mount-sha512.Tpo $(DEPDIR)/mount-sha512.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='sha512.c' object='mount-sha512.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -c -o mount-sha512.o `test -f 'sha512.c' || echo '$(srcdir)/'`sha512.c

mount-sha512.obj: sha512.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -MT mount-sha512.obj -MD -MP -MF $(DEPDIR)/mount-sha512.Tpo -c -o mount-sha512.obj `if test -f 'sha512.c'; then $(CYGPATH_W) 'sha512.c'; else $(CYGPATH_W) '$(srcdir)/sha512.c'; fi`
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/mount-sha512.Tpo $(DEPDIR)/mount-sha512.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='sha512.c' object='mount-sha512.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -c -o mount-sha512.obj `if test -f 'sha512.c'; then $(CYGPATH_W) 'sha512.c'; else $(CYGPATH_W) '$(srcdir)/sha512.c'; fi`

mount-rmd160.o: rmd160.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -MT mount-rmd160.o -MD -MP -MF $(DEPDIR)/mount-rmd160.Tpo -c -o mount-rmd160.o `test -f 'rmd160.c' || echo '$(srcdir)/'`rmd160.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/mount-rmd160.Tpo $(DEPDIR)/mount-rmd160.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='rmd160.c' object='mount-rmd160.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -c -o mount-rmd160.o `test -f 'rmd160.c' || echo '$(srcdir)/'`rmd160.c

mount-rmd160.obj: rmd160.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -MT mount-rmd160.obj -MD -MP -MF $(DEPDIR)/mount-rmd160.Tpo -c -o mount-rmd160.obj `if test -f 'rmd160.c'; then $(CYGPATH_W) 'rmd160.c'; else $(CYGPATH_W) '$(srcdir)/rmd160.c'; fi`
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/mount-rmd160.Tpo $(DEPDIR)/mount-rmd160.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='rmd160.c' object='mount-rmd160.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -c -o mount-rmd160.obj `if test -f 'rmd160.c'; then $(CYGPATH_W) 'rmd160.c'; else $(CYGPATH_W) '$(srcdir)/rmd160.c'; fi`

mount-aes.o: aes.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -MT mount-aes.o -MD -MP -MF $(DEPDIR)/mount-aes.Tpo -c -o mount-aes.o `test -f 'aes.c' || echo '$(srcdir)/'`aes.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/mount-aes.Tpo $(DEPDIR)/mount-aes.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='aes.c' object='mount-aes.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -c -o mount-aes.o `test -f 'aes.c' || echo '$(srcdir)/'`aes.c

mount-aes.obj: aes.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -MT mount-aes.obj -MD -MP -MF $(DEPDIR)/mount-aes.Tpo -c -o mount-aes.obj `if test -f 'aes.c'; then $(CYGPATH_W) 'aes.c'; else $(CYGPATH_W) '$(srcdir)/aes.c'; fi`
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/mount-aes.Tpo $(DEPDIR)/mount-aes.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='aes.c' object='mount-aes.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -c -o mount-aes.obj `if test -f 'aes.c'; then $(CYGPATH_W) 'aes.c'; else $(CYGPATH_W) '$(srcdir)/aes.c'; fi`

mount-fstab.o: fstab.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -MT mount-fstab.o -MD -MP -MF $(DEPDIR)/mount-fstab.Tpo -c -o mount-fstab.o `test -f 'fstab.c' || echo '$(srcdir)/'`fstab.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/mount-fstab.Tpo $(DEPDIR)/mount-fstab.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='fstab.c' object='mount-fstab.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@

@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/mount-getusername.Tpo $(DEPDIR)/mount-getusername.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='getusername.c' object='mount-getusername.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -c -o mount-getusername.obj `if test -f 'getusername.c'; then $(CYGPATH_W) 'getusername.c'; else $(CYGPATH_W) '$(srcdir)/getusername.c'; fi`

mount-lomount.o: lomount.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -MT mount-lomount.o -MD -MP -MF $(DEPDIR)/mount-lomount.Tpo -c -o mount-lomount.o `test -f 'lomount.c' || echo '$(srcdir)/'`lomount.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/mount-lomount.Tpo $(DEPDIR)/mount-lomount.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='lomount.c' object='mount-lomount.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -c -o mount-lomount.o `test -f 'lomount.c' || echo '$(srcdir)/'`lomount.c

mount-lomount.obj: lomount.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -MT mount-lomount.obj -MD -MP -MF $(DEPDIR)/mount-lomount.Tpo -c -o mount-lomount.obj `if test -f 'lomount.c'; then $(CYGPATH_W) 'lomount.c'; else $(CYGPATH_W) '$(srcdir)/lomount.c'; fi`
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/mount-lomount.Tpo $(DEPDIR)/mount-lomount.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='lomount.c' object='mount-lomount.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -c -o mount-lomount.obj `if test -f 'lomount.c'; then $(CYGPATH_W) 'lomount.c'; else $(CYGPATH_W) '$(srcdir)/lomount.c'; fi`

mount-sundries.o: sundries.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(mount_CFLAGS) $(CFLAGS) -MT mount-sundries.o -MD -MP -MF $(DEPDIR)/mount-sundries.Tpo -c -o mount-sundries.o `test -f 'sundries.c' || echo '$(srcdir)/'`sundries.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/mount-sundries.Tpo $(DEPDIR)/mount-sundries.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='sundries.c' object='mount-sundries.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@

@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/umount-umount.Tpo $(DEPDIR)/umount-umount.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='umount.c' object='umount-umount.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(umount_CFLAGS) $(CFLAGS) -c -o umount-umount.obj `if test -f 'umount.c'; then $(CYGPATH_W) 'umount.c'; else $(CYGPATH_W) '$(srcdir)/umount.c'; fi`

umount-loumount.o: loumount.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(umount_CFLAGS) $(CFLAGS) -MT umount-loumount.o -MD -MP -MF $(DEPDIR)/umount-loumount.Tpo -c -o umount-loumount.o `test -f 'loumount.c' || echo '$(srcdir)/'`loumount.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/umount-loumount.Tpo $(DEPDIR)/umount-loumount.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='loumount.c' object='umount-loumount.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(umount_CFLAGS) $(CFLAGS) -c -o umount-loumount.o `test -f 'loumount.c' || echo '$(srcdir)/'`loumount.c

umount-loumount.obj: loumount.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(umount_CFLAGS) $(CFLAGS) -MT umount-loumount.obj -MD -MP -MF $(DEPDIR)/umount-loumount.Tpo -c -o umount-loumount.obj `if test -f 'loumount.c'; then $(CYGPATH_W) 'loumount.c'; else $(CYGPATH_W) '$(srcdir)/loumount.c'; fi`
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/umount-loumount.Tpo $(DEPDIR)/umount-loumount.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='loumount.c' object='umount-loumount.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(umount_CFLAGS) $(CFLAGS) -c -o umount-loumount.obj `if test -f 'loumount.c'; then $(CYGPATH_W) 'loumount.c'; else $(CYGPATH_W) '$(srcdir)/loumount.c'; fi`

umount-fstab.o: fstab.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(umount_CFLAGS) $(CFLAGS) -MT umount-fstab.o -MD -MP -MF $(DEPDIR)/umount-fstab.Tpo -c -o umount-fstab.o `test -f 'fstab.c' || echo '$(srcdir)/'`fstab.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/umount-fstab.Tpo $(DEPDIR)/umount-fstab.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='fstab.c' object='umount-fstab.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@

@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/umount-getusername.Tpo $(DEPDIR)/umount-getusername.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='getusername.c' object='umount-getusername.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(umount_CFLAGS) $(CFLAGS) -c -o umount-getusername.obj `if test -f 'getusername.c'; then $(CYGPATH_W) 'getusername.c'; else $(CYGPATH_W) '$(srcdir)/getusername.c'; fi`

umount-lomount.o: lomount.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(umount_CFLAGS) $(CFLAGS) -MT umount-lomount.o -MD -MP -MF $(DEPDIR)/umount-lomount.Tpo -c -o umount-lomount.o `test -f 'lomount.c' || echo '$(srcdir)/'`lomount.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/umount-lomount.Tpo $(DEPDIR)/umount-lomount.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='lomount.c' object='umount-lomount.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(umount_CFLAGS) $(CFLAGS) -c -o umount-lomount.o `test -f 'lomount.c' || echo '$(srcdir)/'`lomount.c

umount-lomount.obj: lomount.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(umount_CFLAGS) $(CFLAGS) -MT umount-lomount.obj -MD -MP -MF $(DEPDIR)/umount-lomount.Tpo -c -o umount-lomount.obj `if test -f 'lomount.c'; then $(CYGPATH_W) 'lomount.c'; else $(CYGPATH_W) '$(srcdir)/lomount.c'; fi`
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/umount-lomount.Tpo $(DEPDIR)/umount-lomount.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='lomount.c' object='umount-lomount.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(umount_CFLAGS) $(CFLAGS) -c -o umount-lomount.obj `if test -f 'lomount.c'; then $(CYGPATH_W) 'lomount.c'; else $(CYGPATH_W) '$(srcdir)/lomount.c'; fi`

umount-sundries.o: sundries.c
@am__fastdepCC_TRUE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(umount_CFLAGS) $(CFLAGS) -MT umount-sundries.o -MD -MP -MF $(DEPDIR)/umount-sundries.Tpo -c -o umount-sundries.o `test -f 'sundries.c' || echo '$(srcdir)/'`sundries.c
@am__fastdepCC_TRUE@	mv -f $(DEPDIR)/umount-sundries.Tpo $(DEPDIR)/umount-sundries.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='sundries.c' object='umount-sundries.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@

	  case "$$i" in \
	    *.5*) list="$$list $$i" ;; \
	  esac; \
	done; \
	for i in $$list; do \
	  if test -f $$i; then file=$$i; \
	  else file=$(srcdir)/$$i; fi; \
	  ext=`echo $$i | sed -e 's/^.*\\.//'`; \
	  case "$$ext" in \
	    5*) ;; \
	    *) ext='5' ;; \
	  esac; \

	  case "$$i" in \
	    *.8*) list="$$list $$i" ;; \
	  esac; \
	done; \
	for i in $$list; do \
	  if test -f $$i; then file=$$i; \
	  else file=$(srcdir)/$$i; fi; \
	  ext=`echo $$i | sed -e 's/^.*\\.//'`; \
	  case "$$ext" in \
	    8*) ;; \
	    *) ext='8' ;; \
	  esac; \

ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
	list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
	unique=`for i in $$list; do \
	    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
	  done | \
	  $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
	      END { if (nonempty) { for (i in files) print i; }; }'`; \
	mkid -fID $$unique
tags: TAGS

TAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \




Print a help message.
.TP
.B \-v
Verbose mode.
.TP
.B \-p "\fIpasswdfd\fP"
If the mount requires a passphrase to be entered, read it from file
descriptor \fIpasswdfd\fP instead of from the terminal. If mount uses
encrypted loop device and gpgkey= mount option is not being used (no gpg key
file), then mount attempts to read 65 keys from \fIpasswdfd\fP, each key at
least 20 characters and separated by newline. If mount successfully reads 64
or 65 keys, then loop device is put to multi-key mode. If mount encounters
end-of-file before 64 keys are read, then only first key is used in
single-key mode.
.TP
.B \-a
Mount all filesystems (of the given types) mentioned in
.IR fstab .
.TP
.B \-F

.IR /etc/mtab .
This is necessary for example when
.I /etc
is on a read-only file system.
.TP
.BI \-p " num"
In case of a loop mount with encryption, read the passphrase from
file descriptor
.I num
instead of from the terminal.
.TP
.B \-s
Tolerate sloppy mount options rather than failing. This will ignore
mount options not supported by a filesystem type. Not all filesystems
support this option. This option exists for support of the Linux
autofs\-based automounter.

to correspond to the file
.IR /tmp/fdimage ,
and then mount this device on
.IR /mnt .

This type of mount knows about 11 options, namely
.BR loop ", " offset ", " sizelimit ", " encryption ", " pseed ", " phash ", " loinit ", " gpgkey ", " gpghome ", " cleartextkey " and " itercountk
that are really options to
.BR \%losetup (8).
(These options can be used in addition to those specific
to the filesystem type.)

If the mount requires a passphrase, you will be prompted for one unless you
specify a file descriptor to read from instead with the
.BR \-p
command line option, or specify a file name with
.BR cleartextkey
mount option.
If no explicit loop device is mentioned
(but just an option `\fB\-o loop\fP' is given), then
.B mount
will try to find some unused loop device and use that.
If you are not so unwise as to make




#include <ctype.h>
#include <errno.h>
#include <string.h>
#include <getopt.h>
#include <stdio.h>
#include <locale.h>

#include <pwd.h>
#include <grp.h>

#include <sys/types.h>

static int mounttype = 0;

/* True if ruid != euid.  */
static int suid = 0;

/* Contains the fd to read the passphrase from, if any. */
static int pfd = -1;

/* Map from -o and fstab option strings to the flag argument to mount(2).  */
struct opt_map {
  const char *opt;		/* option name */
  int  skip;			/* skip in mtab option string */
  int  inv;			/* true if flag value should be inverted */

  { NULL,	0, 0, 0		}
};

static int opt_nofail = 0;

static const char *opt_loopdev, *opt_vfstype,
	*opt_speed, *opt_comment, *opt_uhelper;

static int mounted (const char *spec0, const char *node0);
static int check_special_mountprog(const char *spec, const char *node,
		const char *type, int flags, char *extra_opts, int *status);


  int skip;
  const char **valptr;
} string_opt_map[] = {
  { "loop=",	0, &opt_loopdev },
  { "vfs=",	1, &opt_vfstype },
  { "pseed=",	1, (const char **)&passSeedString },
  { "phash=",	0, (const char **)&passHashFuncName },
  { "loinit=",	0, (const char **)&loInitValue },
  { "gpgkey=",	0, (const char **)&gpgKeyFile },
  { "gpghome=",	0, (const char **)&gpgHomeDir },
  { "cleartextkey=", 0, (const char **)&clearTextKeyFile },
  { "itercountk=", 1, (const char **)&passIterThousands },
  { "offset=",	0, (const char **)&loopOffsetBytes },
  { "sizelimit=", 0, (const char **)&loopSizeBytes },
  { "encryption=", 0, (const char **)&loopEncryptionType },
  { "speed=", 0, &opt_speed },
  { "comment=", 1, &opt_comment },
  { "uhelper=", 0, &opt_uhelper },
  { NULL, 0, NULL }
};

  }

  *flags &= ~(MS_OWNER | MS_GROUP);
}

/* if loop is already set up, following test is unnecessary */
/* because loop set up will fail if it is done again */
#if 0
/* Check, if there already exists a mounted loop device on the mountpoint node
 * with the same parameters.
 */
static int
is_mounted_same_loopfile(const char *node0, const char *loopfile, unsigned long long offset)

	}

	free(node);
	return res;
}
#endif

static int
loop_check(const char **spec, const char **type, int *flags,
	   int *loop, const char **loopdev, const char **loopfile, const char *node, unsigned int *AutoChmodPtr) {
	   const char *node) {
  int looptype;
  unsigned long long offset, sizelimit;

  /*
   * In the case of a loop mount, either type is of the form lo@/dev/loop5
   * or the option "-o loop=/dev/loop5" or just "-o loop" is given, or
   * mount just has to figure things out for itself from the fact that

      error(_("mount: type specified twice"));
    else
      *type = opt_vfstype;
  }

  *loop = ((*flags & MS_LOOP) || *loopdev || loopOffsetBytes || loopSizeBytes || loopEncryptionType);
  *loopfile = *spec;

  if (*loop) {
    *flags |= MS_LOOP;
    if (fake) {
      if (verbose)
	printf(_("mount: skipping the setup of a loop device\n"));
    } else if (*loopdev && is_loop_active(*loopdev, *loopfile)) {
      if (verbose)
	printf(_("mount: skipping the setup of a loop device\n"));
      *spec = *loopdev;
    } else {
      int loopro = (*flags & MS_RDONLY);
      int res;

/* if loop is already set up, following test is unnecessary */
/* because loop set up will fail if it is done again */
#if 0
      offset = opt_offset ? strtoull(opt_offset, NULL, 0) : 0;
      sizelimit = opt_sizelimit ? strtoull(opt_sizelimit, NULL, 0) : 0;

      if (is_mounted_same_loopfile(node, *loopfile, offset)) {
        error(_("mount: according to mtab %s is already mounted on %s as loop"), *loopfile, node);
        return EX_FAIL;
      }
#endif

      do {
        if (!*loopdev || !**loopdev)
	  *loopdev = find_unused_loop_device();
	if (!*loopdev)
	  return EX_SYSERR;	/* no more loop devices */
	if (verbose)
	  printf(_("mount: going to use the loop device %s\n"), *loopdev);

	if ((res = set_loop(*loopdev, *loopfile, &loopro, type, AutoChmodPtr, !opt_loopdev ? 2 : 1))) {
	  if ((res == 2) && !opt_loopdev) {
	     /* loop dev has been grabbed by some other process, try again */
	     if (verbose)
	       printf(_("mount: loop=%s not available ...trying again\n"), *loopdev);
	     my_free(*loopdev);
	     *loopdev = NULL;
	         printf(_("mount: stolen loop=%s ...trying again\n"), *loopdev);
	       my_free(*loopdev);
	       *loopdev = NULL;
	       continue;
	     }
	     error(_("mount: stolen loop=%s"), *loopdev);
	     return EX_FAIL;

	  } else {
	     if (verbose)
	       printf(_("mount: failed setting up loop device\n"));
	     if (!opt_loopdev) {
	       my_free(*loopdev);

      } while (!*loopdev);

      if (verbose > 1)
	printf(_("mount: setup loop device successfully\n"));
      *spec = *loopdev;
      if (loopro)
      if (loop_opts & SETLOOP_RDONLY)
        *flags |= MS_RDONLY;

      if (loop_opts & SETLOOP_AUTOCLEAR)
        /* Prevent recording loop dev in mtab for cleanup on umount */
        *loop = 0;
    }
  }

  return 0;
}

	my_free(mnt.mnt_fsname);
	my_free(mnt.mnt_dir);
}

static void
set_pfd(char *s) {
	if (!isdigit(*s))
		die(EX_USAGE,
		    _("mount: argument to -p or --pass-fd must be a number"));
	pfd = atoi(optarg);
}

static void
cdrom_setspeed(const char *spec) {
#define CDROM_SELECT_SPEED      0x5322  /* Set the CD-ROM speed */
	if (opt_speed) {
		int cdrom;
		int speed = atoi(opt_speed);

  char *extra_opts;		/* written in mtab */
  char *mount_opts;		/* actually used on system call */
  const char *opts, *spec, *node, *types;
  char *user = 0;
  int loop = 0;
  unsigned int LoopMountAutomaticChmod = 0;
  const char *loopdev = 0, *loopfile = 0;
  struct stat statbuf;
  int retries = 0;	/* Nr of retries for mount in case of ENOMEDIUM */

  /* copies for freeing on exit */

      /*
       * Don't set up a (new) loop device if we only remount - this left
       * stale assignments of files to loop devices. Nasty when used for
       * encryption.
       */
      res = loop_check(&spec, &types, &flags, &loop, &loopdev, &loopfile, node, &LoopMountAutomaticChmod);
      if (res)
	  goto out;
  }

  if (loop)

  block_signals (SIG_BLOCK);

  if (!fake) {
    mnt5_res = guess_fstype_and_mount (spec, node, &types, flags & ~MS_NOSYS,
				       mount_opts, &special, &status);
    if(!mnt5_res && LoopMountAutomaticChmod && (getuid() == 0)) {
      /*
       * If loop was set up using random keys and new file system
       * was created on the loop device, initial permissions for
       * file system root directory need to be set here.
       */
      if(chmod(node, LoopMountAutomaticChmod)) {
        error (_("Error: encrypted file system chmod() failed"));
      }
    }
    if (special) {
      block_signals (SIG_UNBLOCK);
      res = status;
      goto out;
    }

			options = append_opt(options, optarg, NULL);
			break;
		case 'O':		/* with -t: mount only if (not) opt */
			test_opts = append_opt(test_opts, optarg, NULL);
			break;
		case 'p':               /* read passphrase from given fd */
			passFDnumber = optarg;
			break;
		case 'r':		/* mount readonly */
			readonly = 1;
			readwrite = 0;
			break;

Line 0 Link Here

(-)util-linux-ng-2.14.2.orig/mount/rmd160.c (+532 lines)
		1	/* rmd160.c - RIPE-MD160
		2	* Copyright (C) 1998 Free Software Foundation, Inc.
		3	*/
		4
		5	/* This file was part of GnuPG. Modified for use within the Linux
		6	* mount utility by Marc Mutz <Marc@Mutz.com>. None of this code is
		7	* by myself. I just removed everything that you don't need when all
		8	* you want to do is to use rmd160_hash_buffer().
		9	* My comments are marked with (mm). */
		10
		11	/* GnuPG is free software; you can redistribute it and/or modify
		12	* it under the terms of the GNU General Public License as published by
		13	* the Free Software Foundation; either version 2 of the License, or
		14	* (at your option) any later version.
		15	*
		16	* GnuPG is distributed in the hope that it will be useful,
		17	* but WITHOUT ANY WARRANTY; without even the implied warranty of
		18	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
		19	* GNU General Public License for more details.
		20	*
		21	* You should have received a copy of the GNU General Public License
		22	* along with this program; if not, write to the Free Software
		23	* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */
		24
		25	#include <string.h> /* (mm) for memcpy */
		26	#include <endian.h> /* (mm) for BIG_ENDIAN and BYTE_ORDER */
		27	#include "rmd160.h"
		28
		29	/* (mm) these are used by the original GnuPG file. In order to modify
		30	* that file not too much, we keep the notations. maybe it would be
		31	* better to include linux/types.h and typedef __u32 to u32 and __u8
		32	* to byte? */
		33	typedef unsigned int u32; /* taken from e.g. util-linux's minix.h */
		34	typedef unsigned char byte;
		35
		36	typedef struct {
		37	u32 h0,h1,h2,h3,h4;
		38	u32 nblocks;
		39	byte buf[64];
		40	int count;
		41	} RMD160_CONTEXT;
		42
		43	/****************
		44	* Rotate a 32 bit integer by n bytes
		45	*/
		46	#if defined(__GNUC__) && defined(__i386__)
		47	static inline u32
		48	rol( u32 x, int n)
		49	{
		50	__asm__("roll %%cl,%0"
		51	:"=r" (x)
		52	:"0" (x),"c" (n));
		53	return x;
		54	}
		55	#else
		56	#define rol(x,n) ( ((x) << (n)) \| ((x) >> (32-(n))) )
		57	#endif
		58
		59	/*********************************
		60	* RIPEMD-160 is not patented, see (as of 25.10.97)
		61	* http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
		62	* Note that the code uses Little Endian byteorder, which is good for
		63	* 386 etc, but we must add some conversion when used on a big endian box.
		64	*
65	*
66	* Pseudo-code for RIPEMD-160
67	*
68	* RIPEMD-160 is an iterative hash function that operates on 32-bit words.
69	* The round function takes as input a 5-word chaining variable and a 16-word
70	* message block and maps this to a new chaining variable. All operations are
71	* defined on 32-bit words. Padding is identical to that of MD4.
72	*
73	*
74	* RIPEMD-160: definitions
75	*
76	*
77	* nonlinear functions at bit level: exor, mux, -, mux, -
78	*
79	* f(j, x, y, z) = x XOR y XOR z (0 <= j <= 15)
80	* f(j, x, y, z) = (x AND y) OR (NOT(x) AND z) (16 <= j <= 31)
81	* f(j, x, y, z) = (x OR NOT(y)) XOR z (32 <= j <= 47)
82	* f(j, x, y, z) = (x AND z) OR (y AND NOT(z)) (48 <= j <= 63)
83	* f(j, x, y, z) = x XOR (y OR NOT(z)) (64 <= j <= 79)
84	*
85	*
86	* added constants (hexadecimal)
87	*
88	* K(j) = 0x00000000 (0 <= j <= 15)
89	* K(j) = 0x5A827999 (16 <= j <= 31) int(2**30 x sqrt(2))
90	* K(j) = 0x6ED9EBA1 (32 <= j <= 47) int(2**30 x sqrt(3))
91	* K(j) = 0x8F1BBCDC (48 <= j <= 63) int(2**30 x sqrt(5))
92	* K(j) = 0xA953FD4E (64 <= j <= 79) int(2**30 x sqrt(7))
93	* K'(j) = 0x50A28BE6 (0 <= j <= 15) int(2**30 x cbrt(2))
94	* K'(j) = 0x5C4DD124 (16 <= j <= 31) int(2**30 x cbrt(3))
95	* K'(j) = 0x6D703EF3 (32 <= j <= 47) int(2**30 x cbrt(5))
96	* K'(j) = 0x7A6D76E9 (48 <= j <= 63) int(2**30 x cbrt(7))
97	* K'(j) = 0x00000000 (64 <= j <= 79)
98	*
99	*
100	* selection of message word
101	*
102	* r(j) = j (0 <= j <= 15)
103	* r(16..31) = 7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8
104	* r(32..47) = 3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12
105	* r(48..63) = 1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2
106	* r(64..79) = 4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13
107	* r0(0..15) = 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12
108	* r0(16..31)= 6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2
109	* r0(32..47)= 15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13
110	* r0(48..63)= 8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14
111	* r0(64..79)= 12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11
112	*
113	*
114	* amount for rotate left (rol)
115	*
116	* s(0..15) = 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8
117	* s(16..31) = 7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12
118	* s(32..47) = 11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5
119	* s(48..63) = 11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12
120	* s(64..79) = 9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6
121	* s'(0..15) = 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6
122	* s'(16..31)= 9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11
123	* s'(32..47)= 9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5
124	* s'(48..63)= 15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8
125	* s'(64..79)= 8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11
126	*
127	*
128	* initial value (hexadecimal)
129	*
130	* h0 = 0x67452301; h1 = 0xEFCDAB89; h2 = 0x98BADCFE; h3 = 0x10325476;
131	* h4 = 0xC3D2E1F0;
132	*
133	*
134	* RIPEMD-160: pseudo-code
135	*
136	* It is assumed that the message after padding consists of t 16-word blocks
137	* that will be denoted with X[i][j], with 0 <= i <= t-1 and 0 <= j <= 15.
138	* The symbol [+] denotes addition modulo 2**32 and rol_s denotes cyclic left
139	* shift (rotate) over s positions.
140	*
141	*
142	* for i := 0 to t-1 {
143	* A := h0; B := h1; C := h2; D = h3; E = h4;
144	* A' := h0; B' := h1; C' := h2; D' = h3; E' = h4;
145	* for j := 0 to 79 {
146	* T := rol_s(j)(A [+] f(j, B, C, D) [+] X[i][r(j)] [+] K(j)) [+] E;
147	* A := E; E := D; D := rol_10(C); C := B; B := T;
148	* T := rol_s'(j)(A' [+] f(79-j, B', C', D') [+] X[i][r'(j)]
149	[+] K'(j)) [+] E';
150	* A' := E'; E' := D'; D' := rol_10(C'); C' := B'; B' := T;
151	* }
152	* T := h1 [+] C [+] D'; h1 := h2 [+] D [+] E'; h2 := h3 [+] E [+] A';
153	* h3 := h4 [+] A [+] B'; h4 := h0 [+] B [+] C'; h0 := T;
154	* }
155	*/
156
157	/* Some examples:
158	* "" 9c1185a5c5e9fc54612808977ee8f548b2258d31
159	* "a" 0bdc9d2d256b3ee9daae347be6f4dc835a467ffe
160	* "abc" 8eb208f7e05d987a9b044a8e98c6b087f15a0bfc
161	* "message digest" 5d0689ef49d2fae572b881b123a85ffa21595f36
162	* "a...z" f71c27109c692c1b56bbdceb5b9d2865b3708dbc
163	* "abcdbcde...nopq" 12a053384a9c0c88e405a06c27dcf49ada62eb2b
164	* "A...Za...z0...9" b0e20b6e3116640286ed3a87a5713079b21f5189
165	* 8 times "1234567890" 9b752e45573d4b39f4dbd3323cab82bf63326bfb
166	* 1 million times "a" 52783243c1697bdbe16d37f97f68f08325dc1528
167	*/
168
169
170	static void
171	rmd160_init( RMD160_CONTEXT *hd )
172	{
173	hd->h0 = 0x67452301;
174	hd->h1 = 0xEFCDAB89;
175	hd->h2 = 0x98BADCFE;
176	hd->h3 = 0x10325476;
177	hd->h4 = 0xC3D2E1F0;
178	hd->nblocks = 0;
179	hd->count = 0;
180	}
181
182
183
184	/****************
185	* Transform the message X which consists of 16 32-bit-words
186	*/
187	static void
188	transform( RMD160_CONTEXT hd, byte data )
189	{
190	u32 a,b,c,d,e,aa,bb,cc,dd,ee,t;
191	#if BYTE_ORDER == BIG_ENDIAN
192	u32 x[16];
193	{ int i;
194	byte p2, p1;
195	for(i=0, p1=data, p2=(byte*)x; i < 16; i++, p2 += 4 ) {
196	p2[3] = *p1++;
197	p2[2] = *p1++;
198	p2[1] = *p1++;
199	p2[0] = *p1++;
200	}
201	}
202	#else
203	#if 0
204	u32 x =(u32)data;
205	#else
206	/* this version is better because it is always aligned;
207	* The performance penalty on a 586-100 is about 6% which
208	* is acceptable - because the data is more local it might
209	* also be possible that this is faster on some machines.
210	* This function (when compiled with -02 on gcc 2.7.2)
211	* executes on a 586-100 (39.73 bogomips) at about 1900kb/sec;
212	* [measured with a 4MB data and "gpgm --print-md rmd160"] */
213	u32 x[16];
214	memcpy( x, data, 64 );
215	#endif
216	#endif
217
218
219	#define K0 0x00000000
220	#define K1 0x5A827999
221	#define K2 0x6ED9EBA1
222	#define K3 0x8F1BBCDC
223	#define K4 0xA953FD4E
224	#define KK0 0x50A28BE6
225	#define KK1 0x5C4DD124
226	#define KK2 0x6D703EF3
227	#define KK3 0x7A6D76E9
228	#define KK4 0x00000000
229	#define F0(x,y,z) ( (x) ^ (y) ^ (z) )
230	#define F1(x,y,z) ( ((x) & (y)) \| (~(x) & (z)) )
231	#define F2(x,y,z) ( ((x) \| ~(y)) ^ (z) )
232	#define F3(x,y,z) ( ((x) & (z)) \| ((y) & ~(z)) )
233	#define F4(x,y,z) ( (x) ^ ((y) \| ~(z)) )
234	#define R(a,b,c,d,e,f,k,r,s) do { t = a + f(b,c,d) + k + x[r]; \
235	a = rol(t,s) + e; \
236	c = rol(c,10); \
237	} while(0)
238
239	/* left lane */
240	a = hd->h0;
241	b = hd->h1;
242	c = hd->h2;
243	d = hd->h3;
244	e = hd->h4;
245	R( a, b, c, d, e, F0, K0, 0, 11 );
246	R( e, a, b, c, d, F0, K0, 1, 14 );
247	R( d, e, a, b, c, F0, K0, 2, 15 );
248	R( c, d, e, a, b, F0, K0, 3, 12 );
249	R( b, c, d, e, a, F0, K0, 4, 5 );
250	R( a, b, c, d, e, F0, K0, 5, 8 );
251	R( e, a, b, c, d, F0, K0, 6, 7 );
252	R( d, e, a, b, c, F0, K0, 7, 9 );
253	R( c, d, e, a, b, F0, K0, 8, 11 );
254	R( b, c, d, e, a, F0, K0, 9, 13 );
255	R( a, b, c, d, e, F0, K0, 10, 14 );
256	R( e, a, b, c, d, F0, K0, 11, 15 );
257	R( d, e, a, b, c, F0, K0, 12, 6 );
258	R( c, d, e, a, b, F0, K0, 13, 7 );
259	R( b, c, d, e, a, F0, K0, 14, 9 );
260	R( a, b, c, d, e, F0, K0, 15, 8 );
261	R( e, a, b, c, d, F1, K1, 7, 7 );
262	R( d, e, a, b, c, F1, K1, 4, 6 );
263	R( c, d, e, a, b, F1, K1, 13, 8 );
264	R( b, c, d, e, a, F1, K1, 1, 13 );
265	R( a, b, c, d, e, F1, K1, 10, 11 );
266	R( e, a, b, c, d, F1, K1, 6, 9 );
267	R( d, e, a, b, c, F1, K1, 15, 7 );
268	R( c, d, e, a, b, F1, K1, 3, 15 );
269	R( b, c, d, e, a, F1, K1, 12, 7 );
270	R( a, b, c, d, e, F1, K1, 0, 12 );
271	R( e, a, b, c, d, F1, K1, 9, 15 );
272	R( d, e, a, b, c, F1, K1, 5, 9 );
273	R( c, d, e, a, b, F1, K1, 2, 11 );
274	R( b, c, d, e, a, F1, K1, 14, 7 );
275	R( a, b, c, d, e, F1, K1, 11, 13 );
276	R( e, a, b, c, d, F1, K1, 8, 12 );
277	R( d, e, a, b, c, F2, K2, 3, 11 );
278	R( c, d, e, a, b, F2, K2, 10, 13 );
279	R( b, c, d, e, a, F2, K2, 14, 6 );
280	R( a, b, c, d, e, F2, K2, 4, 7 );
281	R( e, a, b, c, d, F2, K2, 9, 14 );
282	R( d, e, a, b, c, F2, K2, 15, 9 );
283	R( c, d, e, a, b, F2, K2, 8, 13 );
284	R( b, c, d, e, a, F2, K2, 1, 15 );
285	R( a, b, c, d, e, F2, K2, 2, 14 );
286	R( e, a, b, c, d, F2, K2, 7, 8 );
287	R( d, e, a, b, c, F2, K2, 0, 13 );
288	R( c, d, e, a, b, F2, K2, 6, 6 );
289	R( b, c, d, e, a, F2, K2, 13, 5 );
290	R( a, b, c, d, e, F2, K2, 11, 12 );
291	R( e, a, b, c, d, F2, K2, 5, 7 );
292	R( d, e, a, b, c, F2, K2, 12, 5 );
293	R( c, d, e, a, b, F3, K3, 1, 11 );
294	R( b, c, d, e, a, F3, K3, 9, 12 );
295	R( a, b, c, d, e, F3, K3, 11, 14 );
296	R( e, a, b, c, d, F3, K3, 10, 15 );
297	R( d, e, a, b, c, F3, K3, 0, 14 );
298	R( c, d, e, a, b, F3, K3, 8, 15 );
299	R( b, c, d, e, a, F3, K3, 12, 9 );
300	R( a, b, c, d, e, F3, K3, 4, 8 );
301	R( e, a, b, c, d, F3, K3, 13, 9 );
302	R( d, e, a, b, c, F3, K3, 3, 14 );
303	R( c, d, e, a, b, F3, K3, 7, 5 );
304	R( b, c, d, e, a, F3, K3, 15, 6 );
305	R( a, b, c, d, e, F3, K3, 14, 8 );
306	R( e, a, b, c, d, F3, K3, 5, 6 );
307	R( d, e, a, b, c, F3, K3, 6, 5 );
308	R( c, d, e, a, b, F3, K3, 2, 12 );
309	R( b, c, d, e, a, F4, K4, 4, 9 );
310	R( a, b, c, d, e, F4, K4, 0, 15 );
311	R( e, a, b, c, d, F4, K4, 5, 5 );
312	R( d, e, a, b, c, F4, K4, 9, 11 );
313	R( c, d, e, a, b, F4, K4, 7, 6 );
314	R( b, c, d, e, a, F4, K4, 12, 8 );
315	R( a, b, c, d, e, F4, K4, 2, 13 );
316	R( e, a, b, c, d, F4, K4, 10, 12 );
317	R( d, e, a, b, c, F4, K4, 14, 5 );
318	R( c, d, e, a, b, F4, K4, 1, 12 );
319	R( b, c, d, e, a, F4, K4, 3, 13 );
320	R( a, b, c, d, e, F4, K4, 8, 14 );
321	R( e, a, b, c, d, F4, K4, 11, 11 );
322	R( d, e, a, b, c, F4, K4, 6, 8 );
323	R( c, d, e, a, b, F4, K4, 15, 5 );
324	R( b, c, d, e, a, F4, K4, 13, 6 );
325
326	aa = a; bb = b; cc = c; dd = d; ee = e;
327
328	/* right lane */
329	a = hd->h0;
330	b = hd->h1;
331	c = hd->h2;
332	d = hd->h3;
333	e = hd->h4;
334	R( a, b, c, d, e, F4, KK0, 5, 8);
335	R( e, a, b, c, d, F4, KK0, 14, 9);
336	R( d, e, a, b, c, F4, KK0, 7, 9);
337	R( c, d, e, a, b, F4, KK0, 0, 11);
338	R( b, c, d, e, a, F4, KK0, 9, 13);
339	R( a, b, c, d, e, F4, KK0, 2, 15);
340	R( e, a, b, c, d, F4, KK0, 11, 15);
341	R( d, e, a, b, c, F4, KK0, 4, 5);
342	R( c, d, e, a, b, F4, KK0, 13, 7);
343	R( b, c, d, e, a, F4, KK0, 6, 7);
344	R( a, b, c, d, e, F4, KK0, 15, 8);
345	R( e, a, b, c, d, F4, KK0, 8, 11);
346	R( d, e, a, b, c, F4, KK0, 1, 14);
347	R( c, d, e, a, b, F4, KK0, 10, 14);
348	R( b, c, d, e, a, F4, KK0, 3, 12);
349	R( a, b, c, d, e, F4, KK0, 12, 6);
350	R( e, a, b, c, d, F3, KK1, 6, 9);
351	R( d, e, a, b, c, F3, KK1, 11, 13);
352	R( c, d, e, a, b, F3, KK1, 3, 15);
353	R( b, c, d, e, a, F3, KK1, 7, 7);
354	R( a, b, c, d, e, F3, KK1, 0, 12);
355	R( e, a, b, c, d, F3, KK1, 13, 8);
356	R( d, e, a, b, c, F3, KK1, 5, 9);
357	R( c, d, e, a, b, F3, KK1, 10, 11);
358	R( b, c, d, e, a, F3, KK1, 14, 7);
359	R( a, b, c, d, e, F3, KK1, 15, 7);
360	R( e, a, b, c, d, F3, KK1, 8, 12);
361	R( d, e, a, b, c, F3, KK1, 12, 7);
362	R( c, d, e, a, b, F3, KK1, 4, 6);
363	R( b, c, d, e, a, F3, KK1, 9, 15);
364	R( a, b, c, d, e, F3, KK1, 1, 13);
365	R( e, a, b, c, d, F3, KK1, 2, 11);
366	R( d, e, a, b, c, F2, KK2, 15, 9);
367	R( c, d, e, a, b, F2, KK2, 5, 7);
368	R( b, c, d, e, a, F2, KK2, 1, 15);
369	R( a, b, c, d, e, F2, KK2, 3, 11);
370	R( e, a, b, c, d, F2, KK2, 7, 8);
371	R( d, e, a, b, c, F2, KK2, 14, 6);
372	R( c, d, e, a, b, F2, KK2, 6, 6);
373	R( b, c, d, e, a, F2, KK2, 9, 14);
374	R( a, b, c, d, e, F2, KK2, 11, 12);
375	R( e, a, b, c, d, F2, KK2, 8, 13);
376	R( d, e, a, b, c, F2, KK2, 12, 5);
377	R( c, d, e, a, b, F2, KK2, 2, 14);
378	R( b, c, d, e, a, F2, KK2, 10, 13);
379	R( a, b, c, d, e, F2, KK2, 0, 13);
380	R( e, a, b, c, d, F2, KK2, 4, 7);
381	R( d, e, a, b, c, F2, KK2, 13, 5);
382	R( c, d, e, a, b, F1, KK3, 8, 15);
383	R( b, c, d, e, a, F1, KK3, 6, 5);
384	R( a, b, c, d, e, F1, KK3, 4, 8);
385	R( e, a, b, c, d, F1, KK3, 1, 11);
386	R( d, e, a, b, c, F1, KK3, 3, 14);
387	R( c, d, e, a, b, F1, KK3, 11, 14);
388	R( b, c, d, e, a, F1, KK3, 15, 6);
389	R( a, b, c, d, e, F1, KK3, 0, 14);
390	R( e, a, b, c, d, F1, KK3, 5, 6);
391	R( d, e, a, b, c, F1, KK3, 12, 9);
392	R( c, d, e, a, b, F1, KK3, 2, 12);
393	R( b, c, d, e, a, F1, KK3, 13, 9);
394	R( a, b, c, d, e, F1, KK3, 9, 12);
395	R( e, a, b, c, d, F1, KK3, 7, 5);
396	R( d, e, a, b, c, F1, KK3, 10, 15);
397	R( c, d, e, a, b, F1, KK3, 14, 8);
398	R( b, c, d, e, a, F0, KK4, 12, 8);
399	R( a, b, c, d, e, F0, KK4, 15, 5);
400	R( e, a, b, c, d, F0, KK4, 10, 12);
401	R( d, e, a, b, c, F0, KK4, 4, 9);
402	R( c, d, e, a, b, F0, KK4, 1, 12);
403	R( b, c, d, e, a, F0, KK4, 5, 5);
404	R( a, b, c, d, e, F0, KK4, 8, 14);
405	R( e, a, b, c, d, F0, KK4, 7, 6);
406	R( d, e, a, b, c, F0, KK4, 6, 8);
407	R( c, d, e, a, b, F0, KK4, 2, 13);
408	R( b, c, d, e, a, F0, KK4, 13, 6);
409	R( a, b, c, d, e, F0, KK4, 14, 5);
410	R( e, a, b, c, d, F0, KK4, 0, 15);
411	R( d, e, a, b, c, F0, KK4, 3, 13);
412	R( c, d, e, a, b, F0, KK4, 9, 11);
413	R( b, c, d, e, a, F0, KK4, 11, 11);
414
415
416	t = hd->h1 + d + cc;
417	hd->h1 = hd->h2 + e + dd;
418	hd->h2 = hd->h3 + a + ee;
419	hd->h3 = hd->h4 + b + aa;
420	hd->h4 = hd->h0 + c + bb;
421	hd->h0 = t;
422	}
423
424
425	/* Update the message digest with the contents
426	* of INBUF with length INLEN.
427	*/
428	static void
429	rmd160_write( RMD160_CONTEXT hd, byte inbuf, size_t inlen)
430	{
431	if( hd->count == 64 ) { /* flush the buffer */
432	transform( hd, hd->buf );
433	hd->count = 0;
434	hd->nblocks++;
435	}
436	if( !inbuf )
437	return;
438	if( hd->count ) {
439	for( ; inlen && hd->count < 64; inlen-- )
440	hd->buf[hd->count++] = *inbuf++;
441	rmd160_write( hd, NULL, 0 );
442	if( !inlen )
443	return;
444	}
445
446	while( inlen >= 64 ) {
447	transform( hd, inbuf );
448	hd->count = 0;
449	hd->nblocks++;
450	inlen -= 64;
451	inbuf += 64;
452	}
453	for( ; inlen && hd->count < 64; inlen-- )
454	hd->buf[hd->count++] = *inbuf++;
455	}
456
457	/* The routine terminates the computation
458	*/
459
460	static void
461	rmd160_final( RMD160_CONTEXT *hd )
462	{
463	u32 t, msb, lsb;
464	byte *p;
465
466	rmd160_write(hd, NULL, 0); /* flush */;
467
468	msb = 0;
469	t = hd->nblocks;
470	if( (lsb = t << 6) < t ) /* multiply by 64 to make a byte count */
471	msb++;
472	msb += t >> 26;
473	t = lsb;
474	if( (lsb = t + hd->count) < t ) /* add the count */
475	msb++;
476	t = lsb;
477	if( (lsb = t << 3) < t ) /* multiply by 8 to make a bit count */
478	msb++;
479	msb += t >> 29;
480
481	if( hd->count < 56 ) { /* enough room */
482	hd->buf[hd->count++] = 0x80; /* pad */
483	while( hd->count < 56 )
484	hd->buf[hd->count++] = 0; /* pad */
485	}
486	else { /* need one extra block */
487	hd->buf[hd->count++] = 0x80; /* pad character */
488	while( hd->count < 64 )
489	hd->buf[hd->count++] = 0;
490	rmd160_write(hd, NULL, 0); /* flush */;
491	memset(hd->buf, 0, 56 ); /* fill next block with zeroes */
492	}
493	/* append the 64 bit count */
494	hd->buf[56] = lsb ;
495	hd->buf[57] = lsb >> 8;
496	hd->buf[58] = lsb >> 16;
497	hd->buf[59] = lsb >> 24;
498	hd->buf[60] = msb ;
499	hd->buf[61] = msb >> 8;
500	hd->buf[62] = msb >> 16;
501	hd->buf[63] = msb >> 24;
502	transform( hd, hd->buf );
503
504	p = hd->buf;
505	#if BYTE_ORDER == BIG_ENDIAN
506	#define X(a) do { p++ = hd->h##a ; p++ = hd->h##a >> 8; \
507	p++ = hd->h##a >> 16; p++ = hd->h##a >> 24; } while(0)
508	#else /* little endian */
509	#define X(a) do { (u32)p = hd->h##a ; p += 4; } while(0)
510	#endif
511	X(0);
512	X(1);
513	X(2);
514	X(3);
515	X(4);
516	#undef X
517	}
518
519	/****************
520	* Shortcut functions which puts the hash value of the supplied buffer
521	* into outbuf which must have a size of 20 bytes.
522	*/
523	void
524	rmd160_hash_buffer( char outbuf, const char buffer, size_t length )
525	{
526	RMD160_CONTEXT hd;
527
528	rmd160_init( &hd );
529	rmd160_write( &hd, (byte*)buffer, length );
530	rmd160_final( &hd );
531	memcpy( outbuf, hd.buf, 20 );
532	}

Line 0 Link Here

(-)util-linux-ng-2.14.2.orig/mount/rmd160.h (+9 lines)
	1	#ifndef RMD160_H
	2	#define RMD160_H
	3
	4	void
	5	rmd160_hash_buffer( char outbuf, const char buffer, size_t length );
	6
	7	#endif /RMD160_H/
	8
	9




/*
 *  sha512.c
 *
 *  Written by Jari Ruusu, April 16 2001
 *
 *  Copyright 2001 by Jari Ruusu.
 *  Redistribution of this file is permitted under the GNU Public License.
 */

#include <string.h>
#include <sys/types.h>
#include "sha512.h"

/* Define one or more of these. If none is defined, you get all of them */
#if !defined(SHA256_NEEDED)&&!defined(SHA512_NEEDED)&&!defined(SHA384_NEEDED)
# define SHA256_NEEDED  1
# define SHA512_NEEDED  1
# define SHA384_NEEDED  1
#endif

#if defined(SHA256_NEEDED)
static const u_int32_t sha256_hashInit[8] = {
    0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c,
    0x1f83d9ab, 0x5be0cd19
};
static const u_int32_t sha256_K[64] = {
    0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1,
    0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
    0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786,
    0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
    0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147,
    0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
    0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b,
    0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
    0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a,
    0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
    0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
};
#endif

#if defined(SHA512_NEEDED)
static const u_int64_t sha512_hashInit[8] = {
    0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL, 0x3c6ef372fe94f82bULL,
    0xa54ff53a5f1d36f1ULL, 0x510e527fade682d1ULL, 0x9b05688c2b3e6c1fULL,
    0x1f83d9abfb41bd6bULL, 0x5be0cd19137e2179ULL
};
#endif

#if defined(SHA384_NEEDED)
static const u_int64_t sha384_hashInit[8] = {
    0xcbbb9d5dc1059ed8ULL, 0x629a292a367cd507ULL, 0x9159015a3070dd17ULL,
    0x152fecd8f70e5939ULL, 0x67332667ffc00b31ULL, 0x8eb44a8768581511ULL,
    0xdb0c2e0d64f98fa7ULL, 0x47b5481dbefa4fa4ULL
};
#endif

#if defined(SHA512_NEEDED) || defined(SHA384_NEEDED)
static const u_int64_t sha512_K[80] = {
    0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL,
    0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL,
    0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, 0xd807aa98a3030242ULL,
    0x12835b0145706fbeULL, 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL,
    0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, 0x9bdc06a725c71235ULL,
    0xc19bf174cf692694ULL, 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL,
    0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, 0x2de92c6f592b0275ULL,
    0x4a7484aa6ea6e483ULL, 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL,
    0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL, 0xb00327c898fb213fULL,
    0xbf597fc7beef0ee4ULL, 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL,
    0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, 0x27b70a8546d22ffcULL,
    0x2e1b21385c26c926ULL, 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL,
    0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, 0x81c2c92e47edaee6ULL,
    0x92722c851482353bULL, 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL,
    0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, 0xd192e819d6ef5218ULL,
    0xd69906245565a910ULL, 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL,
    0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, 0x2748774cdf8eeb99ULL,
    0x34b0bcb5e19b48a8ULL, 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL,
    0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL, 0x748f82ee5defb2fcULL,
    0x78a5636f43172f60ULL, 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL,
    0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, 0xbef9a3f7b2c67915ULL,
    0xc67178f2e372532bULL, 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL,
    0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, 0x06f067aa72176fbaULL,
    0x0a637dc5a2c898a6ULL, 0x113f9804bef90daeULL, 0x1b710b35131c471bULL,
    0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, 0x3c9ebe0a15c9bebcULL,
    0x431d67c49c100d4cULL, 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL,
    0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL
};
#endif

#define Ch(x,y,z)   (((x) & (y)) ^ ((~(x)) & (z)))
#define Maj(x,y,z)  (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
#define R(x,y)      ((y) >> (x))

#if defined(SHA256_NEEDED)
void sha256_init(sha256_context *ctx)
{
    memcpy(&ctx->sha_H[0], &sha256_hashInit[0], sizeof(ctx->sha_H));
    ctx->sha_blocks = 0;
    ctx->sha_bufCnt = 0;
}

#define S(x,y)      (((y) >> (x)) | ((y) << (32 - (x))))
#define uSig0(x)    ((S(2,(x))) ^ (S(13,(x))) ^ (S(22,(x))))
#define uSig1(x)    ((S(6,(x))) ^ (S(11,(x))) ^ (S(25,(x))))
#define lSig0(x)    ((S(7,(x))) ^ (S(18,(x))) ^ (R(3,(x))))
#define lSig1(x)    ((S(17,(x))) ^ (S(19,(x))) ^ (R(10,(x))))

static void sha256_transform(sha256_context *ctx, unsigned char *datap)
{
    register int    j;
    u_int32_t       a, b, c, d, e, f, g, h;
    u_int32_t       T1, T2, W[64], Wm2, Wm15;

    /* read the data, big endian byte order */
    j = 0;
    do {
        W[j] = (((u_int32_t)(datap[0]))<<24) | (((u_int32_t)(datap[1]))<<16) |
               (((u_int32_t)(datap[2]))<<8 ) | ((u_int32_t)(datap[3]));
        datap += 4;
    } while(++j < 16);
    
    /* initialize variables a...h */
    a = ctx->sha_H[0];
    b = ctx->sha_H[1];
    c = ctx->sha_H[2];
    d = ctx->sha_H[3];
    e = ctx->sha_H[4];
    f = ctx->sha_H[5];
    g = ctx->sha_H[6];
    h = ctx->sha_H[7];

    /* apply compression function */
    j = 0;
    do {
        if(j >= 16) {
            Wm2 = W[j - 2];
            Wm15 = W[j - 15];
            W[j] = lSig1(Wm2) + W[j - 7] + lSig0(Wm15) + W[j - 16];
        }
        T1 = h + uSig1(e) + Ch(e,f,g) + sha256_K[j] + W[j];
        T2 = uSig0(a) + Maj(a,b,c);
        h = g; g = f; f = e;
        e = d + T1;
        d = c; c = b; b = a;
        a = T1 + T2;
    } while(++j < 64);

    /* compute intermediate hash value */
    ctx->sha_H[0] += a;
    ctx->sha_H[1] += b;
    ctx->sha_H[2] += c;
    ctx->sha_H[3] += d;
    ctx->sha_H[4] += e;
    ctx->sha_H[5] += f;
    ctx->sha_H[6] += g;
    ctx->sha_H[7] += h;

    ctx->sha_blocks++;
}

void sha256_write(sha256_context *ctx, unsigned char *datap, int length)
{
    while(length > 0) {
        if(!ctx->sha_bufCnt) {
            while(length >= sizeof(ctx->sha_out)) {
                sha256_transform(ctx, datap);
                datap += sizeof(ctx->sha_out);
                length -= sizeof(ctx->sha_out);
            }
            if(!length) return;
        }
        ctx->sha_out[ctx->sha_bufCnt] = *datap++;
        length--;
        if(++ctx->sha_bufCnt == sizeof(ctx->sha_out)) {
            sha256_transform(ctx, &ctx->sha_out[0]);
            ctx->sha_bufCnt = 0;
        }
    }
}

void sha256_final(sha256_context *ctx)
{
    register int    j;
    u_int64_t       bitLength;
    u_int32_t       i;
    unsigned char   padByte, *datap;

    bitLength = (ctx->sha_blocks << 9) | (ctx->sha_bufCnt << 3);
    padByte = 0x80;
    sha256_write(ctx, &padByte, 1);

    /* pad extra space with zeroes */
    padByte = 0;
    while(ctx->sha_bufCnt != 56) {
        sha256_write(ctx, &padByte, 1);
    }

    /* write bit length, big endian byte order */
    ctx->sha_out[56] = bitLength >> 56;
    ctx->sha_out[57] = bitLength >> 48;
    ctx->sha_out[58] = bitLength >> 40;
    ctx->sha_out[59] = bitLength >> 32;
    ctx->sha_out[60] = bitLength >> 24;
    ctx->sha_out[61] = bitLength >> 16;
    ctx->sha_out[62] = bitLength >> 8;
    ctx->sha_out[63] = bitLength;
    sha256_transform(ctx, &ctx->sha_out[0]);
    
    /* return results in ctx->sha_out[0...31] */
    datap = &ctx->sha_out[0];
    j = 0;
    do {
        i = ctx->sha_H[j];
        datap[0] = i >> 24;
        datap[1] = i >> 16;
        datap[2] = i >> 8;
        datap[3] = i;
        datap += 4;
    } while(++j < 8);

    /* clear sensitive information */
    memset(&ctx->sha_out[32], 0, sizeof(sha256_context) - 32);
}

void sha256_hash_buffer(unsigned char *ib, int ile, unsigned char *ob, int ole)
{
    sha256_context ctx;

    if(ole < 1) return;
    memset(ob, 0, ole);
    if(ole > 32) ole = 32;
    sha256_init(&ctx);
    sha256_write(&ctx, ib, ile);
    sha256_final(&ctx);
    memcpy(ob, &ctx.sha_out[0], ole);
    memset(&ctx, 0, sizeof(ctx));
}

#endif

#if defined(SHA512_NEEDED)
void sha512_init(sha512_context *ctx)
{
    memcpy(&ctx->sha_H[0], &sha512_hashInit[0], sizeof(ctx->sha_H));
    ctx->sha_blocks = 0;
    ctx->sha_blocksMSB = 0;
    ctx->sha_bufCnt = 0;
}
#endif

#if defined(SHA512_NEEDED) || defined(SHA384_NEEDED)
#undef S
#undef uSig0
#undef uSig1
#undef lSig0
#undef lSig1
#define S(x,y)      (((y) >> (x)) | ((y) << (64 - (x))))
#define uSig0(x)    ((S(28,(x))) ^ (S(34,(x))) ^ (S(39,(x))))
#define uSig1(x)    ((S(14,(x))) ^ (S(18,(x))) ^ (S(41,(x))))
#define lSig0(x)    ((S(1,(x))) ^ (S(8,(x))) ^ (R(7,(x))))
#define lSig1(x)    ((S(19,(x))) ^ (S(61,(x))) ^ (R(6,(x))))

static void sha512_transform(sha512_context *ctx, unsigned char *datap)
{
    register int    j;
    u_int64_t       a, b, c, d, e, f, g, h;
    u_int64_t       T1, T2, W[80], Wm2, Wm15;

    /* read the data, big endian byte order */
    j = 0;
    do {
        W[j] = (((u_int64_t)(datap[0]))<<56) | (((u_int64_t)(datap[1]))<<48) |
               (((u_int64_t)(datap[2]))<<40) | (((u_int64_t)(datap[3]))<<32) |
               (((u_int64_t)(datap[4]))<<24) | (((u_int64_t)(datap[5]))<<16) |
               (((u_int64_t)(datap[6]))<<8 ) | ((u_int64_t)(datap[7]));
        datap += 8;
    } while(++j < 16);
    
    /* initialize variables a...h */
    a = ctx->sha_H[0];
    b = ctx->sha_H[1];
    c = ctx->sha_H[2];
    d = ctx->sha_H[3];
    e = ctx->sha_H[4];
    f = ctx->sha_H[5];
    g = ctx->sha_H[6];
    h = ctx->sha_H[7];

    /* apply compression function */
    j = 0;
    do {
        if(j >= 16) {
            Wm2 = W[j - 2];
            Wm15 = W[j - 15];
            W[j] = lSig1(Wm2) + W[j - 7] + lSig0(Wm15) + W[j - 16];
        }
        T1 = h + uSig1(e) + Ch(e,f,g) + sha512_K[j] + W[j];
        T2 = uSig0(a) + Maj(a,b,c);
        h = g; g = f; f = e;
        e = d + T1;
        d = c; c = b; b = a;
        a = T1 + T2;
    } while(++j < 80);

    /* compute intermediate hash value */
    ctx->sha_H[0] += a;
    ctx->sha_H[1] += b;
    ctx->sha_H[2] += c;
    ctx->sha_H[3] += d;
    ctx->sha_H[4] += e;
    ctx->sha_H[5] += f;
    ctx->sha_H[6] += g;
    ctx->sha_H[7] += h;

    ctx->sha_blocks++;
    if(!ctx->sha_blocks) ctx->sha_blocksMSB++;
}

void sha512_write(sha512_context *ctx, unsigned char *datap, int length)
{
    while(length > 0) {
        if(!ctx->sha_bufCnt) {
            while(length >= sizeof(ctx->sha_out)) {
                sha512_transform(ctx, datap);
                datap += sizeof(ctx->sha_out);
                length -= sizeof(ctx->sha_out);
            }
            if(!length) return;
        }
        ctx->sha_out[ctx->sha_bufCnt] = *datap++;
        length--;
        if(++ctx->sha_bufCnt == sizeof(ctx->sha_out)) {
            sha512_transform(ctx, &ctx->sha_out[0]);
            ctx->sha_bufCnt = 0;
        }
    }
}

void sha512_final(sha512_context *ctx)
{
    register int    j;
    u_int64_t       bitLength, bitLengthMSB;
    u_int64_t       i;
    unsigned char   padByte, *datap;

    bitLength = (ctx->sha_blocks << 10) | (ctx->sha_bufCnt << 3);
    bitLengthMSB = (ctx->sha_blocksMSB << 10) | (ctx->sha_blocks >> 54);
    padByte = 0x80;
    sha512_write(ctx, &padByte, 1);

    /* pad extra space with zeroes */
    padByte = 0;
    while(ctx->sha_bufCnt != 112) {
        sha512_write(ctx, &padByte, 1);
    }

    /* write bit length, big endian byte order */
    ctx->sha_out[112] = bitLengthMSB >> 56;
    ctx->sha_out[113] = bitLengthMSB >> 48;
    ctx->sha_out[114] = bitLengthMSB >> 40;
    ctx->sha_out[115] = bitLengthMSB >> 32;
    ctx->sha_out[116] = bitLengthMSB >> 24;
    ctx->sha_out[117] = bitLengthMSB >> 16;
    ctx->sha_out[118] = bitLengthMSB >> 8;
    ctx->sha_out[119] = bitLengthMSB;
    ctx->sha_out[120] = bitLength >> 56;
    ctx->sha_out[121] = bitLength >> 48;
    ctx->sha_out[122] = bitLength >> 40;
    ctx->sha_out[123] = bitLength >> 32;
    ctx->sha_out[124] = bitLength >> 24;
    ctx->sha_out[125] = bitLength >> 16;
    ctx->sha_out[126] = bitLength >> 8;
    ctx->sha_out[127] = bitLength;
    sha512_transform(ctx, &ctx->sha_out[0]);
    
    /* return results in ctx->sha_out[0...63] */
    datap = &ctx->sha_out[0];
    j = 0;
    do {
        i = ctx->sha_H[j];
        datap[0] = i >> 56;
        datap[1] = i >> 48;
        datap[2] = i >> 40;
        datap[3] = i >> 32;
        datap[4] = i >> 24;
        datap[5] = i >> 16;
        datap[6] = i >> 8;
        datap[7] = i;
        datap += 8;
    } while(++j < 8);

    /* clear sensitive information */
    memset(&ctx->sha_out[64], 0, sizeof(sha512_context) - 64);
}

void sha512_hash_buffer(unsigned char *ib, int ile, unsigned char *ob, int ole)
{
    sha512_context ctx;

    if(ole < 1) return;
    memset(ob, 0, ole);
    if(ole > 64) ole = 64;
    sha512_init(&ctx);
    sha512_write(&ctx, ib, ile);
    sha512_final(&ctx);
    memcpy(ob, &ctx.sha_out[0], ole);
    memset(&ctx, 0, sizeof(ctx));
}
#endif

#if defined(SHA384_NEEDED)
void sha384_init(sha512_context *ctx)
{
    memcpy(&ctx->sha_H[0], &sha384_hashInit[0], sizeof(ctx->sha_H));
    ctx->sha_blocks = 0;
    ctx->sha_blocksMSB = 0;
    ctx->sha_bufCnt = 0;
}

void sha384_hash_buffer(unsigned char *ib, int ile, unsigned char *ob, int ole)
{
    sha512_context ctx;

    if(ole < 1) return;
    memset(ob, 0, ole);
    if(ole > 48) ole = 48;
    sha384_init(&ctx);
    sha512_write(&ctx, ib, ile);
    sha512_final(&ctx);
    memcpy(ob, &ctx.sha_out[0], ole);
    memset(&ctx, 0, sizeof(ctx));
}
#endif




/*
 *  sha512.h
 *
 *  Written by Jari Ruusu, April 16 2001
 *
 *  Copyright 2001 by Jari Ruusu.
 *  Redistribution of this file is permitted under the GNU Public License.
 */

#include <sys/types.h>

typedef struct {
    unsigned char   sha_out[64];    /* results are here, bytes 0...31 */
    u_int32_t       sha_H[8];
    u_int64_t       sha_blocks;
    int             sha_bufCnt;
} sha256_context;

typedef struct {
    unsigned char   sha_out[128];   /* results are here, bytes 0...63 */
    u_int64_t       sha_H[8];
    u_int64_t       sha_blocks;
    u_int64_t       sha_blocksMSB;
    int             sha_bufCnt;
} sha512_context;

/* no sha384_context, use sha512_context */

/* 256 bit hash, provides 128 bits of security against collision attacks */
extern void sha256_init(sha256_context *);
extern void sha256_write(sha256_context *, unsigned char *, int);
extern void sha256_final(sha256_context *);
extern void sha256_hash_buffer(unsigned char *, int, unsigned char *, int);

/* 512 bit hash, provides 256 bits of security against collision attacks */
extern void sha512_init(sha512_context *);
extern void sha512_write(sha512_context *, unsigned char *, int);
extern void sha512_final(sha512_context *);
extern void sha512_hash_buffer(unsigned char *, int, unsigned char *, int);

/* 384 bit hash, provides 192 bits of security against collision attacks */
extern void sha384_init(sha512_context *);
/* no sha384_write(), use sha512_write() */
/* no sha384_final(), use sha512_final(), result in ctx->sha_out[0...47]  */
extern void sha384_hash_buffer(unsigned char *, int, unsigned char *, int);




flag is given, swapping is disabled on all known swap devices and files
(as found in
.I /proc/swaps
or
.IR /etc/fstab ).
.PP
If
.I loop=/dev/loop?
and
.I encryption=AES128
options are present in
.I /etc/fstab
then
.BR "swapon -a"
will set up loop devices using random keys, run
.BR "mkswap"
on them, and enable encrypted swap on specified loop devices. Encrypted loop
devices are set up with page size offset so that unencrypted swap signatures
on first page of swap devices are not touched.
.BR "swapoff -a"
will tear down such loop devices.
.SH NOTE
You should not use
.B swapon
on a file with holes.
Swap over NFS may not work.




/*
 * A swapon(8)/swapoff(8) for Linux 0.99.
 * swapon.c,v 1.1.1.1 1993/11/18 08:40:51 jrs Exp
 *
 * 1997-02-xx <Vincent.Renardias@waw.com>
 * - added '-s' (summary option)
 * 1999-02-22 Arkadiusz Mi¶kiewicz <misiek@pld.ORG.PL>
 * - added Native Language Support
 * 1999-03-21 Arnaldo Carvalho de Melo <acme@conectiva.com.br>
 * - fixed strerr(errno) in gettext calls
 * 2001-03-22 Erik Troan <ewt@redhat.com>
 * - added -e option for -a
 * - -a shouldn't try to add swaps that are already enabled
 * 2002-04-14 Jari Ruusu
 * - added encrypted swap support
 */
#include <ctype.h>
#include <stdlib.h>
#include <stdio.h>
#include <getopt.h>
#include <string.h>
#include <mntent.h>
#include <errno.h>
#include <sys/stat.h>
#include <sys/ioctl.h>
#include <sys/utsname.h>
#include <sys/time.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <fcntl.h>
#include "xmalloc.h"

#include "nls.h"
#include "fsprobe.h"
#include "realpath.h"
#include "pathnames.h"
#include "sundries.h"
#include "loop.h"
#include "xstrncpy.h"
#include "sha512.h"

#define PATH_MKSWAP	"/sbin/mkswap"

#ifdef HAVE_SYS_SWAP_H
# include <sys/swap.h>

	const char *special = fsprobe_get_devname_by_uuid(uuid);
	return special ? do_swapoff(special, quiet, CANONIC) : cannot_find(uuid);
}

static int
prepare_encrypted_swap(const char *partition, char *loop, char *encryption)
{
	int x, y, fd, ffd;
	int page_size;
	sha512_context s;
	unsigned char b[4096], multiKeyBits[65][32];
	char *a[10], *apiName;
	struct loop_info64 loopinfo;
	FILE *f;

	/*
	 * Some sanity checks
	 */
	if(strlen(partition) < 1) {
		fprintf(stderr, _("swapon: invalid swap device name\n"));
		return 0;
	}
	if(strlen(loop) < 1) {
		fprintf(stderr, _("swapon: invalid loop device name\n"));
		return 0;
	}
	if(strlen(encryption) < 1) {
		fprintf(stderr, _("swapon: invalid encryption type\n"));
		return 0;
	}

	/*
	 * Abort if loop device does not exist or is already in use
	 */
	if((fd = open(loop, O_RDWR)) == -1) {
		fprintf(stderr, _("swapon: unable to open loop device %s\n"), loop);
		return 0;
	}
	if(is_unused_loop_device(fd) == 0) {
		fprintf(stderr, _("swapon: loop device %s already in use\n"), loop);
		goto errout0;
	}

	/*
	 * Compute SHA-512 over first 40 KB of old swap data. This data
	 * is mostly unknown data encrypted using unknown key. SHA-512 hash
	 * output is then used as entropy for new swap encryption key.
	 */
	if(!(f = fopen(partition, "r+"))) {
		fprintf(stderr, _("swapon: unable to open swap device %s\n"), partition);
		goto errout0;
	}
	page_size = getpagesize();
	fseek(f, (long)page_size, SEEK_SET);
	sha512_init(&s);
	for(x = 0; x < 10; x++) {
		if(fread(&b[0], sizeof(b), 1, f) != 1) break;
		sha512_write(&s, &b[0], sizeof(b));
	}
	sha512_final(&s);

	/*
	 * Overwrite 40 KB of old swap data 20 times so that recovering
	 * SHA-512 output beyond this point is difficult and expensive.
	 */
	for(y = 0; y < 20; y++) {
		int z;
		struct {
			struct timeval tv;
			unsigned char h[64];
			int x,y,z;
		} j;
		if(fseek(f, (long)page_size, SEEK_SET)) break;
		memcpy(&j.h[0], &s.sha_out[0], 64);
		gettimeofday(&j.tv, NULL);
		j.y = y;
		for(x = 0; x < 10; x++) {
			j.x = x;
			for(z = 0; z < sizeof(b); z += 64) {
				j.z = z;
				sha512_hash_buffer((unsigned char *)&j, sizeof(j), &b[z], 64);
			}
			if(fwrite(&b[0], sizeof(b), 1, f) != 1) break;
		}
		memset(&j, 0, sizeof(j));
		if(fflush(f)) break;
		if(fsync(fileno(f))) break;
	}
	fclose(f);

	/*
	 * Use all 512 bits of hash output
	 */
	memcpy(&b[0], &s.sha_out[0], 64);
	memset(&s, 0, sizeof(s));

	/*
	 * Read 32 bytes of random entropy from kernel's random
	 * number generator. This code may be executed early on startup
	 * scripts and amount of random entropy may be non-existent.
	 * SHA-512 of old swap data is used as workaround for missing
	 * entropy in kernel's random number generator.
	 */
	if(!(f = fopen("/dev/urandom", "r"))) {
		fprintf(stderr, _("swapon: unable to open /dev/urandom\n"));
		goto errout0;
	}
	fread(&b[64], 32, 1, f);

	/*
	 * Set up struct loop_info64
	 */
	if((ffd = open(partition, O_RDWR)) < 0) {
		fprintf(stderr, _("swapon: unable to open swap device %s\n"), partition);
		goto errout1;
	}
	memset(&loopinfo, 0, sizeof(loopinfo));
	xstrncpy((char *)loopinfo.lo_file_name, partition, LO_NAME_SIZE);
	loopinfo.lo_encrypt_type = loop_crypt_type(encryption, &loopinfo.lo_encrypt_key_size, &apiName);
	if(loopinfo.lo_encrypt_type <= 1) {
		fprintf(stderr, _("swapon: unsupported swap encryption type %s\n"), encryption);
errout2:
		close(ffd);
errout1:
		fclose(f);
errout0:
		close(fd);
		memset(&loopinfo.lo_encrypt_key[0], 0, sizeof(loopinfo.lo_encrypt_key));
		memset(&multiKeyBits[0][0], 0, sizeof(multiKeyBits));
		return 0;
	}
	loopinfo.lo_offset = page_size;
	/* single-key hash */
	sha512_hash_buffer(&b[0], 64+32, &loopinfo.lo_encrypt_key[0], sizeof(loopinfo.lo_encrypt_key));
	/* multi-key hash */
	x = 0;
	while(x < 65) {
		fread(&b[64+32], 16, 1, f);
		sha512_hash_buffer(&b[0], 64+32+16, &multiKeyBits[x][0], 32);
		x++;
	}	

	/*
	 * Try to set up single-key loop
	 */
	if(ioctl(fd, LOOP_SET_FD, ffd) < 0) {
		fprintf(stderr, _("swapon: LOOP_SET_FD failed\n"));
		goto errout2;
	}
	if ((loopinfo.lo_encrypt_type == 18) || (loop_set_status64_ioctl(fd, &loopinfo) < 0)) {
		if(try_cryptoapi_loop_interface(fd, &loopinfo, apiName) < 0) {
			fprintf(stderr, _("swapon: LOOP_SET_STATUS failed\n"));
			ioctl(fd, LOOP_CLR_FD, 0);
			goto errout2;
		}
	}

	/*
	 * Try to put loop to multi-key v3 or v2 mode.
	 * If this fails, then let it operate in single-key mode.
	 */
	if(ioctl(fd, LOOP_MULTI_KEY_SETUP_V3, &multiKeyBits[0][0]) < 0) {
		ioctl(fd, LOOP_MULTI_KEY_SETUP, &multiKeyBits[0][0]);
	}

	/*
	 * Loop is now set up. Clean up the keys.
	 */
	memset(&loopinfo.lo_encrypt_key[0], 0, sizeof(loopinfo.lo_encrypt_key));
	memset(&multiKeyBits[0][0], 0, sizeof(multiKeyBits));
	close(ffd);
	fclose(f);
	close(fd);

	/*
	 * Write 40 KB of zeroes to loop device. That same data is written
	 * to underlying partition in encrypted form. This is done to guarantee
	 * that next time encrypted swap is initialized, the SHA-512 hash will
	 * be different. And, if encrypted swap data writes over this data, that's
	 * even better.
	 */
	if(!(f = fopen(loop, "r+"))) {
		fprintf(stderr, _("swapon: unable to open loop device %s\n"), loop);
		return 0;
	}
	memset(&b[0], 0, sizeof(b));
	for(x = 0; x < 10; x++) {
		if(fwrite(&b[0], sizeof(b), 1, f) != 1) break;
	}
	fflush(f);
	fsync(fileno(f));
	fclose(f);
	sync();

	/*
	 * Run mkswap on loop device so that kernel understands it as swap.
	 * Redirect stderr to /dev/null and ignore exit value.
	 */
	if(!(x = fork())) {
		if((x = open("/dev/null", O_WRONLY)) >= 0) {
			dup2(x, 2);
			close(x);
		}
		a[0] = "mkswap";
		a[1] = loop;
		a[2] = 0;
		execvp(a[0], &a[0]);
		execv("/sbin/mkswap", &a[0]);
		/* error to stdout, stderr is directed to /dev/null */
		printf(_("swapon: unable to execute mkswap\n"));
		exit(1);
	}
	if(x == -1) {
		fprintf(stderr, _("swapon: fork failed\n"));
		return 0;
	}
	waitpid(x, &y, 0);
	sync();

	return 1;
}

static void
shutdown_encrypted_swap(char *loop)
{
	int fd;
	struct stat statbuf;
	struct loop_info64 loopinfo;
	unsigned char b[32];
	FILE *f;

	if(stat(loop, &statbuf) == 0 && S_ISBLK(statbuf.st_mode)) {
		if((fd = open(loop, O_RDWR)) >= 0) {
			if(!loop_get_status64_ioctl(fd, &loopinfo)) {
				/*
				 * Read 32 bytes of random data from kernel's random
				 * number generator and write that to loop device.
				 * This preserves some of kernel's random entropy
				 * to next activation of encrypted swap on this
				 * partition.
				 */
				if((f = fopen("/dev/urandom", "r")) != NULL) {
					fread(&b[0], 32, 1, f);
					fclose(f);
					write(fd, &b[0], 32);
					fsync(fd);
				}
			}
			close(fd);
		}
		sync();
		if((fd = open(loop, O_RDONLY)) >= 0) {
			if(!loop_get_status64_ioctl(fd, &loopinfo)) {
				ioctl(fd, LOOP_CLR_FD, 0);
			}
			close(fd);
		}
	}
}

static int
swapon_all(void) {
	FILE *fp;
	struct mntent *fstab;
	int status = 0;



	while ((fstab = getmntent(fp)) != NULL) {
		const char *special;
		int skip = 0;
		int pri = priority;
		char *opt, *opts;
		char *loop = NULL, *encryption = NULL;

		if (!streq(fstab->mnt_type, MNTTYPE_SWAP))
			continue;

		special = fsprobe_get_devname(fstab->mnt_fsname);
		if (!special)
			continue;

		/* parse mount options; */
		opts = strdup(fstab->mnt_opts);
		if (!opts) {
			fprintf(stderr, "not enough memory");
			exit(1);
		}
		for (opt = strtok(opts, ","); opt != NULL; opt = strtok(NULL, ",")) {
			if (strncmp(opt, "pri=", 4) == 0)
				pri = atoi(opt+4);
			if (strcmp(opt, "noauto") == 0)
				skip = 1;
			if (strncmp(opt, "loop=", 5) == 0)
				loop = opt + 5;
			if (strncmp(opt, "encryption=", 11) == 0)
				encryption = opt + 11;
		}
		if(skip)
			continue;
		if (loop && encryption) {
			if(!is_in_proc_swaps(loop) && (!ifexists || !access(special, R_OK))) {
				if (!prepare_encrypted_swap(special, loop, encryption)) {
					status |= -1;
					continue;
				}
				status |= do_swapon(loop, pri, CANONIC);
			}
			continue;
		}
		if (!is_in_proc_swaps(special) && (!ifexists || !access(special, R_OK))) {
			status |= do_swapon(special, pri, CANONIC);
		}
	}
	endmntent(fp);

	return status;
}

static const char **llist = NULL;

			fprintf(stderr, _("%s: cannot open %s: %s\n"),
				progname, _PATH_MNTTAB, strerror(errsv));
			exit(2);
		}
		while ((fstab = getmntent(fp)) != NULL) {
			const char *orig_special = fstab->mnt_fsname;
			const char *special;
			int skip = 0;
			char *opt, *opts;
			char *loop = NULL, *encryption = NULL;

			if (!streq(fstab->mnt_type, MNTTYPE_SWAP))
				continue;

			special = fsprobe_get_devname(orig_special);
			if (!special)
				continue;

			/* parse mount options; */
			opts = strdup(fstab->mnt_opts);
			if (!opts) {
				fprintf(stderr, "not enough memory");
				exit(1);
			}
			for (opt = strtok(opts, ","); opt != NULL; opt = strtok(NULL, ",")) {
				if (strcmp(opt, "noauto") == 0)
					skip = 1;
				if (strncmp(opt, "loop=", 5) == 0)
					loop = opt + 5;
				if (strncmp(opt, "encryption=", 11) == 0)
					encryption = opt + 11;
			}
			if (loop && encryption) {
				if (!is_in_proc_swaps(loop)) {  
					if(skip)
						continue;
					do_swapoff(loop, QUIET, CANONIC);
				}
				shutdown_encrypted_swap(loop);
				continue;
			}
			if(skip)
				continue;
			if (!is_in_proc_swaps(special)) {
				do_swapoff(special, QUIET, CANONIC);
			}


		}
		endmntent(fp);
	}

	return status;
}





	int umnt_err, umnt_err2;
	int isroot;
	int res;
	int status;
	const char *loopdev;
	int myloop = 0;

	/* Special case for root.  As of 0.99pl10 we can (almost) unmount root;
	   the kernel will remount it readonly so that we can carry on running
	   afterwards.  The readonly remount is illegal if any files are opened
	   for writing at the time, so we can't update mtab for an unmount of

	 * All such special things must occur isolated in the types string.
	 */
	if (check_special_umountprog(spec, node, type, &status))
		return status;

	/*
	 * Ignore the option "-d" for non-loop devices and loop devices with
	 * LO_FLAGS_AUTOCLEAR flag.
	 */
	if (delloop && is_loop_device(spec) && !is_loop_autoclear(spec))
		myloop = 1;

	umnt_err = umnt_err2 = 0;
	if (lazy) {
		res = umount2 (node, MNT_DETACH);
		if (res < 0)
			umnt_err = errno;

			if ((mc = getmntoptfile (spec)) != NULL)
				node = mc->m.mnt_dir;
		}

		/* Also free loop devices when -d flag is given */
		if (delloop && is_loop_device(spec))
			loopdev = spec;
	}
 gotloop:
	if (loopdev)
		del_loop(loopdev);

Return to bug 258456

Line 0 Link Here

(-)util-linux-ng-2.14.2.orig/mount/aes.c (+299 lines)
		1	// I retain copyright in this code but I encourage its free use provided
		2	// that I don't carry any responsibility for the results. I am especially
		3	// happy to see it used in free and open source software. If you do use
		4	// it I would appreciate an acknowledgement of its origin in the code or
		5	// the product that results and I would also appreciate knowing a little
		6	// about the use to which it is being put. I am grateful to Frank Yellin
		7	// for some ideas that are used in this implementation.
		8	//
		9	// Dr B. R. Gladman <brg@gladman.uk.net> 6th April 2001.
		10	//
		11	// This is an implementation of the AES encryption algorithm (Rijndael)
		12	// designed by Joan Daemen and Vincent Rijmen. This version is designed
		13	// to provide both fixed and dynamic block and key lengths and can also
		14	// run with either big or little endian internal byte order (see aes.h).
		15	// It inputs block and key lengths in bytes with the legal values being
		16	// 16, 24 and 32.
		17
		18	/*
		19	* Modified by Jari Ruusu, May 1 2001
		20	* - Fixed some compile warnings, code was ok but gcc warned anyway.
		21	* - Changed basic types: byte -> unsigned char, word -> u_int32_t
		22	* - Major name space cleanup: Names visible to outside now begin
		23	* with "aes_" or "AES_". A lot of stuff moved from aes.h to aes.c
		24	* - Removed C++ and DLL support as part of name space cleanup.
		25	* - Eliminated unnecessary recomputation of tables. (actual bug fix)
		26	* - Merged precomputed constant tables to aes.c file.
		27	* - Removed data alignment restrictions for portability reasons.
		28	* - Made block and key lengths accept bit count (128/192/256)
		29	* as well byte count (16/24/32).
		30	* - Removed all error checks. This change also eliminated the need
		31	* to preinitialize the context struct to zero.
		32	* - Removed some totally unused constants.
		33	*/
		34
		35	/*
		36	* Modified by Jari Ruusu, June 9 2003
		37	* - Removed all code not necessary for small size
		38	* optimized encryption using 256 bit keys.
		39	*/
		40
		41	#include "aes.h"
		42
		43	#if AES_BLOCK_SIZE != 16
		44	#error an illegal block size has been specified
		45	#endif
		46
		47	// upr(x,n): rotates bytes within words by n positions, moving bytes
		48	// to higher index positions with wrap around into low positions
		49	// bval(x,n): extracts a byte from a word
		50
		51	#define upr(x,n) (((x) << 8 * (n)) \| ((x) >> (32 - 8 * (n))))
		52	#define bval(x,n) ((unsigned char)((x) >> 8 * (n)))
		53	#define bytes2word(b0, b1, b2, b3) \
		54	((u_int32_t)(b3) << 24 \| (u_int32_t)(b2) << 16 \| (u_int32_t)(b1) << 8 \| (b0))
		55
		56	#if defined(i386) \|\| defined(_I386) \|\| defined(__i386__) \|\| defined(__i386)
		57	/* little endian processor without data alignment restrictions */
		58	#define word_in(x) (u_int32_t)(x)
		59	#define word_out(x,v) (u_int32_t)(x) = (v)
		60	#else
		61	/* slower but generic big endian or with data alignment restrictions */
		62	#define word_in(x) ((u_int32_t)(((unsigned char )(x))[0])\|((u_int32_t)(((unsigned char )(x))[1])<<8)\|((u_int32_t)(((unsigned char )(x))[2])<<16)\|((u_int32_t)(((unsigned char )(x))[3])<<24))
		63	#define word_out(x,v) ((unsigned char )(x))[0]=(v),((unsigned char )(x))[1]=((v)>>8),((unsigned char )(x))[2]=((v)>>16),((unsigned char )(x))[3]=((v)>>24)
		64	#endif
65
66	// the finite field modular polynomial and elements
67
68	#define ff_poly 0x011b
69	#define ff_hi 0x80
70
71	static int tab_gen = 0;
72	static unsigned char s_box[256]; // the S box
73	static u_int32_t rcon_tab[AES_RC_LENGTH]; // table of round constants
74	static u_int32_t ft_tab[4][256];
75	static u_int32_t fl_tab[4][256];
76
77	// Generate the tables for the dynamic table option
78
79	// It will generally be sensible to use tables to compute finite
80	// field multiplies and inverses but where memory is scarse this
81	// code might sometimes be better.
82
83	// return 2 ^ (n - 1) where n is the bit number of the highest bit
84	// set in x with x in the range 1 < x < 0x00000200. This form is
85	// used so that locals within FFinv can be bytes rather than words
86
87	static unsigned char hibit(const u_int32_t x)
88	{ unsigned char r = (unsigned char)((x >> 1) \| (x >> 2));
89
90	r \|= (r >> 2);
91	r \|= (r >> 4);
92	return (r + 1) >> 1;
93	}
94
95	// return the inverse of the finite field element x
96
97	static unsigned char FFinv(const unsigned char x)
98	{ unsigned char p1 = x, p2 = 0x1b, n1 = hibit(x), n2 = 0x80, v1 = 1, v2 = 0;
99
100	if(x < 2) return x;
101
102	for(;;)
103	{
104	if(!n1) return v1;
105
106	while(n2 >= n1)
107	{
108	n2 /= n1; p2 ^= p1 * n2; v2 ^= v1 * n2; n2 = hibit(p2);
109	}
110
111	if(!n2) return v2;
112
113	while(n1 >= n2)
114	{
115	n1 /= n2; p1 ^= p2 * n1; v1 ^= v2 * n1; n1 = hibit(p1);
116	}
117	}
118	}
119
120	// define the finite field multiplies required for Rijndael
121
122	#define FFmul02(x) ((((x) & 0x7f) << 1) ^ ((x) & 0x80 ? 0x1b : 0))
123	#define FFmul03(x) ((x) ^ FFmul02(x))
124
125	// The forward and inverse affine transformations used in the S-box
126
127	#define fwd_affine(x) \
128	(w = (u_int32_t)x, w ^= (w<<1)^(w<<2)^(w<<3)^(w<<4), 0x63^(unsigned char)(w^(w>>8)))
129
130	static void gen_tabs(void)
131	{ u_int32_t i, w;
132
133	for(i = 0, w = 1; i < AES_RC_LENGTH; ++i)
134	{
135	rcon_tab[i] = bytes2word(w, 0, 0, 0);
136	w = (w << 1) ^ (w & ff_hi ? ff_poly : 0);
137	}
138
139	for(i = 0; i < 256; ++i)
140	{ unsigned char b;
141
142	s_box[i] = b = fwd_affine(FFinv((unsigned char)i));
143
144	w = bytes2word(b, 0, 0, 0);
145	fl_tab[0][i] = w;
146	fl_tab[1][i] = upr(w,1);
147	fl_tab[2][i] = upr(w,2);
148	fl_tab[3][i] = upr(w,3);
149	w = bytes2word(FFmul02(b), b, b, FFmul03(b));
150	ft_tab[0][i] = w;
151	ft_tab[1][i] = upr(w,1);
152	ft_tab[2][i] = upr(w,2);
153	ft_tab[3][i] = upr(w,3);
154	}
155	}
156
157	#define four_tables(x,tab,vf,rf,c) \
158	( tab[0][bval(vf(x,0,c),rf(0,c))] \
159	^ tab[1][bval(vf(x,1,c),rf(1,c))] \
160	^ tab[2][bval(vf(x,2,c),rf(2,c))] \
161	^ tab[3][bval(vf(x,3,c),rf(3,c))])
162
163	#define vf1(x,r,c) (x)
164	#define rf1(r,c) (r)
165	#define rf2(r,c) ((r-c)&3)
166
167	#define ls_box(x,c) four_tables(x,fl_tab,vf1,rf2,c)
168
169	#define nc (AES_BLOCK_SIZE / 4)
170
171	// Initialise the key schedule from the user supplied key.
172	// The key length is now specified in bytes, 32.
173	// This corresponds to bit length of 256 bits, and
174	// to Nk value of 8 respectively.
175
176	void aes_set_key(aes_context *cx, const unsigned char in_key[], int n_bytes, const int f)
177	{ u_int32_t kf, kt, rci;
178
179	if(!tab_gen) { gen_tabs(); tab_gen = 1; }
180
181	cx->aes_Nkey = 8;
182	cx->aes_Nrnd = (cx->aes_Nkey > nc ? cx->aes_Nkey : nc) + 6;
183
184	cx->aes_e_key[0] = word_in(in_key );
185	cx->aes_e_key[1] = word_in(in_key + 4);
186	cx->aes_e_key[2] = word_in(in_key + 8);
187	cx->aes_e_key[3] = word_in(in_key + 12);
188
189	kf = cx->aes_e_key;
190	kt = kf + nc * (cx->aes_Nrnd + 1) - cx->aes_Nkey;
191	rci = 0;
192
193	switch(cx->aes_Nkey)
194	{
195	case 8: cx->aes_e_key[4] = word_in(in_key + 16);
196	cx->aes_e_key[5] = word_in(in_key + 20);
197	cx->aes_e_key[6] = word_in(in_key + 24);
198	cx->aes_e_key[7] = word_in(in_key + 28);
199	do
200	{ kf[ 8] = kf[0] ^ ls_box(kf[7],3) ^ rcon_tab[rci++];
201	kf[ 9] = kf[1] ^ kf[ 8];
202	kf[10] = kf[2] ^ kf[ 9];
203	kf[11] = kf[3] ^ kf[10];
204	kf[12] = kf[4] ^ ls_box(kf[11],0);
205	kf[13] = kf[5] ^ kf[12];
206	kf[14] = kf[6] ^ kf[13];
207	kf[15] = kf[7] ^ kf[14];
208	kf += 8;
209	}
210	while (kf < kt);
211	break;
212	}
213	}
214
215	// y = output word, x = input word, r = row, c = column
216	// for r = 0, 1, 2 and 3 = column accessed for row r
217
218	#define s(x,c) x[c]
219
220	// I am grateful to Frank Yellin for the following constructions
221	// which, given the column (c) of the output state variable that
222	// is being computed, return the input state variables which are
223	// needed for each row (r) of the state
224
225	// For the fixed block size options, compilers reduce these two
226	// expressions to fixed variable references. For variable block
227	// size code conditional clauses will sometimes be returned
228
229	#define fwd_var(x,r,c) \
230	( r==0 ? \
231	( c==0 ? s(x,0) \
232	: c==1 ? s(x,1) \
233	: c==2 ? s(x,2) \
234	: c==3 ? s(x,3) \
235	: c==4 ? s(x,4) \
236	: c==5 ? s(x,5) \
237	: c==6 ? s(x,6) \
238	: s(x,7)) \
239	: r==1 ? \
240	( c==0 ? s(x,1) \
241	: c==1 ? s(x,2) \
242	: c==2 ? s(x,3) \
243	: c==3 ? nc==4 ? s(x,0) : s(x,4) \
244	: c==4 ? s(x,5) \
245	: c==5 ? nc==8 ? s(x,6) : s(x,0) \
246	: c==6 ? s(x,7) \
247	: s(x,0)) \
248	: r==2 ? \
249	( c==0 ? nc==8 ? s(x,3) : s(x,2) \
250	: c==1 ? nc==8 ? s(x,4) : s(x,3) \
251	: c==2 ? nc==4 ? s(x,0) : nc==8 ? s(x,5) : s(x,4) \
252	: c==3 ? nc==4 ? s(x,1) : nc==8 ? s(x,6) : s(x,5) \
253	: c==4 ? nc==8 ? s(x,7) : s(x,0) \
254	: c==5 ? nc==8 ? s(x,0) : s(x,1) \
255	: c==6 ? s(x,1) \
256	: s(x,2)) \
257	: \
258	( c==0 ? nc==8 ? s(x,4) : s(x,3) \
259	: c==1 ? nc==4 ? s(x,0) : nc==8 ? s(x,5) : s(x,4) \
260	: c==2 ? nc==4 ? s(x,1) : nc==8 ? s(x,6) : s(x,5) \
261	: c==3 ? nc==4 ? s(x,2) : nc==8 ? s(x,7) : s(x,0) \
262	: c==4 ? nc==8 ? s(x,0) : s(x,1) \
263	: c==5 ? nc==8 ? s(x,1) : s(x,2) \
264	: c==6 ? s(x,2) \
265	: s(x,3)))
266
267	#define si(y,x,k,c) s(y,c) = word_in(x + 4 * c) ^ k[c]
268	#define so(y,x,c) word_out(y + 4 * c, s(x,c))
269
270	#define fwd_rnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,ft_tab,fwd_var,rf1,c)
271	#define fwd_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,fl_tab,fwd_var,rf1,c)
272
273	#define locals(y,x) x[4],y[4]
274
275	#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \
276	s(y,2) = s(x,2); s(y,3) = s(x,3);
277	#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3)
278	#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3)
279	#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3)
280
281	void aes_encrypt(const aes_context *cx, const unsigned char in_blk[], unsigned char out_blk[])
282	{ u_int32_t locals(b0, b1);
283	const u_int32_t *kp = cx->aes_e_key;
284
285	state_in(b0, in_blk, kp); kp += nc;
286
287	{ u_int32_t rnd;
288
289	for(rnd = 0; rnd < cx->aes_Nrnd - 1; ++rnd)
290	{
291	round(fwd_rnd, b1, b0, kp);
292	l_copy(b0, b1); kp += nc;
293	}
294
295	round(fwd_lrnd, b0, b1, kp);
296	}
297
298	state_out(out_blk, b0);
299	}

Line 0 Link Here

(-)util-linux-ng-2.14.2.orig/mount/aes.h (+97 lines)
		1	// I retain copyright in this code but I encourage its free use provided
		2	// that I don't carry any responsibility for the results. I am especially
		3	// happy to see it used in free and open source software. If you do use
		4	// it I would appreciate an acknowledgement of its origin in the code or
		5	// the product that results and I would also appreciate knowing a little
		6	// about the use to which it is being put. I am grateful to Frank Yellin
		7	// for some ideas that are used in this implementation.
		8	//
		9	// Dr B. R. Gladman <brg@gladman.uk.net> 6th April 2001.
		10	//
		11	// This is an implementation of the AES encryption algorithm (Rijndael)
		12	// designed by Joan Daemen and Vincent Rijmen. This version is designed
		13	// to provide both fixed and dynamic block and key lengths and can also
		14	// run with either big or little endian internal byte order (see aes.h).
		15	// It inputs block and key lengths in bytes with the legal values being
		16	// 16, 24 and 32.
		17
		18	/*
		19	* Modified by Jari Ruusu, May 1 2001
		20	* - Fixed some compile warnings, code was ok but gcc warned anyway.
		21	* - Changed basic types: byte -> unsigned char, word -> u_int32_t
		22	* - Major name space cleanup: Names visible to outside now begin
		23	* with "aes_" or "AES_". A lot of stuff moved from aes.h to aes.c
		24	* - Removed C++ and DLL support as part of name space cleanup.
		25	* - Eliminated unnecessary recomputation of tables. (actual bug fix)
		26	* - Merged precomputed constant tables to aes.c file.
		27	* - Removed data alignment restrictions for portability reasons.
		28	* - Made block and key lengths accept bit count (128/192/256)
		29	* as well byte count (16/24/32).
		30	* - Removed all error checks. This change also eliminated the need
		31	* to preinitialize the context struct to zero.
		32	* - Removed some totally unused constants.
		33	*/
		34
		35	#ifndef _AES_H
		36	#define _AES_H
		37
		38	#if defined(__linux__) && defined(__KERNEL__)
		39	# include <linux/types.h>
		40	#else
		41	# include <sys/types.h>
		42	#endif
		43
		44	// CONFIGURATION OPTIONS (see also aes.c)
		45	//
		46	// Define AES_BLOCK_SIZE to set the cipher block size (16, 24 or 32) or
		47	// leave this undefined for dynamically variable block size (this will
		48	// result in much slower code).
		49	// IMPORTANT NOTE: AES_BLOCK_SIZE is in BYTES (16, 24, 32 or undefined). If
		50	// left undefined a slower version providing variable block length is compiled
		51
		52	#define AES_BLOCK_SIZE 16
		53
		54	// The number of key schedule words for different block and key lengths
		55	// allowing for method of computation which requires the length to be a
		56	// multiple of the key length
		57	//
		58	// Nk = 4 6 8
		59	// -------------
		60	// Nb = 4 \| 60 60 64
		61	// 6 \| 96 90 96
		62	// 8 \| 120 120 120
		63
		64	#if !defined(AES_BLOCK_SIZE) \|\| (AES_BLOCK_SIZE == 32)
65	#define AES_KS_LENGTH 120
66	#define AES_RC_LENGTH 29
67	#else
68	#define AES_KS_LENGTH 4 * AES_BLOCK_SIZE
69	#define AES_RC_LENGTH (9 * AES_BLOCK_SIZE) / 8 - 8
70	#endif
71
72	typedef struct
73	{
74	u_int32_t aes_Nkey; // the number of words in the key input block
75	u_int32_t aes_Nrnd; // the number of cipher rounds
76	u_int32_t aes_e_key[AES_KS_LENGTH]; // the encryption key schedule
77	u_int32_t aes_d_key[AES_KS_LENGTH]; // the decryption key schedule
78	#if !defined(AES_BLOCK_SIZE)
79	u_int32_t aes_Ncol; // the number of columns in the cipher state
80	#endif
81	} aes_context;
82
83	// THE CIPHER INTERFACE
84
85	#if !defined(AES_BLOCK_SIZE)
86	extern void aes_set_blk(aes_context *, const int);
87	#endif
88	extern void aes_set_key(aes_context *, const unsigned char [], const int, const int);
89	extern void aes_encrypt(const aes_context *, const unsigned char [], unsigned char []);
90	extern void aes_decrypt(const aes_context *, const unsigned char [], unsigned char []);
91
92	// The block length inputs to aes_set_block and aes_set_key are in numbers
93	// of bytes or bits. The calls to subroutines must be made in the above
94	// order but multiple calls can be made without repeating earlier calls
95	// if their parameters have not changed.
96
97	#endif // _AES_H

Lines 1-12 Link Here

(-)util-linux-ng-2.14.2.orig/mount/lomount.h (-8 / +15 lines)
1	extern int set_loop(const char , const char , unsigned long long, unsigned long long,	1	extern int verbose;
2	const char , int, int );	2	extern int set_loop(const char , const char , int , const char , unsigned int , int);
3	extern int del_loop(const char *);	3	extern int del_loop(const char *);
4	extern int is_loop_device(const char *);	4	extern int is_loop_device(const char *);
5	extern int is_loop_autoclear(const char *device);	5	extern int is_loop_active(const char , const char );
6	extern char * find_unused_loop_device(void);	6	extern char * find_unused_loop_device(void);
7		7
8	extern int loopfile_used_with(char devname, const char filename, unsigned long long offset);	8	extern char *passFDnumber;
9	extern char loopfile_used (const char filename, unsigned long long offset);	9	extern char *passAskTwice;
10		10	extern char *passSeedString;
11	#define SETLOOP_RDONLY (1<<0) /* Open loop read-only */	11	extern char *passHashFuncName;
12	#define SETLOOP_AUTOCLEAR (1<<1) /* Automatically detach loop on close (2.6.25?) */	12	extern char *passIterThousands;
		13	extern char *loInitValue;
		14	extern char *gpgKeyFile;
		15	extern char *gpgHomeDir;
		16	extern char *clearTextKeyFile;
		17	extern char *loopOffsetBytes;
		18	extern char *loopSizeBytes;
		19	extern char *loopEncryptionType;

Line 0 Link Here

(-)util-linux-ng-2.14.2.orig/mount/loop.c (+221 lines)
		1	/*
		2	* loop.c
		3	*
		4	* Copyright 2003 by Jari Ruusu.
		5	* Redistribution of this file is permitted under the GNU GPL
		6	*/
		7
		8	/* collection of loop helper functions used by losetup, mount and swapon */
		9
		10	#include <stdio.h>
		11	#include <string.h>
		12	#include <ctype.h>
		13	#include <sys/ioctl.h>
		14	#include <sys/types.h>
		15	#include <errno.h>
		16	#include "loop.h"
		17
		18	static void convert_info_to_info64(struct loop_info info, struct loop_info64 info64)
		19	{
		20	memset(info64, 0, sizeof(*info64));
		21	info64->lo_number = info->lo_number;
		22	info64->lo_device = info->lo_device;
		23	info64->lo_inode = info->lo_inode;
		24	info64->lo_rdevice = info->lo_rdevice;
		25	info64->lo_offset = info->lo_offset;
		26	info64->lo_encrypt_type = info->lo_encrypt_type;
		27	info64->lo_encrypt_key_size = info->lo_encrypt_key_size;
		28	info64->lo_flags = info->lo_flags;
		29	info64->lo_init[0] = info->lo_init[0];
		30	info64->lo_init[1] = info->lo_init[1];
		31	info64->lo_sizelimit = 0;
		32	if (info->lo_encrypt_type == 18) /* LO_CRYPT_CRYPTOAPI */
		33	memcpy(info64->lo_crypt_name, info->lo_name, sizeof(info64->lo_crypt_name));
		34	else
		35	memcpy(info64->lo_file_name, info->lo_name, sizeof(info64->lo_file_name));
		36	memcpy(info64->lo_encrypt_key, info->lo_encrypt_key, sizeof(info64->lo_encrypt_key));
		37	}
		38
		39	static int convert_info64_to_info(struct loop_info64 info64, struct loop_info info)
		40	{
		41	memset(info, 0, sizeof(*info));
		42	info->lo_number = info64->lo_number;
		43	info->lo_device = info64->lo_device;
		44	info->lo_inode = info64->lo_inode;
		45	info->lo_rdevice = info64->lo_rdevice;
		46	info->lo_offset = info64->lo_offset;
		47	info->lo_encrypt_type = info64->lo_encrypt_type;
		48	info->lo_encrypt_key_size = info64->lo_encrypt_key_size;
		49	info->lo_flags = info64->lo_flags;
		50	info->lo_init[0] = info64->lo_init[0];
		51	info->lo_init[1] = info64->lo_init[1];
		52	if (info->lo_encrypt_type == 18) /* LO_CRYPT_CRYPTOAPI */
		53	memcpy(info->lo_name, info64->lo_crypt_name, sizeof(info->lo_name));
		54	else
		55	memcpy(info->lo_name, info64->lo_file_name, sizeof(info->lo_name));
		56	memcpy(info->lo_encrypt_key, info64->lo_encrypt_key, sizeof(info->lo_encrypt_key));
		57
		58	/* error in case values were truncated */
		59	if (info->lo_device != info64->lo_device \|\|
		60	info->lo_rdevice != info64->lo_rdevice \|\|
		61	info->lo_inode != info64->lo_inode \|\|
		62	info->lo_offset != info64->lo_offset \|\|
		63	info64->lo_sizelimit) {
		64	errno = EOVERFLOW;
65	return -1;
66	}
67	return 0;
68	}
69
70	int loop_set_status64_ioctl(int fd, struct loop_info64 *info64)
71	{
72	struct loop_info info;
73	struct loop_info64 tmp;
74	int r;
75
76	/*
77	* This ugly work around is needed because some
78	* Red Hat kernels are using same ioctl code:
79	* #define LOOP_CHANGE_FD 0x4C04
80	* vs.
81	* #define LOOP_SET_STATUS64 0x4C04
82	* that is used by modern loop driver.
83	*
84	* Attempt to detect presense of LOOP_GET_STATUS64
85	* ioctl before issuing LOOP_SET_STATUS64 ioctl.
86	* Red Hat kernels with above LOOP_CHANGE_FD damage
87	* should return -1 and set errno to EINVAL.
88	*/
89	r = ioctl(fd, LOOP_GET_STATUS64, &tmp);
90	memset(&tmp, 0, sizeof(tmp));
91	if ((r == 0) \|\| (errno != EINVAL)) {
92	r = ioctl(fd, LOOP_SET_STATUS64, info64);
93	if (!r)
94	return 0;
95	}
96	r = convert_info64_to_info(info64, &info);
97	if (!r)
98	r = ioctl(fd, LOOP_SET_STATUS, &info);
99
100	/* don't leave copies of encryption key on stack */
101	memset(&info, 0, sizeof(info));
102	return r;
103	}
104
105	int loop_get_status64_ioctl(int fd, struct loop_info64 *info64)
106	{
107	struct loop_info info;
108	int r;
109
110	memset(info64, 0, sizeof(*info64));
111	r = ioctl(fd, LOOP_GET_STATUS64, info64);
112	if (!r)
113	return 0;
114	r = ioctl(fd, LOOP_GET_STATUS, &info);
115	if (!r)
116	convert_info_to_info64(&info, info64);
117
118	/* don't leave copies of encryption key on stack */
119	memset(&info, 0, sizeof(info));
120	return r;
121	}
122
123	/* returns: 1=unused 0=busy */
124	int is_unused_loop_device(int fd)
125	{
126	struct loop_info64 info64;
127	struct loop_info info;
128	int r;
129
130	r = ioctl(fd, LOOP_GET_STATUS64, &info64);
131	memset(&info64, 0, sizeof(info64));
132	if (!r)
133	return 0;
134	if (errno == ENXIO)
135	return 1;
136
137	r = ioctl(fd, LOOP_GET_STATUS, &info);
138	memset(&info, 0, sizeof(info));
139	if (!r)
140	return 0;
141	if (errno == ENXIO)
142	return 1;
143	if (errno == EOVERFLOW)
144	return 0;
145	return 1;
146	}
147
148	struct loop_crypt_type_struct loop_crypt_type_tbl[] = {
149	{ 0, 0, 0, "no" },
150	{ 0, 0, 0, "none" },
151	{ 1, 0, 0, "xor" },
152	{ 3, 1, 16, "twofish" },
153	{ 4, 1, 16, "blowfish" },
154	{ 7, 1, 16, "serpent" },
155	{ 8, 1, 16, "mars" },
156	{ 11, 3, 16, "rc6" },
157	{ 12, 0, 21, "tripleDES" },
158	{ 12, 0, 24, "3des" },
159	{ 12, 0, 24, "des3_ede" },
160	{ 16, 1, 16, "AES" },
161	{ -1, 0, 0, NULL }
162	};
163
164	static char getApiName(char e, int *len)
165	{
166	int x, y, z = 1, q = -1;
167	unsigned char *s;
168
169	*len = y = 0;
170	s = (unsigned char *)strdup(e);
171	if(!s)
172	return "";
173	x = strlen((char *)s);
174	while(x > 0) {
175	x--;
176	if(!isdigit(s[x]))
177	break;
178	y += (s[x] - '0') * z;
179	z *= 10;
180	q = x;
181	}
182	while(x >= 0) {
183	s[x] = tolower(s[x]);
184	if(s[x] == '-')
185	s[x] = 0;
186	x--;
187	}
188	if(y >= 40) {
189	if(q >= 0)
190	s[q] = 0;
191	*len = y;
192	}
193	return((char *)s);
194	}
195
196	int loop_crypt_type(const char name, u_int32_t kbyp, char **apiName)
197	{
198	int i, k;
199
200	apiName = getApiName((char )name, &k);
201	if(k < 0)
202	k = 0;
203	if(k > 256)
204	k = 256;
205	for (i = 0; loop_crypt_type_tbl[i].id != -1; i++) {
206	if (!strcasecmp (*apiName , loop_crypt_type_tbl[i].name)) {
207	*kbyp = k ? k >> 3 : loop_crypt_type_tbl[i].keyBytes;
208	return loop_crypt_type_tbl[i].id;
209	}
210	}
211	kbyp = 16; / 128 bits */
212	return 18; /* LO_CRYPT_CRYPTOAPI */
213	}
214
215	int try_cryptoapi_loop_interface(int fd, struct loop_info64 loopinfo, char apiName)
216	{
217	snprintf((char *)loopinfo->lo_crypt_name, sizeof(loopinfo->lo_crypt_name), "%s-cbc", apiName);
218	loopinfo->lo_crypt_name[LO_NAME_SIZE - 1] = 0;
219	loopinfo->lo_encrypt_type = 18; /* LO_CRYPT_CRYPTOAPI */
220	return(loop_set_status64_ioctl(fd, loopinfo));
221	}

Lines 1-45 Link Here

(-)util-linux-ng-2.14.2.orig/mount/loop.h (-38 / +58 lines)
1	#ifndef MNT_LOOP_H	1	/*
2	#define MNT_LOOP_H	2	* loop.h
		3	*
		4	* Copyright 2003 by Jari Ruusu.
		5	* Redistribution of this file is permitted under the GNU GPL
		6	*/
3		7
4	#include <linux/posix_types.h>	8	#ifndef _LOOP_H
5	#include <stdint.h>	9	#define _LOOP_H 1
6	#include "linux_version.h"
7		10
8	#if LINUX_VERSION_CODE < KERNEL_VERSION(2,5,68)	11	#include <sys/types.h>
9	#define my_dev_t __kernel_dev_t	12	#include <linux/version.h>
10	#else	13	#include <linux/posix_types.h>
11	#define my_dev_t __kernel_old_dev_t
12	#endif
13		14
14	#define LO_CRYPT_NONE 0	15	#define LO_CRYPT_NONE 0
15	#define LO_CRYPT_XOR 1	16	#define LO_CRYPT_XOR 1
16	#define LO_CRYPT_DES 2	17	#define LO_CRYPT_DES 2
17	#define LO_CRYPT_CRYPTOAPI 18	18	#define LO_CRYPT_CRYPTOAPI 18
18		19
19	#define LOOP_SET_FD 0x4C00	20	#define LOOP_SET_FD 0x4C00
20	#define LOOP_CLR_FD 0x4C01	21	#define LOOP_CLR_FD 0x4C01
21	#define LOOP_SET_STATUS 0x4C02	22	#define LOOP_SET_STATUS 0x4C02
22	#define LOOP_GET_STATUS 0x4C03	23	#define LOOP_GET_STATUS 0x4C03
23	#define LOOP_SET_STATUS64 0x4C04	24	#define LOOP_SET_STATUS64 0x4C04
24	#define LOOP_GET_STATUS64 0x4C05	25	#define LOOP_GET_STATUS64 0x4C05
		26	#define LOOP_MULTI_KEY_SETUP 0x4C4D
		27	#define LOOP_MULTI_KEY_SETUP_V3 0x4C4E
		28	#define LOOP_RECOMPUTE_DEV_SIZE 0x4C52
25		29
26	/* Flags for loop_into{64,}->lo_flags */	30	#define LO_NAME_SIZE 64
27	enum {	31	#define LO_KEY_SIZE 32
28	LO_FLAGS_READ_ONLY = 1,
29	LO_FLAGS_USE_AOPS = 2,
30	LO_FLAGS_AUTOCLEAR = 4, /* New in 2.6.25 */
31	};
32
33	#define LO_NAME_SIZE 64
34	#define LO_KEY_SIZE 32
35		32
36	struct loop_info {	33	struct loop_info {
37	int lo_number;	34	int lo_number;
38	my_dev_t lo_device;	35	#if LINUX_VERSION_CODE >= 0x20600
		36	__kernel_old_dev_t lo_device;
		37	#else
		38	__kernel_dev_t lo_device;
		39	#endif
39	unsigned long lo_inode;	40	unsigned long lo_inode;
40	my_dev_t lo_rdevice;	41	#if LINUX_VERSION_CODE >= 0x20600
		42	__kernel_old_dev_t lo_rdevice;
		43	#else
		44	__kernel_dev_t lo_rdevice;
		45	#endif
41	int lo_offset;	46	int lo_offset;
42	int lo_encrypt_type;	47	int lo_encrypt_type;
43	int lo_encrypt_key_size;	48	int lo_encrypt_key_size;
44	int lo_flags;	49	int lo_flags;
45	char lo_name[LO_NAME_SIZE];	50	char lo_name[LO_NAME_SIZE];
Lines 47-67 Link Here
47	unsigned long lo_init[2];	52	unsigned long lo_init[2];
48	char reserved[4];	53	char reserved[4];
49	};	54	};
50		55
51	struct loop_info64 {	56	struct loop_info64 {
52	uint64_t lo_device;	57	u_int64_t lo_device; /* ioctl r/o */
53	uint64_t lo_inode;	58	u_int64_t lo_inode; /* ioctl r/o */
54	uint64_t lo_rdevice;	59	u_int64_t lo_rdevice; /* ioctl r/o */
55	uint64_t lo_offset;	60	u_int64_t lo_offset; /* bytes */
56	uint64_t lo_sizelimit; /* bytes, 0 == max available */	61	u_int64_t lo_sizelimit; /* bytes, 0 == max available */
57	uint32_t lo_number;	62	u_int32_t lo_number; /* ioctl r/o */
58	uint32_t lo_encrypt_type;	63	u_int32_t lo_encrypt_type;
59	uint32_t lo_encrypt_key_size;	64	u_int32_t lo_encrypt_key_size; /* ioctl w/o */
60	uint32_t lo_flags;	65	u_int32_t lo_flags; /* ioctl r/o */
61	uint8_t lo_file_name[LO_NAME_SIZE];	66	unsigned char lo_file_name[LO_NAME_SIZE];
62	uint8_t lo_crypt_name[LO_NAME_SIZE];	67	unsigned char lo_crypt_name[LO_NAME_SIZE];
63	uint8_t lo_encrypt_key[LO_KEY_SIZE];	68	unsigned char lo_encrypt_key[LO_KEY_SIZE]; /* ioctl w/o */
64	uint64_t lo_init[2];	69	u_int64_t lo_init[2];
65	};	70	};
66		71
67	#endif /* MNT_LOOP_H */	72	extern int loop_set_status64_ioctl(int, struct loop_info64 *);
		73	extern int loop_get_status64_ioctl(int, struct loop_info64 *);
		74	extern int is_unused_loop_device(int);
		75
		76	struct loop_crypt_type_struct {
		77	short int id;
		78	unsigned char flags; /* bit0 = show keybits, bit1 = add '-' before keybits */
		79	unsigned char keyBytes;
		80	char *name;
		81	};
		82
		83	extern struct loop_crypt_type_struct loop_crypt_type_tbl[];
		84	extern int loop_crypt_type(const char , u_int32_t , char **);
		85	extern int try_cryptoapi_loop_interface(int, struct loop_info64 , char );
		86
		87	#endif

Lines 1-114 Link Here

(-)util-linux-ng-2.14.2.orig/mount/losetup.8 (-131 / +165 lines)
1	.TH LOSETUP 8 "2003-07-01" "Linux" "MAINTENANCE COMMANDS"	1	.TH LOSETUP 8 "2008-10-15" "Linux" "MAINTENANCE COMMANDS"
2	.SH NAME	2	.SH NAME
3	losetup \- set up and control loop devices	3	losetup \- set up and control loop devices
4	.SH SYNOPSIS	4	.SH SYNOPSIS
5	.ad l	5	.ad l
6	Get info:
7	.sp
8	.in +5
9	.B losetup	6	.B losetup
		7	[options]
10	.I loop_device	8	.I loop_device
11	.sp	9	file
		10	.br
		11	.B losetup -F
		12	[options]
		13	.I loop_device
		14	[file]
		15	.br
		16	.B losetup
		17	[
		18	.B \-d
		19	]
		20	.I loop_device
		21	.br
12	.B losetup -a	22	.B losetup -a
13	.sp	23	.br
14	.B losetup -j <file> [-o offset]	24	.B losetup -f
15	.sp	25	.br
16	.in -5	26	.B losetup
17	Delete loop:	27	.B \-R
18	.sp
19	.in +5
20	.B "losetup \-d"
21	.I loop_device	28	.I loop_device
22	.sp
23	.in -5
24	Print name of first unused loop device:
25	.sp
26	.in +5
27	.B "losetup \-f"
28	.sp
29	.in -5
30	Setup loop device:
31	.sp
32	.in +5
33	.B losetup
34	.RB [{\-e \| \-E}
35	.IR encryption ]
36	.RB [ \-o
37	.IR offset ]
38	.RB [ \-\-sizelimit
39	.IR limit ]
40	.RB [ \-p
41	.IR pfd ]
42	.RB [ \-r ]
43	.in +8
44	.RB { \-f [ \-\-show ] \| \fIloop_device\fP }
45	.I file
46	.in -13
47	.ad b	29	.ad b
48	.SH DESCRIPTION	30	.SH DESCRIPTION
49	.B losetup	31	.B losetup
50	is used to associate loop devices with regular files or block devices,	32	is used to associate loop devices with regular files or block devices,
51	to detach loop devices and to query the status of a loop device. If only the	33	to detach loop devices and to query the status of a loop device. If only the
52	\fIloop_device\fP argument is given, the status of the corresponding loop	34	\fIloop_device\fP argument is given, the status of the corresponding loop
53	device is shown.	35	device is shown.
54
55	.SS "Encryption"
56	It is possible to specify transfer functions (for encryption/decryption
57	or other purposes) using one of the
58	.B \-E
59	and
60	.B \-e
61	options.
62	There are two mechanisms to specify the desired encryption: by number
63	and by name. If an encryption is specified by number then one
64	has to make sure that the Linux kernel knows about the encryption with that
65	number, probably by patching the kernel. Standard numbers that are
66	always present are 0 (no encryption) and 1 (XOR encryption).
67	When the cryptoloop module is loaded (or compiled in), it uses number 18.
68	This cryptoloop module will take the name of an arbitrary encryption type
69	and finds the module that knows how to perform that encryption.
70	.SH OPTIONS	36	.SH OPTIONS
71	.IP "\fB\-a, \-\-all\fP"	37	.IP \fB\-a\fP
72	show status of all loop devices	38	Show status of all loop devices.
73	.IP "\fB\-d, \-\-detach\fP"	39	.IP "\fB\-C \fIitercountk\fP"
74	detach the file or device associated with the specified loop device	40	Runs hashed passphrase through \fIitercountk\fP thousand iterations of AES-256
75	.IP "\fB\-e, \-E, \-\-encryption \fIencryption_type\fP"	41	before using it for loop encryption. This consumes lots of CPU cycles at
76	enable data encryption with specified name or number	42	loop setup/mount time but not thereafter. In combination with passphrase seed
77	.IP "\fB\-f, \-\-find\fP"	43	this slows down dictionary attacks. Iteration is not done in multi-key mode.
78	find the first unused loop device. If a	44	.IP "\fB\-d\fP"
79	.I file	45	Detach the file or device associated with the specified loop device.
80	argument is present, use this device. Otherwise, print its name	46	.IP "\fB\-e \fIencryption\fP"
81	.IP "\fB\-h, \-\-help\fP"	47	.RS
82	print help	48	Enable data encryption. Following encryption types are recognized:
83	.IP "\fB\-j, \-\-associated \fIfile\fP"	49	.IP \fBNONE\fP
84	show status of all loop devices associated with given	50	Use no encryption (default).
85	.I file	51	.PD 0
86	.IP "\fB\-o, \-\-offset \fIoffset\fP"	52	.IP \fBXOR\fP
87	the data start is moved \fIoffset\fP bytes into the specified file or	53	Use a simple XOR encryption.
88	device	54	.IP "\fBAES128 AES\fP"
89	.IP "\fB\-\-sizelimit \fIlimit\fP"	55	Use 128 bit AES encryption. Passphrase is hashed with SHA-256 by default.
90	the data end is set to no more than \fIsizelimit\fP bytes after the data start	56	.IP \fBAES192\fP
91	.IP "\fB\-p, \-\-pass-fd \fInum\fP"	57	Use 192 bit AES encryption. Passphrase is hashed with SHA-384 by default.
92	read the passphrase from file descriptor with number	58	.IP \fBAES256\fP
93	.I num	59	Use 256 bit AES encryption. Passphrase is hashed with SHA-512 by default.
94	instead of from the terminal	60
95	.IP "\fB\-r, \-\-read-only\fP"	61	.IP "\fBtwofish128 twofish160 twofish192 twofish256\fP"
96	setup read-only loop device	62	.IP "\fBblowfish128 blowfish160 blowfish192 blowfish256\fP"
97	.IP "\fB\-\-show\fP"	63	.IP "\fBserpent128 serpent192 serpent256 mars128 mars192\fP"
98	print device name if the	64	.IP "\fBmars256 rc6-128 rc6-192 rc6-256 tripleDES\fP"
99	.I -f	65	These encryption types are available if they are enabled in kernel
100	option and a	66	configuration or corresponding modules have been loaded to kernel.
101	.I file	67	.PD
102	argument are present.	68	.RE
103		69	.IP "\fB\-f\fP"
104	The short form of this option (\fB\-s\fP) is deprecated. This short form could	70	Find and show next unused loop device.
105	be in collision with Loop-AES implementation where the same option is used for	71	.IP "\fB\-F\fP"
106	\fB\-\-sizelimit\fP.	72	Reads and uses mount options from /etc/fstab that match specified loop
107	.IP "\fB\-v, \-\-verbose\fP"	73	device, including offset= sizelimit= encryption= pseed= phash= loinit=
108	verbose mode	74	gpgkey= gpghome= cleartextkey= itercountk= and looped to device/file name.
		75	loop= option in /etc/fstab must match specified loop device name. Command
		76	line options take precedence in case of conflict.
		77	.IP "\fB\-G \fIgpghome\fP"
		78	Set gpg home directory to \fIgpghome\fP, so that gpg uses public/private
		79	keys on \fIgpghome\fP directory. This is only used when gpgkey file needs to
		80	be decrypted using public/private keys. If gpgkey file is encrypted with
		81	symmetric cipher only, public/private keys are not required and this option
		82	has no effect.
		83	.IP "\fB\-H \fIphash\fP"
		84	Uses \fIphash\fP function to hash passphrase. Available hash functions are
		85	sha256, sha384, sha512 and rmd160. unhashed1, unhashed2 and unhashed3
		86	functions also exist for compatibility with some obsolete implementations.
		87
		88	Hash function random does not ask for passphrase but sets up random keys and
		89	attempts to put loop to multi-key mode. When random/1777 hash type is used
		90	as mount option for mount program, mount program will create new file system
		91	on the loop device and construct initial permissions of file system root
		92	directory from octal digits that follow the slash character.
		93
		94	WARNING! DO NOT USE RANDOM HASH TYPE ON PARTITION WITH EXISTING IMPORTANT
		95	DATA ON IT. RANDOM HASH TYPE WILL DESTROY YOUR DATA.
		96	.IP "\fB\-I \fIloinit\fP"
		97	Passes a numeric value of \fIloinit\fP as a parameter to cipher transfer
		98	function. Cipher transfer functions are free to interpret value as they
		99	want.
		100	.IP "\fB\-K \fIgpgkey\fP"
		101	Passphrase is piped to gpg so that gpg can decrypt file \fIgpgkey\fP which
		102	contains the real keys that are used to encrypt loop device. If decryption
		103	requires public/private keys and gpghome is not specified, all users use
		104	their own gpg public/private keys to decrypt \fIgpgkey\fP. Decrypted
		105	\fIgpgkey\fP should contain 1 or 64 or 65 keys, each key at least 20
		106	characters and separated by newline. If decrypted \fIgpgkey\fP contains 64
		107	or 65 keys, then loop device is put to multi-key mode. In multi-key mode
		108	first key is used for first sector, second key for second sector, and so on.
		109	65th key, if present, is used as additional input to MD5 IV computation.
		110	.IP "\fB\-o \fIoffset\fP"
		111	The data start is moved \fIoffset\fP bytes into the specified file or
		112	device. Normally offset is included in IV (initialization vector)
		113	computations. If offset is prefixed with @ character, then offset is not
		114	included in IV computations. @ prefix functionality may not be supported on
		115	some older kernels and/or loop drivers.
		116	.IP "\fB\-p \fIpasswdfd\fP"
		117	Read the passphrase from file descriptor \fIpasswdfd\fP instead of the
		118	terminal. If -K option is not being used (no gpg key file), then losetup
		119	attempts to read 65 keys from \fIpasswdfd\fP, each key at least 20
		120	characters and separated by newline. If losetup successfully reads 64 or 65
		121	keys, then loop device is put to multi-key mode. If losetup encounters
		122	end-of-file before 64 keys are read, then only first key is used in
		123	single-key mode.
		124
		125	echo SecretPassphraseHere \| losetup -p0 -K foo.gpg -e AES128 ...
109		126
		127	In above example, losetup reads passphrase from file descriptor 0 (stdin).
		128	.IP "\fB\-P \fIcleartextkey\fP"
		129	Read the passphrase from file \fIcleartextkey\fP instead of the
		130	terminal. If -K option is not being used (no gpg key file), then losetup
		131	attempts to read 65 keys from \fIcleartextkey\fP, each key at least 20
		132	characters and separated by newline. If losetup successfully reads 64 or 65
		133	keys, then loop device is put to multi-key mode. If losetup encounters
		134	end-of-file before 64 keys are read, then only first key is used in
		135	single-key mode. If both -p and -P options are used, then -p option takes
		136	precedence. These are equivalent:
		137
		138	losetup -p3 -K foo.gpg -e AES128 ... 3<someFileName
		139
		140	losetup -P someFileName -K foo.gpg -e AES128 ...
		141
		142	In first line of above example, in addition to normal open file descriptors
		143	(0==stdin 1==stdout 2==stderr), shell opens the file and passes open file
		144	descriptor to started losetup program. In second line of above example,
		145	losetup opens the file itself.
		146	.IP "\fB\-r\fP"
		147	Read-only mode.
		148	.IP "\fB\-R\fP"
		149	Resize existing, already set up loop device, to new changed underlying
		150	device size. This option is for changing mounted live file system size on
		151	LVM volume. This functionality may not be supported on some older kernels
		152	and/or loop drivers.
		153	.IP "\fB\-s \fIsizelimit\fP"
		154	Size of loop device is limited to \fIsizelimit\fP bytes. If unspecified or
		155	set to zero, loop device size is set to maximum available (file size minus
		156	offset). This option may not be supported on some older kernels and/or loop
		157	drivers.
		158	.IP "\fB\-S \fIpseed\fP"
		159	Sets encryption passphrase seed \fIpseed\fP which is appended to user supplied
		160	passphrase before hashing. Using different seeds for different partitions
		161	makes dictionary attacks slower but does not prevent them if user supplied
		162	passphrase is guessable. Seed is not used in multi-key mode.
		163	.IP "\fB\-T\fP"
		164	Asks passphrase twice.
		165	.IP "\fB\-v\fP"
		166	Verbose mode.
110	.SH RETURN VALUE	167	.SH RETURN VALUE
111	.B losetup	168	.B losetup
112	returns 0 on success, nonzero on failure. When	169	returns 0 on success, nonzero on failure. When
113	.B losetup	170	.B losetup
114	displays the status of a loop device, it returns 1 if the device	171	displays the status of a loop device, it returns 1 if the device
Lines 116-166 Link Here
116	.B losetup	173	.B losetup
117	from determining the status of the device.	174	from determining the status of the device.
118		175
119	.SH FILES	176	.SH FILES
120	.nf	177	.nf
121	/dev/loop0, /dev/loop1, ... loop devices (major=7)	178	/dev/loop0,/dev/loop1,... loop devices (major=7)
122	.fi	179	.fi
123	.SH EXAMPLE	180	.SH EXAMPLE
124	If you are using the loadable module you must have the module loaded
125	first with the command
126	.IP
127	# insmod loop.o
128	.LP
129	Maybe also encryption modules are needed.
130	.IP
131	# insmod des.o
132	# insmod cryptoloop.o
133	.LP
134	The following commands can be used as an example of using the loop device.	181	The following commands can be used as an example of using the loop device.
135	.nf	182	.nf
136	.IP	183
137	# dd if=/dev/zero of=/file bs=1k count=100	184	dd if=/dev/zero of=/file bs=1k count=500
138	# losetup -e des /dev/loop0 /file	185	head -c 3705 /dev/random \| uuencode -m - \| head -n 66 \\
139	Password:	186	\| tail -n 65 \| gpg --symmetric -a >/etc/fskey9.gpg
140	Init (up to 16 hex digits):	187	losetup -e AES128 -K /etc/fskey9.gpg /dev/loop0 /file
141	# mkfs -t ext2 /dev/loop0 100	188	mkfs -t ext2 /dev/loop0
142	# mount -t ext2 /dev/loop0 /mnt	189	mount -t ext2 /dev/loop0 /mnt
143	...	190	...
144	# umount /dev/loop0	191	umount /dev/loop0
145	# losetup -d /dev/loop0	192	losetup -d /dev/loop0
146	.fi
147	.LP
148	If you are using the loadable module you may remove the module with
149	the command
150	.IP
151	# rmmod loop
152	.LP
153	.fi	193	.fi
154	.SH RESTRICTION	194	.SH RESTRICTION
155	DES encryption is painfully slow. On the other hand, XOR is terribly weak.	195	XOR encryption is terribly weak.
156		196	.SH AUTHORS
157	Cryptoloop is deprecated in favor of dm-crypt. For more details see	197	.nf
158	.B cryptsetup(8).	198	Original version: Theodore Ts'o <tytso@athena.mit.edu>
159	.SH AVAILABILITY	199	AES support: Jari Ruusu
160	The losetup command is part of the util-linux-ng package and is available from	200	.fi
161	ftp://ftp.kernel.org/pub/linux/utils/util-linux-ng/.
162	.\" .SH AUTHORS
163	.\" .nf
164	.\" Original version: Theodore Ts'o <tytso@athena.mit.edu>
165	.\" Original DES by: Eric Young <eay@psych.psy.uq.oz.au>
166	.\" .fi

Line 0 Link Here

(-)util-linux-ng-2.14.2.orig/mount/loumount.c (+60 lines)
	1	/*
	2	* loumount.c
	3	*
	4	* This code was extracted to separate file from lomount.c so that umount
	5	* program doesn't have to link with all loop related setup code
	6	*/
	7
	8	#define LOOPMAJOR 7
	9
	10	#include <stdio.h>
	11	#include <string.h>
	12	#include <ctype.h>
	13	#include <fcntl.h>
	14	#include <errno.h>
	15	#include <stdlib.h>
	16	#include <unistd.h>
	17	#include <pwd.h>
	18	#include <sys/types.h>
	19	#include <sys/ioctl.h>
	20	#include <sys/stat.h>
	21	#include <sys/mman.h>
	22	#include <sys/sysmacros.h>
	23	#include <sys/wait.h>
	24	#include <fcntl.h>
	25	#include <mntent.h>
	26	#include <locale.h>
	27
	28	#include "loop.h"
	29	#include "lomount.h"
	30	#include "xstrncpy.h"
	31	#include "nls.h"
	32
	33	int
	34	is_loop_device (const char *device) {
	35	struct stat statbuf;
	36
	37	return (stat(device, &statbuf) == 0 &&
	38	S_ISBLK(statbuf.st_mode) &&
	39	major(statbuf.st_rdev) == LOOPMAJOR);
	40	}
	41
	42	int
	43	del_loop (const char *device) {
	44	int fd;
	45
	46	if ((fd = open (device, O_RDONLY)) < 0) {
	47	int errsv = errno;
	48	fprintf(stderr, _("loop: can't delete device %s: %s\n"),
	49	device, strerror (errsv));
	50	return 1;
	51	}
	52	if (ioctl (fd, LOOP_CLR_FD, 0) < 0) {
	53	perror ("ioctl: LOOP_CLR_FD");
	54	return 1;
	55	}
	56	close (fd);
	57	if (verbose > 1)
	58	printf(_("del_loop(%s): success\n"), device);
	59	return 0;
	60	}

Lines 14-39 Link Here

(-)util-linux-ng-2.14.2.orig/mount/Makefile.am (-5 / +5 lines)
14		14
15	headers_common = fstab.h mount_mntent.h mount_constants.h \	15	headers_common = fstab.h mount_mntent.h mount_constants.h \
16	lomount.h fsprobe.h realpath.h xmalloc.h \	16	lomount.h fsprobe.h realpath.h xmalloc.h \
17	getusername.h loop.h sundries.h	17	getusername.h loop.h sundries.h
18		18
19	mount_common = fstab.c mount_mntent.c getusername.c lomount.c \	19	mount_common = fstab.c mount_mntent.c getusername.c \
20	$(utils_common) $(headers_common) ../lib/env.c ../lib/linux_version.c \	20	$(utils_common) $(headers_common) ../lib/env.c ../lib/linux_version.c \
21	../lib/blkdev.c $(fallback)	21	../lib/blkdev.c $(fallback)
22		22
23		23
24	mount_SOURCES = mount.c $(mount_common) ../lib/setproctitle.c	24	mount_SOURCES = mount.c lomount.c loumount.c loop.c sha512.c rmd160.c aes.c $(mount_common) ../lib/setproctitle.c
25	mount_CFLAGS = $(SUID_CFLAGS) $(AM_CFLAGS)	25	mount_CFLAGS = $(SUID_CFLAGS) $(AM_CFLAGS)
26	mount_LDFLAGS = $(SUID_LDFLAGS) $(AM_LDFLAGS)	26	mount_LDFLAGS = $(SUID_LDFLAGS) $(AM_LDFLAGS)
27		27
28	umount_SOURCES = umount.c $(mount_common)	28	umount_SOURCES = umount.c loumount.c $(mount_common)
29	umount_CFLAGS = $(SUID_CFLAGS) $(AM_CFLAGS)	29	umount_CFLAGS = $(SUID_CFLAGS) $(AM_CFLAGS)
30	umount_LDFLAGS = $(SUID_LDFLAGS) $(AM_LDFLAGS)	30	umount_LDFLAGS = $(SUID_LDFLAGS) $(AM_LDFLAGS)
31		31
32	swapon_SOURCES = swapon.c swap_constants.h $(utils_common)	32	swapon_SOURCES = swapon.c loop.c sha512.c swap_constants.h $(utils_common)
33		33
34	losetup_SOURCES = lomount.c sundries.c xmalloc.c realpath.c \	34	losetup_SOURCES = lomount.c loumount.c loop.c sha512.c rmd160.c aes.c sundries.c xmalloc.c \
35	loop.h lomount.h xmalloc.h sundries.h realpath.h $(fallback)	35	loop.h lomount.h xmalloc.h sundries.h realpath.h $(fallback)
36	losetup_CPPFLAGS = -DMAIN $(AM_CPPFLAGS)	36	losetup_CPPFLAGS = -DMAIN $(AM_CPPFLAGS)
37		37
38		38
39	mount_LDADD = $(LDADD_common)	39	mount_LDADD = $(LDADD_common)

Lines 343-352 Link Here

(-)util-linux-ng-2.14.2.orig/mount/mount.8 (-8 / +18 lines)
343	Print a help message.	343	Print a help message.
344	.TP	344	.TP
345	.B \-v	345	.B \-v
346	Verbose mode.	346	Verbose mode.
347	.TP	347	.TP
		348	.B \-p "\fIpasswdfd\fP"
		349	If the mount requires a passphrase to be entered, read it from file
		350	descriptor \fIpasswdfd\fP instead of from the terminal. If mount uses
		351	encrypted loop device and gpgkey= mount option is not being used (no gpg key
		352	file), then mount attempts to read 65 keys from \fIpasswdfd\fP, each key at
		353	least 20 characters and separated by newline. If mount successfully reads 64
		354	or 65 keys, then loop device is put to multi-key mode. If mount encounters
		355	end-of-file before 64 keys are read, then only first key is used in
		356	single-key mode.
		357	.TP
348	.B \-a	358	.B \-a
349	Mount all filesystems (of the given types) mentioned in	359	Mount all filesystems (of the given types) mentioned in
350	.IR fstab .	360	.IR fstab .
351	.TP	361	.TP
352	.B \-F	362	.B \-F
Lines 392-407 Link Here
392	.IR /etc/mtab .	402	.IR /etc/mtab .
393	This is necessary for example when	403	This is necessary for example when
394	.I /etc	404	.I /etc
395	is on a read-only file system.	405	is on a read-only file system.
396	.TP	406	.TP
397	.BI \-p " num"
398	In case of a loop mount with encryption, read the passphrase from
399	file descriptor
400	.I num
401	instead of from the terminal.
402	.TP
403	.B \-s	407	.B \-s
404	Tolerate sloppy mount options rather than failing. This will ignore	408	Tolerate sloppy mount options rather than failing. This will ignore
405	mount options not supported by a filesystem type. Not all filesystems	409	mount options not supported by a filesystem type. Not all filesystems
406	support this option. This option exists for support of the Linux	410	support this option. This option exists for support of the Linux
407	autofs\-based automounter.	411	autofs\-based automounter.
Lines 2214-2230 Link Here
2214	to correspond to the file	2218	to correspond to the file
2215	.IR /tmp/fdimage ,	2219	.IR /tmp/fdimage ,
2216	and then mount this device on	2220	and then mount this device on
2217	.IR /mnt .	2221	.IR /mnt .
2218		2222
2219	This type of mount knows about four options, namely	2223	This type of mount knows about 11 options, namely
2220	.BR loop ", " offset ", " sizelimit " and " encryption ,	2224	.BR loop ", " offset ", " sizelimit ", " encryption ", " pseed ", " phash ", " loinit ", " gpgkey ", " gpghome ", " cleartextkey " and " itercountk
2221	that are really options to	2225	that are really options to
2222	.BR \%losetup (8).	2226	.BR \%losetup (8).
2223	(These options can be used in addition to those specific	2227	(These options can be used in addition to those specific
2224	to the filesystem type.)	2228	to the filesystem type.)
2225		2229
		2230	If the mount requires a passphrase, you will be prompted for one unless you
		2231	specify a file descriptor to read from instead with the
		2232	.BR \-p
		2233	command line option, or specify a file name with
		2234	.BR cleartextkey
		2235	mount option.
2226	If no explicit loop device is mentioned	2236	If no explicit loop device is mentioned
2227	(but just an option `\fB\-o loop\fP' is given), then	2237	(but just an option `\fB\-o loop\fP' is given), then
2228	.B mount	2238	.B mount
2229	will try to find some unused loop device and use that.	2239	will try to find some unused loop device and use that.
2230	If you are not so unwise as to make	2240	If you are not so unwise as to make

Line 0 Link Here

(-)util-linux-ng-2.14.2.orig/mount/sha512.c (+432 lines)
		1	/*
		2	* sha512.c
		3	*
		4	* Written by Jari Ruusu, April 16 2001
		5	*
		6	* Copyright 2001 by Jari Ruusu.
		7	* Redistribution of this file is permitted under the GNU Public License.
		8	*/
		9
		10	#include <string.h>
		11	#include <sys/types.h>
		12	#include "sha512.h"
		13
		14	/* Define one or more of these. If none is defined, you get all of them */
		15	#if !defined(SHA256_NEEDED)&&!defined(SHA512_NEEDED)&&!defined(SHA384_NEEDED)
		16	# define SHA256_NEEDED 1
		17	# define SHA512_NEEDED 1
		18	# define SHA384_NEEDED 1
		19	#endif
		20
		21	#if defined(SHA256_NEEDED)
		22	static const u_int32_t sha256_hashInit[8] = {
		23	0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c,
		24	0x1f83d9ab, 0x5be0cd19
		25	};
		26	static const u_int32_t sha256_K[64] = {
		27	0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1,
		28	0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
		29	0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786,
		30	0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
		31	0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147,
		32	0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
		33	0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b,
		34	0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
		35	0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a,
		36	0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
		37	0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
		38	};
		39	#endif
		40
		41	#if defined(SHA512_NEEDED)
		42	static const u_int64_t sha512_hashInit[8] = {
		43	0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL, 0x3c6ef372fe94f82bULL,
		44	0xa54ff53a5f1d36f1ULL, 0x510e527fade682d1ULL, 0x9b05688c2b3e6c1fULL,
		45	0x1f83d9abfb41bd6bULL, 0x5be0cd19137e2179ULL
		46	};
		47	#endif
		48
		49	#if defined(SHA384_NEEDED)
		50	static const u_int64_t sha384_hashInit[8] = {
		51	0xcbbb9d5dc1059ed8ULL, 0x629a292a367cd507ULL, 0x9159015a3070dd17ULL,
		52	0x152fecd8f70e5939ULL, 0x67332667ffc00b31ULL, 0x8eb44a8768581511ULL,
		53	0xdb0c2e0d64f98fa7ULL, 0x47b5481dbefa4fa4ULL
		54	};
		55	#endif
		56
		57	#if defined(SHA512_NEEDED) \|\| defined(SHA384_NEEDED)
		58	static const u_int64_t sha512_K[80] = {
		59	0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL,
		60	0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL,
		61	0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, 0xd807aa98a3030242ULL,
		62	0x12835b0145706fbeULL, 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL,
		63	0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, 0x9bdc06a725c71235ULL,
		64	0xc19bf174cf692694ULL, 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL,
65	0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, 0x2de92c6f592b0275ULL,
66	0x4a7484aa6ea6e483ULL, 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL,
67	0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL, 0xb00327c898fb213fULL,
68	0xbf597fc7beef0ee4ULL, 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL,
69	0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, 0x27b70a8546d22ffcULL,
70	0x2e1b21385c26c926ULL, 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL,
71	0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, 0x81c2c92e47edaee6ULL,
72	0x92722c851482353bULL, 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL,
73	0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, 0xd192e819d6ef5218ULL,
74	0xd69906245565a910ULL, 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL,
75	0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, 0x2748774cdf8eeb99ULL,
76	0x34b0bcb5e19b48a8ULL, 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL,
77	0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL, 0x748f82ee5defb2fcULL,
78	0x78a5636f43172f60ULL, 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL,
79	0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, 0xbef9a3f7b2c67915ULL,
80	0xc67178f2e372532bULL, 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL,
81	0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, 0x06f067aa72176fbaULL,
82	0x0a637dc5a2c898a6ULL, 0x113f9804bef90daeULL, 0x1b710b35131c471bULL,
83	0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, 0x3c9ebe0a15c9bebcULL,
84	0x431d67c49c100d4cULL, 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL,
85	0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL
86	};
87	#endif
88
89	#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
90	#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
91	#define R(x,y) ((y) >> (x))
92
93	#if defined(SHA256_NEEDED)
94	void sha256_init(sha256_context *ctx)
95	{
96	memcpy(&ctx->sha_H[0], &sha256_hashInit[0], sizeof(ctx->sha_H));
97	ctx->sha_blocks = 0;
98	ctx->sha_bufCnt = 0;
99	}
100
101	#define S(x,y) (((y) >> (x)) \| ((y) << (32 - (x))))
102	#define uSig0(x) ((S(2,(x))) ^ (S(13,(x))) ^ (S(22,(x))))
103	#define uSig1(x) ((S(6,(x))) ^ (S(11,(x))) ^ (S(25,(x))))
104	#define lSig0(x) ((S(7,(x))) ^ (S(18,(x))) ^ (R(3,(x))))
105	#define lSig1(x) ((S(17,(x))) ^ (S(19,(x))) ^ (R(10,(x))))
106
107	static void sha256_transform(sha256_context ctx, unsigned char datap)
108	{
109	register int j;
110	u_int32_t a, b, c, d, e, f, g, h;
111	u_int32_t T1, T2, W[64], Wm2, Wm15;
112
113	/* read the data, big endian byte order */
114	j = 0;
115	do {
116	W[j] = (((u_int32_t)(datap[0]))<<24) \| (((u_int32_t)(datap[1]))<<16) \|
117	(((u_int32_t)(datap[2]))<<8 ) \| ((u_int32_t)(datap[3]));
118	datap += 4;
119	} while(++j < 16);
120
121	/* initialize variables a...h */
122	a = ctx->sha_H[0];
123	b = ctx->sha_H[1];
124	c = ctx->sha_H[2];
125	d = ctx->sha_H[3];
126	e = ctx->sha_H[4];
127	f = ctx->sha_H[5];
128	g = ctx->sha_H[6];
129	h = ctx->sha_H[7];
130
131	/* apply compression function */
132	j = 0;
133	do {
134	if(j >= 16) {
135	Wm2 = W[j - 2];
136	Wm15 = W[j - 15];
137	W[j] = lSig1(Wm2) + W[j - 7] + lSig0(Wm15) + W[j - 16];
138	}
139	T1 = h + uSig1(e) + Ch(e,f,g) + sha256_K[j] + W[j];
140	T2 = uSig0(a) + Maj(a,b,c);
141	h = g; g = f; f = e;
142	e = d + T1;
143	d = c; c = b; b = a;
144	a = T1 + T2;
145	} while(++j < 64);
146
147	/* compute intermediate hash value */
148	ctx->sha_H[0] += a;
149	ctx->sha_H[1] += b;
150	ctx->sha_H[2] += c;
151	ctx->sha_H[3] += d;
152	ctx->sha_H[4] += e;
153	ctx->sha_H[5] += f;
154	ctx->sha_H[6] += g;
155	ctx->sha_H[7] += h;
156
157	ctx->sha_blocks++;
158	}
159
160	void sha256_write(sha256_context ctx, unsigned char datap, int length)
161	{
162	while(length > 0) {
163	if(!ctx->sha_bufCnt) {
164	while(length >= sizeof(ctx->sha_out)) {
165	sha256_transform(ctx, datap);
166	datap += sizeof(ctx->sha_out);
167	length -= sizeof(ctx->sha_out);
168	}
169	if(!length) return;
170	}
171	ctx->sha_out[ctx->sha_bufCnt] = *datap++;
172	length--;
173	if(++ctx->sha_bufCnt == sizeof(ctx->sha_out)) {
174	sha256_transform(ctx, &ctx->sha_out[0]);
175	ctx->sha_bufCnt = 0;
176	}
177	}
178	}
179
180	void sha256_final(sha256_context *ctx)
181	{
182	register int j;
183	u_int64_t bitLength;
184	u_int32_t i;
185	unsigned char padByte, *datap;
186
187	bitLength = (ctx->sha_blocks << 9) \| (ctx->sha_bufCnt << 3);
188	padByte = 0x80;
189	sha256_write(ctx, &padByte, 1);
190
191	/* pad extra space with zeroes */
192	padByte = 0;
193	while(ctx->sha_bufCnt != 56) {
194	sha256_write(ctx, &padByte, 1);
195	}
196
197	/* write bit length, big endian byte order */
198	ctx->sha_out[56] = bitLength >> 56;
199	ctx->sha_out[57] = bitLength >> 48;
200	ctx->sha_out[58] = bitLength >> 40;
201	ctx->sha_out[59] = bitLength >> 32;
202	ctx->sha_out[60] = bitLength >> 24;
203	ctx->sha_out[61] = bitLength >> 16;
204	ctx->sha_out[62] = bitLength >> 8;
205	ctx->sha_out[63] = bitLength;
206	sha256_transform(ctx, &ctx->sha_out[0]);
207
208	/* return results in ctx->sha_out[0...31] */
209	datap = &ctx->sha_out[0];
210	j = 0;
211	do {
212	i = ctx->sha_H[j];
213	datap[0] = i >> 24;
214	datap[1] = i >> 16;
215	datap[2] = i >> 8;
216	datap[3] = i;
217	datap += 4;
218	} while(++j < 8);
219
220	/* clear sensitive information */
221	memset(&ctx->sha_out[32], 0, sizeof(sha256_context) - 32);
222	}
223
224	void sha256_hash_buffer(unsigned char ib, int ile, unsigned char ob, int ole)
225	{
226	sha256_context ctx;
227
228	if(ole < 1) return;
229	memset(ob, 0, ole);
230	if(ole > 32) ole = 32;
231	sha256_init(&ctx);
232	sha256_write(&ctx, ib, ile);
233	sha256_final(&ctx);
234	memcpy(ob, &ctx.sha_out[0], ole);
235	memset(&ctx, 0, sizeof(ctx));
236	}
237
238	#endif
239
240	#if defined(SHA512_NEEDED)
241	void sha512_init(sha512_context *ctx)
242	{
243	memcpy(&ctx->sha_H[0], &sha512_hashInit[0], sizeof(ctx->sha_H));
244	ctx->sha_blocks = 0;
245	ctx->sha_blocksMSB = 0;
246	ctx->sha_bufCnt = 0;
247	}
248	#endif
249
250	#if defined(SHA512_NEEDED) \|\| defined(SHA384_NEEDED)
251	#undef S
252	#undef uSig0
253	#undef uSig1
254	#undef lSig0
255	#undef lSig1
256	#define S(x,y) (((y) >> (x)) \| ((y) << (64 - (x))))
257	#define uSig0(x) ((S(28,(x))) ^ (S(34,(x))) ^ (S(39,(x))))
258	#define uSig1(x) ((S(14,(x))) ^ (S(18,(x))) ^ (S(41,(x))))
259	#define lSig0(x) ((S(1,(x))) ^ (S(8,(x))) ^ (R(7,(x))))
260	#define lSig1(x) ((S(19,(x))) ^ (S(61,(x))) ^ (R(6,(x))))
261
262	static void sha512_transform(sha512_context ctx, unsigned char datap)
263	{
264	register int j;
265	u_int64_t a, b, c, d, e, f, g, h;
266	u_int64_t T1, T2, W[80], Wm2, Wm15;
267
268	/* read the data, big endian byte order */
269	j = 0;
270	do {
271	W[j] = (((u_int64_t)(datap[0]))<<56) \| (((u_int64_t)(datap[1]))<<48) \|
272	(((u_int64_t)(datap[2]))<<40) \| (((u_int64_t)(datap[3]))<<32) \|
273	(((u_int64_t)(datap[4]))<<24) \| (((u_int64_t)(datap[5]))<<16) \|
274	(((u_int64_t)(datap[6]))<<8 ) \| ((u_int64_t)(datap[7]));
275	datap += 8;
276	} while(++j < 16);
277
278	/* initialize variables a...h */
279	a = ctx->sha_H[0];
280	b = ctx->sha_H[1];
281	c = ctx->sha_H[2];
282	d = ctx->sha_H[3];
283	e = ctx->sha_H[4];
284	f = ctx->sha_H[5];
285	g = ctx->sha_H[6];
286	h = ctx->sha_H[7];
287
288	/* apply compression function */
289	j = 0;
290	do {
291	if(j >= 16) {
292	Wm2 = W[j - 2];
293	Wm15 = W[j - 15];
294	W[j] = lSig1(Wm2) + W[j - 7] + lSig0(Wm15) + W[j - 16];
295	}
296	T1 = h + uSig1(e) + Ch(e,f,g) + sha512_K[j] + W[j];
297	T2 = uSig0(a) + Maj(a,b,c);
298	h = g; g = f; f = e;
299	e = d + T1;
300	d = c; c = b; b = a;
301	a = T1 + T2;
302	} while(++j < 80);
303
304	/* compute intermediate hash value */
305	ctx->sha_H[0] += a;
306	ctx->sha_H[1] += b;
307	ctx->sha_H[2] += c;
308	ctx->sha_H[3] += d;
309	ctx->sha_H[4] += e;
310	ctx->sha_H[5] += f;
311	ctx->sha_H[6] += g;
312	ctx->sha_H[7] += h;
313
314	ctx->sha_blocks++;
315	if(!ctx->sha_blocks) ctx->sha_blocksMSB++;
316	}
317
318	void sha512_write(sha512_context ctx, unsigned char datap, int length)
319	{
320	while(length > 0) {
321	if(!ctx->sha_bufCnt) {
322	while(length >= sizeof(ctx->sha_out)) {
323	sha512_transform(ctx, datap);
324	datap += sizeof(ctx->sha_out);
325	length -= sizeof(ctx->sha_out);
326	}
327	if(!length) return;
328	}
329	ctx->sha_out[ctx->sha_bufCnt] = *datap++;
330	length--;
331	if(++ctx->sha_bufCnt == sizeof(ctx->sha_out)) {
332	sha512_transform(ctx, &ctx->sha_out[0]);
333	ctx->sha_bufCnt = 0;
334	}
335	}
336	}
337
338	void sha512_final(sha512_context *ctx)
339	{
340	register int j;
341	u_int64_t bitLength, bitLengthMSB;
342	u_int64_t i;
343	unsigned char padByte, *datap;
344
345	bitLength = (ctx->sha_blocks << 10) \| (ctx->sha_bufCnt << 3);
346	bitLengthMSB = (ctx->sha_blocksMSB << 10) \| (ctx->sha_blocks >> 54);
347	padByte = 0x80;
348	sha512_write(ctx, &padByte, 1);
349
350	/* pad extra space with zeroes */
351	padByte = 0;
352	while(ctx->sha_bufCnt != 112) {
353	sha512_write(ctx, &padByte, 1);
354	}
355
356	/* write bit length, big endian byte order */
357	ctx->sha_out[112] = bitLengthMSB >> 56;
358	ctx->sha_out[113] = bitLengthMSB >> 48;
359	ctx->sha_out[114] = bitLengthMSB >> 40;
360	ctx->sha_out[115] = bitLengthMSB >> 32;
361	ctx->sha_out[116] = bitLengthMSB >> 24;
362	ctx->sha_out[117] = bitLengthMSB >> 16;
363	ctx->sha_out[118] = bitLengthMSB >> 8;
364	ctx->sha_out[119] = bitLengthMSB;
365	ctx->sha_out[120] = bitLength >> 56;
366	ctx->sha_out[121] = bitLength >> 48;
367	ctx->sha_out[122] = bitLength >> 40;
368	ctx->sha_out[123] = bitLength >> 32;
369	ctx->sha_out[124] = bitLength >> 24;
370	ctx->sha_out[125] = bitLength >> 16;
371	ctx->sha_out[126] = bitLength >> 8;
372	ctx->sha_out[127] = bitLength;
373	sha512_transform(ctx, &ctx->sha_out[0]);
374
375	/* return results in ctx->sha_out[0...63] */
376	datap = &ctx->sha_out[0];
377	j = 0;
378	do {
379	i = ctx->sha_H[j];
380	datap[0] = i >> 56;
381	datap[1] = i >> 48;
382	datap[2] = i >> 40;
383	datap[3] = i >> 32;
384	datap[4] = i >> 24;
385	datap[5] = i >> 16;
386	datap[6] = i >> 8;
387	datap[7] = i;
388	datap += 8;
389	} while(++j < 8);
390
391	/* clear sensitive information */
392	memset(&ctx->sha_out[64], 0, sizeof(sha512_context) - 64);
393	}
394
395	void sha512_hash_buffer(unsigned char ib, int ile, unsigned char ob, int ole)
396	{
397	sha512_context ctx;
398
399	if(ole < 1) return;
400	memset(ob, 0, ole);
401	if(ole > 64) ole = 64;
402	sha512_init(&ctx);
403	sha512_write(&ctx, ib, ile);
404	sha512_final(&ctx);
405	memcpy(ob, &ctx.sha_out[0], ole);
406	memset(&ctx, 0, sizeof(ctx));
407	}
408	#endif
409
410	#if defined(SHA384_NEEDED)
411	void sha384_init(sha512_context *ctx)
412	{
413	memcpy(&ctx->sha_H[0], &sha384_hashInit[0], sizeof(ctx->sha_H));
414	ctx->sha_blocks = 0;
415	ctx->sha_blocksMSB = 0;
416	ctx->sha_bufCnt = 0;
417	}
418
419	void sha384_hash_buffer(unsigned char ib, int ile, unsigned char ob, int ole)
420	{
421	sha512_context ctx;
422
423	if(ole < 1) return;
424	memset(ob, 0, ole);
425	if(ole > 48) ole = 48;
426	sha384_init(&ctx);
427	sha512_write(&ctx, ib, ile);
428	sha512_final(&ctx);
429	memcpy(ob, &ctx.sha_out[0], ole);
430	memset(&ctx, 0, sizeof(ctx));
431	}
432	#endif

Line 0 Link Here

(-)util-linux-ng-2.14.2.orig/mount/sha512.h (+45 lines)
	1	/*
	2	* sha512.h
	3	*
	4	* Written by Jari Ruusu, April 16 2001
	5	*
	6	* Copyright 2001 by Jari Ruusu.
	7	* Redistribution of this file is permitted under the GNU Public License.
	8	*/
	9
	10	#include <sys/types.h>
	11
	12	typedef struct {
	13	unsigned char sha_out[64]; /* results are here, bytes 0...31 */
	14	u_int32_t sha_H[8];
	15	u_int64_t sha_blocks;
	16	int sha_bufCnt;
	17	} sha256_context;
	18
	19	typedef struct {
	20	unsigned char sha_out[128]; /* results are here, bytes 0...63 */
	21	u_int64_t sha_H[8];
	22	u_int64_t sha_blocks;
	23	u_int64_t sha_blocksMSB;
	24	int sha_bufCnt;
	25	} sha512_context;
	26
	27	/* no sha384_context, use sha512_context */
	28
	29	/* 256 bit hash, provides 128 bits of security against collision attacks */
	30	extern void sha256_init(sha256_context *);
	31	extern void sha256_write(sha256_context , unsigned char , int);
	32	extern void sha256_final(sha256_context *);
	33	extern void sha256_hash_buffer(unsigned char , int, unsigned char , int);
	34
	35	/* 512 bit hash, provides 256 bits of security against collision attacks */
	36	extern void sha512_init(sha512_context *);
	37	extern void sha512_write(sha512_context , unsigned char , int);
	38	extern void sha512_final(sha512_context *);
	39	extern void sha512_hash_buffer(unsigned char , int, unsigned char , int);
	40
	41	/* 384 bit hash, provides 192 bits of security against collision attacks */
	42	extern void sha384_init(sha512_context *);
	43	/* no sha384_write(), use sha512_write() */
	44	/* no sha384_final(), use sha512_final(), result in ctx->sha_out[0...47] */
	45	extern void sha384_hash_buffer(unsigned char , int, unsigned char , int);

Lines 134-143 Link Here

(-)util-linux-ng-2.14.2.orig/mount/swapon.8 (+16 lines)
134	flag is given, swapping is disabled on all known swap devices and files	134	flag is given, swapping is disabled on all known swap devices and files
135	(as found in	135	(as found in
136	.I /proc/swaps	136	.I /proc/swaps
137	or	137	or
138	.IR /etc/fstab ).	138	.IR /etc/fstab ).
		139	.PP
		140	If
		141	.I loop=/dev/loop?
		142	and
		143	.I encryption=AES128
		144	options are present in
		145	.I /etc/fstab
		146	then
		147	.BR "swapon -a"
		148	will set up loop devices using random keys, run
		149	.BR "mkswap"
		150	on them, and enable encrypted swap on specified loop devices. Encrypted loop
		151	devices are set up with page size offset so that unencrypted swap signatures
		152	on first page of swap devices are not touched.
		153	.BR "swapoff -a"
		154	will tear down such loop devices.
139	.SH NOTE	155	.SH NOTE
140	You should not use	156	You should not use
141	.B swapon	157	.B swapon
142	on a file with holes.	158	on a file with holes.
143	Swap over NFS may not work.	159	Swap over NFS may not work.

Lines 1-16 Link Here

(-)util-linux-ng-2.14.2.orig/mount/swapon.c (-17 / +342 lines)
1	/*	1	/*
2	* A swapon(8)/swapoff(8) for Linux 0.99.	2	* A swapon(8)/swapoff(8) for Linux 0.99.
		3	* swapon.c,v 1.1.1.1 1993/11/18 08:40:51 jrs Exp
		4	*
		5	* 1997-02-xx <Vincent.Renardias@waw.com>
		6	* - added '-s' (summary option)
		7	* 1999-02-22 Arkadiusz Mi¶kiewicz <misiek@pld.ORG.PL>
		8	* - added Native Language Support
		9	* 1999-03-21 Arnaldo Carvalho de Melo <acme@conectiva.com.br>
		10	* - fixed strerr(errno) in gettext calls
		11	* 2001-03-22 Erik Troan <ewt@redhat.com>
		12	* - added -e option for -a
		13	* - -a shouldn't try to add swaps that are already enabled
		14	* 2002-04-14 Jari Ruusu
		15	* - added encrypted swap support
3	*/	16	*/
4	#include <ctype.h>	17	#include <ctype.h>
5	#include <stdlib.h>	18	#include <stdlib.h>
6	#include <stdio.h>	19	#include <stdio.h>
7	#include <getopt.h>	20	#include <getopt.h>
8	#include <string.h>	21	#include <string.h>
9	#include <mntent.h>	22	#include <mntent.h>
10	#include <errno.h>	23	#include <errno.h>
11	#include <sys/stat.h>	24	#include <sys/stat.h>
		25	#include <sys/ioctl.h>
		26	#include <sys/utsname.h>
		27	#include <sys/time.h>
12	#include <unistd.h>	28	#include <unistd.h>
13	#include <sys/types.h>	29	#include <sys/types.h>
14	#include <sys/wait.h>	30	#include <sys/wait.h>
15	#include <fcntl.h>	31	#include <fcntl.h>
16	#include "xmalloc.h"	32	#include "xmalloc.h"
Lines 18-27 Link Here
18	#include "nls.h"	34	#include "nls.h"
19	#include "fsprobe.h"	35	#include "fsprobe.h"
20	#include "realpath.h"	36	#include "realpath.h"
21	#include "pathnames.h"	37	#include "pathnames.h"
22	#include "sundries.h"	38	#include "sundries.h"
		39	#include "loop.h"
		40	#include "xstrncpy.h"
		41	#include "sha512.h"
23		42
24	#define PATH_MKSWAP "/sbin/mkswap"	43	#define PATH_MKSWAP "/sbin/mkswap"
25		44
26	#ifdef HAVE_SYS_SWAP_H	45	#ifdef HAVE_SYS_SWAP_H
27	# include <sys/swap.h>	46	# include <sys/swap.h>
Lines 379-388 Link Here
379	const char *special = fsprobe_get_devname_by_uuid(uuid);	398	const char *special = fsprobe_get_devname_by_uuid(uuid);
380	return special ? do_swapoff(special, quiet, CANONIC) : cannot_find(uuid);	399	return special ? do_swapoff(special, quiet, CANONIC) : cannot_find(uuid);
381	}	400	}
382		401
383	static int	402	static int
		403	prepare_encrypted_swap(const char partition, char loop, char *encryption)
		404	{
		405	int x, y, fd, ffd;
		406	int page_size;
		407	sha512_context s;
		408	unsigned char b[4096], multiKeyBits[65][32];
		409	char a[10], apiName;
		410	struct loop_info64 loopinfo;
		411	FILE *f;
		412
		413	/*
		414	* Some sanity checks
		415	*/
		416	if(strlen(partition) < 1) {
		417	fprintf(stderr, _("swapon: invalid swap device name\n"));
		418	return 0;
		419	}
		420	if(strlen(loop) < 1) {
		421	fprintf(stderr, _("swapon: invalid loop device name\n"));
		422	return 0;
		423	}
		424	if(strlen(encryption) < 1) {
		425	fprintf(stderr, _("swapon: invalid encryption type\n"));
		426	return 0;
		427	}
		428
		429	/*
		430	* Abort if loop device does not exist or is already in use
		431	*/
		432	if((fd = open(loop, O_RDWR)) == -1) {
		433	fprintf(stderr, _("swapon: unable to open loop device %s\n"), loop);
		434	return 0;
		435	}
		436	if(is_unused_loop_device(fd) == 0) {
		437	fprintf(stderr, _("swapon: loop device %s already in use\n"), loop);
		438	goto errout0;
		439	}
		440
		441	/*
		442	* Compute SHA-512 over first 40 KB of old swap data. This data
		443	* is mostly unknown data encrypted using unknown key. SHA-512 hash
		444	* output is then used as entropy for new swap encryption key.
		445	*/
		446	if(!(f = fopen(partition, "r+"))) {
		447	fprintf(stderr, _("swapon: unable to open swap device %s\n"), partition);
		448	goto errout0;
		449	}
		450	page_size = getpagesize();
		451	fseek(f, (long)page_size, SEEK_SET);
		452	sha512_init(&s);
		453	for(x = 0; x < 10; x++) {
		454	if(fread(&b[0], sizeof(b), 1, f) != 1) break;
		455	sha512_write(&s, &b[0], sizeof(b));
		456	}
		457	sha512_final(&s);
		458
		459	/*
		460	* Overwrite 40 KB of old swap data 20 times so that recovering
		461	* SHA-512 output beyond this point is difficult and expensive.
		462	*/
		463	for(y = 0; y < 20; y++) {
		464	int z;
		465	struct {
		466	struct timeval tv;
467	unsigned char h[64];
468	int x,y,z;
469	} j;
470	if(fseek(f, (long)page_size, SEEK_SET)) break;
471	memcpy(&j.h[0], &s.sha_out[0], 64);
472	gettimeofday(&j.tv, NULL);
473	j.y = y;
474	for(x = 0; x < 10; x++) {
475	j.x = x;
476	for(z = 0; z < sizeof(b); z += 64) {
477	j.z = z;
478	sha512_hash_buffer((unsigned char *)&j, sizeof(j), &b[z], 64);
479	}
480	if(fwrite(&b[0], sizeof(b), 1, f) != 1) break;
481	}
482	memset(&j, 0, sizeof(j));
483	if(fflush(f)) break;
484	if(fsync(fileno(f))) break;
485	}
486	fclose(f);
487
488	/*
489	* Use all 512 bits of hash output
490	*/
491	memcpy(&b[0], &s.sha_out[0], 64);
492	memset(&s, 0, sizeof(s));
493
494	/*
495	* Read 32 bytes of random entropy from kernel's random
496	* number generator. This code may be executed early on startup
497	* scripts and amount of random entropy may be non-existent.
498	* SHA-512 of old swap data is used as workaround for missing
499	* entropy in kernel's random number generator.
500	*/
501	if(!(f = fopen("/dev/urandom", "r"))) {
502	fprintf(stderr, _("swapon: unable to open /dev/urandom\n"));
503	goto errout0;
504	}
505	fread(&b[64], 32, 1, f);
506
507	/*
508	* Set up struct loop_info64
509	*/
510	if((ffd = open(partition, O_RDWR)) < 0) {
511	fprintf(stderr, _("swapon: unable to open swap device %s\n"), partition);
512	goto errout1;
513	}
514	memset(&loopinfo, 0, sizeof(loopinfo));
515	xstrncpy((char *)loopinfo.lo_file_name, partition, LO_NAME_SIZE);
516	loopinfo.lo_encrypt_type = loop_crypt_type(encryption, &loopinfo.lo_encrypt_key_size, &apiName);
517	if(loopinfo.lo_encrypt_type <= 1) {
518	fprintf(stderr, _("swapon: unsupported swap encryption type %s\n"), encryption);
519	errout2:
520	close(ffd);
521	errout1:
522	fclose(f);
523	errout0:
524	close(fd);
525	memset(&loopinfo.lo_encrypt_key[0], 0, sizeof(loopinfo.lo_encrypt_key));
526	memset(&multiKeyBits[0][0], 0, sizeof(multiKeyBits));
527	return 0;
528	}
529	loopinfo.lo_offset = page_size;
530	/* single-key hash */
531	sha512_hash_buffer(&b[0], 64+32, &loopinfo.lo_encrypt_key[0], sizeof(loopinfo.lo_encrypt_key));
532	/* multi-key hash */
533	x = 0;
534	while(x < 65) {
535	fread(&b[64+32], 16, 1, f);
536	sha512_hash_buffer(&b[0], 64+32+16, &multiKeyBits[x][0], 32);
537	x++;
538	}
539
540	/*
541	* Try to set up single-key loop
542	*/
543	if(ioctl(fd, LOOP_SET_FD, ffd) < 0) {
544	fprintf(stderr, _("swapon: LOOP_SET_FD failed\n"));
545	goto errout2;
546	}
547	if ((loopinfo.lo_encrypt_type == 18) \|\| (loop_set_status64_ioctl(fd, &loopinfo) < 0)) {
548	if(try_cryptoapi_loop_interface(fd, &loopinfo, apiName) < 0) {
549	fprintf(stderr, _("swapon: LOOP_SET_STATUS failed\n"));
550	ioctl(fd, LOOP_CLR_FD, 0);
551	goto errout2;
552	}
553	}
554
555	/*
556	* Try to put loop to multi-key v3 or v2 mode.
557	* If this fails, then let it operate in single-key mode.
558	*/
559	if(ioctl(fd, LOOP_MULTI_KEY_SETUP_V3, &multiKeyBits[0][0]) < 0) {
560	ioctl(fd, LOOP_MULTI_KEY_SETUP, &multiKeyBits[0][0]);
561	}
562
563	/*
564	* Loop is now set up. Clean up the keys.
565	*/
566	memset(&loopinfo.lo_encrypt_key[0], 0, sizeof(loopinfo.lo_encrypt_key));
567	memset(&multiKeyBits[0][0], 0, sizeof(multiKeyBits));
568	close(ffd);
569	fclose(f);
570	close(fd);
571
572	/*
573	* Write 40 KB of zeroes to loop device. That same data is written
574	* to underlying partition in encrypted form. This is done to guarantee
575	* that next time encrypted swap is initialized, the SHA-512 hash will
576	* be different. And, if encrypted swap data writes over this data, that's
577	* even better.
578	*/
579	if(!(f = fopen(loop, "r+"))) {
580	fprintf(stderr, _("swapon: unable to open loop device %s\n"), loop);
581	return 0;
582	}
583	memset(&b[0], 0, sizeof(b));
584	for(x = 0; x < 10; x++) {
585	if(fwrite(&b[0], sizeof(b), 1, f) != 1) break;
586	}
587	fflush(f);
588	fsync(fileno(f));
589	fclose(f);
590	sync();
591
592	/*
593	* Run mkswap on loop device so that kernel understands it as swap.
594	* Redirect stderr to /dev/null and ignore exit value.
595	*/
596	if(!(x = fork())) {
597	if((x = open("/dev/null", O_WRONLY)) >= 0) {
598	dup2(x, 2);
599	close(x);
600	}
601	a[0] = "mkswap";
602	a[1] = loop;
603	a[2] = 0;
604	execvp(a[0], &a[0]);
605	execv("/sbin/mkswap", &a[0]);
606	/* error to stdout, stderr is directed to /dev/null */
607	printf(_("swapon: unable to execute mkswap\n"));
608	exit(1);
609	}
610	if(x == -1) {
611	fprintf(stderr, _("swapon: fork failed\n"));
612	return 0;
613	}
614	waitpid(x, &y, 0);
615	sync();
616
617	return 1;
618	}
619
620	static void
621	shutdown_encrypted_swap(char *loop)
622	{
623	int fd;
624	struct stat statbuf;
625	struct loop_info64 loopinfo;
626	unsigned char b[32];
627	FILE *f;
628
629	if(stat(loop, &statbuf) == 0 && S_ISBLK(statbuf.st_mode)) {
630	if((fd = open(loop, O_RDWR)) >= 0) {
631	if(!loop_get_status64_ioctl(fd, &loopinfo)) {
632	/*
633	* Read 32 bytes of random data from kernel's random
634	* number generator and write that to loop device.
635	* This preserves some of kernel's random entropy
636	* to next activation of encrypted swap on this
637	* partition.
638	*/
639	if((f = fopen("/dev/urandom", "r")) != NULL) {
640	fread(&b[0], 32, 1, f);
641	fclose(f);
642	write(fd, &b[0], 32);
643	fsync(fd);
644	}
645	}
646	close(fd);
647	}
648	sync();
649	if((fd = open(loop, O_RDONLY)) >= 0) {
650	if(!loop_get_status64_ioctl(fd, &loopinfo)) {
651	ioctl(fd, LOOP_CLR_FD, 0);
652	}
653	close(fd);
654	}
655	}
656	}
657
658	static int
384	swapon_all(void) {	659	swapon_all(void) {
385	FILE *fp;	660	FILE *fp;
386	struct mntent *fstab;	661	struct mntent *fstab;
387	int status = 0;	662	int status = 0;
388		663
Lines 398-432 Link Here
398		673
399	while ((fstab = getmntent(fp)) != NULL) {	674	while ((fstab = getmntent(fp)) != NULL) {
400	const char *special;	675	const char *special;
401	int skip = 0;	676	int skip = 0;
402	int pri = priority;	677	int pri = priority;
		678	char opt, opts;
		679	char loop = NULL, encryption = NULL;
403		680
404	if (!streq(fstab->mnt_type, MNTTYPE_SWAP))	681	if (!streq(fstab->mnt_type, MNTTYPE_SWAP))
405	continue;	682	continue;
406		683
407	special = fsprobe_get_devname(fstab->mnt_fsname);	684	special = fsprobe_get_devname(fstab->mnt_fsname);
408	if (!special)	685	if (!special)
409	continue;	686	continue;
410		687
411	if (!is_in_proc_swaps(special) &&	688	/* parse mount options; */
412	(!ifexists \|\| !access(special, R_OK))) {	689	opts = strdup(fstab->mnt_opts);
413	/* parse mount options; */	690	if (!opts) {
414	char opt, opts = strdup(fstab->mnt_opts);	691	fprintf(stderr, "not enough memory");
415		692	exit(1);
416	for (opt = strtok(opts, ","); opt != NULL;	693	}
417	opt = strtok(NULL, ",")) {	694	for (opt = strtok(opts, ","); opt != NULL; opt = strtok(NULL, ",")) {
418	if (strncmp(opt, "pri=", 4) == 0)	695	if (strncmp(opt, "pri=", 4) == 0)
419	pri = atoi(opt+4);	696	pri = atoi(opt+4);
420	if (strcmp(opt, "noauto") == 0)	697	if (strcmp(opt, "noauto") == 0)
421	skip = 1;	698	skip = 1;
		699	if (strncmp(opt, "loop=", 5) == 0)
		700	loop = opt + 5;
		701	if (strncmp(opt, "encryption=", 11) == 0)
		702	encryption = opt + 11;
		703	}
		704	if(skip)
		705	continue;
		706	if (loop && encryption) {
		707	if(!is_in_proc_swaps(loop) && (!ifexists \|\| !access(special, R_OK))) {
		708	if (!prepare_encrypted_swap(special, loop, encryption)) {
		709	status \|= -1;
		710	continue;
		711	}
		712	status \|= do_swapon(loop, pri, CANONIC);
422	}	713	}
423	if (!skip)	714	continue;
424	status \|= do_swapon(special, pri, CANONIC);	715	}
		716	if (!is_in_proc_swaps(special) && (!ifexists \|\| !access(special, R_OK))) {
		717	status \|= do_swapon(special, pri, CANONIC);
425	}	718	}
426	}	719	}
427	fclose(fp);	720	endmntent(fp);
428		721
429	return status;	722	return status;
430	}	723	}
431		724
432	static const char **llist = NULL;	725	static const char **llist = NULL;
Lines 585-607 Link Here
585	fprintf(stderr, _("%s: cannot open %s: %s\n"),	878	fprintf(stderr, _("%s: cannot open %s: %s\n"),
586	progname, _PATH_MNTTAB, strerror(errsv));	879	progname, _PATH_MNTTAB, strerror(errsv));
587	exit(2);	880	exit(2);
588	}	881	}
589	while ((fstab = getmntent(fp)) != NULL) {	882	while ((fstab = getmntent(fp)) != NULL) {
		883	const char *orig_special = fstab->mnt_fsname;
590	const char *special;	884	const char *special;
		885	int skip = 0;
		886	char opt, opts;
		887	char loop = NULL, encryption = NULL;
591		888
592	if (!streq(fstab->mnt_type, MNTTYPE_SWAP))	889	if (!streq(fstab->mnt_type, MNTTYPE_SWAP))
593	continue;	890	continue;
594		891
595	special = fsprobe_get_devname(fstab->mnt_fsname);	892	special = fsprobe_get_devname(orig_special);
596	if (!special)	893	if (!special)
597	continue;	894	continue;
598		895
599	if (!is_in_proc_swaps(special))	896	/* parse mount options; */
		897	opts = strdup(fstab->mnt_opts);
		898	if (!opts) {
		899	fprintf(stderr, "not enough memory");
		900	exit(1);
		901	}
		902	for (opt = strtok(opts, ","); opt != NULL; opt = strtok(NULL, ",")) {
		903	if (strcmp(opt, "noauto") == 0)
		904	skip = 1;
		905	if (strncmp(opt, "loop=", 5) == 0)
		906	loop = opt + 5;
		907	if (strncmp(opt, "encryption=", 11) == 0)
		908	encryption = opt + 11;
		909	}
		910	if (loop && encryption) {
		911	if (!is_in_proc_swaps(loop)) {
		912	if(skip)
		913	continue;
		914	do_swapoff(loop, QUIET, CANONIC);
		915	}
		916	shutdown_encrypted_swap(loop);
		917	continue;
		918	}
		919	if(skip)
		920	continue;
		921	if (!is_in_proc_swaps(special)) {
600	do_swapoff(special, QUIET, CANONIC);	922	do_swapoff(special, QUIET, CANONIC);
		923	}
		924
		925
601	}	926	}
602	fclose(fp);	927	endmntent(fp);
603	}	928	}
604		929
605	return status;	930	return status;
606	}	931	}
607		932

Lines 188-198 Link Here

(-)util-linux-ng-2.14.2.orig/mount/umount.c (-9 / +1 lines)
188	int umnt_err, umnt_err2;	188	int umnt_err, umnt_err2;
189	int isroot;	189	int isroot;
190	int res;	190	int res;
191	int status;	191	int status;
192	const char *loopdev;	192	const char *loopdev;
193	int myloop = 0;
194		193
195	/* Special case for root. As of 0.99pl10 we can (almost) unmount root;	194	/* Special case for root. As of 0.99pl10 we can (almost) unmount root;
196	the kernel will remount it readonly so that we can carry on running	195	the kernel will remount it readonly so that we can carry on running
197	afterwards. The readonly remount is illegal if any files are opened	196	afterwards. The readonly remount is illegal if any files are opened
198	for writing at the time, so we can't update mtab for an unmount of	197	for writing at the time, so we can't update mtab for an unmount of
Lines 208-224 Link Here
208	* All such special things must occur isolated in the types string.	207	* All such special things must occur isolated in the types string.
209	*/	208	*/
210	if (check_special_umountprog(spec, node, type, &status))	209	if (check_special_umountprog(spec, node, type, &status))
211	return status;	210	return status;
212		211
213	/*
214	* Ignore the option "-d" for non-loop devices and loop devices with
215	* LO_FLAGS_AUTOCLEAR flag.
216	*/
217	if (delloop && is_loop_device(spec) && !is_loop_autoclear(spec))
218	myloop = 1;
219
220	umnt_err = umnt_err2 = 0;	212	umnt_err = umnt_err2 = 0;
221	if (lazy) {	213	if (lazy) {
222	res = umount2 (node, MNT_DETACH);	214	res = umount2 (node, MNT_DETACH);
223	if (res < 0)	215	if (res < 0)
224	umnt_err = errno;	216	umnt_err = errno;
Lines 316-326 Link Here
316	if ((mc = getmntoptfile (spec)) != NULL)	308	if ((mc = getmntoptfile (spec)) != NULL)
317	node = mc->m.mnt_dir;	309	node = mc->m.mnt_dir;
318	}	310	}
319		311
320	/* Also free loop devices when -d flag is given */	312	/* Also free loop devices when -d flag is given */
321	if (myloop)	313	if (delloop && is_loop_device(spec))
322	loopdev = spec;	314	loopdev = spec;
323	}	315	}
324	gotloop:	316	gotloop:
325	if (loopdev)	317	if (loopdev)
326	del_loop(loopdev);	318	del_loop(loopdev);