diff --git a/src/cryptsetup/cryptsetup-tokens/luks2-pkcs11.c b/src/cryptsetup/cryptsetup-tokens/luks2-pkcs11.c index 512a4cf18ac..0203e726450 100644 --- a/src/cryptsetup/cryptsetup-tokens/luks2-pkcs11.c +++ b/src/cryptsetup/cryptsetup-tokens/luks2-pkcs11.c @@ -158,6 +158,7 @@ static int acquire_luks2_key_systemd( data.friendly_name = params->friendly_name; data.headless = params->headless; + data.askpw_credential = params->askpw_credential; data.askpw_flags = params->askpw_flags; data.until = params->until; diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c index e96686cff32..63f8cdb81f1 100644 --- a/src/cryptsetup/cryptsetup.c +++ b/src/cryptsetup/cryptsetup.c @@ -1492,6 +1492,7 @@ static int attach_luks2_by_pkcs11_via_plugin( const char *friendly_name, usec_t until, bool headless, + const char *askpw_credential, uint32_t flags) { #if HAVE_LIBCRYPTSETUP_PLUGINS @@ -1504,6 +1505,7 @@ static int attach_luks2_by_pkcs11_via_plugin( .friendly_name = friendly_name, .until = until, .headless = headless, + .askpw_credential = askpw_credential, .askpw_flags = arg_ask_password_flags, }; @@ -1567,7 +1569,14 @@ static int attach_luks_or_plain_or_bitlk_by_pkcs11( for (;;) { if (use_libcryptsetup_plugin && arg_pkcs11_uri_auto) - r = attach_luks2_by_pkcs11_via_plugin(cd, name, friendly, until, arg_headless, flags); + r = attach_luks2_by_pkcs11_via_plugin( + cd, + name, + friendly, + until, + arg_headless, + "cryptsetup.pkcs11-pin", + flags); else { r = decrypt_pkcs11_key( name, diff --git a/src/shared/pkcs11-util.h b/src/shared/pkcs11-util.h index 9b4336dc056..dbd88ede677 100644 --- a/src/shared/pkcs11-util.h +++ b/src/shared/pkcs11-util.h @@ -112,6 +112,7 @@ typedef struct { const char *friendly_name; usec_t until; bool headless; + const char *askpw_credential; AskPasswordFlags askpw_flags; } systemd_pkcs11_plugin_params;