diff --git a/kernel/fde/fde.go b/kernel/fde/fde.go
index 15d0beeb821..21a9f52d03e 100644
--- a/kernel/fde/fde.go
+++ b/kernel/fde/fde.go
@@ -34,6 +34,11 @@ import (
 	"github.com/snapcore/snapd/osutil"
 )
 
+// DeviceSetupHookPartitionOffset defines the free space that is reserved
+// at the start of a device-setup based partition for future use (like
+// to simulate LUKS keyslot like setup).
+const DeviceSetupHookPartitionOffset = uint64(1 * 1024 * 1024)
+
 // HasRevealKey return true if the current system has a "fde-reveal-key"
 // binary (usually used in the initrd).
 //
@@ -194,3 +199,9 @@ func DeviceSetup(runSetupHook RunSetupHookFunc, params *DeviceSetupParams) error
 
 	return nil
 }
+
+// EncryptedDeviceMapperName returns the name to use in device mapper for a
+// device that is encrypted using FDE hooks
+func EncryptedDeviceMapperName(name string) string {
+	return name + "-device-locked"
+}
diff --git a/kernel/fde/fde_test.go b/kernel/fde/fde_test.go
index 7936718d8aa..16382354d86 100644
--- a/kernel/fde/fde_test.go
+++ b/kernel/fde/fde_test.go
@@ -683,3 +683,14 @@ func (s *fdeSuite) TestIsEncryptedDeviceMapperName(c *C) {
 		c.Assert(fde.IsHardwareEncryptedDeviceMapperName(t), Equals, false)
 	}
 }
+
+func (s *fdeSuite) TestEncryptedDeviceMapperName(c *C) {
+	for _, str := range []string{
+		"ubuntu-data",
+		"ubuntu-save",
+		"foo",
+		"other",
+	} {
+		c.Assert(fde.EncryptedDeviceMapperName(str), Equals, str+"-device-locked")
+	}
+}