eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-13 20:00:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,160 Commits 13 Branches 79 Tags
0f20e14c676d6e1d07ff6fa4c359b4849adb3795
Commit Graph

237 Commits

Author SHA1 Message Date
Milan Broz
3c54d8a239 Support panic_on_corruption option form dm-verity. 
The panic_on_corruption switch is available since kernel 5.9 (dm-verity 1.7.0).
 2020-08-20 18:52:31 +02:00
Milan Broz
31ebf3dc2c libdevmapper: always return EEXIST if a task fails because the device already exists 
Allows concurrent opens to return a usable error instead of EINVAL
 2020-08-12 16:50:57 +01:00
Vojtěch Trefný
2e345a1059 bitlk: Fix working with 4k sector devices 
We need to use the iv_large_sectors flag and correct sector size
for the crypt segments for these devices. Used sector size is
read from the device header. This commit also adds two new test
images with 4k sectors.

Fixes: #557
 2020-05-06 21:20:26 +02:00
Milan Broz
790666ffb0 Add support for allow_discrads for dm-integrity. 
Kernel 5.7 adds support for optional discard/TRIM operation
for dm-integrity (available only for internal hash, not for LUKS2
with integrity).

This patch adds support for the new option.
 2020-04-09 00:03:42 +02:00
Milan Broz
05d45c6948 Check for dm_device_get_name. 
And fail dependency scan if not available.

Currently this call uses syfs DM extensions, these are
usually not available anyway on such old systems.
 2020-02-21 12:13:04 +01:00
Milan Broz
b5fbd682f2 Move fcntl.h to internal defines and check for O_CLOEXEC. 2020-02-21 10:10:11 +01:00
Milan Broz
165e6c234c Fix some error and debug messages. 
Use BITLK as format name.

Avoid using doesn't -> does not.
 2020-01-11 22:10:59 +01:00
Milan Broz
1be631f43f Add status flag for verity device with signature. 
This patch adds CRYPT_VERITY_ROOT_HASH_SIGNATURE flag to verity info.

Veritysetup status now display "with signature" if an active
device was activated with root hash signature.
 2020-01-11 19:57:39 +01:00
Milan Broz
080566a1fd Update copyright year. 2020-01-03 13:04:55 +01:00
Milan Broz
d9766037a3 Fix some extended compiler warnings. 2020-01-03 12:29:49 +01:00
Jaskaran Khurana
f247038e65 Add --root-hash-signature parameter to veritysetup 
Optional parameter root hash signature is added that can be added to
veritysetup.

The signature file is opened and the signature is added to the keyring.

The kernel will use the signature to validate the roothash.

Usage: veritysetup open <data_device> name <hash_device> <root_hash> --root-hash-signature=<roothash_p7_sig_file>

Signed-off-by: Jaskaran Khurana <jaskarankhurana@linux.microsoft.com>
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>

[Original patch rewritten by Milan Broz]
 2020-01-02 13:08:21 +01:00
Milan Broz
eee46ef2f4 Detect support for BitLocker EBOIV and Elephant diffuser. 
If kernel is missing support, print a more friendly error.
 2019-12-30 21:53:06 +01:00
Milan Broz
434fee2e13 Add empty template for BITLK device type. 
Also add DM_ZERO type for multi-segment mapping.
 2019-12-30 21:53:06 +01:00
Milan Broz
ddd15b63b2 Add backward compatibility flags API. 
We need to have some way hot to configure old integrity devices
with legacy padding.

For now, also use in tests to not fail checksum with new kernel.
 2019-11-25 23:14:58 +01:00
Mikulas Patocka
fb4079aa4d cryptsetup: add support for the "fix_padding" option 
This patch adds support for fixed padding to cryptsetup.

* Cryptsetup will accept superblocks version 4.
* If the dm-integrity target version is greater than 1.4, cryptsetup will
  add a flag "fix_padding" to the dm-integrity target arguments.

There is still one quirk: if we have an old libdm without
DM_DEVICE_GET_TARGET_VERSION and if dm-integrity module is not loaded,
cryptsetup will not detect that it can use the "fix_padding" option.

Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
 2019-11-24 20:58:47 +01:00
Milan Broz
2746fd708f Implement active device suspend info. 
Add CRYPT_ACTIVATE_SUSPENDED bit to crypt_get_active_device() flags
that informs the caller that device is suspended (luksSuspend).

Fixes: #501.
 2019-11-24 16:56:26 +01:00
Milan Broz
cc0d33bca7 Fix DM_DEVICE_GET_TARGET_VERSION detection. 
Stable libdevampper used changed name for dm task, let's fix it.
 2019-10-31 20:35:46 +01:00
Milan Broz
15f5126296 Support new DM_GET_TARGET_VERSION ioctl. 
This way we can load kernel device-mapper target module before
table create ioctl.

Target version is available since kernel 5.4.
 2019-10-08 14:05:30 +02:00
Milan Broz
8f8f0b3258 Fix mapped segments overflow on 32bit architectures. 
All set_segment funcions must use uin64_t everywhere,
not size_t that is platform dependent.

The code later uses it correctly, it is just wrong function
prototype definitions.

Reported in
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935702

(TODO: add a test for other segment types.)
 2019-08-26 10:04:07 +02:00
Ondrej Kozina
4054f26c4d Add dm_device_name helper. 
Gets dm name from absolute device path.
 2019-08-01 10:43:57 +02:00
Yuri Chornoivan
4143d9871e Fix minor typos 2019-06-28 12:02:39 +00:00
Ondrej Kozina
d4682b3b38 Cleanup translated messages id. 
- minimize count of almost identical message ids
- unify style for some messages
- remove some useless messages
 2019-06-27 10:23:42 +02:00
Ondrej Kozina
b22c9a86a9 Add internal crypt_zalloc routine (calloc wrapper). 2019-06-27 10:19:14 +02:00
Ondrej Kozina
011ee5b180 Introduce crypt_string_in internal helper. 
And replace custom name_in_list function with new helper.
 2019-06-27 10:18:47 +02:00
Ondrej Kozina
6f35fb5f80 Silence query error messages for unsupported target types. 2019-05-24 17:29:56 +02:00
Milan Broz
448fca1fdf Integritysetup: implement new bitmap mode. 2019-05-21 15:54:07 +02:00
Ondrej Kozina
a5c5e3e876 Add dm_device_deps for quering dm device dependencies. 2019-05-02 15:23:29 +02:00
Ondrej Kozina
8e4fb993c0 Add error target support in dm_query_device. 2019-05-02 15:23:29 +02:00
Ondrej Kozina
846567275a Move dm_query_device body in static function. 2019-05-02 15:23:28 +02:00
Ondrej Kozina
741c972935 Remove unused minor number from dm_is_dm_device. 2019-05-02 15:23:28 +02:00
Ondrej Kozina
b35a5ee4a3 Replace table with error mapping even when in use. 2019-04-29 16:10:57 +02:00
Milan Broz
cfe2fb66ab Fix some untranslated error messages. 2019-04-23 10:41:06 +02:00
Milan Broz
428e61253c Fix dm_error_device() to properly use error device. 2019-04-10 15:06:07 +02:00
Ondrej Kozina
379016fd78 Add no flush internal suspend/resume flag. 2019-03-22 08:01:21 +01:00
Ondrej Kozina
6961f2caae Switch crypt_suspend() to DM_SUSPEND_WIPE_KEY flag. 2019-03-22 08:01:21 +01:00
Ondrej Kozina
4df2ce4409 Add wipe key flag for internal device suspend. 2019-03-22 08:01:21 +01:00
Ondrej Kozina
052a4f432c Add internal option to skip fs freeze in device suspend. 2019-03-22 08:01:21 +01:00
Ondrej Kozina
de86ff051e Introduce support for internal dm suspend/resume flags. 2019-03-22 08:01:21 +01:00
Ondrej Kozina
4acac9a294 Properly handle DM_LINEAR type while checking version or dmflags. 2019-03-01 20:28:43 +01:00
Ondrej Kozina
4adb06ae91 Add missing direction flag in dm_crypt_target_set. 
This bug may have caused memory corruption in dm_targets_free
later.
 2019-03-01 20:27:53 +01:00
Milan Broz
91b74b6896 Fix some compiler warnings. 2019-02-07 17:14:47 +01:00
Milan Broz
a6f5ce8c7b Update copyright year. 
And unify name copyright format.
 2019-01-25 09:45:57 +01:00
Milan Broz
3165b77ec9 Remove undeeded check for DM_SECURE_SUPPORTED. 2019-01-21 13:55:43 +01:00
Ondrej Kozina
ad0e2b86dc Do not issue flush when reading device status. 
Fixes #417.
 2019-01-21 11:20:02 +01:00
Ondrej Kozina
39a014f601 dm backend with support for multi-segment devices. 
Support for multi-segment devices is requirement for online
reencryption to work. Introducing modififed dm backend that
splits data structures describing active device and individual
dm target (or segment).
 2019-01-07 13:07:45 +01:00
Ondrej Kozina
1e22160e74 Fix dm-integrity auto-recalculation flag handling. 
Fail with proper error message rather than silently
dropping the flag if not supported in kernel.
 2019-01-03 19:57:23 +01:00
Milan Broz
3ce7489531 Fix context init/exit pairing in libdevmapper. 
And few small reformats.
 2019-01-01 21:42:46 +01:00
Ondrej Kozina
675cf7ef59 Add dm_clear_device routine. 2019-01-01 21:42:46 +01:00
Ondrej Kozina
d74e7fc084 Add dm_error_device routine. 2019-01-01 21:42:46 +01:00
Ondrej Kozina
2cd85ddf11 Add stand alone dm_resume_device routine. 2019-01-01 21:42:46 +01:00