eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-12 19:30:04 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,214 Commits 13 Branches 79 Tags
2e841622f88311ac0fc4970e17f9e6acd415454c
Commit Graph

2214 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Milan Broz
2e841622f8 Print proper error message if LUKS2 slot encryption fail. 2019-06-26 17:30:30 +02:00
Milan Broz
9b5e3797b1 Fis status command to display only specific device types. 
Cryptsetup, veritysetup and integrity setup should ignore other
device mappings in status command (it should display only
basic type information).
 2019-06-25 15:03:04 +02:00
Seong-Joong Kim
07df177332 Fix a typo of comment 2019-06-24 22:31:52 -07:00
Milan Broz
ff364347cf Add FAIL backtrace to all bash tests. 2019-06-20 15:11:56 +02:00
Milan Broz
4c74ff5e5a Add ESSIV test in combination with AEAD data integrity protection. 2019-06-20 14:48:59 +02:00
Milan Broz
2ebd19c9bc Fix another EOL in api-test debug log. 2019-06-20 14:28:32 +02:00
Milan Broz
875ffa49b3 Fix log_dbg EOL in tools. 2019-06-19 12:12:02 +02:00
Ondrej Kozina
ff0030d74f Add missing --retry parameter in tests cleanup. 2019-06-18 13:26:20 +02:00
Ondrej Kozina
7a71feed8c Remove overlooked config scratching from reencryption tests. 2019-06-18 13:26:20 +02:00
Guilhem Moulin
70c4ce199d Fix minor spelling errors in manpage and messages. 
Reported by lintian(1) - Static analysis tool for Debian packages:

accidentaly -> accidentally
trigerring -> triggering
alocate -> allocate
alignemnt -> alignment
initalize -> initialize
 2019-06-18 09:42:28 +02:00
Alexander Neumann
ed0f8ccbaf Document all options for the --type parameter 2019-06-14 21:28:05 +02:00
Milan Broz
3e5ca2e168 Update readme.md. 2019-06-14 16:30:37 +02:00
Milan Broz
d0dc59e792 Update po file. v2.2.0-rc1 2019-06-14 13:54:23 +02:00
Ondrej Kozina
0106c64369 Fix issues reported by valgrind. 
keyslot_cipher member leaked after existing LUKS2 context reload.

crypt_keyslot_set_encryption may access freed memory if
crypt_keyslot_get_encryption was previously called with
CRYPT_ANY_SLOT parameter.
 2019-06-14 13:50:09 +02:00
Ondrej Kozina
69fdb41934 Add tests for LUKS2 reencryption with multiple active keyslots. 2019-06-14 09:10:28 +02:00
Ondrej Kozina
550b3ee1d3 Fix off-by-one error in reencryption keyslots count check. 2019-06-14 09:10:28 +02:00
Milan Broz
961cc6a6d3 Prepare version 2.2.0-rc1. 2019-06-14 08:20:04 +02:00
Ondrej Kozina
05091ab656 Improve reencryption when dealing with multiple keyslots. 
It's possible to retain all keyslots (passphrases) when
performing LUKS2 reencryption provided there's enough
space in LUKS2 json metadata.

When specific keyslot is selected all other keyslots
bound to old volume key get deleted after reencryption
is finished.

Existing tokens are assigned to new keyslots.
 2019-06-13 17:04:34 +02:00
Ondrej Kozina
272505b99d If no hash is specified in pbkdf use default value for keyslot AF. 2019-06-13 17:04:21 +02:00
Ondrej Kozina
60a769955b Rename hash data parameter in reencrypt keyslot dump. 2019-06-12 12:36:51 +02:00
Ondrej Kozina
34bec53474 Drop excessive nested locking in LUKS2 keyslot store path. 
Since commit 80a435f it's not needed to call device_write_lock
in function luks2_encrypt_to_storage. It's handled correctly on
upper layer.
 2019-06-12 12:36:51 +02:00
Ondrej Kozina
c77ae65a0d Wipe both keyslot data and metadata holding single write lock. 2019-06-12 12:36:51 +02:00
Ondrej Kozina
1ed0430b82 Move LUKS2 write lock upper when storing reencryption keyslot. 2019-06-12 12:36:51 +02:00
Ondrej Kozina
82f640e360 Open device in locked mode for wipe when necessary. 2019-06-12 12:36:51 +02:00
Ondrej Kozina
44aabc3ae4 Drop reload of metadata in reencryption initialization. 2019-06-12 12:36:50 +02:00
Ondrej Kozina
bbdf9b2745 Read and compare metadata sequence id after taking write lock. 2019-06-12 12:36:46 +02:00
Ondrej Kozina
96a87170f7 Return usage count from device locking functions. 2019-06-12 11:51:08 +02:00
Ondrej Kozina
281323db42 Fix condition for printing debug message. 2019-06-12 11:51:08 +02:00
Milan Broz
32258ee8ae Fix debugging messages callback. 
The debug messages should contain EOL char.

Also check string lengths in internal logging macros.
 2019-06-11 15:26:53 +02:00
Milan Broz
df0faef9ca Add integritysetup bitmap mode test. 2019-06-04 20:05:13 +02:00
Ondrej Kozina
9c3a020ecf Remove useless debug message from keyslot dump. 2019-05-27 16:23:56 +02:00
Ondrej Kozina
4c4cc55bb7 Wipe backup segment data after reencryption is finished. 2019-05-27 16:05:21 +02:00
Ondrej Kozina
f4c2e7e629 Implement LUKS2 reencrypt keyslot dump. 2019-05-27 15:27:23 +02:00
Ondrej Kozina
eadef08fd5 Extend LUKS2 reencryption recovery tests. 
- test repair commad for reencryption recovery.
- test close command is able to teardown leftover device stack after
  crash.
- test open performs recovery by default (to be able to open root
  volume).
 2019-05-24 17:29:56 +02:00
Ondrej Kozina
0c725a257d Compare moved segment specific size against real device size only. 2019-05-24 17:29:56 +02:00
Ondrej Kozina
6f35fb5f80 Silence query error messages for unsupported target types. 2019-05-24 17:29:56 +02:00
Ondrej Kozina
cd1fe75987 Close all device handlers after failed internal load. 2019-05-24 17:29:56 +02:00
Ondrej Kozina
e92e320956 Add explicit device_close routine. 2019-05-24 17:29:56 +02:00
Ondrej Kozina
0e4757e0fb Add LUKS2 reencryption recovery in repair command. 2019-05-24 17:29:56 +02:00
Ondrej Kozina
bd6af68bc5 Add support for explicit reencryption recovery in request. 2019-05-24 17:07:37 +02:00
Ondrej Kozina
13050f73c1 Properly finished reencryption after recovery. 2019-05-24 17:07:37 +02:00
Ondrej Kozina
5472fb0c56 Refactor reencryption recovery during activation. 2019-05-24 17:07:36 +02:00
Ondrej Kozina
73c2424b24 Refactor LUKS2 device activation (in reencryption). 2019-05-24 17:07:36 +02:00
Milan Broz
5117eda688 Switch to Xenial distro in Travis. 2019-05-24 08:33:20 +02:00
Ondrej Kozina
cfbef51d3d Add interactive dialog in case active device auto-detection fails. 2019-05-22 12:50:18 +02:00
Ondrej Kozina
09cb2d76ef Add dialog with default 'no' answer. 2019-05-22 12:50:17 +02:00
Ondrej Kozina
3f549ad0df Refactor yesDialog utility. 2019-05-22 12:50:17 +02:00
Ondrej Kozina
60d26be325 Load volume key in keyring when activated by token. 
LUKS2 should use keyring for dm-crypt volume keys by default
when possible. crypt_activate_by_token didn't load keys in
keyring by default. It was a bug.
 2019-05-21 18:08:00 +02:00
Ondrej Kozina
013d0d3753 Rename internal reencrypt enum to REENC_PROTECTION_NONE. 2019-05-21 18:08:00 +02:00
Ondrej Kozina
97da67c6a8 Add tests for reencryption with fixed device size. 2019-05-21 18:08:00 +02:00