eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-14 20:30:04 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,589 Commits 15 Branches 79 Tags
429afe8fc3532bb30cc8b47a8247a61a643be59c
Commit Graph

481 Commits

Author SHA1 Message Date
Ondrej Kozina
093adfc5f9 Fix user defined moved segment size in LUKS2 decryption. 
--hotzone-size argument was ignored in cases where actual data size
was less than original LUKS2 data offset.
 2022-08-01 07:05:06 +00:00
Ondrej Kozina
25b877a403 Fix bug in reencryption parameters verification. 2022-07-28 07:57:36 +00:00
Guilhem Moulin
3106b4e2c1 More typo and spelling fixes. 
Reported by `git ls-tree -rz --name-only | grep -Evz -e '\.(pdf|xz)$' -e
^po/ | xargs -r0 spellintian --`.  All changes are
documentation-related (comments, manuals, etc.) except for s/fial/fail/
in tests/unit-wipe-test.

The remaining entry are AFAICT all false positives, mostly annotations
such as `@param name name of xyz` or `struct foo foo`:

	$ git ls-tree -rz HEAD --name-only | grep -Evz -e '\.(pdf|xz)$' -e ^po/ | xargs -r0 spellintian --
	COPYING.LGPL: "GNU Library Public License" -> "GNU Library General Public License"
	autogen.sh: echo echo (duplicate word) -> echo
	configure.ac: fi fi (duplicate word) -> fi
	docs/v1.7.2-ReleaseNotes: option option (duplicate word) -> option
	lib/crypto_backend/cipher_check.c: block block (duplicate word) -> block
	lib/libcryptsetup.h: name name (duplicate word) -> name
	lib/libcryptsetup.h: type type (duplicate word) -> type
	lib/libcryptsetup.h: passphrase passphrase (duplicate word) -> passphrase
	lib/libcryptsetup.h: flags flags (duplicate word) -> flags
	lib/libcryptsetup.h: password password (duplicate word) -> password
	lib/libcryptsetup.h: salt salt (duplicate word) -> salt
	lib/libcryptsetup.h: keyslot keyslot (duplicate word) -> keyslot
	lib/libcryptsetup.h: priority priority (duplicate word) -> priority
	lib/libcryptsetup.h: offset offset (duplicate word) -> offset
	lib/libcryptsetup.h: length length (duplicate word) -> length
	lib/libcryptsetup.h: keyfile keyfile (duplicate word) -> keyfile
	lib/libcryptsetup.h: token token (duplicate word) -> token
	lib/libcryptsetup.h: cipher cipher (duplicate word) -> cipher
	lib/libcryptsetup.h: size size (duplicate word) -> size
	lib/luks2/luks2_json_metadata.c: long long (duplicate word) -> long
	lib/luks2/luks2_keyslot_luks2.c: AFEKSize AFEKSize (duplicate word) -> AFEKSize
	lib/luks2/luks2_reencrypt.c: alignment alignment (duplicate word) -> alignment
	lib/luks2/luks2_reencrypt_digest.c: ptr ptr (duplicate word) -> ptr
	lib/luks2/luks2_reencrypt_digest.c: buffer buffer (duplicate word) -> buffer
	lib/luks2/luks2_segment.c: min min (duplicate word) -> min
	lib/verity/verity_fec.c: blocks blocks (duplicate word) -> blocks
	man/cryptsetup.8.adoc: LUKS LUKS (duplicate word) -> LUKS
	scripts/cryptsetup.conf.in: root root (duplicate word) -> root
	src/Makemodule.am: endif endif (duplicate word) -> endif
	src/cryptsetup.c: long long (duplicate word) -> long
	src/utils_args.c: long long (duplicate word) -> long
	tests/compat-test2: fi fi (duplicate word) -> fi
	tests/device-test: echo echo (duplicate word) -> echo
	tests/differ.c: long long (duplicate word) -> long
	tests/loopaes-test: done done (duplicate word) -> done
	tests/luks2-integrity-test: aead aead (duplicate word) -> aead
	tests/luks2-reencryption-test: fi fi (duplicate word) -> fi
	tests/mode-test: done done (duplicate word) -> done
	tests/password-hash-test: cat cat (duplicate word) -> cat
	tests/password-hash-test: fi fi (duplicate word) -> fi
	tests/unit-wipe.c: long long (duplicate word) -> long
	tests/verity-compat-test: done done (duplicate word) -> done
	tests/verity-compat-test: fi fi (duplicate word) -> fi
	tokens/ssh/cryptsetup-ssh.c: argp argp (duplicate word) -> argp
	tokens/ssh/cryptsetup-ssh.c: arguments arguments (duplicate word) -> arguments

(Treated COPYING.LGPL as a false positive too since it's the exact text
from https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html .)
 2022-07-15 16:35:02 +02:00
Ondrej Kozina
a60fd0a81b Do not fail LUKS2 validation by newer online-reencrypt requirement. 
Do not invalidate LUKS2 format when future online-reencrypt
requirement flag is encountered (by older releases).
But it must stop device from being activated, reencrypted
or modified.
 2022-07-12 14:05:03 +02:00
Ondrej Kozina
af68e8a1da Check for multiple online reencrypt requirement flags. 
Having multiple online-reencrypt requirements flags
candidate in config section should invalidate LUKS2
metadata.
 2022-07-12 14:05:03 +02:00
Ondrej Kozina
13f6dfa61f Add proper version data to reencryption verification digest. 
LUKS2 decryption requires new online-reencrypt version
flag (v3).

The verification digest performs coding
for version suffix in "online-reencrypt-v" flag string
as follows:

'v1' :  unused (no digest)
'v2' :  0x30 + 2   = 0x32 = '2'
'v3' :  0x30 + 3   = 0x33 = '3'
(...)
'v10':  0x30 + 10  = 0x3A = ':'
'v11':  0x30 + 11  = 0x3B = ';'
(...)
'v207': 0x30 + 207 = 0xFF
 2022-07-12 14:03:25 +02:00
Ondrej Kozina
8493f6afd5 Change size of requirement version to 1 byte. 
Mostly due to reencryption verification routine
currently expects only single byte of version
data to create digest from.
 2022-07-12 13:54:24 +02:00
Milan Broz
1a55b69a0f Fix leak of dm target structure. 
The dmd_source need to be cleared with dm_targets_free().
 2022-07-07 09:17:13 +00:00
Milan Broz
914f621251 Do not use uninitialized memory for cipher check. 
We do not care about the bufer content, but valgrind do, just wipe
the buffer before test.
 2022-07-07 09:17:13 +00:00
Milan Broz
4507ced868 Report failure if userspace cannot use specified cipher. 
Reencryption require support both for kernel and userspace library.

If only kernel supports the copher, the error was quiet.
 2022-07-05 15:07:33 +02:00
Ondrej Kozina
47cb9b0ee2 Fix copy&paste mistake in exclusive open comment. 2022-06-27 16:01:50 +02:00
Ondrej Kozina
0ffd105cb8 Harden LUKS2 decryption with datashift parameters. 
Abort early if detached header is passed in API
by any chance.
 2022-06-27 16:01:50 +02:00
Ondrej Kozina
24d498e393 Add debug message in LUKS2 reencryption initialization. 2022-06-27 16:01:50 +02:00
Milan Broz
f642417ed7 Add check to LUKS1 convert for segments count. 2022-06-23 07:24:27 +02:00
Milan Broz
1c1df24258 Clean up convert code style. 
Remove FIXMEs and comment style.
 2022-06-23 07:10:22 +02:00
Milan Broz
b3e8e1a9d4 Log visible error if convert fails due to validation check 2022-06-23 07:08:42 +02:00
Milan Broz
d22b003640 Fix possible keyslot area size overflow during convert to LUKS2 
If keyslots are not sorted according to binary area offset,
the calculation of area size is wrong and can overflow
(LUKS1 does not store area size, only offset).

Let's just use function that calculates size from volume key size.
Images where keyslot areas are not aligned to 4k offset
are not supported anyway.

Fixes: #753
 2022-06-23 07:06:38 +02:00
Milan Broz
62a3954c9d Add a debug message after crypt_load in error path. 2022-06-17 19:30:35 +02:00
Milan Broz
c72aecf86d Add comment to validation code. 2022-06-17 16:08:52 +02:00
Milan Broz
d9b66afe5e Replace json_bool with stdbool. 
This is some relict from old code, just use bool, we already
require it elsewhere.
 2022-06-17 16:04:31 +02:00
Milan Broz
18ada2b7de Check for interval overflow in LUKS2 validation code. 
Invalid values that overflows in interval check were silently ignored.

Fix this by explictily adding check for interval overflow in keyslots
and segment validation.

Fixes: #748
 2022-06-17 16:03:32 +02:00
Milan Broz
dfd96d8a39 Report uint64 overflows and conversion errors in log debug during LUKS2 validate. 2022-06-17 16:03:30 +02:00
Milan Broz
ba9e36ceae Add empty string check to LUKS2 JSON validation. 
Most of the LUKS2 fields cannot be empty,
add check for JSON validation for it to fail early.

Fixes: #746
 2022-06-17 14:46:50 +02:00
Ondrej Kozina
c36f9899cf Add support for LUKS2 decryption with datashift. 
Adds support for LUKS2 decryption of devices with a
header put in the head of data device. During the initialization
header is exported to a file and first data segment
is moved to head of data device in place of original header.

The feature introduces several new resilience modes (combination
of existing modes datashift and "checksum" or "journal").
Where datashift resilience mode is applied for data moved towards
the first segment and first segment is decrypted in-place.

The mode is not backward compatible with prior LUKS2 reencryption
and therefor interrupted operation in progress can not be resumed
using older cryptsetup releases.

Fixes: #669.
 2022-06-17 13:48:12 +02:00
Ondrej Kozina
b84132c140 Wrap some long lines. 2022-06-17 13:48:12 +02:00
Ondrej Kozina
f00d897240 Wipe unused area after reencryption with datashift in forward direction. 2022-06-17 13:48:12 +02:00
Ondrej Kozina
369a18cd3b Rename sector size related variables. 2022-06-14 17:11:25 +02:00
Ondrej Kozina
2240e75bb9 Add proper error message for invalid device_size reencryption argument. 2022-06-14 15:31:52 +02:00
Ondrej Kozina
3a4e38736c Rename variable used to store total reencryption data size. 2022-06-14 15:31:52 +02:00
Ondrej Kozina
dff34a1251 Check datashift value against larger sector size. 
For example it could cause an issue if misaligned to 4K sector
size during decryption.
 2022-06-14 15:31:52 +02:00
Ondrej Kozina
c08aa21a93 Move datashift alignment verification to reencrypt_verify_resilience_params. 2022-06-14 15:31:52 +02:00
Ondrej Kozina
cbf82733ae Clarify error message about invalid datashift value. 2022-06-14 15:31:52 +02:00
Ondrej Kozina
75e429b8d1 Simplify LUKS2 sector_size helpers. 2022-06-14 15:31:52 +02:00
Ondrej Kozina
e23992d531 Fix bug in json_segment_get_sector_size. 
Upper layers always expected 0 on error.
Due to this bug this function could cause
sector_size overflow when segment definition
did not contain 'sector_size' field ('linear').
 2022-06-14 15:31:52 +02:00
Ondrej Kozina
ba37298e4f Add debug message in validation code for missing key digest. 2022-06-09 12:03:14 +02:00
Ondrej Kozina
98ca9c61d6 Add new internal state marking resilience type as not set. 2022-06-09 12:03:14 +02:00
Ondrej Kozina
ee5a7d19c9 Simplify reencrypt_update_flag usage due to version support. 2022-06-09 12:03:14 +02:00
Ondrej Kozina
7b4d5fe067 Provide routine for setting LUKS2 requirement with version. 2022-06-09 12:03:14 +02:00
Ondrej Kozina
07f8dfc46d Write updated LUKS2 reencrypt keyslot immediately. 2022-06-09 12:03:14 +02:00
Ondrej Kozina
99a3d328f0 Harden checksum resilience parameters verification. 2022-06-09 12:03:14 +02:00
Ondrej Kozina
e8ec3e1005 Allocate buffer for checksum resilience on-demand. 2022-06-09 12:03:14 +02:00
Ondrej Kozina
007e56727c Refactor reencrypt_recover_segment. 2022-06-09 12:03:14 +02:00
Ondrej Kozina
4de09ace8f Minor code refactoring in reencryption loop. 2022-06-09 12:03:14 +02:00
Ondrej Kozina
97b88d878e Refactor internal reencrypt_hotzone_protect_final. 
Avoid passing whole reencryption context when not
needed.
 2022-06-09 12:03:14 +02:00
Ondrej Kozina
b43ca18c64 Postpone reencryption dm segments refresh. 
Refresh (and therefore suspend hotzone) reencryption dm
segments in-before actual hotzone reencryption takes place.

This commit shortens time window during which hotzone is
suspended. Also it avoids eventual deadlock if reencryption process
triggers page miss during storage wrapper reinitialization and required
data is stored in (previously) suspended hotzone (corner case).
 2022-06-09 12:03:14 +02:00
Ondrej Kozina
0768d3be84 Cleanup existing assert usage in LUKS2 json code. 2022-06-09 12:03:14 +02:00
Ondrej Kozina
828cfdb6a2 Reduce code duplication in LUKS2 requirements handling. 2022-06-09 12:03:14 +02:00
Ondrej Kozina
582f2c3449 Replace memset with crypt_safe_memzero where reasonable. 
Better safe than sorry.
 2022-06-09 12:03:14 +02:00
Ondrej Kozina
bf0d0203e8 Add routine for erasing resilience structure. 2022-06-09 12:03:14 +02:00
Ondrej Kozina
cfb54be9a3 Refactor reencrypt_length() function. 2022-06-09 12:03:14 +02:00