eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-11 19:00:02 +01:00
Code Issues Packages Projects Releases Wiki Activity
775 Commits 15 Branches 78 Tags
6190ad928d4ff0500ed04b4a39e25d4c9bc336f2
Commit Graph

64 Commits

Author SHA1 Message Date
Milan Broz
6190ad928d Support device/file images if O_DIRECT cannot be used (1.5.1). 
On some filesystems (like tmpfs) O_DIRECT cannot be used.
So just try to open device without O_DIRECT in the second try.
 2012-12-29 15:33:20 +01:00
Milan Broz
29f21208a0 Change License from GPLv2 only to GPLv2+ ("or any later"). 
Agreed by all copyright authors.
 2012-12-29 11:33:54 +01:00
Milan Broz
83f02e6682 Add copyright line for files I have written or modified. 2012-12-21 16:40:33 +01:00
Milan Broz
db97d3d8c8 Add simple cipher benchmarking. 2012-11-19 21:22:43 +01:00
Milan Broz
4882f70040 Replace round_up macro with function. 2012-08-28 13:11:02 +02:00
Milan Broz
65f975655c New device access backend. 
Allocate loop device late (only when real block device needed).
Rework underlying device/file access functions.
Move all device (and ioctl) access to utils_device.c.

Allows using file where appropriate without allocation loop device.
 2012-08-12 22:00:17 +02:00
Milan Broz
4abfd38169 Remove open device debugging feature (no longer needed). 2012-06-26 12:55:14 +02:00
Milan Broz
4b8f91d0d9 Remove some compilation warnings. 2012-06-10 18:56:04 +02:00
Milan Broz
697c6c9324 Prepare new superblock format. 2012-06-09 22:02:06 +02:00
Milan Broz
cd8826618d Warn if block exceeds page size. 2012-06-07 15:09:58 +02:00
Milan Broz
4b0b82adc5 Rewrite veritysetup to use libcryptsetup. 2012-06-07 00:18:49 +02:00
Milan Broz
20eea64334 Add version string to crypto backend. 
Move fips check to libcryptsetup.
Clean up internal.h use.
 2012-05-27 00:48:10 +02:00
Milan Broz
45e0942755 Add --enable-fips for linking with fipscheck library. 
Initialize binary and library selfcheck if running in FIPS mode.

(Actually available only on Fedora/Red Hat distros.)
 2012-05-21 14:09:57 +02:00
Milan Broz
0f4431d0bb Split salt from other requests in RNG backend. 2012-05-20 22:32:25 +02:00
Milan Broz
ee8425b836 Version 1.4.2. 
Add header and copyright for header files.
 2012-04-02 22:03:05 +02:00
Milan Broz
8c54d938ac Add crypt_last_error() API call (using crypt context). 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@623 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-10-09 13:45:53 +00:00
Milan Broz
d7960b9307 Simplify global error call. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@622 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-10-09 13:45:38 +00:00
Milan Broz
19bde65f5b Remove hints for old kernels. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@616 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-10-08 16:23:54 +00:00
Milan Broz
d2fbc963ca If device is not rotational, do not use Gutmann wipe method. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@615 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-10-08 16:17:08 +00:00
Milan Broz
4a295781d1 Silent gcc warnings with -Wconst-qual switch. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@598 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-08-15 16:32:52 +00:00
Milan Broz
f80b506b65 * Allow different data offset setting for detached header. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@576 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-07-20 17:39:38 +00:00
Milan Broz
261d0d05a5 Add crypt_get_iv_offset() function to API. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@573 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-07-18 13:03:15 +00:00
Milan Broz
913ef7c07e Rewrite dm query/create function backend. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@570 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-07-17 22:35:17 +00:00
Milan Broz
d44d07c9eb * Add --shared option for creating non-overlapping crypt segments. 
* Add shared flag to libcryptsetup api.
* Fix plain crypt format parameters to include size option (API change).

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@559 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-07-01 16:38:58 +00:00
Milan Broz
4f657c17a2 Move DM helpers to separate header. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@530 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-05-24 11:19:12 +00:00
Milan Broz
2755f37266 Move devpath scan to separate file. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@529 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-05-24 11:19:00 +00:00
Milan Broz
231a2e932d Fix possible leaks in blockwise read/write code. 
Fix lseek_write blockwise function (not used in that mode anyway).

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@511 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-04-18 10:52:15 +00:00
Milan Broz
c31854e2b3 Check for plain64 IV support in DM backend. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@477 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-03-22 08:51:00 +00:00
Milan Broz
25512d89ae Clean up plain password hashing, do not ignore error in crypto backend. 
(New backend can fail there).

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@451 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-03-13 23:50:49 +00:00
Milan Broz
13f4feaaf7 Add backing device info into status. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@445 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-03-12 20:23:25 +00:00
Milan Broz
be3448fb8a Separate loop handling from internal code. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@444 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-03-12 20:23:16 +00:00
Milan Broz
d9ba34693f Add support for automatic loop device use (image infile etc). 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@443 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-03-11 19:04:37 +00:00
Milan Broz
0165301357 Better detects dm-ioctl secure flag using version before use. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@435 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-03-05 21:59:21 +00:00
Milan Broz
66bea4b3be Add dm flags for query for features. 
Move adjust device helper to utils.
Fix locking memory message.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@416 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-01-25 18:48:41 +00:00
Milan Broz
d04d9f336a Switch to new crypto backend interface. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@408 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-12-31 14:33:43 +00:00
Milan Broz
b13b4b7654 Remove uneeded function prototype. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@374 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-11-15 17:03:43 +00:00
Milan Broz
b7caa72acd * Disallow mapping of device which is already in use (mapped or mounted). 
* Disallow luksFormat on device in use.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@361 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-11-05 17:53:33 +00:00
Milan Broz
dfe77be748 * Implement --use-random and --use-urandom for luksFormat to allow setting of RNG for volume key generator. 
* Add crypt_set_rng_type() and crypt_get_rng_type() to API.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@354 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-10-27 15:35:23 +00:00
Milan Broz
3ae161df5d Move get_key to common code, simplify verify flags. 
(This code need rewrite anyway).

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@352 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-10-26 22:08:02 +00:00
Milan Broz
3a5a1ea0e7 Move safe alloc routines into common lib file. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@351 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-10-26 22:07:43 +00:00
Milan Broz
bb8e085378 Add utils_crypt file and test for supported modes presentation. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@348 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-10-26 14:34:47 +00:00
Milan Broz
3b50005d2f Simplify crypto backend init. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@347 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-10-26 14:34:35 +00:00
Milan Broz
ef10cd09ec Generalise volume key struct. 
Do not generate unused volume key in PLAIN mode.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@346 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-10-26 14:34:17 +00:00
Milan Broz
ef44e6e3d3 Use default data alignment to 1MiB. 
If there is topology info, use default if topology is multiple of default,
otherwise use topology values.

See https://bugzilla.redhat.com/show_bug.cgi?id=621684 and issue 55.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@325 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-08-09 16:34:42 +00:00
Milan Broz
b4ebe0be18 Add verbose log level and move unlocking keyslot messages there. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@238 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-05-27 18:44:14 +00:00
Milan Broz
743fbbc451 Support topology information for data alignment (LUKS). 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@195 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-04-09 15:35:19 +00:00
Milan Broz
ad224b479a Change in iterations counts: 
* Fix key slot iteration count calculation (small -i value was the same as default).
  * The slot and key digest iteration minimun is now 1000.
  * The key digest iteration # is calculated from iteration time (approx 1/8 of that).

If something very strange happens, and the generated key is not completely random
(wrong RNG), attacker can skip the whole kesylot area processing and try to
brute force key according to limited set of keys.

The iteration time (default, inherited from slot iteration time, is cca 120ms)
can make this attack slower, if not impossible.

Note, that this is just theorethic problem, anyway it is better to be prepared
if possible:-)

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@159 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-12-30 19:02:44 +00:00
Milan Broz
df389199d0 Use proper NLS macros and detection (so the message translation works again). 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@145 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-11-16 20:10:20 +00:00
Milan Broz
c3064c9442 Add temporary debug code to allow better debugging of races 
with various udev-event tools which wrongly scan and open
internal temporary cryptsetup devices.

If cryptsetup run in debug mode (--debug) and remove of device
fails, code scan /proc directory and tries to find process name
which locked that device.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@141 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-11-15 19:26:36 +00:00
Milan Broz
2bda053677 Rename internal locking helpers (avoids conflict when statically linking.) 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@132 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-10-23 10:42:56 +00:00