eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-11 10:50:01 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,336 Commits 15 Branches 78 Tags
6a8f88ea998b85bbb3b0dc48b876adf06c19d711
Commit Graph

588 Commits

Author SHA1 Message Date
Milan Broz
f9e778a2cd luks2: fix warning undefined shift 
Explicitly set uint32_t for shift, found by clang undefined
sanitizer.
Undefine shift cannot happen in reality, though.
 2022-11-07 17:30:14 +00:00
Milan Broz
de8a27ae02 Print a visible error in LUKS2 if AF hash is not available. 
In LUKS1 there is only one hash algorithm specification,
it cannot happen, that AF hash algorithm is not
available, as it is used immediately before in PBKDF2.

In LUKS2 this can be completely different algorithm, so
it make sense to print a visible warning for user.

For example, Whirlpool and RIPEMD160 is now in OpenSSL legacy
provider which can be unavailable, see #773.)

This patch adds a message only, the code already fails with -EINVAL.
 2022-10-03 10:33:32 +02:00
Milan Broz
82b56300cd Wrap some very long lines. 2022-10-01 22:35:57 +02:00
Ondrej Kozina
b867f0b578 Add new API for adding new LUKS keyslots. 
The crypt_keyslot_add_by_keyslot_context & associated
helper functions allow more options when adding new
keyslot. For example there was no simple way of
adding new LUKS2 keyslot when the only active keyslot
could be unlocked by passphrase (KEK) provided by LUKS2 token
(plugin). Now all available options for unlocking keyslots
may also be used when creating new keyslot and it combine
as called needs.

The available methods (keyslot contexts) are:
passphrase, keyfile, key (binary representation) and LUSK2 token.
 2022-09-21 17:36:28 +02:00
Ondrej Kozina
0397cac878 Abort assigning tokens with invalid parameters earlier. 2022-09-16 13:30:39 +02:00
Ondrej Kozina
01c032df04 Do not reload LUKS2 metadata when not necessary. 
Following API calls trigerred LUKS2 metadata reload
from storage in case of failure:

crypt_convert
crypt_keyslot_add_by_key
crypt_keyslot_add_by_keyfile_device_offset
crypt_keyslot_add_by_passphrase
crypt_keyslot_change_by_passphrase
crypt_reencrypt_init_by_keyring
crypt_reencrypt_init_by_passphrase

This patch replaces LUKS2 metadata reload with
backup LUKS2 metadata copy kept in memory that is updated on
each sucessfull metadata write and rolled back to it whenever
needed in any of those calls listed above.
 2022-08-19 14:46:42 +02:00
Milan Broz
21d87a246e Do not use safe_malloc for LUKS header backup. 
The content of LUKS header is not a key material, no need
to lock memory for possibly big header and big memory area locks.

Just ensure we wipe buffer before release of memory.
 2022-08-16 19:56:20 +02:00
Ondrej Kozina
093adfc5f9 Fix user defined moved segment size in LUKS2 decryption. 
--hotzone-size argument was ignored in cases where actual data size
was less than original LUKS2 data offset.
 2022-08-01 07:05:06 +00:00
Ondrej Kozina
25b877a403 Fix bug in reencryption parameters verification. 2022-07-28 07:57:36 +00:00
Guilhem Moulin
3106b4e2c1 More typo and spelling fixes. 
Reported by `git ls-tree -rz --name-only | grep -Evz -e '\.(pdf|xz)$' -e
^po/ | xargs -r0 spellintian --`.  All changes are
documentation-related (comments, manuals, etc.) except for s/fial/fail/
in tests/unit-wipe-test.

The remaining entry are AFAICT all false positives, mostly annotations
such as `@param name name of xyz` or `struct foo foo`:

	$ git ls-tree -rz HEAD --name-only | grep -Evz -e '\.(pdf|xz)$' -e ^po/ | xargs -r0 spellintian --
	COPYING.LGPL: "GNU Library Public License" -> "GNU Library General Public License"
	autogen.sh: echo echo (duplicate word) -> echo
	configure.ac: fi fi (duplicate word) -> fi
	docs/v1.7.2-ReleaseNotes: option option (duplicate word) -> option
	lib/crypto_backend/cipher_check.c: block block (duplicate word) -> block
	lib/libcryptsetup.h: name name (duplicate word) -> name
	lib/libcryptsetup.h: type type (duplicate word) -> type
	lib/libcryptsetup.h: passphrase passphrase (duplicate word) -> passphrase
	lib/libcryptsetup.h: flags flags (duplicate word) -> flags
	lib/libcryptsetup.h: password password (duplicate word) -> password
	lib/libcryptsetup.h: salt salt (duplicate word) -> salt
	lib/libcryptsetup.h: keyslot keyslot (duplicate word) -> keyslot
	lib/libcryptsetup.h: priority priority (duplicate word) -> priority
	lib/libcryptsetup.h: offset offset (duplicate word) -> offset
	lib/libcryptsetup.h: length length (duplicate word) -> length
	lib/libcryptsetup.h: keyfile keyfile (duplicate word) -> keyfile
	lib/libcryptsetup.h: token token (duplicate word) -> token
	lib/libcryptsetup.h: cipher cipher (duplicate word) -> cipher
	lib/libcryptsetup.h: size size (duplicate word) -> size
	lib/luks2/luks2_json_metadata.c: long long (duplicate word) -> long
	lib/luks2/luks2_keyslot_luks2.c: AFEKSize AFEKSize (duplicate word) -> AFEKSize
	lib/luks2/luks2_reencrypt.c: alignment alignment (duplicate word) -> alignment
	lib/luks2/luks2_reencrypt_digest.c: ptr ptr (duplicate word) -> ptr
	lib/luks2/luks2_reencrypt_digest.c: buffer buffer (duplicate word) -> buffer
	lib/luks2/luks2_segment.c: min min (duplicate word) -> min
	lib/verity/verity_fec.c: blocks blocks (duplicate word) -> blocks
	man/cryptsetup.8.adoc: LUKS LUKS (duplicate word) -> LUKS
	scripts/cryptsetup.conf.in: root root (duplicate word) -> root
	src/Makemodule.am: endif endif (duplicate word) -> endif
	src/cryptsetup.c: long long (duplicate word) -> long
	src/utils_args.c: long long (duplicate word) -> long
	tests/compat-test2: fi fi (duplicate word) -> fi
	tests/device-test: echo echo (duplicate word) -> echo
	tests/differ.c: long long (duplicate word) -> long
	tests/loopaes-test: done done (duplicate word) -> done
	tests/luks2-integrity-test: aead aead (duplicate word) -> aead
	tests/luks2-reencryption-test: fi fi (duplicate word) -> fi
	tests/mode-test: done done (duplicate word) -> done
	tests/password-hash-test: cat cat (duplicate word) -> cat
	tests/password-hash-test: fi fi (duplicate word) -> fi
	tests/unit-wipe.c: long long (duplicate word) -> long
	tests/verity-compat-test: done done (duplicate word) -> done
	tests/verity-compat-test: fi fi (duplicate word) -> fi
	tokens/ssh/cryptsetup-ssh.c: argp argp (duplicate word) -> argp
	tokens/ssh/cryptsetup-ssh.c: arguments arguments (duplicate word) -> arguments

(Treated COPYING.LGPL as a false positive too since it's the exact text
from https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html .)
 2022-07-15 16:35:02 +02:00
Ondrej Kozina
a60fd0a81b Do not fail LUKS2 validation by newer online-reencrypt requirement. 
Do not invalidate LUKS2 format when future online-reencrypt
requirement flag is encountered (by older releases).
But it must stop device from being activated, reencrypted
or modified.
 2022-07-12 14:05:03 +02:00
Ondrej Kozina
af68e8a1da Check for multiple online reencrypt requirement flags. 
Having multiple online-reencrypt requirements flags
candidate in config section should invalidate LUKS2
metadata.
 2022-07-12 14:05:03 +02:00
Ondrej Kozina
13f6dfa61f Add proper version data to reencryption verification digest. 
LUKS2 decryption requires new online-reencrypt version
flag (v3).

The verification digest performs coding
for version suffix in "online-reencrypt-v" flag string
as follows:

'v1' :  unused (no digest)
'v2' :  0x30 + 2   = 0x32 = '2'
'v3' :  0x30 + 3   = 0x33 = '3'
(...)
'v10':  0x30 + 10  = 0x3A = ':'
'v11':  0x30 + 11  = 0x3B = ';'
(...)
'v207': 0x30 + 207 = 0xFF
 2022-07-12 14:03:25 +02:00
Ondrej Kozina
8493f6afd5 Change size of requirement version to 1 byte. 
Mostly due to reencryption verification routine
currently expects only single byte of version
data to create digest from.
 2022-07-12 13:54:24 +02:00
Milan Broz
1a55b69a0f Fix leak of dm target structure. 
The dmd_source need to be cleared with dm_targets_free().
 2022-07-07 09:17:13 +00:00
Milan Broz
914f621251 Do not use uninitialized memory for cipher check. 
We do not care about the bufer content, but valgrind do, just wipe
the buffer before test.
 2022-07-07 09:17:13 +00:00
Milan Broz
4507ced868 Report failure if userspace cannot use specified cipher. 
Reencryption require support both for kernel and userspace library.

If only kernel supports the copher, the error was quiet.
 2022-07-05 15:07:33 +02:00
Ondrej Kozina
47cb9b0ee2 Fix copy&paste mistake in exclusive open comment. 2022-06-27 16:01:50 +02:00
Ondrej Kozina
0ffd105cb8 Harden LUKS2 decryption with datashift parameters. 
Abort early if detached header is passed in API
by any chance.
 2022-06-27 16:01:50 +02:00
Ondrej Kozina
24d498e393 Add debug message in LUKS2 reencryption initialization. 2022-06-27 16:01:50 +02:00
Milan Broz
f642417ed7 Add check to LUKS1 convert for segments count. 2022-06-23 07:24:27 +02:00
Milan Broz
1c1df24258 Clean up convert code style. 
Remove FIXMEs and comment style.
 2022-06-23 07:10:22 +02:00
Milan Broz
b3e8e1a9d4 Log visible error if convert fails due to validation check 2022-06-23 07:08:42 +02:00
Milan Broz
d22b003640 Fix possible keyslot area size overflow during convert to LUKS2 
If keyslots are not sorted according to binary area offset,
the calculation of area size is wrong and can overflow
(LUKS1 does not store area size, only offset).

Let's just use function that calculates size from volume key size.
Images where keyslot areas are not aligned to 4k offset
are not supported anyway.

Fixes: #753
 2022-06-23 07:06:38 +02:00
Milan Broz
62a3954c9d Add a debug message after crypt_load in error path. 2022-06-17 19:30:35 +02:00
Milan Broz
c72aecf86d Add comment to validation code. 2022-06-17 16:08:52 +02:00
Milan Broz
d9b66afe5e Replace json_bool with stdbool. 
This is some relict from old code, just use bool, we already
require it elsewhere.
 2022-06-17 16:04:31 +02:00
Milan Broz
18ada2b7de Check for interval overflow in LUKS2 validation code. 
Invalid values that overflows in interval check were silently ignored.

Fix this by explictily adding check for interval overflow in keyslots
and segment validation.

Fixes: #748
 2022-06-17 16:03:32 +02:00
Milan Broz
dfd96d8a39 Report uint64 overflows and conversion errors in log debug during LUKS2 validate. 2022-06-17 16:03:30 +02:00
Milan Broz
ba9e36ceae Add empty string check to LUKS2 JSON validation. 
Most of the LUKS2 fields cannot be empty,
add check for JSON validation for it to fail early.

Fixes: #746
 2022-06-17 14:46:50 +02:00
Ondrej Kozina
c36f9899cf Add support for LUKS2 decryption with datashift. 
Adds support for LUKS2 decryption of devices with a
header put in the head of data device. During the initialization
header is exported to a file and first data segment
is moved to head of data device in place of original header.

The feature introduces several new resilience modes (combination
of existing modes datashift and "checksum" or "journal").
Where datashift resilience mode is applied for data moved towards
the first segment and first segment is decrypted in-place.

The mode is not backward compatible with prior LUKS2 reencryption
and therefor interrupted operation in progress can not be resumed
using older cryptsetup releases.

Fixes: #669.
 2022-06-17 13:48:12 +02:00
Ondrej Kozina
b84132c140 Wrap some long lines. 2022-06-17 13:48:12 +02:00
Ondrej Kozina
f00d897240 Wipe unused area after reencryption with datashift in forward direction. 2022-06-17 13:48:12 +02:00
Ondrej Kozina
369a18cd3b Rename sector size related variables. 2022-06-14 17:11:25 +02:00
Ondrej Kozina
2240e75bb9 Add proper error message for invalid device_size reencryption argument. 2022-06-14 15:31:52 +02:00
Ondrej Kozina
3a4e38736c Rename variable used to store total reencryption data size. 2022-06-14 15:31:52 +02:00
Ondrej Kozina
dff34a1251 Check datashift value against larger sector size. 
For example it could cause an issue if misaligned to 4K sector
size during decryption.
 2022-06-14 15:31:52 +02:00
Ondrej Kozina
c08aa21a93 Move datashift alignment verification to reencrypt_verify_resilience_params. 2022-06-14 15:31:52 +02:00
Ondrej Kozina
cbf82733ae Clarify error message about invalid datashift value. 2022-06-14 15:31:52 +02:00
Ondrej Kozina
75e429b8d1 Simplify LUKS2 sector_size helpers. 2022-06-14 15:31:52 +02:00
Ondrej Kozina
e23992d531 Fix bug in json_segment_get_sector_size. 
Upper layers always expected 0 on error.
Due to this bug this function could cause
sector_size overflow when segment definition
did not contain 'sector_size' field ('linear').
 2022-06-14 15:31:52 +02:00
Ondrej Kozina
ba37298e4f Add debug message in validation code for missing key digest. 2022-06-09 12:03:14 +02:00
Ondrej Kozina
98ca9c61d6 Add new internal state marking resilience type as not set. 2022-06-09 12:03:14 +02:00
Ondrej Kozina
ee5a7d19c9 Simplify reencrypt_update_flag usage due to version support. 2022-06-09 12:03:14 +02:00
Ondrej Kozina
7b4d5fe067 Provide routine for setting LUKS2 requirement with version. 2022-06-09 12:03:14 +02:00
Ondrej Kozina
07f8dfc46d Write updated LUKS2 reencrypt keyslot immediately. 2022-06-09 12:03:14 +02:00
Ondrej Kozina
99a3d328f0 Harden checksum resilience parameters verification. 2022-06-09 12:03:14 +02:00
Ondrej Kozina
e8ec3e1005 Allocate buffer for checksum resilience on-demand. 2022-06-09 12:03:14 +02:00
Ondrej Kozina
007e56727c Refactor reencrypt_recover_segment. 2022-06-09 12:03:14 +02:00
Ondrej Kozina
4de09ace8f Minor code refactoring in reencryption loop. 2022-06-09 12:03:14 +02:00