eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2026-01-04 22:45:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,624 Commits 15 Branches 81 Tags
8585fb29eb94fa9d21bacd57dfc9c19118dba520
Commit Graph

831 Commits

Author SHA1 Message Date
daniel.zatovic
8585fb29eb Add dictionary for the plain JSON fuzzer. 2022-10-04 13:00:21 +02:00
daniel.zatovic
97b3926655 Fix potential integer underflow. 2022-10-04 13:00:18 +02:00
Milan Broz
a3f248df9b Fix some clang++ warnings. 2022-10-04 13:00:15 +02:00
Milan Broz
e1a84607cc Rework build of fuzzers. 
- Do not require any libraries installed, download everything
from upstream git, statically compile (use include, libs and pkg-config
from local directory under tests/fuzz).
Script should work both from OSS-Fuzz and locally.

- Do not require local protobuf (only staticallly compiled, see above).

- Add README.md (TBD, still not finished).

- Fix make dist and distcheck.

- Remove common.[ch] as we can use internal function.
  This makes fuzzers also C++ only (remove CFLAGS from Makefile).
 2022-10-04 13:00:10 +02:00
daniel.zatovic
2f4267ba81 Add plain JSON metadata fuzzing 2022-10-04 12:59:07 +02:00
daniel.zatovic
99e8ee6b7e Add checks for compiler when building fuzz targets. 2022-10-04 12:59:04 +02:00
daniel.zatovic
f58aff21a9 Add fuzz targets, custom mutator and fuzzing dictionary 2022-10-04 12:58:59 +02:00
Ondrej Kozina
5fce0c2ad1 Extend luksAddKey action options via crypt_keyslot_add_by_keyslot_context API. 
In practice luksAddKey action does two operations. It unlocks existing
device volume key and stores unlocked volume key in a new keyslot.
Previously the options were limited to key files and passphrases.
With this patch user may combine freely following options:

To unlock keyslot with volume key user may:
- provide existing passphrase via interactive prompt (default method)
- use --key-file option to provide file with a valid passphrase to existing keyslot
- provide volume key directly via --volume-key-file
- unlock keyslot via all available LUKS2 tokens by --token-only
- unlock keyslot via specific token with --token-id
- unlock keyslot via specific token type by --token-type

To provide the passphrase for a new keyslot user may:
- provide existing passphrase via interactive prompt (default method)
- use --new-keyfile parameter or positional parameter to read the
  passphrase from file.
- use --new-token-id to select specific LUKS2 token to get passphrase
  for new keyslot. New keyslot is assigned to selected token id if
  operation is succesfull.

Fixes: #725.
 2022-09-29 17:31:29 +02:00
Ondrej Kozina
b867f0b578 Add new API for adding new LUKS keyslots. 
The crypt_keyslot_add_by_keyslot_context & associated
helper functions allow more options when adding new
keyslot. For example there was no simple way of
adding new LUKS2 keyslot when the only active keyslot
could be unlocked by passphrase (KEK) provided by LUKS2 token
(plugin). Now all available options for unlocking keyslots
may also be used when creating new keyslot and it combine
as called needs.

The available methods (keyslot contexts) are:
passphrase, keyfile, key (binary representation) and LUSK2 token.
 2022-09-21 17:36:28 +02:00
Milan Broz
1745fd5aea Fix missing va_end macro in test error path. 2022-09-19 12:46:42 +00:00
Ondrej Kozina
90ad841a45 Add cryptsetup token unassign action. 
Allows removing token binding on specific keyslot.
 2022-09-16 14:34:28 +02:00
Ondrej Kozina
033ff34109 Enable adding unassigned luks2-keyring token in cryptsetup. 
There was no easy way to add unassigned luks2-keyring token.
Reuse --unbound parameter for it.
 2022-09-16 12:34:32 +02:00
Milan Broz
b4863897fe Fix verity-compat-test if running with different locale. 2022-09-06 21:55:37 +02:00
Ondrej Kozina
eac02f5605 Fix NULL key_description bug in luks2-keyring token. 
json-c parser transforms NULL pointer into special '(null)' string.
While being technically correct it hides the fact user passed NULL
pointer in crypt_token_params_luks2_keyring structure. This bug
could be trigerred by calling crypt_token_luks2_keyring_set().
 2022-09-01 15:38:49 +02:00
daniel.zatovic
94e8a7ca96 Fix valgrind in SSH token test. 2022-08-25 08:02:37 +00:00
Milan Broz
b183bb25e2 Add support for dm-verity try_verify_in_tasklet option. 
Available since kernel 6.0.
 2022-08-25 08:01:07 +00:00
daniel.zatovic
132027bafa Force probe in tests instead of lsblk which can use udev cache. 2022-08-11 21:26:03 +02:00
Ondrej Kozina
5b001b7962 Delegate FIPS mode detection to configured crypto backend. 
System FIPS mode check is no longer dependent on /etc/system-fips
file. The change should be compatible with older distributions since
we now depend on crypto backend internal routine.

This commit affects only FIPS enabled systems (with FIPS enabled
builds). In case this causes any regression in current distributions
feel free to drop the patch.

For reference see https://bugzilla.redhat.com/show_bug.cgi?id=2080516
 2022-08-10 10:53:39 +02:00
daniel.zatovic
429afe8fc3 Add valgrind support to more tests. 2022-08-10 07:45:13 +00:00
Milan Broz
abfb5e374f Remove leftover debug option in test. 2022-08-09 22:54:43 +02:00
daniel.zatovic
f8c79f9a95 Fix valgrind summary leak detection. 
Currently, only 1-9 leaks are detected. More than 10 leaks are evaluated
as no leak.
 2022-08-05 16:38:38 +02:00
Ondrej Kozina
093adfc5f9 Fix user defined moved segment size in LUKS2 decryption. 
--hotzone-size argument was ignored in cases where actual data size
was less than original LUKS2 data offset.
 2022-08-01 07:05:06 +00:00
Ondrej Kozina
c6ed1becd7 Fix bogus conditions in tests. 
Do not test for dm-crypt versions not supported
by upstream kernels.
 2022-07-28 17:18:57 +02:00
Ondrej Kozina
17e6d2053a Add mangle tests for LUKS2 decryption with datashift. 2022-07-28 07:57:36 +00:00
Ondrej Kozina
912109ae66 Improve reencryption parameters verification in cli. 
Try to catch as many invalid parameters as possible
before entering library call.
 2022-07-28 07:57:36 +00:00
Ondrej Kozina
25b877a403 Fix bug in reencryption parameters verification. 2022-07-28 07:57:36 +00:00
Guilhem Moulin
803957cd3e Add support for --key-slot in luksResume action. 2022-07-20 20:00:09 +02:00
Milan Broz
bf4bfeac8a Rename some tests to simplify localtest parsing. 2022-07-18 15:09:28 +02:00
Milan Broz
090dca635a Add ssh-test-plugin to localtest if RUN_SSH_PLUGIN_TEST is set. 2022-07-18 11:16:23 +02:00
Milan Broz
0369ffdcc1 Rename ssh plugin test to ssh-test-plugin. 
So we can filter it out in local tests
(*-test means generic tests, *-test-plugin specific plugin tests).
 2022-07-18 09:11:23 +02:00
Milan Broz
648a85ed3a Unify use of tabulators in tests. 2022-07-16 19:14:31 +00:00
Milan Broz
8f3884e0d7 Change default target for Makefile.localtest. 2022-07-16 19:14:31 +00:00
Guilhem Moulin
289d5e5891 Add unit-utils-crypt-test to Makefile.localtest's list of tests. 
This requires (re-)building the executable with -DNO_CRYPTSETUP_PATH.
Only in that case do we allow the test to run under non-empty
$CRYPTSETUP_PATH.
 2022-07-16 19:14:31 +00:00
Guilhem Moulin
b37d04975d Add compat-test-args to Makefile.localtest's list of tests. 2022-07-16 19:14:31 +00:00
Guilhem Moulin
6578dac2f9 Add blockwise-compat to Makefile.localtest's list of tests. 
This requires (re-)building `unit-utils-io` with -DNO_CRYPTSETUP_PATH.
Only in that case do we allow the test to run under non-empty
$CRYPTSETUP_PATH.
 2022-07-16 19:14:31 +00:00
Guilhem Moulin
dc5f284e42 blockwise-compat: Wait a bit so scsi_debug has a chance to fully initialize. 
Similar to a76c96d361.  See also !386.
 2022-07-16 19:14:31 +00:00
Guilhem Moulin
32149e4ee7 blockwise-compat: Make skip() exit with status 77. 
This is mostly useful under TESTSUITE_NOSKIP=y.
 2022-07-16 19:14:31 +00:00
Guilhem Moulin
0e4857ee81 unit-wipe-test: Make skip() exit with status 77. 
This is mostly useful under TESTSUITE_NOSKIP=y.
 2022-07-16 19:14:31 +00:00
Milan Broz
06dd06ea27 tests: allow unit-wipe-test to run with local tests. 2022-07-16 19:14:31 +00:00
Milan Broz
03eb8f860a tests: check for differ existence in compat-test. 2022-07-16 19:14:31 +00:00
Guilhem Moulin
fbcef71c41 Pass $(LDFLAGS) when building fake_token_path.so. 
The Debian tooling sets ‘LDFLAGS = -Wl,-z,relro -Wl,-z,now’ and
complains when anything is built without hardened compiler/linker flags.

Granted this is a non-issue here since fake_token_path.so isn't included
in any binary package, but muting the false positive is arguably no
better fix than honoring $(LDFLAGS) during the build.
 2022-07-16 13:51:11 +02:00
Milan Broz
8315ada3b0 Fix wipe unit test if direct-io not available. 
If test is run in tmpfs, direct-io is not supported.

Thanks Guilhem Moulin for reporting the issue.
 2022-07-15 21:50:21 +02:00
Guilhem Moulin
a76c96d361 unit-wipe-test: Wait a bit so scsi_debug has a chance to fully initialize. 
On my test system `tests/unit-wipe-test` fails (as root) due to a race
condition in add_device():

	root@host:~# ./unit-wipe-test
	[1] Wipe full file [0/DIO][0][1048576/DIO][1048576][4194304/DIO][4194304][OK]
	[2] Wipe blocks in file [0/DIO][0][1048576/DIO][1048576][4194304/DIO][4194304][OK]
	[  105.828258] scsi_debug:sdebug_driver_probe: scsi_debug: trim poll_queues to 0. poll_q/nr_hw = (0/1)
	[  105.830450] scsi host2: scsi_debug: version 0191 [20210520]
	[  105.830450]   dev_size_mb=8, opts=0x0, submit_queues=1, statistics=0
	[  105.832924] scsi 2:0:0:0: Direct-Access     Linux    scsi_debug       0191 PQ: 0 ANSI: 7
	[  105.835417] scsi 2:0:0:0: Attached scsi generic sg1 type 0
	FAIL Cannot find /dev/.
	FAILED backtrace:
	48 ./unit-wipe-test
	144 main ./unit-wipe-test
	[  105.875131] sd 2:0:0:0: Power-on or device reset occurred
	[  105.876069] sd 2:0:0:0: [sda] 16384 512-byte logical blocks: (8.39 MB/8.00 MiB)
	[  105.877190] sd 2:0:0:0: [sda] Write Protect is off
	[  105.878002] sd 2:0:0:0: [sda] Write cache: enabled, read cache: enabled, supports DPO and FUA
	[  105.879619] sd 2:0:0:0: [sda] Optimal transfer size 524288 bytes
	[  105.914222] sd 2:0:0:0: [sda] Attached SCSI disk
	[  106.866296] sd 2:0:0:0: [sda] Synchronizing SCSI cache

Observe how the “Power-on or device reset occurred” event occurs only
after add_device() has returned.  Interestingly, for subsequent runs the
delay appears to be much shorter and doesn't trigger the race condition:

	root@host:~# ./unit-wipe-test
	[1] Wipe full file [0/DIO][0][1048576/DIO][1048576][4194304/DIO][4194304][OK]
	[2] Wipe blocks in file [0/DIO][0][1048576/DIO][1048576][4194304/DIO][4194304][OK]
	[  130.639855] scsi_debug:sdebug_driver_probe: scsi_debug: trim poll_queues to 0. poll_q/nr_hw = (0/1)
	[  130.641463] scsi host2: scsi_debug: version 0191 [20210520]
	[  130.641463]   dev_size_mb=8, opts=0x0, submit_queues=1, statistics=0
	[  130.643809] scsi 2:0:0:0: Direct-Access     Linux    scsi_debug       0191 PQ: 0 ANSI: 7
	[  130.645342] sd 2:0:0:0: Power-on or device reset occurred
	[  130.646364] sd 2:0:0:0: [sda] 16384 512-byte logical blocks: (8.39 MB/8.00 MiB)
	[  130.647585] sd 2:0:0:0: [sda] Write Protect is off
	[  130.648428] sd 2:0:0:0: Attached scsi generic sg1 type 0
	[  130.649339] sd 2:0:0:0: [sda] Write cache: enabled, read cache: enabled, supports DPO and FUA
	[  130.650763] sd 2:0:0:0: [sda] Optimal transfer size 524288 bytes
	[  130.682223] sd 2:0:0:0: [sda] Attached SCSI disk
	[3] Wipe full block device [0/DIO][0][1048576/DIO][1048576][4194304/DIO][4194304][OK]
	[4] Wipe blocks in block device [0/DIO][0][1048576/DIO][1048576][4194304/DIO][4194304][OK]
	[  137.858283] sd 2:0:0:0: [sda] Synchronizing SCSI cache

This commit adds an optional 2s delay if scsi_debug hasn't shown up in
sysfs after the modprobe call.
 2022-07-15 18:13:37 +00:00
Guilhem Moulin
3106b4e2c1 More typo and spelling fixes. 
Reported by `git ls-tree -rz --name-only | grep -Evz -e '\.(pdf|xz)$' -e
^po/ | xargs -r0 spellintian --`.  All changes are
documentation-related (comments, manuals, etc.) except for s/fial/fail/
in tests/unit-wipe-test.

The remaining entry are AFAICT all false positives, mostly annotations
such as `@param name name of xyz` or `struct foo foo`:

	$ git ls-tree -rz HEAD --name-only | grep -Evz -e '\.(pdf|xz)$' -e ^po/ | xargs -r0 spellintian --
	COPYING.LGPL: "GNU Library Public License" -> "GNU Library General Public License"
	autogen.sh: echo echo (duplicate word) -> echo
	configure.ac: fi fi (duplicate word) -> fi
	docs/v1.7.2-ReleaseNotes: option option (duplicate word) -> option
	lib/crypto_backend/cipher_check.c: block block (duplicate word) -> block
	lib/libcryptsetup.h: name name (duplicate word) -> name
	lib/libcryptsetup.h: type type (duplicate word) -> type
	lib/libcryptsetup.h: passphrase passphrase (duplicate word) -> passphrase
	lib/libcryptsetup.h: flags flags (duplicate word) -> flags
	lib/libcryptsetup.h: password password (duplicate word) -> password
	lib/libcryptsetup.h: salt salt (duplicate word) -> salt
	lib/libcryptsetup.h: keyslot keyslot (duplicate word) -> keyslot
	lib/libcryptsetup.h: priority priority (duplicate word) -> priority
	lib/libcryptsetup.h: offset offset (duplicate word) -> offset
	lib/libcryptsetup.h: length length (duplicate word) -> length
	lib/libcryptsetup.h: keyfile keyfile (duplicate word) -> keyfile
	lib/libcryptsetup.h: token token (duplicate word) -> token
	lib/libcryptsetup.h: cipher cipher (duplicate word) -> cipher
	lib/libcryptsetup.h: size size (duplicate word) -> size
	lib/luks2/luks2_json_metadata.c: long long (duplicate word) -> long
	lib/luks2/luks2_keyslot_luks2.c: AFEKSize AFEKSize (duplicate word) -> AFEKSize
	lib/luks2/luks2_reencrypt.c: alignment alignment (duplicate word) -> alignment
	lib/luks2/luks2_reencrypt_digest.c: ptr ptr (duplicate word) -> ptr
	lib/luks2/luks2_reencrypt_digest.c: buffer buffer (duplicate word) -> buffer
	lib/luks2/luks2_segment.c: min min (duplicate word) -> min
	lib/verity/verity_fec.c: blocks blocks (duplicate word) -> blocks
	man/cryptsetup.8.adoc: LUKS LUKS (duplicate word) -> LUKS
	scripts/cryptsetup.conf.in: root root (duplicate word) -> root
	src/Makemodule.am: endif endif (duplicate word) -> endif
	src/cryptsetup.c: long long (duplicate word) -> long
	src/utils_args.c: long long (duplicate word) -> long
	tests/compat-test2: fi fi (duplicate word) -> fi
	tests/device-test: echo echo (duplicate word) -> echo
	tests/differ.c: long long (duplicate word) -> long
	tests/loopaes-test: done done (duplicate word) -> done
	tests/luks2-integrity-test: aead aead (duplicate word) -> aead
	tests/luks2-reencryption-test: fi fi (duplicate word) -> fi
	tests/mode-test: done done (duplicate word) -> done
	tests/password-hash-test: cat cat (duplicate word) -> cat
	tests/password-hash-test: fi fi (duplicate word) -> fi
	tests/unit-wipe.c: long long (duplicate word) -> long
	tests/verity-compat-test: done done (duplicate word) -> done
	tests/verity-compat-test: fi fi (duplicate word) -> fi
	tokens/ssh/cryptsetup-ssh.c: argp argp (duplicate word) -> argp
	tokens/ssh/cryptsetup-ssh.c: arguments arguments (duplicate word) -> arguments

(Treated COPYING.LGPL as a false positive too since it's the exact text
from https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html .)
 2022-07-15 16:35:02 +02:00
Ondrej Kozina
56d4e9924e Add LUKS2 reencryption mangle tests. 2022-07-12 14:05:03 +02:00
Milan Broz
5904516122 Skip reencryption test if required ciphers are not available in userspace. 
This happens for some very old systems like CentOS6 or own compiled
crypto libraries.
 2022-07-05 15:08:43 +02:00
Milan Broz
b4603f1e28 Fix valgrind test in compat-test. 2022-07-04 14:34:04 +02:00
Ondrej Kozina
0009d9532e Extend LUKS2 decryption with datashift API tests. 2022-06-30 11:21:38 +02:00
Ondrej Kozina
f531b567e0 Test reencryption initalization error path. 
Test cli behaves properly when there's not enough
space in keyslots area for new unbound keyslot or
reencryption keyslot.

Fixes: #688.
 2022-06-27 16:01:43 +02:00
Milan Broz
d22b003640 Fix possible keyslot area size overflow during convert to LUKS2 
If keyslots are not sorted according to binary area offset,
the calculation of area size is wrong and can overflow
(LUKS1 does not store area size, only offset).

Let's just use function that calculates size from volume key size.
Images where keyslot areas are not aligned to 4k offset
are not supported anyway.

Fixes: #753
 2022-06-23 07:06:38 +02:00