eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-21 15:50:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,714 Commits 13 Branches 81 Tags
a00722e80c714beb9557ea9ab4c61e39f8c7850b
Commit Graph

2714 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Milan Broz
f3ec1e2254 Add some descriptive output to device test - performance flags. 2020-08-20 22:38:03 +02:00
Milan Broz
d5729bdf01 Add no_read/write_wrokqueue to dm-crypt options. 
These performance options, introduced in kernel 5.9, configures
dm-crypt to bypass read or write workqueues and run encryption
synchronously.

Also support persistent storage of these flags for LUKS2.
 2020-08-20 20:58:44 +02:00
Milan Broz
3c54d8a239 Support panic_on_corruption option form dm-verity. 
The panic_on_corruption switch is available since kernel 5.9 (dm-verity 1.7.0).
 2020-08-20 18:52:31 +02:00
Ondrej Kozina
f647333f49 Add test for reencryption with --master-key-file argument. 2020-08-20 18:17:17 +02:00
Ondrej Kozina
fcddbf5c03 Add API test for reencryption with specific new key. 2020-08-20 18:17:06 +02:00
Ingo Franzki
1bce69cfde Support online reencryption for PAES cipher. 
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

(With few adjustments by Ondrej Kozina)
 2020-08-20 18:16:48 +02:00
Vojtech Trefny
32d4f243e6 bitlk: Set sector size to 512 when unknown/zero 
Fixes: #584
 2020-08-20 12:08:06 +02:00
Ondrej Kozina
8e6b8cd6e6 Revert "Allow base autodetection base in integer args parsing." 
This reverts commit 018680046c.

We do not want integer cl arguments in non-decimal format. This was
experimental patch.
 2020-08-17 13:44:13 +02:00
Milan Broz
6a6c4d0887 Fix 32bit invalid CLI arguments check on 32bit systems. 
Comparison to > UINT32_MAX cannot be true if argument
is 32bit unsigned long.
 2020-08-15 22:32:47 +02:00
Milan Broz
737ecd9d42 Use Ubuntu 20.04 in Travis CI builds. 2020-08-15 17:16:58 +02:00
Milan Broz
191d8a0716 Add libcryptsetup_cli headers to distribution files. 2020-08-15 15:39:55 +02:00
Ondrej Kozina
cfcc908cae Move clogger to libcryptsetup_cli crypt_cli_logger. 2020-08-15 15:28:42 +02:00
Ondrej Kozina
cf2e099087 Use new crypt_cli_read_mk in integritysetup. 
Check key size while parsing cli arguments.
 2020-08-15 15:28:32 +02:00
Ondrej Kozina
d6cc88cabb Move tools_write_mk in cryptsetup. 
Also drops dependency on lib/utils_io.c in some tools.
 2020-08-15 15:28:09 +02:00
Ondrej Kozina
42692418c2 Move tools_read_mk helper in libcryptsetup_cli. 2020-08-15 15:27:33 +02:00
Ondrej Kozina
a985c12659 WIP: Introduce libcryptsetup_cli. 
Introducing new library supposed to be used in
cryptsetup tools and future cryptsetup loadable plugins

TODO:
  - distribution
  - cleanup header files
  - incorporate also plugin API?
 2020-08-15 15:24:18 +02:00
Josef Andersson
5ebf128023 po: update sv.po (from translationproject.org) 2020-08-15 11:30:09 +02:00
Мирослав Николић
911b16bab8 po: update sr.po (from translationproject.org) 2020-08-15 11:30:09 +02:00
Milan Broz
693f61c47f Fix missing cryptsetup-reencrypt header files in dist. 2020-08-15 11:23:44 +02:00
Ondrej Kozina
3a8c866393 Reinstate original argument type hints in --help output. 2020-08-15 11:16:25 +02:00
Ondrej Kozina
0851c2cfb0 Port veritysetup to new args parsing. 2020-08-15 11:15:47 +02:00
Ondrej Kozina
958eaf4b24 Make tools_clear_line internal routine. 2020-08-15 11:12:05 +02:00
Ondrej Kozina
07f9248448 Make quiet_log decision logic more obvious. 2020-08-15 11:11:55 +02:00
Ondrej Kozina
c2371f95c6 Move decision on forcing weak password to tool directly. 2020-08-15 11:11:31 +02:00
Ondrej Kozina
379322f0b8 Port cryptsetup-reencrypt to new arguments parsing code. 2020-08-15 11:10:27 +02:00
Ondrej Kozina
b30b17d1eb Port integritysetup to new arguments parsing code. 2020-08-15 11:09:02 +02:00
Ondrej Kozina
ef3beeb390 Port cryptsetup to new arguments parsing code. 2020-08-15 11:07:15 +02:00
Ondrej Kozina
48e0b20e62 Add arguments helper macros. 
used later to read and set command line arguments in
all tools
 2020-08-15 10:44:06 +02:00
Ondrej Kozina
018680046c Allow base autodetection base in integer args parsing. 2020-08-15 10:43:46 +02:00
Ondrej Kozina
aebe14a6e9 Introduce new function to parse command line arguments. 
To be used later in all tools.
 2020-08-15 10:22:53 +02:00
Ondrej Kozina
c4b7bf8635 Add optional context parameter in crypt_token_load. 2020-08-15 10:15:17 +02:00
Ondrej Kozina
3973f6a57c Align token dump with other outputs. 2020-08-15 10:12:46 +02:00
Milan Broz
5906ca25f7 Move blkid signature checking to blockdev file. 2020-08-15 10:12:29 +02:00
Milan Broz
2ce8573f04 Add PIN processing to tokens. 2020-08-15 10:10:40 +02:00
Luca Boccassi
f6706ce124 Add a test function to exercise concurrent activations 
The issue can be reproduced very easily by starting 2 veritysetup processes
at the same time:

$ sudo veritysetup open -v ./img.raw img ./img.verity  & sudo veritysetup open -v ./img.raw img ./img.verity
[1] 814021
device-mapper: create ioctl on img CRYPT-VERITY-cea03b7bc5b94e088e5754ff33be71d6-img failed: Device or resource busy
Verity device detected corruption after activation.
Command successful.
Command failed with code -1 (wrong or missing parameters).

Note how veritysetup open is reporting -EINVAL as the return code.

After the fix:

$ sudo veritysetup open -v ./img.raw img ./img.verity  & sudo veritysetup open -v ./img.raw img ./img.verity
[1] 814649
Verity device detected corruption after activation.
Command successful.
Device img already exists.
Command failed with code -5 (device already exists or device is busy).
 2020-08-12 16:51:20 +01:00
Milan Broz
31ebf3dc2c libdevmapper: always return EEXIST if a task fails because the device already exists 
Allows concurrent opens to return a usable error instead of EINVAL
 2020-08-12 16:50:57 +01:00
Milan Broz
cb183de1da Add configure option for LUKS2 external tokens lib. 
This is an experimental extension that is disabled for now.
 2020-08-11 17:59:51 +02:00
Ondrej Kozina
c867f2e8a0 Unload all external tokens on exit. 2020-08-11 17:36:30 +02:00
Ondrej Kozina
c9ff83bfa3 Implement external tokens unload. 2020-08-11 17:36:26 +02:00
Ondrej Kozina
05c997da1f Store dynamic plugin handle. 
For use later when unloading cryptsetup library.
 2020-08-11 17:36:22 +02:00
Ondrej Kozina
f677bdc12f Fix few bugs in previous commit. 
- crypt_token_register must not be called from withing crypt_token_load
(see later commits)

- minor bug in dlvsym/dlerror handling

- check for overflow in LUKS2_token_handler_type
 2020-08-11 17:36:15 +02:00
Milan Broz
2178461c89 Add external token load. 
(just very minor fixes by okozina to compile w/ previous commit)
 2020-08-11 17:36:11 +02:00
Ondrej Kozina
d438151f25 Partially revert few changes. 2020-08-09 13:17:54 +02:00
Milan Broz
7d475266b6 Simplify internal tokens handling. 2020-08-09 13:17:40 +02:00
Ondrej Kozina
367cb7a761 Fix API mistake in crypt_reencrypt. 
Introducing new version of crypt_reencrypt symbol including
previously missing usrptr parameter. This change should be
backward compatible for existing libcryptsetup users
until next recompilation where it needs to be fixed.
 2020-08-09 13:16:57 +02:00
Ondrej Kozina
4604f00218 Remove unreachable code in cryptsetup-reencrypt. 
opt_key_size variable can't be zero at that specific
code path.
 2020-08-09 13:16:32 +02:00
Ondrej Kozina
8eff9151ac Set proper debug level defined in API. 2020-08-09 13:16:27 +02:00
Ondrej Kozina
50797c7948 Make total_keyfiles counter global variable. 2020-08-09 13:16:23 +02:00
Ondrej Kozina
c34a3e2c5b Add initial arguments compat test. 2020-08-09 11:31:27 +02:00
Ondrej Kozina
35211cdc8f Add --test-args option. 2020-08-09 11:30:20 +02:00