eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-13 03:40:05 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,267 Commits 13 Branches 79 Tags
a1111c7aa0ff267427bba440cc38bbf765d4cb1c
Commit Graph

2267 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ondrej Kozina
a1111c7aa0 Tighten reencryption direction field validation. 2019-07-26 16:06:03 +02:00
Ondrej Kozina
1b82e70fc1 Fix bug in minimal device size calculation for reencryption. 2019-07-26 16:06:03 +02:00
Ondrej Kozina
35068c2e6e Fix broken segments calculation for backward data shift reencryption. 2019-07-26 16:06:03 +02:00
Ondrej Kozina
212703edf8 crypt_get_data_offset() must always return new offset value. 2019-07-26 16:06:03 +02:00
Ondrej Kozina
7460d1a446 Fix backward reencryption with data shift. 
The device has to be shrunk the data shift size during activation.
Otherwise the online reencryption would fail with incorrect device
size.
 2019-07-26 16:04:27 +02:00
Ondrej Kozina
c851205f83 Fix bug in reencryption digest to segment assignement. 2019-07-23 17:28:26 +02:00
Ondrej Kozina
dd0e073159 Fill direction field in crypt_reencrypt_status. 2019-07-23 17:28:26 +02:00
Ondrej Kozina
193b477086 Report reencryption data shift value in sectors. 2019-07-23 17:28:26 +02:00
Ondrej Kozina
3f85da0098 Fix datashift calculation in reencryption initialization. 2019-07-23 17:28:25 +02:00
Ondrej Kozina
dad28f3dfe Move exclusive open for offline reencryption in initialization. 2019-07-23 17:28:25 +02:00
Ondrej Kozina
e8e1da3fb5 Do not callback progress twice in reencryption loop. 2019-07-23 17:28:25 +02:00
Ondrej Kozina
4a24311161 Extend offline reencryption test for other keyslot numbers. 2019-07-15 14:36:36 +02:00
Ondrej Kozina
4f8c6b7773 Fix offline reencryption bug in header backup phase. 
If first active keyslot number was different from zero the
decryption always failed.
 2019-07-15 14:36:36 +02:00
Milan Broz
26fc2c24bd Update po files. 2019-07-15 10:26:13 +02:00
Ondrej Kozina
330f9daade Pass max_hotzone_size inside reencryption parameters in sectors. 2019-07-12 15:37:18 +02:00
Ondrej Kozina
4a232bc868 Pass device size inside reencryption parameters in sectors. 
it was mistake in reencryption API. All other device sizes
related to device mapper devices are always in 512b setctors.
 2019-07-12 15:37:18 +02:00
Ondrej Kozina
61dff96474 Reencryption keyslot must report as unbound. 2019-07-12 15:37:18 +02:00
Ondrej Kozina
bda28bbf38 Fix bug in crypt_keyslot_add_by_key. 2019-07-12 15:37:18 +02:00
Ondrej Kozina
66bedfd8e4 Fix LUKS2 reencryption recovery test. 
Detect properly the case when recovery actually completed
encryption action for detached header case.
 2019-07-12 15:37:18 +02:00
Ondrej Kozina
c18f968d84 Extend LUKS2 metadata size api tests. 2019-07-12 15:37:18 +02:00
Ondrej Kozina
5dfbc57117 Move LUKS2 metadata size api tests in separate routine. 2019-07-12 15:37:18 +02:00
Ondrej Kozina
e3fb6771d6 Re-enable mode test for LUKS2. 
Since release 2.1.0 mode test for LUKS2 is skipped due to small test image.
Enforce smaller LUKS2 metadata via --offset to reenable the test.

Also detect failure for open action if format pass earlier.
 2019-07-12 15:37:18 +02:00
Ondrej Kozina
f4da3c7f1b Add warning when changing explicitly requested LUKS2 metadata size. 2019-07-12 15:37:18 +02:00
Ondrej Kozina
81dbc9c070 Reduce implicit keyslots size when header device is too small. 
Unless user explicitly asks for keyslots areas size
(either via --luks2-keyslots-size or --offset) reduce keyslots
size so that it fits in metadata device.
 2019-07-12 15:37:08 +02:00
Ondrej Kozina
431bc87f85 Add LUKS2 error message hint when device too small. 
If we format LUKS2 device with parameters unsuitable
for current metadata device size we usually fail during header areas
wipe. It was not clear what the reason actually was.
 2019-07-12 15:12:46 +02:00
Milan Broz
b0e224a9f8 Update po file. 2019-07-01 10:19:14 +02:00
Ondrej Kozina
e3e6e75d40 Improvements to LUKS2 reencryption error messages. 
- make error messages propagated to users more comprehensible
- drop some error messages completely
- replace many error messages with debug logs only

Fixes #458.
 2019-07-01 10:18:55 +02:00
Ondrej Kozina
ed856f2ab8 Add tests for reencryption status reporting. 2019-07-01 10:18:52 +02:00
Ondrej Kozina
6425e1c52f Fix data device lookup among dm dependecies in crypt_init_by_name. 
Also remove overlooked temporary debug message.
 2019-07-01 10:18:49 +02:00
Ondrej Kozina
c842087cc1 Drop identical tests (already in compat-test). 2019-07-01 10:18:45 +02:00
Milan Broz
2651b381bb Update po files. 2019-06-29 10:43:28 +02:00
Yuri Chornoivan
4143d9871e Fix minor typos 2019-06-28 12:02:39 +00:00
Ondrej Kozina
fb9e467147 Add resize tests with --device-size parameter. 2019-06-27 14:40:06 +02:00
Ondrej Kozina
8b959158e3 Make resize action accept --device-size parameter (supports units). 
Fixes #368.
 2019-06-27 14:40:01 +02:00
Ondrej Kozina
ecb898c7ff Device size parameter must be always aligned to 512. 2019-06-27 14:39:59 +02:00
Milan Broz
c2b2b1ab5c Resync po files with the last translation. 
(to be updated later)
 2019-06-27 12:15:28 +02:00
Ondrej Kozina
d4682b3b38 Cleanup translated messages id. 
- minimize count of almost identical message ids
- unify style for some messages
- remove some useless messages
 2019-06-27 10:23:42 +02:00
Ondrej Kozina
2f4a50064f Add direction hint in reencryption hotzone device name. 2019-06-27 10:23:36 +02:00
Ondrej Kozina
6851535fe7 Add info about reencrytpion in LUKS2 status. 2019-06-27 10:23:08 +02:00
Ondrej Kozina
292a5f50b2 Allow offline reencryption on files without root privileges. 
If userspace block ciphers are not available try kcapi first.
 2019-06-27 10:19:23 +02:00
Ondrej Kozina
c25ce7c585 Allow disabling of reencryption locks via crypt_metadata_locking() 2019-06-27 10:19:18 +02:00
Ondrej Kozina
b22c9a86a9 Add internal crypt_zalloc routine (calloc wrapper). 2019-06-27 10:19:14 +02:00
Ondrej Kozina
767bb952a5 Enable crypt_init_by_name() for LUKS2 device on top of reencryption stack. 2019-06-27 10:19:12 +02:00
Ondrej Kozina
32e7178bbb Allow crypt_get_active_device for multi-segment devices. 2019-06-27 10:19:05 +02:00
Ondrej Kozina
614f671b92 Introduce SUBDEV internal device type. 
LUKS2 and other device types allow stacking of dm devices
underneath public top level device.

The new type identifies clearly those private devices in respective
device stack so that they can be easily removed while removing
top level public device.

Switch LUKS2 reencryption device stack to use SUBDEV type immmediately
for hotzone and overlay devices. Other devices will follow in later
releases.
 2019-06-27 10:19:01 +02:00
Ondrej Kozina
af62dbf3d3 Add internal limit for count of dm dependencies. 
32 should be enough (+1 for terminating NULL byte)
 2019-06-27 10:18:58 +02:00
Ondrej Kozina
249e6af3a6 Add LUKS2 uuid component in underlying dm-integrity device. 2019-06-27 10:18:56 +02:00
Ondrej Kozina
59bed375d0 Add type parameter to INTEGRITY_activate_dmd. 2019-06-27 10:18:54 +02:00
Ondrej Kozina
aba95b00aa Activate underlying dm-integrity privately for LUKS2 w/ auth. encryption. 2019-06-27 10:18:50 +02:00
Ondrej Kozina
011ee5b180 Introduce crypt_string_in internal helper. 
And replace custom name_in_list function with new helper.
 2019-06-27 10:18:47 +02:00