eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-17 22:00:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,546 Commits 13 Branches 79 Tags
a76c96d3610a78b99e74e467acbbbc51a2b13634
Commit Graph

789 Commits

Author SHA1 Message Date
Guilhem Moulin
a76c96d361 unit-wipe-test: Wait a bit so scsi_debug has a chance to fully initialize. 
On my test system `tests/unit-wipe-test` fails (as root) due to a race
condition in add_device():

	root@host:~# ./unit-wipe-test
	[1] Wipe full file [0/DIO][0][1048576/DIO][1048576][4194304/DIO][4194304][OK]
	[2] Wipe blocks in file [0/DIO][0][1048576/DIO][1048576][4194304/DIO][4194304][OK]
	[  105.828258] scsi_debug:sdebug_driver_probe: scsi_debug: trim poll_queues to 0. poll_q/nr_hw = (0/1)
	[  105.830450] scsi host2: scsi_debug: version 0191 [20210520]
	[  105.830450]   dev_size_mb=8, opts=0x0, submit_queues=1, statistics=0
	[  105.832924] scsi 2:0:0:0: Direct-Access     Linux    scsi_debug       0191 PQ: 0 ANSI: 7
	[  105.835417] scsi 2:0:0:0: Attached scsi generic sg1 type 0
	FAIL Cannot find /dev/.
	FAILED backtrace:
	48 ./unit-wipe-test
	144 main ./unit-wipe-test
	[  105.875131] sd 2:0:0:0: Power-on or device reset occurred
	[  105.876069] sd 2:0:0:0: [sda] 16384 512-byte logical blocks: (8.39 MB/8.00 MiB)
	[  105.877190] sd 2:0:0:0: [sda] Write Protect is off
	[  105.878002] sd 2:0:0:0: [sda] Write cache: enabled, read cache: enabled, supports DPO and FUA
	[  105.879619] sd 2:0:0:0: [sda] Optimal transfer size 524288 bytes
	[  105.914222] sd 2:0:0:0: [sda] Attached SCSI disk
	[  106.866296] sd 2:0:0:0: [sda] Synchronizing SCSI cache

Observe how the “Power-on or device reset occurred” event occurs only
after add_device() has returned.  Interestingly, for subsequent runs the
delay appears to be much shorter and doesn't trigger the race condition:

	root@host:~# ./unit-wipe-test
	[1] Wipe full file [0/DIO][0][1048576/DIO][1048576][4194304/DIO][4194304][OK]
	[2] Wipe blocks in file [0/DIO][0][1048576/DIO][1048576][4194304/DIO][4194304][OK]
	[  130.639855] scsi_debug:sdebug_driver_probe: scsi_debug: trim poll_queues to 0. poll_q/nr_hw = (0/1)
	[  130.641463] scsi host2: scsi_debug: version 0191 [20210520]
	[  130.641463]   dev_size_mb=8, opts=0x0, submit_queues=1, statistics=0
	[  130.643809] scsi 2:0:0:0: Direct-Access     Linux    scsi_debug       0191 PQ: 0 ANSI: 7
	[  130.645342] sd 2:0:0:0: Power-on or device reset occurred
	[  130.646364] sd 2:0:0:0: [sda] 16384 512-byte logical blocks: (8.39 MB/8.00 MiB)
	[  130.647585] sd 2:0:0:0: [sda] Write Protect is off
	[  130.648428] sd 2:0:0:0: Attached scsi generic sg1 type 0
	[  130.649339] sd 2:0:0:0: [sda] Write cache: enabled, read cache: enabled, supports DPO and FUA
	[  130.650763] sd 2:0:0:0: [sda] Optimal transfer size 524288 bytes
	[  130.682223] sd 2:0:0:0: [sda] Attached SCSI disk
	[3] Wipe full block device [0/DIO][0][1048576/DIO][1048576][4194304/DIO][4194304][OK]
	[4] Wipe blocks in block device [0/DIO][0][1048576/DIO][1048576][4194304/DIO][4194304][OK]
	[  137.858283] sd 2:0:0:0: [sda] Synchronizing SCSI cache

This commit adds an optional 2s delay if scsi_debug hasn't shown up in
sysfs after the modprobe call.
 2022-07-15 18:13:37 +00:00
Guilhem Moulin
3106b4e2c1 More typo and spelling fixes. 
Reported by `git ls-tree -rz --name-only | grep -Evz -e '\.(pdf|xz)$' -e
^po/ | xargs -r0 spellintian --`.  All changes are
documentation-related (comments, manuals, etc.) except for s/fial/fail/
in tests/unit-wipe-test.

The remaining entry are AFAICT all false positives, mostly annotations
such as `@param name name of xyz` or `struct foo foo`:

	$ git ls-tree -rz HEAD --name-only | grep -Evz -e '\.(pdf|xz)$' -e ^po/ | xargs -r0 spellintian --
	COPYING.LGPL: "GNU Library Public License" -> "GNU Library General Public License"
	autogen.sh: echo echo (duplicate word) -> echo
	configure.ac: fi fi (duplicate word) -> fi
	docs/v1.7.2-ReleaseNotes: option option (duplicate word) -> option
	lib/crypto_backend/cipher_check.c: block block (duplicate word) -> block
	lib/libcryptsetup.h: name name (duplicate word) -> name
	lib/libcryptsetup.h: type type (duplicate word) -> type
	lib/libcryptsetup.h: passphrase passphrase (duplicate word) -> passphrase
	lib/libcryptsetup.h: flags flags (duplicate word) -> flags
	lib/libcryptsetup.h: password password (duplicate word) -> password
	lib/libcryptsetup.h: salt salt (duplicate word) -> salt
	lib/libcryptsetup.h: keyslot keyslot (duplicate word) -> keyslot
	lib/libcryptsetup.h: priority priority (duplicate word) -> priority
	lib/libcryptsetup.h: offset offset (duplicate word) -> offset
	lib/libcryptsetup.h: length length (duplicate word) -> length
	lib/libcryptsetup.h: keyfile keyfile (duplicate word) -> keyfile
	lib/libcryptsetup.h: token token (duplicate word) -> token
	lib/libcryptsetup.h: cipher cipher (duplicate word) -> cipher
	lib/libcryptsetup.h: size size (duplicate word) -> size
	lib/luks2/luks2_json_metadata.c: long long (duplicate word) -> long
	lib/luks2/luks2_keyslot_luks2.c: AFEKSize AFEKSize (duplicate word) -> AFEKSize
	lib/luks2/luks2_reencrypt.c: alignment alignment (duplicate word) -> alignment
	lib/luks2/luks2_reencrypt_digest.c: ptr ptr (duplicate word) -> ptr
	lib/luks2/luks2_reencrypt_digest.c: buffer buffer (duplicate word) -> buffer
	lib/luks2/luks2_segment.c: min min (duplicate word) -> min
	lib/verity/verity_fec.c: blocks blocks (duplicate word) -> blocks
	man/cryptsetup.8.adoc: LUKS LUKS (duplicate word) -> LUKS
	scripts/cryptsetup.conf.in: root root (duplicate word) -> root
	src/Makemodule.am: endif endif (duplicate word) -> endif
	src/cryptsetup.c: long long (duplicate word) -> long
	src/utils_args.c: long long (duplicate word) -> long
	tests/compat-test2: fi fi (duplicate word) -> fi
	tests/device-test: echo echo (duplicate word) -> echo
	tests/differ.c: long long (duplicate word) -> long
	tests/loopaes-test: done done (duplicate word) -> done
	tests/luks2-integrity-test: aead aead (duplicate word) -> aead
	tests/luks2-reencryption-test: fi fi (duplicate word) -> fi
	tests/mode-test: done done (duplicate word) -> done
	tests/password-hash-test: cat cat (duplicate word) -> cat
	tests/password-hash-test: fi fi (duplicate word) -> fi
	tests/unit-wipe.c: long long (duplicate word) -> long
	tests/verity-compat-test: done done (duplicate word) -> done
	tests/verity-compat-test: fi fi (duplicate word) -> fi
	tokens/ssh/cryptsetup-ssh.c: argp argp (duplicate word) -> argp
	tokens/ssh/cryptsetup-ssh.c: arguments arguments (duplicate word) -> arguments

(Treated COPYING.LGPL as a false positive too since it's the exact text
from https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html .)
 2022-07-15 16:35:02 +02:00
Ondrej Kozina
56d4e9924e Add LUKS2 reencryption mangle tests. 2022-07-12 14:05:03 +02:00
Milan Broz
5904516122 Skip reencryption test if required ciphers are not available in userspace. 
This happens for some very old systems like CentOS6 or own compiled
crypto libraries.
 2022-07-05 15:08:43 +02:00
Milan Broz
b4603f1e28 Fix valgrind test in compat-test. 2022-07-04 14:34:04 +02:00
Ondrej Kozina
0009d9532e Extend LUKS2 decryption with datashift API tests. 2022-06-30 11:21:38 +02:00
Ondrej Kozina
f531b567e0 Test reencryption initalization error path. 
Test cli behaves properly when there's not enough
space in keyslots area for new unbound keyslot or
reencryption keyslot.

Fixes: #688.
 2022-06-27 16:01:43 +02:00
Milan Broz
d22b003640 Fix possible keyslot area size overflow during convert to LUKS2 
If keyslots are not sorted according to binary area offset,
the calculation of area size is wrong and can overflow
(LUKS1 does not store area size, only offset).

Let's just use function that calculates size from volume key size.
Images where keyslot areas are not aligned to 4k offset
are not supported anyway.

Fixes: #753
 2022-06-23 07:06:38 +02:00
Ondrej Kozina
a485f44b57 Fix decryption with datashift initialization. 
It did not work with --active-name option for
active LUKS2 devices.
 2022-06-21 15:27:43 +02:00
Ondrej Kozina
f182d73001 Speed up reencryption tests. 
By not testing repeatedly that 'wipe' test utility actually
wipes the device. This test is supposed to test reencryption
code.

I have left untouched already existing first time checks
for each data digest.
 2022-06-21 10:47:42 +02:00
Milan Broz
857d17d210 Fix makefile to include wipe-test in dist tarball. 2022-06-17 19:57:31 +02:00
Milan Broz
279490b622 Add test for keyslot area overflow during validation. 2022-06-17 16:03:32 +02:00
Milan Broz
ba9e36ceae Add empty string check to LUKS2 JSON validation. 
Most of the LUKS2 fields cannot be empty,
add check for JSON validation for it to fail early.

Fixes: #746
 2022-06-17 14:46:50 +02:00
Ondrej Kozina
f97af5dcfe Add LUKS2 decryption with datashift tests. 2022-06-17 13:48:15 +02:00
Ondrej Kozina
369a18cd3b Rename sector size related variables. 2022-06-14 17:11:25 +02:00
Ondrej Kozina
692bb8a455 Properly define uint32_t constants in API. 
We do not change any value but it was not declared properly
and limit values had to be type cast to avoid compiler warnings
with strict options.
 2022-06-07 11:30:34 +02:00
Milan Broz
59692e3ca2 Add a test for LUKS2 integrity with detached header. 2022-05-26 06:44:53 +00:00
Milan Broz
7e6c48f67c integritysetup: mention and test xxhash64 non-crypto hash 
Fast xxhash64 algoritm can be used for integrity protection.
Add implicit tag size (so user do not need to use --tag-size),
mention it in man page and add a test.

Fixes: #632
 2022-05-24 14:36:25 +00:00
Vojtech Trefny
795b37d128 bitlk: Add BitLocker volume size to dump 2022-05-24 06:48:26 +00:00
Vojtech Trefny
6c73057156 integrity: Fix integrity_key_size for algorithms without keys 
INTEGRITY_key_size returns -EINVAL for algorithms without a key
and because crypt_params_integrity.integrity_key_size is an
unsigned integer we get key size 4294967274 instead of more
appropriate 0 for these algorithms.
 2022-05-22 19:58:00 +02:00
Milan Broz
4d6e9e7c32 Add crypt_wipe unit test. 
It uses simple C wrapper aroung crypt_wipe() libcryptsetup
and then bash test scripts wipung simple file and block device.
 2022-05-18 16:39:48 +02:00
Milan Broz
8606865e15 Avoid using top_srcdir in SOURCES. 2022-05-11 09:36:26 +00:00
Milan Broz
3173595fc9 Avoid using bash arrays in verity test. 
This will break on every small change (as in following patch).
Just grep the key word as used elsewhere.
 2022-05-09 13:46:24 +02:00
Milan Broz
ede2a8a45f Add some basic UTF conversion function test. 
Used only in bitlk format.
 2022-05-03 15:48:09 +00:00
Milan Broz
2bf0f537f6 Add constant time memcmp and use it for comparing keys. 
There is perhaps no problem now, but it is a good practise to use
constant time for key comaprison to avoid possible side channel
issues.
 2022-04-28 15:19:23 +00:00
Milan Broz
a25d10407d Fix some scan build warnings for api-test-2. 2022-04-28 12:56:59 +00:00
Milan Broz
2d8cdb2e35 Add unit test fo some functions in utils_crypt.c. 2022-04-28 08:11:58 +00:00
Ondrej Kozina
c67db10c22 Do not allow sector size increase reencryption in offline mode. 
The eventual logical block size increase on dm-crypt device above
filesystem block size may lead making fs unusable. Do not allow
offline reencryption when sector size increase is requested.

If users really want to perform it make them use existing
--force-offline-reencrypt option.
 2022-04-25 12:18:33 +02:00
Milan Broz
4cdcd908f4 Fix memory leak in integrity resize api-test. 2022-04-21 08:21:01 +00:00
Milan Broz
1d6a445e43 Fix integrity api-test. 
The journal crypt is in wrong format (this never worked! :),
here it takes kernel syntax.
Also use CBC a CTR mode could be missing here.

Fox typo in key length caclulation.

Clear temporary dm devices after test, loop devices are reused.

If the first device format is ok, all subsequent cals should
be treated as an error.
 2022-04-21 08:21:01 +00:00
Milan Broz
e4a0d25315 Fix missing batch option in test. 2022-04-20 16:08:58 +00:00
Milan Broz
81a63aca22 Fix tests if compiled with --disable-blkid. 
Note that htere are some systems with blkid but without
blkid support for secondary LUKS2 header (CentOS6 for example).
 2022-04-20 16:08:58 +00:00
Milan Broz
3363bad8c2 Speed-up tcrypt test. 
We can limit hash and cipher to not scan all variants here.
 2022-04-20 14:37:13 +00:00
Milan Broz
773fc0195f Fix typos found by codespell. 
Thanks Dimitri Papadopoulos Orfanos for the patch.

Fixes: #734.
 2022-04-20 14:37:13 +00:00
Milan Broz
5c7858883c Remove cryptsetup-reencrypt version dump from tests. 2022-04-20 14:37:13 +00:00
Ondrej Kozina
c9da460b6c Do not allow dangerous sector size change during reencryption. 
By changing encryption sector size during reencryption we may
increase effective logical block size for dm-crypt active device.

For example if hosted filesystem on encrypted data device
has block size set to 512 bytes and we increase dm-crypt logical
size durign reencryption to 4096 bytes it breaks the filesystem.

Do not allow encryption sector size to be increased over value
provided by fs superblock in BLOCK_SIZE property.

The check is applied while initialising LUKS2 device encryption
(reencrypt --encrypt/--new) or when initialising LUKS2 reencryption
on active dm-crypt device.

Note that this check cannot be applied on offline device (data device
is encrypted).
 2022-04-19 13:27:37 +00:00
Milan Broz
9b60e2d959 Add some tests for invalid keyslot JSON objects. 2022-04-14 10:28:20 +00:00
Ondrej Kozina
dbd4dc1dc0 Speedup reencryption tests. 2022-04-13 16:23:01 +02:00
Ondrej Kozina
d56ccc97b8 Detect broken LUKS metadata in-before encryption. 
We should abort LUKS device in-place encryption
when target data device or metadata device
contain broken LUKS metadata (any version).
Filed crypt_load() call was not good enough check
because the call fails also when a device contains
LUKS metadata overlapping with other superblock
(e.g. LVM2 PV signature).

Let blkid decide if device contains broken LUKS
metadata or not.

Fixes: #723.
 2022-04-11 11:38:56 +00:00
Milan Broz
83ef36bd59 Add tests for LUKS2 JSON mangled top-level objects. 2022-04-09 21:27:09 +02:00
Milan Broz
c07cfa20de test generators: unify checksum check functions 2022-04-09 21:25:55 +02:00
Milan Broz
6d8587c137 test generators: unify kill header check functions 2022-04-09 21:25:55 +02:00
Milan Broz
d43b495f21 test generators: unify mangle & kill header functions 2022-04-09 21:25:55 +02:00
Milan Broz
e97238fb6d test generators: use one common cleanup function 2022-04-09 21:25:55 +02:00
Milan Broz
c9ead0482d test generators: use one common prepare function 2022-04-09 21:25:55 +02:00
Ondrej Kozina
d3079c2fb3 Do not resume reencryption with conflicting parameters. 
Do not resume reencryption operation with conflicting parameters.
For example if operation was initialized as --encrypt do not
allow resume with oposing parameter --decrypt and vice versa.

Also checks for conflicting --resilience parameters (datashift cannot
be changed after initialization).

Previously, conflicting reencryption parameters were silently ignored.
So, for example operation initialized with mode --encrypt and resumed
with mode --decrypt simply finished --encrypt operation and did not
report any error. This could lead to impresion different type of
operation was perfomed instead.

Fixes: #570.
 2022-04-07 13:49:40 +02:00
Ondrej Kozina
31c4afbc17 Add --force-offline-reencrypt option. 
It can be used to enforce offline reencryption
in batch mode when data_device is regular file
and therefore cryptsetup cannot detect properly
active device dm name.

Also it may be useful when active device
auto-detection fails for some reason and user
has no other choice but inspect device holders
manually.
 2022-04-06 22:59:37 +02:00
Milan Broz
3a56cf05bf Replace mk_ with vk_ name prefix. 2022-03-29 19:06:38 +00:00
Milan Broz
b6c36f50ba Replace name master with volume key. 
And keep two tests for compatibility.
 2022-03-29 19:06:38 +00:00
Milan Broz
1116289de4 Try to load dm-integrity in api-test. 2022-03-29 14:17:53 +00:00