eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-10 02:10:01 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,914 Commits 14 Branches 78 Tags
b17e4fa3bf84b65f60ebcc1a0ce7806002ebe35a
Commit Graph

1914 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Milan Broz
b17e4fa3bf Use context in PBKDF benchmark log. 2018-11-27 15:04:03 +01:00
Milan Broz
35fa5b7dfc Propagate context in libdevmapper functions. 2018-11-27 14:47:50 +01:00
Milan Broz
7812214db6 Add context to device handling functions. 2018-11-27 14:19:57 +01:00
Milan Broz
a5a8467993 Use context in debug log messages. 
To use per-context logging even for debug messages
we need to use the same macro as for error logging.
 2018-11-27 13:37:20 +01:00
Ondrej Kozina
544ea7ccfc Drop needless size restriction on keyslots size. 2018-11-27 11:25:40 +01:00
Ondrej Kozina
024b5310fa Add validation tests for non-default json area size. 
Test both primary and secondary header validation tests
with non-default LUKS2 json area size.

Check validation rejects config.keyslots_size with zero value.

Check validation rejects mismatching values for metadata size
set in binary header and in config json section.
 2018-11-26 16:28:07 +01:00
Ondrej Kozina
177cb8bbe1 Extend baseline LUKS2 validation image to 16 MiBs. 2018-11-26 16:28:01 +01:00
Ondrej Kozina
35f137df35 Move some validation tests in new section. 2018-11-26 16:27:52 +01:00
Milan Broz
c71ee7a3e6 Update POTFILES. 2018-11-25 16:02:59 +01:00
Milan Broz
9a2dbb26a5 Fix signed/unsigned comparison warning. 2018-11-25 15:11:44 +01:00
Milan Broz
3d2fd06035 Fix setting of integrity persistent flags (no-journal). 
We have to query and set flags also for underlying dm-integrity device,
otherwise activation flags applied there are ignored.
 2018-11-25 12:46:41 +01:00
Milan Broz
2f6d0c006c Check for algorithms string lengths in crypt_cipher_check(). 
The kernel check will fail anyway if string is truncated, but this
make some compilers more happy.
 2018-11-25 10:55:28 +01:00
Milan Broz
43088ee8ba Fix unsigned return value. 2018-11-25 10:55:08 +01:00
Milan Broz
c17b6e7be3 Fix LUKS2_hdr_validate funtion definition. 2018-11-25 10:28:34 +01:00
Milan Broz
71299633d5 Properly handle interrupt in cryptsetup-reencrypt and remove log. 
Fixes #419.
 2018-11-24 20:10:46 +01:00
Milan Broz
dfe61cbe9c Fix sector-size tests for older kernels. 2018-11-24 20:10:03 +01:00
Milan Broz
18c9210342 Check for device size and sector size misalignment. 
Kernel prevents activation of device that is not aligned
to requested sector size.

Add early check to plain and LUKS2 formats to disallow
creation of such a device.
(Activation will fail in kernel later anyway.)

Fixes #390.
 2018-11-24 18:53:46 +01:00
Milan Broz
1167e6b86f Add support for Adiantum cipher mode. 2018-11-23 21:03:02 +01:00
Milan Broz
1684fa8c63 Do not run empty test set in main directory. 2018-11-22 16:30:33 +01:00
Milan Broz
b4dce61918 Try to check if AEAD cipher is available through kernel crypto API. 2018-11-22 16:02:33 +01:00
Milan Broz
d7ddcc0768 Reformat AF implementation, use secure allocation for buffer. 2018-11-22 16:02:00 +01:00
Milan Broz
36c26b6903 Properly propagate error from AF diffuse function. 2018-11-22 15:51:27 +01:00
Milan Broz
2300c692b8 Check hash value in pbkdf setting early. 2018-11-22 15:51:10 +01:00
Milan Broz
da6dbbd433 Fallback to default keyslot algorithm if backend does not know the cipher. 2018-11-22 15:49:56 +01:00
Ondrej Kozina
0a4bd8cb7d Remove unused crypt_dm_active_device member. 2018-11-22 15:49:21 +01:00
Ondrej Kozina
32d357e1a8 Secondary header offset must match header size. 2018-11-22 15:34:28 +01:00
Ondrej Kozina
21e259d1a4 Check json size matches value from binary LUKS2 header. 
We have max json area length parameter stored twice. In
LUKS2 binary header and in json metadata. Those two values
must match.
 2018-11-22 15:34:18 +01:00
Ondrej Kozina
c3a54aa59a Change max json area length type to unsigned. 
We use uint64_t for max json length everywhere else
including config.json_size field in LUKS2 metadata.

Also renames some misleading parameter names.
 2018-11-22 15:34:00 +01:00
Ondrej Kozina
7713df9e41 Enable all supported metadata sizes in LUKS2 validation code. 
LUKS2 specification allows various size of LUKS2 metadata.
The single metadata instance is composed of LUKS2 binary header
(4096 bytes) and immediately following json area. The resulting
assembled metadata size have to be one of following values,
all in KiB:

16, 32, 64, 128, 256, 512, 1024, 2048 or 4096
 2018-11-22 15:32:31 +01:00
Milan Broz
49900b79a9 Add branch v2_0_x to Travis. 2018-11-19 13:25:37 +01:00
Milan Broz
4f075a1aef Remove python dev from Travis script. 2018-11-09 10:28:29 +01:00
Milan Broz
d4cd902e1c Update po file. 2018-11-09 09:59:27 +01:00
Milan Broz
ef4484ab27 Remove python bindings in favour of liblockdev. 2018-11-09 09:18:41 +01:00
Ondrej Kozina
9e7f9f3471 Parse compat values from LUKS2 default segment encryption. 
We used to preset compat cipher and cipher_mode values during
crypt_format() or crypt_load(). Since we can change 'default segment'
dynamically during reencryption (encryption, decryption included) we
need to parse those values from default segment json encryption field
each time crypt_get_cipher() or crypt_get_cipher_mode() is called.
 2018-11-07 10:18:41 +01:00
Milan Broz
493e8580d6 Log all debug messages through log callback. 
This cahnge allow to redirect all output of library
to a log processor.
 2018-11-07 10:17:51 +01:00
Milan Broz
bce567db46 Add workaround for benchmarking Adiantum cipher. 2018-11-07 10:17:33 +01:00
Milan Broz
38e2c8cb8a Set devel version. 2018-11-07 10:16:35 +01:00
Milan Broz
16309544ac Fix ext4 image to work without CONFIG_LBDAF. 2018-11-05 12:00:01 +01:00
Milan Broz
517b5da67a Version 2.0.5. v2.0.5 2018-10-28 15:30:25 +01:00
Milan Broz
98460af44f Update LUKS2 docs. 2018-10-28 15:27:55 +01:00
Milan Broz
7213d5a76b Fix verbose message about key removal in luksKillSlot,luksErase and luksKremoveKey. 
The crypt_keyslot_destroy() does not return keyslot number,
so return value 0 was always used as a keyslot reference.
 2018-10-27 17:44:38 +02:00
Ondrej Kozina
bb29c5b322 Update man section describing convert command. 
Fixes #414.
 2018-10-26 10:07:41 +02:00
Milan Broz
58ad7bae48 Add 2.0.5 release notes. 2018-10-22 12:23:54 +02:00
Milan Broz
82a3480b12 Update po files. 2018-10-21 12:30:34 +02:00
Ondrej Kozina
c00811a846 Run LUKS2 validation code before header areas wiping. 
Also drops redundant checks peformed in general validation code.
 2018-10-18 08:48:48 +02:00
Milan Broz
27eaf46c8a Fix issues found by Coverity scan. 
- possible overflow of data offset calculation in wipe and
- dereferencing of pointer in a keyring error path.
 2018-10-14 21:50:06 +02:00
Milan Broz
202aeece3c Fix test module inclusion in tarball. 2018-10-14 20:54:06 +02:00
Milan Broz
825fc895dc Fix some signed/unsigned comparison warnings. 2018-10-14 20:36:45 +02:00
Milan Broz
a74aecedf1 Set devel version. 2018-10-14 20:24:34 +02:00
Milan Broz
fa1f63bcd0 Update po files. 2018-10-14 20:23:32 +02:00