eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-11 10:50:01 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,010 Commits 15 Branches 78 Tags
ec4e2faf14cb60466d4ccbea148cf5c5940258cf
Commit Graph

4010 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Milan Broz
ec4e2faf14 Add missing files to autoconf make dist. 2023-11-28 18:53:45 +00:00
Ondrej Kozina
e4a845c51e Use proper integer constant in meson_options.txt 
Unfortunately it creates decimal base constant when converting
to C define.

But the former implicit and deprecated conversion did it as well.
 2023-11-28 18:52:57 +00:00
Ondrej Kozina
d64203a018 Override meson default prefix. 2023-11-28 18:52:57 +00:00
Milan Broz
c0dfd1178d Fix some coverity scan issues. 
The read in kernel crypto backend is part of user crypto API
encryption call, we have to trust it here.

JSON fix is just one place where return code was not checked
for this particular function.
 2023-11-28 18:52:25 +00:00
Milan Broz
b3f1f611cd Always print error message for invalid keyring definition. 
Many cases quietly returned error without any error message.
 2023-11-27 15:13:04 +01:00
Мирослав Николић
86498858fc po: update sr.po (from translationproject.org) 2023-11-26 12:34:21 +01:00
Yuri Kozlov
403d12d52c po: update ru.po (from translationproject.org) 2023-11-26 12:34:21 +01:00
Jakub Bogusz
fcf6f8febf po: update pl.po (from translationproject.org) 2023-11-26 12:34:21 +01:00
Antonio Ceballos
06d02f4766 po: update es.po (from translationproject.org) 2023-11-26 12:34:21 +01:00
Milan Broz
6262da3a11 fuzz: add missing flex (util-linux req.) to fix fuzzing build 2023-11-26 10:39:22 +01:00
Milan Broz
dfbb7752b5 tests: fail early if PSID reset does not work for device. 
This should stop user from using wrong device for tests.
 2023-11-22 15:48:48 +01:00
Milan Broz
6b2cf68713 Suspend and resume also dm-integrity device with AEAD. 
Currently we suspend top-level device only.

With OPAL, the underlying device will start to return errors
once OPAL LR is locked.

If the dm-integrity device is not suspended, regular journal
flush corrupts the device (journal write failure),
corrupting data above it.

Suspending the whole stack should fix the issue.
 2023-11-22 12:15:18 +01:00
Milan Broz
0f51b5bacb Do not run sector read check on suspended device. 
This can affect status command, but later also device
stack with authenticated encryption (*_dif device).

Ignoring direct-io should not be problem here.
The logic shoudl be simplified in future anyway...
 2023-11-21 22:44:16 +01:00
Milan Broz
d3cc5e846a Do not require init_done for some deive helpers. 
It processes only name, no need to depend on real device
checks (for direct-io) etc.
 2023-11-21 22:44:16 +01:00
Ondrej Kozina
722c77c883 Fix wrong key id set when resuming LUKS2 device. 
If volume key digest id was not 0 it failed on assert
in LUKS2 resume path later.
 2023-11-21 21:43:34 +00:00
Daniel Zatovic
20c8096cc8 CI: change TSS package name for Debian 12 
Change package name from tpm2-tss-engine-dev (on Debian 11) to libtss2-dev (on Debian 12).
 2023-11-20 11:28:56 +01:00
Ondrej Kozina
8c0a943e5c Drop fake_token_path symbol from tests. 
It's no longer used.
 2023-11-17 10:42:23 +01:00
Ondrej Kozina
5ef1878b34 Do not use fake-token-path in ssh and systemd plugin tests. 2023-11-17 10:42:23 +01:00
Ondrej Kozina
836e5e4539 Add --external-tokens-path parameter in cryptsetup. 2023-11-16 17:49:09 +01:00
Ondrej Kozina
0328d61f29 Add crypt_token_set_external_path API. 
It can be used to override system library where
libcryptsetup looks for external token handlers (plugins).

The parameter is required to be absolute path and it is set
per process context.

Fixes: #846.
 2023-11-16 17:49:06 +01:00
Ondrej Kozina
31f82fd37c Drop deprecated use of implicit meson setup command. 2023-11-15 19:22:27 +00:00
Ondrej Kozina
9ca46971f2 Fix systemd-test-plugin initialization. 
check for .git subdirectory to decide if systemd
repository needs to be cloned.
 2023-11-15 19:22:27 +00:00
Ondrej Kozina
7aeb1c3aea Fix fake systemd tpm path symbol. 
The prototype for the function in systemd has changed.
Otrherwise the tests abort with SEGFAULT.
 2023-11-15 19:22:27 +00:00
Ondrej Kozina
cf7874de4b compat-test-opal does not depend on differ util. 2023-11-15 18:41:02 +01:00
Ondrej Kozina
d82a1843ba Speed up compat-test-opal valgrind test. 
By not testing cleanup routines repeatingly
for leaks.
 2023-11-15 18:41:02 +01:00
Ondrej Kozina
9a5a3855a0 Enable valgrind tests in meson. 2023-11-15 18:40:44 +01:00
Ondrej Kozina
83bb3648e3 Fix invalid comparison of bool and int types in root meson.build. 2023-11-15 13:33:05 +01:00
Ondrej Kozina
564379618a Increase minimal meson version to 0.64 
It's inital cryptsetup upstream release with
meson support so let's not pollute scripts
with if-then-else branching from the very
beginning.
 2023-11-15 13:33:05 +01:00
Daniel Zatovic
04a20e9b7d CI: disable -Wdeclaration-after-statement warning 2023-11-15 12:15:19 +01:00
Daniel Zatovic
11ab2f0d9e Dont mix declarations with code. 
Move asserts after declarations.
 2023-11-15 12:11:10 +01:00
Daniel Zatovic
7d4628e379 Remove obsolate AC_C_CONST macro. 
The AC_C_CONST test program fails to compile under latest clang with
-Wall -Werror, which results in erroneously defining "const" keyword to
an empty string. The AC_C_CONST is considered obsolate.
 2023-11-15 10:21:04 +01:00
Daniel Zatovic
a176f29dc4 CI: don't use non-existent meson flag 
An unknown -Dinternal-argon2=false flag was used, new meson version
fails when it gets unknown flag. Use the correct
-Dargon-implementation=internal flag instead.
 2023-11-13 12:08:43 +01:00
Daniel Zatovic
a8168eb854 CI: switch compilation test to Ubuntu Lunar (23.04) 2023-11-13 12:08:43 +01:00
Daniel Zatovic
98f2b9c136 CI: switch Debian runner from 11 to 12 2023-11-13 12:08:43 +01:00
Milan Broz
0e44494aba tests: Temporarily disable veritysetup tasklet option test. 
Kernel bug reporte here:
  https://lore.kernel.org/dm-devel/fa17b8d8-2d84-45c8-ac6a-1876f1f55a52@gmail.com/
 2023-11-13 12:00:13 +01:00
Milan Broz
371cfc4394 tests: Clean up also dm-integrity device in OPAL test 2023-11-07 19:39:37 +01:00
Ondrej Kozina
860550b3c6 Fix memory leaks detected in compat-test-opal. 2023-11-07 09:58:53 +01:00
Milan Broz
2a9752b6c8 tests: Do not run OPAL test with valgrind if variables are not set 
Otherwise it will break run with exit code 77.
 2023-11-06 17:12:57 +00:00
Ondrej Kozina
4543a445a0 Add hint about missing OPAL support in kernel. 
Unfortunately there is currently no way how
to make difference between device lacking SED OPAL support
state and kernel missing SED OPAL support via disabled interface
via configure option.
 2023-11-06 17:12:31 +00:00
Ondrej Kozina
ee31159c68 Enable tests fixed with recent commits. 2023-11-06 16:49:28 +01:00
Ondrej Kozina
029d4bdd57 Abort LUKS2 reencryption early if OPAL device used. 2023-11-06 16:49:28 +01:00
Ondrej Kozina
89e0ef96c2 Add LUKS2 OPAL requirement flag. 2023-11-06 16:49:26 +01:00
Ondrej Kozina
f623eb2e99 Add more onlyLUKS helpers for convenience. 2023-11-06 14:47:41 +01:00
Ondrej Kozina
d09b27a170 Fix memory leak in kernel keyring keyslot context. 
The leak occured only when the context instance was
used more than once.
 2023-11-03 21:27:59 +00:00
Ondrej Kozina
abf7e3e359 Fix memleak in test. 
By defining custom buffer free function in test token handler
the default call to free() gets skipped.
 2023-11-03 21:27:59 +00:00
Ondrej Kozina
79444bc615 Fix memory leak in device context. 2023-11-03 21:27:59 +00:00
Ondrej Kozina
0154893ad5 Remove inital opal-test. 
Test fully included in compat-test-opal.
 2023-11-02 17:15:14 +01:00
Ondrej Kozina
b23e9f32f2 Add basic compat-opal-test. 
The aim of the test is verify compatibility with
SW only LUKS2 devices for basic operations like
activation, deactivation, suspend, resume and
token based activation.
 2023-11-02 17:15:14 +01:00
Ondrej Kozina
1b7211f013 Do not allow decryption on devices with unsupported parameters. 
Most notably LUKS2 w/ authenticated encryption profile. OPAL restriction
will be added in later commits.
 2023-11-02 17:15:14 +01:00
Ondrej Kozina
b9ba5ec14d Do not allow --integrity option in reencryption action. 2023-11-02 17:15:14 +01:00