eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-16 05:10:03 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,153 Commits 13 Branches 79 Tags
ee57b865b0f3d5907ad184bcc3cf40ec22dfdef7
Commit Graph

1040 Commits

Author SHA1 Message Date
Ondrej Kozina
ee57b865b0 Reuse device file desriptors. 2019-05-10 21:05:31 +02:00
Milan Broz
ecbb9cfa90 Use upstream gnulib patch for Coverity warning fixed by previous patch. 2019-05-10 21:03:22 +02:00
Ondrej Kozina
8545e8496b Fix memleak in reencryption with moved segment. 2019-05-07 17:17:34 +02:00
Kamil Dudka
75b2610e85 Fix TAINTED_SCALAR false positives of Coverity 
Coverity Analysis 2019.03 incorrectly marks the input argument
of base64_encode(), and conseuqnetly base64_encode_alloc(), as
tainted_data_sink because it sees byte-level operations on the input.
This one-line annotation makes Coverity suppress the following false
positives:

Error: TAINTED_SCALAR:
lib/luks2/luks2_digest_pbkdf2.c:117: tainted_data_argument: Calling function "crypt_random_get" taints argument "salt".
lib/luks2/luks2_digest_pbkdf2.c:157: tainted_data: Passing tainted variable "salt" to a tainted sink.

Error: TAINTED_SCALAR:
lib/luks2/luks2_keyslot_luks2.c:445: tainted_data_argument: Calling function "crypt_random_get" taints argument "salt".
lib/luks2/luks2_keyslot_luks2.c:448: tainted_data: Passing tainted variable "salt" to a tainted sink.
 2019-05-07 15:35:55 +02:00
Milan Broz
237021ec15 Fix some warnings in static analysis. 2019-05-07 13:44:43 +02:00
Milan Broz
1f91fe7a2c Use JSON-debug wrappers. 2019-05-03 14:02:43 +02:00
Ondrej Kozina
a7f80a2770 Add resilient LUKS2 reencryption library code. 2019-05-02 16:44:23 +02:00
Ondrej Kozina
a5c5e3e876 Add dm_device_deps for quering dm device dependencies. 2019-05-02 15:23:29 +02:00
Ondrej Kozina
8e4fb993c0 Add error target support in dm_query_device. 2019-05-02 15:23:29 +02:00
Ondrej Kozina
846567275a Move dm_query_device body in static function. 2019-05-02 15:23:28 +02:00
Ondrej Kozina
741c972935 Remove unused minor number from dm_is_dm_device. 2019-05-02 15:23:28 +02:00
Ondrej Kozina
6c2760c9cd Report data sync errors from storage wrapper. 2019-04-29 16:48:20 +02:00
Ondrej Kozina
b35a5ee4a3 Replace table with error mapping even when in use. 2019-04-29 16:10:57 +02:00
Ondrej Kozina
345385376a Add missing validation check for area type specification. 2019-04-29 16:10:57 +02:00
Milan Broz
dbe9db26fc Never serialize memory-hard KDF for small amount of memory. 2019-04-29 16:10:57 +02:00
Milan Broz
91ba22b157 Do not try to remove device that was not succesfully activated. 2019-04-29 16:10:57 +02:00
Ondrej Kozina
86b2736480 Drop unused type parameter from LUKS2_keyslot_find_empty() 2019-04-23 10:41:56 +02:00
Milan Broz
cfe2fb66ab Fix some untranslated error messages. 2019-04-23 10:41:06 +02:00
Milan Broz
428e61253c Fix dm_error_device() to properly use error device. 2019-04-10 15:06:07 +02:00
Milan Broz
95bcd0c9d5 Fix previous patch locking to return EBUSY. 2019-04-10 14:27:42 +02:00
Milan Broz
23bada3c5a Fix several issues found by Coverity scan. 2019-04-10 12:30:09 +02:00
Milan Broz
1b49ea4061 Add global serialization lock for memory hard PBKDF. 
This is very ugly workaround for situation when multiple
devices are being activated in parallel (systemd crypttab)
and system  instead of returning ENOMEM use OOM killer
to randomly kill processes.

This flag is intended to be used only in very specific situations.
 2019-03-29 11:58:12 +01:00
Ondrej Kozina
29b94d6ba3 Add arbitrary resource locking (named locks). 
It's complementary to current device locking. It'll be used
for mutual exclusion of two or more reencryption resume processes
 2019-03-26 14:48:27 +01:00
Ondrej Kozina
80a435f00b Write keyslot binary data and metadata holding single lock. 2019-03-25 11:37:32 +01:00
Ondrej Kozina
fdcd5806b1 Allow to change requirements flag in-memory only. 2019-03-25 11:37:32 +01:00
Ondrej Kozina
9ddcfce915 Refactor locking code. 2019-03-25 11:37:32 +01:00
Ondrej Kozina
6ba358533b Modify crypt lock handle internal structure. 
makes it ready for future lock handle type
 2019-03-25 11:37:32 +01:00
Ondrej Kozina
379016fd78 Add no flush internal suspend/resume flag. 2019-03-22 08:01:21 +01:00
Ondrej Kozina
ea4b586c77 Add tests for CRYPT_VOLUME_KEY_DIGEST_REUSE flag. 
Tests commit 7569519530
 2019-03-22 08:01:21 +01:00
Ondrej Kozina
6961f2caae Switch crypt_suspend() to DM_SUSPEND_WIPE_KEY flag. 2019-03-22 08:01:21 +01:00
Ondrej Kozina
4df2ce4409 Add wipe key flag for internal device suspend. 2019-03-22 08:01:21 +01:00
Ondrej Kozina
052a4f432c Add internal option to skip fs freeze in device suspend. 2019-03-22 08:01:21 +01:00
Ondrej Kozina
de86ff051e Introduce support for internal dm suspend/resume flags. 2019-03-22 08:01:21 +01:00
Ondrej Kozina
f5feeab48d Add experimental storage wrappers. 2019-03-22 08:01:21 +01:00
Ondrej Kozina
fea2e0be4f Add algorithm for searching largest gap in keyslots area. 2019-03-13 14:56:31 +01:00
Milan Broz
751f5dfda3 Move error message for a keyslot area search. 2019-03-13 14:56:31 +01:00
Ondrej Kozina
d5f71e66f9 Allow digest segment (un)binding for all segments at once. 2019-03-13 14:56:31 +01:00
Ondrej Kozina
03e810ec72 Split crypt_drop_keyring_key in two different routines. 
crypt_drop_keyring_key function allow to drop all keys in keyring
assocatiated with passed volume key list.

crypt_drop_keyring_key_by_description is used to drop independent key.
 2019-03-13 14:56:31 +01:00
Ondrej Kozina
6c6f4bcd45 Add signed int64 json helpers. 2019-03-13 14:56:31 +01:00
Ondrej Kozina
304942302b Introduce CRYPT_DEFAULT_SEGMENT abstraction. 
Default segment is no longer constant segment with id 0.
 2019-03-13 14:56:31 +01:00
Ondrej Kozina
8dc1a74df8 Adapt existing code to future reencryption changes. 2019-03-13 14:56:31 +01:00
Ondrej Kozina
e295d01505 Adding new functions later used in reencryption. 2019-03-13 14:56:31 +01:00
Ondrej Kozina
aa1b29ea0e Add volume key next helper. 2019-03-13 14:56:31 +01:00
Ondrej Kozina
cef857fbbd Add routine for adding volume key in a list. 2019-03-13 14:56:31 +01:00
Ondrej Kozina
6bba8ce0dc Allow vk insert in linked list. 
Also adds search function crypt_volume_key_by_id.
 2019-03-13 14:56:31 +01:00
Ondrej Kozina
b0330d62e5 Add id member in volume_key structure. 
Also adds set/get helper routines.
 2019-03-13 14:56:31 +01:00
Milan Broz
238b18b8ac Upstream fixes to bundled Argon2 code. 
Wait for already running threads if a thread creation failed.
Use explicit_bzero() on recent glibc versions.
(Without fixed logic, we have already macro definition through automake.)

Fixes #444.
 2019-03-13 08:26:40 +01:00
Ondrej Kozina
6a2d023b7b Make keyring utilities ready for additional kernel key types. 2019-03-08 09:03:35 +01:00
Ondrej Kozina
4bb1fff15d Add new functions for kernel keyring handling. 2019-03-08 08:54:09 +01:00
Ondrej Kozina
37f5bda227 Add explicit key type name in keyring functions. 2019-03-08 08:53:33 +01:00