eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-12 11:20:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
886 Commits 16 Branches 78 Tags
f30bbbffe75b8d561c202839d26fe40be06d09b6
Commit Graph

69 Commits

Author SHA1 Message Date
Ondrej Kozina
f30bbbffe7 Fix minimal size expectations failure for backup header file 
- backup header file must be page size aligned
- fix for https://bugzilla.redhat.com/show_bug.cgi?id=1030288
- add regression test to api-tests
 2013-11-21 19:48:12 +01:00
Milan Broz
ce23225e46 Check if provided cipher and mode is usable before writing LUKS header to disk. 
If user provided unusable cipher-mode string, LUKS header was written and
keyslot creation failed later.

Better check early (by creating fake dmcrypt device) if cipher is usable
and fail early (without writing LUKS header to device).

Fixes Issue#176
 2013-11-10 22:11:00 +01:00
Cristian Rodríguez
1349efa34d Fix buildsytem to always include config.h. 
- config.h must always be the first file to be included
- Use AM_CFLAGS and AM_LDFLAGS consistently and properly.

(Modified to disable build without largefile support etc
by Milan Broz <gmazyland@gmail.com>)
 2013-06-23 17:14:33 +02:00
Milan Broz
ae9c9cf369 Disallow explicit small payload offset for detached header. 
LUKS detached header has some limitations, one of them
is that you cannot run some explicit check for data offsets
without providing also data device.

Because luksDump and all key handle commands takes only
metadata device (LUKS heaer device), it not easy to properly
support data payload offset validation.

So if detached header is present for luksFormat, code now
allows data payload 0 (IOW whole data device is used)
and explicit offset larger than header+keyslots
(the same as the header is on data device - so some space is wasted).

N.B. with detached header the option --align-payload is used
directly without any round up caculations.

Fixes Issue#155.
 2013-05-11 10:59:02 +02:00
Milan Broz
fe4175b551 Fix some extended compile warning. 2013-01-10 17:26:19 +01:00
Dave Reisner
ab080ab544 build: use AM_CPPFLAGS instead of INCLUDES 
The latter is marked as deprecated as of automake 1.12.4:

warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')
 2012-12-30 18:36:46 +01:00
Milan Broz
918c1a6de1 Allow repair of 512bits key header. 2012-12-30 18:32:10 +01:00
Milan Broz
6190ad928d Support device/file images if O_DIRECT cannot be used (1.5.1). 
On some filesystems (like tmpfs) O_DIRECT cannot be used.
So just try to open device without O_DIRECT in the second try.
 2012-12-29 15:33:20 +01:00
Milan Broz
29f21208a0 Change License from GPLv2 only to GPLv2+ ("or any later"). 
Agreed by all copyright authors.
 2012-12-29 11:33:54 +01:00
Milan Broz
3b4424226f Fix non-translated messages. 2012-12-29 11:11:23 +01:00
Milan Broz
9ae7b7d1be Fix regression in header backup (1.5.1). 
Access to backup file must handle write to regular files too.
 2012-12-19 13:19:05 +01:00
Milan Broz
94d732b411 Do not use stat for backup commands. 2012-12-17 14:05:45 +01:00
Milan Broz
d742e01a32 Remove signal handling from LUKS keyencryption and simplify code. 2012-12-11 15:39:47 +01:00
Milan Broz
bd494d23c5 Add PBKDF2 benchmark. 2012-12-05 20:35:42 +01:00
Milan Broz
16ac703008 Move PBKDF2 into crypto backend wrapper. 
Implement new KDF bechmark check.
Use internal openssl kdf (and prepare gcrypt one).
 2012-11-19 21:17:55 +01:00
Milan Broz
89e09afdf6 Fix some problems found by Coverity static analysis. 2012-09-19 13:58:00 +02:00
Milan Broz
f45d4d0755 Add crypt_keyslot_area() API call. 
Useful if you want to analyze/wipe area of disk used for keyslot
from external tool.
 2012-09-11 11:59:06 +02:00
Milan Broz
29e4414c35 Fix luksHeaderBackup for v1.0 (very old) headers and add some basic test. 2012-08-30 15:39:30 +02:00
Milan Broz
1685aa5978 Proper handle error in device block get. 2012-08-28 13:30:17 +02:00
Milan Broz
6874f564c1 Remove unused includes. 2012-08-28 13:16:03 +02:00
Milan Broz
4882f70040 Replace round_up macro with function. 2012-08-28 13:11:02 +02:00
Milan Broz
1aca317c77 Move LUKS AF data sector alignment to AF helper function. 2012-08-27 16:52:19 +02:00
Milan Broz
a6d64d1d44 Use AF_split_size() to calculate split data size. 2012-08-27 15:26:22 +02:00
Milan Broz
d15dd89bb7 Get rid of confusing LUKS_PHDR_SIZE macro. 2012-08-27 14:45:21 +02:00
Milan Broz
1d5788f779 Set context for DM log for all DM backend entries. 
Try to handle error if run as non-root user better.
 2012-08-14 19:17:13 +02:00
Milan Broz
97224b072a Add context to DM helpers. 
(To be used later.)
 2012-08-14 16:25:21 +02:00
Milan Broz
48332d248f Remove debug line. 2012-08-13 17:16:37 +02:00
Milan Broz
07815c24cd Print better error message if device is read-only etc. 2012-08-13 16:54:41 +02:00
Milan Broz
65f975655c New device access backend. 
Allocate loop device late (only when real block device needed).
Rework underlying device/file access functions.
Move all device (and ioctl) access to utils_device.c.

Allows using file where appropriate without allocation loop device.
 2012-08-12 22:00:17 +02:00
Milan Broz
96f31a2cff Remove dubious compilation warning. 2012-06-19 12:49:16 +02:00
Milan Broz
b773823a1b Add ability to encrypt plain device. 2012-06-18 14:29:22 +02:00
Milan Broz
5c7954a0c7 Require only up to last keyslot area for header device (ignore data offset). 
Fix header backup and restore to work on files with large data offset.
 2012-06-11 12:20:19 +02:00
Milan Broz
6d2c15ea79 Avoid some clang warnings. 2012-06-10 19:55:43 +02:00
Milan Broz
ce2218ed65 Support init_by_name for verity. 2012-06-08 16:38:26 +02:00
Milan Broz
c4b16923bb Unify dm backend for crypt/verity. 2012-06-08 10:12:12 +02:00
Milan Broz
b016e65daa Use union in dm (crypt/verity) query structure. 2012-06-08 08:58:35 +02:00
Milan Broz
a5cc87b4a5 Fix readonly activation if underlying device is readonly (1.4.0). 2012-05-27 11:30:38 +02:00
Milan Broz
20eea64334 Add version string to crypto backend. 
Move fips check to libcryptsetup.
Clean up internal.h use.
 2012-05-27 00:48:10 +02:00
Milan Broz
0f4431d0bb Split salt from other requests in RNG backend. 2012-05-20 22:32:25 +02:00
Milan Broz
ba7d9967a8 Allow "private" activation (skip some udev global rules) flag. 2012-05-02 16:51:58 +02:00
Milan Broz
f720affe8c Relax --shared test, allow mapping even for overlapping segments. 
Support shared flag for LUKS devices (dangerous).
 2012-05-02 00:58:54 +02:00
Milan Broz
09fd551e03 Fix support for LUKS header created by cryptsetup-1.0.0 
(no 4k alignment for the first keyslot).
Also skip repair for such header.

Thanks to Dick Middleton for reporting the issue.
 2012-04-09 23:11:52 +02:00
Milan Broz
ee8425b836 Version 1.4.2. 
Add header and copyright for header files.
 2012-04-02 22:03:05 +02:00
Milan Broz
bd047d03ef Add repair command and API for repairing known LUKS header problems. 2012-04-02 21:18:22 +02:00
Milan Broz
fff8b02b46 Add some LUKS header "invalid keyslot" repair code, not enabled for now. 2012-03-07 14:10:39 +01:00
Milan Broz
7835b365a7 Fix FSF address in license text according to 
http://www.gnu.org/licenses/old-licenses/gpl-2.0.html

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@671 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-11-02 22:35:21 +00:00
Milan Broz
d7960b9307 Simplify global error call. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@622 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-10-09 13:45:38 +00:00
Milan Broz
19bde65f5b Remove hints for old kernels. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@616 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-10-08 16:23:54 +00:00
Milan Broz
d2fbc963ca If device is not rotational, do not use Gutmann wipe method. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@615 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-10-08 16:17:08 +00:00
Milan Broz
d5e48fcb00 Enhance check of device size before writing LUKS header. 
(Thanks to okozina@redhat.com)

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@607 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-08-26 19:46:17 +00:00