Version 2.8.0.

This triggers abort() in various crypto backends.

CONTRIBUTING.md

@@ -119,7 +119,7 @@ libtool --mode=execute gdb --args ./cryptsetup --debug $@
 This will ensure that a properly compiled libcryptsetup file is used.
 
 ### Coding style
-Cryptsetup uses [Linux kernel coding style](https://www.kernel.org/doc/html/latest/process/coding-style.html) for libcryptsetup and tools (where applicable) with some additional notes:
+Cryptsetup uses [Linux kernel coding style](https://cdn.kernel.org/doc/html/latest/process/coding-style.html) for libcryptsetup and tools (where applicable) with some additional notes:
 - Use tabulators for indentation; the line should not exceed 100 characters with an 8-character tabulator. Otherwise, use a tab of any length. :-).
 - The minimal C standard required is C99.
 - The ``goto`` use is allowed only for error path (``goto out`` for common code path, ``goto err`` for specific error code path).

FAQ.md

@@ -38,7 +38,7 @@
   LUKS1 and LUKS2.
  
   The LUKS1 on-disk format specification is at  
-  https://www.kernel.org/pub/linux/utils/cryptsetup/LUKS_docs/on-disk-format.pdf  
+  https://cdn.kernel.org/pub/linux/utils/cryptsetup/LUKS_docs/on-disk-format.pdf  
   The LUKS2 on-disk format specification is at  
   https://gitlab.com/cryptsetup/LUKS2-docs
 

README.md

@@ -30,28 +30,22 @@ which enables users to transport or migrate data seamlessly.
   * The latest version of the
   [LUKS2 format specification](https://gitlab.com/cryptsetup/LUKS2-docs).
   * The latest version of the
-  [LUKS1 format specification](https://www.kernel.org/pub/linux/utils/cryptsetup/LUKS_docs/on-disk-format.pdf).
+  [LUKS1 format specification](https://cdn.kernel.org/pub/linux/utils/cryptsetup/LUKS_docs/on-disk-format.pdf).
   * [Project home page](https://gitlab.com/cryptsetup/cryptsetup/).
   * [Frequently asked questions (FAQ)](https://gitlab.com/cryptsetup/cryptsetup/wikis/FrequentlyAskedQuestions)
 
 Download
 --------
 Release notes and tarballs are available at
-[kernel.org](https://www.kernel.org/pub/linux/utils/cryptsetup/).
+[kernel.org](https://cdn.kernel.org/pub/linux/utils/cryptsetup/).
 
-**The latest stable cryptsetup release version is 2.7.5**
-  * [cryptsetup-2.7.5.tar.xz](https://www.kernel.org/pub/linux/utils/cryptsetup/v2.7/cryptsetup-2.7.5.tar.xz)
-  * Signature [cryptsetup-2.7.5.tar.sign](https://www.kernel.org/pub/linux/utils/cryptsetup/v2.7/cryptsetup-2.7.5.tar.sign)
+**The latest stable cryptsetup release version is 2.8.0**
+  * [cryptsetup-2.8.0.tar.xz](https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.8/cryptsetup-2.8.0.tar.xz)
+  * Signature [cryptsetup-2.8.0.tar.sign](https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.8/cryptsetup-2.8.0.tar.sign)
     _(You need to decompress file first to check signature.)_
-  * [Cryptsetup 2.7.5 Release Notes](https://www.kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.5-ReleaseNotes).
+  * [Cryptsetup 2.8.0 Release Notes](https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.8/v2.8.0-ReleaseNotes).
 
-Previous versions
- * [Version 2.6.1](https://www.kernel.org/pub/linux/utils/cryptsetup/v2.6/cryptsetup-2.6.1.tar.xz) -
-   [Signature](https://www.kernel.org/pub/linux/utils/cryptsetup/v2.6/cryptsetup-2.6.1.tar.sign) -
-   [Release Notes](https://www.kernel.org/pub/linux/utils/cryptsetup/v2.5/v2.5.0-ReleaseNotes).
- * [Version 1.7.5](https://www.kernel.org/pub/linux/utils/cryptsetup/v1.7/cryptsetup-1.7.5.tar.xz) -
-   [Signature](https://www.kernel.org/pub/linux/utils/cryptsetup/v1.7/cryptsetup-1.7.5.tar.sign) -
-   [Release Notes](https://www.kernel.org/pub/linux/utils/cryptsetup/v1.7/v1.7.5-ReleaseNotes).
+[Previous versions](https://cdn.kernel.org/pub/linux/utils/cryptsetup)
 
 Source and API documentation
 ----------------------------

configure.ac

@@ -1,9 +1,9 @@
 AC_PREREQ([2.67])
-AC_INIT([cryptsetup],[2.8.0-rc0])
+AC_INIT([cryptsetup],[2.8.0])
 
 dnl library version from <major>.<minor>.<release>[-<suffix>]
 LIBCRYPTSETUP_VERSION=$(echo $PACKAGE_VERSION | cut -f1 -d-)
-LIBCRYPTSETUP_VERSION_INFO=25:0:11
+LIBCRYPTSETUP_VERSION_INFO=23:0:11
 
 AM_SILENT_RULES([yes])
 AC_CONFIG_SRCDIR(src/cryptsetup.c)

docs/v2.8.0-ReleaseNotes

@@ -0,0 +1,328 @@
+Cryptsetup 2.8.0 Release Notes
+==============================
+Stable release with new features and bug fixes
+
+All users of cryptsetup 2.7 must upgrade to this version.
+
+Changes since version 2.7.5
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+* Introduce support for inline mode (use HW sectors with additional hardware metadata space).
+
+  Some enterprise NVMe drives allow formatting sector size with additional metadata space,
+  for example, sector size 4096 bytes + 64 bytes for metadata.
+  We hope common firmware will soon support such features in more recent models.
+
+  If this metadata space is available (not internally used by a data integrity profile),
+  it removes the need to use the dm-integrity layer for sector metadata allocation.
+  This means that the performance bottleneck caused by the dm-integrity journal is eliminated.
+
+  Note: such drive must be reformatted with an external nvme tool.
+  You can check for support (reported as LBA format) by running the command
+    "nvme id-ns -H <nvme device>" and then you can reformat to the selected profile
+  (with complete data loss) with "nvme format -l <lbaf>.
+  This way, you can also reformat NVMe drive to 4096-byte sectors,which is strongly recommended
+  for encryption performance.
+
+  The required device mapper for inline mode was introduced in Linux kernel version 6.11.
+
+  The inline mode can be used with the new --integrity-inline option.
+
+  For integritysetup, the kernel dm-integrity layer is still used, but it directly maps metadata
+  to the hardware (eliminating the journal).
+  For cryptsetup, the dm-integrity layer is eliminated, and only the dm-crypt kernel driver is used.
+  The libcryptsetup exports a new crypt_format_inline API call.
+
+  Examples (underlying device must provide inline HW metadata space):
+
+  Use integritysetup format with inline mode with default CRC32 checksums:
+
+   # integritysetup format --sector-size 4096 --integrity-inline <device> [--no-wipe]
+   # integritysetup open <device> test
+   # integritysetup status test
+     /dev/mapper/test is active.
+       type:    INTEGRITY
+       tag size: 4 [bytes]
+       integrity: crc32c
+       device: <device>
+       sector size:  4096 [bytes]
+       ...
+       inline mode
+       journal: not active
+
+  Use LUKS2 with authenticated encryption (here with AEGIS AEAD cipher):
+
+   # cryptsetup luksFormat --integrity-inline --integrity aead --sector-size 4096 \
+                -c aegis128-random --key-size 128 <device> [--integrity-no-wipe]
+   # cryptsetup open <device> test
+   # cryptsetup luksDump <device>
+     ...
+     Requirements:   inline-hw-tags
+
+  After format, the inline mode is used automatically, and no special options are needed.
+  Please check the manual pages for more details about used options.
+
+  Note that the LUKS2 authenticated encryption is still an experimental feature.
+  The inline mode only improves performance by removing the dm-integrity layer.
+
+* Finalize use of keyslot context API.
+
+  Keyslot context is a generic abstraction over keyslot manipulation.
+  It extends many exiting commands by additional functions like tokens in activation, resume,
+  reencryption and similar commands without introducing new specific API functions.
+
+* Make all keyslot context types fully self-contained.
+
+  In the previous version, the caller is responsible for releasing of some allocated memory.
+  In this version, all memory is allocated internally. The existing keyslot context API function
+  provides backward compatibility through versioned symbols.
+
+* Add --key-description and --new-key-description cryptsetup options.
+
+  These can be used for the specification of the keyring with passphrase retrieval in the open,
+  resize, luksResume, luksFormat, luksAddKey and luksDump.
+
+* Support more precise keyslot selection in reencryption initialization.
+
+  Reencryption must update stored keys in keyslots, so it needs to unlock all keyslots first.
+
+  When no specific keyslot is selected by the --key-slot option, all active keyslots are updated.
+
+  Users may narrow down the selection of keyslots by specifying either --token-id, --token-type
+  or --token-only option. Only keyslots associated with the specific token (--token-id) or
+  a specific type (--token-type) or any token (--token-only) will be updated.
+  All other keyslots will be erased after reencryption is finished.
+
+  During reencryption, there are two volume keys (old and new).
+  For very specific use cases, reencryption can also be initialized by providing
+  volume keys directly by --volume-key-file, --new-volume-key-file, --volume-key-keyring
+  or --new-volume-key-keyring options. These options allow reencryption of the device with
+  no active keyslots (these can be added later).
+  If the --force-no-keyslots option is specified, all active keyslots will be erased after
+  the reencryption operation is finished.
+
+* Allow reencryption to resume using token and volume keys.
+
+  The reencryption can be resumed using tokens (similar to initialization described above).
+  For very specific use cases, reencryption can be resumed by providing volume keys.
+
+* Cryptsetup repair command now tries to check LUKS keyslot areas for corruption.
+
+  A keyslot binary area contains an encrypted volume key diffused to a larger area by
+  the anti-forensic splitter. If this area is corrupted, the keyslot can no longer be unlocked,
+  even with the correct password.
+
+  Active keyslot area should look like random data, so some specific corruption can be detected
+  by randomness analysis.
+
+  Cryptsetup repair command now tries to analyze the area expecting a uniform distribution
+  of bytes in 4096-byte blocks. If a problem is detected, it tries to localize corruption
+  in a smaller block (using the expected bit count).
+  Both tests are based on the Chi-squared statistical test.
+
+  This analysis can replace the external keyslot check program and usually is more sensitive.
+  However, it cannot detect all corruptions and can produce false positives.
+
+  Please use it as a hint when your password is no longer accepted, and you suspect
+  header corruption. This is the example output of the analysis:
+
+  # cryptsetup repair <device>
+    Keyslot 2 binary data could be corrupted.
+      Suspected offset: 0x88000
+    You can use hexdump -v -C -n 128 -s <offset_0xXXXX> <device> to inspect the data.
+
+  The test does not modify the header. A keyslot corruption cannot be repaired.
+  You have to use a backup header.
+
+* Opal2 SED: PSID keyfile is now expected to be 32 alphanumeric characters.
+
+  If the keyfile size is not explicitly set, it uses only first 32 bytes.
+  All Opal2 manufacturers seem to use PSID of this length.
+
+* Opal2: Avoid the Erase method and use Secure Erase for locking range.
+
+  The Erase method is defined for Single-user mode (SUM) and works on SUM-enabled locking ranges.
+  As we do not use SUM yet, this always fails and falls back to Secure erase anyway.
+
+* Opal2: Fix some error description (in debug only).
+
+  Some Opal error messages were incorrect.
+  Cryptsetup now use all codes according to TCG specifications.
+
+* Opal2: Do not allow deferred deactivation.
+
+  The self-encrypting drive must be locked immediately; deferred deactivation is not supported.
+
+* Allow --reduce-device-size and --device-size combination for reencryption (encrypt) action.
+
+  For some very specific cases, this can be used to encrypt only part of the device together
+  with allocation a new space for the LUKS header.
+
+* Fix the userspace storage backend to support kernel "capi:" cipher specification format.
+
+  This avoids unnecessary fallback to the device-mapper instead of the userspace crypto library
+  in luksFormat. The "capi:" is Linux kernel cryptographic format.
+  For example, capi:xts(aes)-plain64 is equivalent of aes-xts-plain64.
+
+* Disallow conversion from LUKS2 to LUKS1 if kernel "capi:" cipher specification is used.
+
+  LUKS1 never officially supported this cipher specification format.
+  Such devices cannot be converted to LUKS1 (while existing devices can still be activated).
+
+* Explicitly disallow kernel "capi:" cipher specification format for LUKS2 keyslot encryption.
+
+  This specification is intended to be used for data encryption, not for keyslots.
+
+* Do not allow conversion of LUKS2 to LUKS1 if an unbound keyslot is present.
+
+  LUKS1 does not support unbound keyslots. Such devices cannot be converted.
+
+* cryptsetup: Adjust the XTS key size for kernel "capi:" cipher specification.
+
+  Double key size as there are two keys the same way as for dm-crypt format.
+
+* Remove keyslot warning about possible failure due to low memory.
+
+  This check was intended to warn users about possible out-of-memory situations
+  but produced many false positives.
+
+* Do not limit Argon2 KDF memory cost on systems with more than 4GB of available memory.
+
+  The memory cost is intended to be limited only in low-memory situations (like virtual machines
+  without swap), not on systems with plenty of RAM.
+
+* Properly report out of memory error for cryptographic backends implementing Argon2.
+
+* Avoid KDF2 memory cost overflow on 32-bit platforms.
+
+* Do not use page size as a fallback for device block size.
+
+  This check produced wrong values if used on platforms with larger page sizes (64kB)
+  and specific underlying storage (like ZFS).
+
+* veritysetup: Check hash device size in advance.
+
+  If hashes are stored in a file image, allocate the size in advance.
+  For a block device, check if hashes (Merkle tree) fits the device.
+
+* Print a better error message for unsupported LUKS2 AEAD device resize.
+
+* Optimize LUKS2 metadata writes.
+
+  LUKS2 supports several JSON area length configurations. Do not write full metadata
+  (including padding), as it may generate noticeable overhead with LUKS2.
+
+* veritysetup: support --error-as-corruption option.
+
+  The panic/restart_on_error options were introduced in Linux kernel 6.12 and process errors
+  (like media read error) the same way as data corruption.
+  Use this flag in combination with --panic-on-corruption or --restart-on-corruption.
+
+* Report all sizes in status and dump command output in the correct units.
+
+  Since the support of --sector-size option, the meaning of "sectors" became ambiguous as it
+  usually means 512-byte sectors (device-mapper unit). Confusion occurs when the sector size
+  is 4096 bytes while units used for display are 512-byte sectors.
+
+  All status commands in tools now display units explicitly to avoid confusion.
+
+  For example:
+  # cryptsetup status test
+    ...
+    sector size:  4096 [bytes]
+    offset:  32768 [512-byte units] (134217728 [bytes])
+    size:    7501443760 [512-byte units] (30725913640960 [bytes])
+
+  If you parse the output of status commands, please check your scripts to ensure they work
+  with the new output properly.
+
+* Add --integrity-key-size option to cryptsetup.
+
+  This option can be used to set up non-standard integrity key size (e.g. for HMAC).
+  It adds a new (optional) JSON "key_size" attribute in the segment.integrity JSON object
+  (see updated LUKS2 specification). If not set, the code uses selected hash length size.
+
+* Support trusted & encrypted keyrings for plain devices.
+
+* Support plain format resize with a keyring key.
+
+  If a plain dm-crypt device references the keyring, cryptsetup now allows resizing.
+  The user must ensure that the key in the keyring is unchanged since activation.
+  Otherwise, reloading the key can cause data corruption after an unexpected key change.
+
+* TCRYPT: Clear mapping of system-encrypted partitions.
+
+  TrueCrypt/VeraCrypt supports full system encryption (only a partition table is not encrypted)
+  or system partition encryption (only a system partition is encrypted).
+  The metadata header then contains the offset and size of the encrypted area.
+  Cryptsetup needs to know the specific partition offset to calculate encryption parameters.
+
+  To properly map a partition, the user must specify a real partition device so cryptsetup
+  can calculate this offset. As the partition can be an image in a file, cryptsetup now tries
+  to determine proper parameters and use device size stored in VeraCrypt metadata.
+
+  Please see the manual page description (TCRYPT section) for a detailed description.
+
+* TCRYPT: Print all information from the decrypted metadata header in the tcryptDump command.
+
+  Print also volume sizes (if present) and flags.
+
+* Always lock the volume key structure in memory.
+
+  Some memory for safe allocation was not allocated from locked (unswappable) memory.
+  Older cryptsetup locked all memory. Selective locking was introduced in version 2.6.0.
+
+* Do not run direct-io read check on block devices.
+
+  Block devices always support direct-io.
+  This check produced unnecessary error with locked Opal2 devices.
+
+* Fix a possible segfault in deferred deactivation.
+
+  Thanks Clément Guérin for the report.
+
+* Exclude cipher allocation time from the cryptsetup benchmark.
+
+* Add Mbed-TLS optional crypto backend.
+
+  Mbed-TLS is a tiny TLS implementation designed for embedded environments.
+  The backend can be enabled with the --with-crypto_backend=mbedtls configure option.
+
+* Fix the wrong preprocessor use of #ifdef for config.h processed by Meson.
+
+  Cryptsetup supports Autoconf and, optionally, Meson configuration.
+  Part of the code wrongly used #ifdef instead of #if conditional sections.
+  This caused problems with Meson-generated config.h.
+
+* Reorganize license files.
+
+  The license text files are now in docs/licenses.
+  The COPYING file in the root directory is the default license.
+
+Libcryptsetup API extensions
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+The libcryptsetup API is backward compatible with all existing symbols.
+
+Due to the self-contained memory allocation, these symbols have the new version
+ crypt_keyslot_context_init_by_passphrase;
+ crypt_keyslot_context_init_by_keyfile;
+ crypt_keyslot_context_init_by_token;
+ crypt_keyslot_context_init_by_volume_key;
+ crypt_keyslot_context_init_by_signed_key;
+ crypt_keyslot_context_init_by_keyring;
+ crypt_keyslot_context_init_by_vk_in_keyring;
+
+New symbols:
+ crypt_format_inline
+ crypt_get_old_volume_key_size
+ crypt_reencrypt_init_by_keyslot_context
+ crypt_safe_memcpy
+
+New defines:
+ CRYPT_ACTIVATE_HIGH_PRIORITY
+ CRYPT_ACTIVATE_ERROR_AS_CORRUPTION
+ CRYPT_ACTIVATE_INLINE_MODE
+ CRYPT_REENCRYPT_CREATE_NEW_DIGEST
+
+New requirement flag:
+ CRYPT_REQUIREMENT_INLINE_HW_TAGS

lib/keyslot_context.c

@@ -479,7 +479,7 @@ static int get_luks1_volume_key_by_keyring(struct crypt_device *cd,
 	int r;
 
 	assert(cd);
-	assert(kc && kc->type == CRYPT_KC_TYPE_PASSPHRASE);
+	assert(kc && kc->type == CRYPT_KC_TYPE_KEYRING);
 	assert(r_vk);
 
 	r = get_passphrase_by_keyring(cd, kc, CONST_CAST(const char **) &kc->i_passphrase,

lib/setup.c

@@ -3007,6 +3007,12 @@ int crypt_format_inline(struct crypt_device *cd,
 
 	log_dbg(cd, "Formatting device %s as type %s with inline tags.", mdata_device_path(cd) ?: "(none)", type);
 
+	crypt_reset_null_type(cd);
+
+	r = init_crypto(cd);
+	if (r < 0)
+		return r;
+
 	if (isINTEGRITY(type)) {
 		lparams = NULL;
 		iparams = params;

lib/utils_io.c

@@ -278,7 +278,7 @@ ssize_t read_lseek_blockwise(int fd, size_t bsize, size_t alignment,
 		length -= innerCount;
 	}
 
-	ret = read_blockwise(fd, bsize, alignment, buf, length);
+	ret = length ? read_blockwise(fd, bsize, alignment, buf, length) : 0;
 	if (ret >= 0)
 		ret += innerCount;
 out:

man/cryptsetup-reencrypt.8.adoc

@@ -168,6 +168,16 @@ Reencrypt LUKS2 device (refresh volume key only):
 
 *cryptsetup reencrypt /dev/encrypted_device*
 
+Reencrypt LUKS2 device using keyslot(s) associated to the token 3.
+All other keyslots will be removed after the reencryption finishes.
+
+*cryptsetup reencrypt --token-id 3 /dev/encrypted_device*
+
+Reencrypt LUKS2 device using keyslots associated to all 'systemd-tpm2'
+tokens. All other keyslots will be removed after the reencryption finishes.
+
+*cryptsetup reencrypt --token-type systemd-tpm2 /dev/encrypted_device*
+
 === LUKS2 DECRYPTION EXAMPLES
 
 Decrypt LUKS2 device with header put in head of data device (header file does not exist):

meson.build

@@ -2,7 +2,7 @@ project('cryptsetup',
     'c',
     default_options: [ 'prefix=/usr' ],
     meson_version: '>=0.64',
-    version: '2.8.0-rc0')
+    version: '2.8.0')
 
 libcryptsetup_version = '12.11.0'
 

misc/fedora/cryptsetup.spec

@@ -2,7 +2,7 @@
 
 Summary: Utility for setting up encrypted disks
 Name: cryptsetup
-Version: 2.8.0-rc0
+Version: 2.8.0
 Release: 1%{?dist}
 License: GPL-2.0-or-later WITH cryptsetup-OpenSSL-exception AND LGPL-2.1-or-later WITH cryptsetup-OpenSSL-exception
 URL: https://gitlab.com/cryptsetup/cryptsetup
@@ -18,7 +18,7 @@ Obsoletes: %{name}-reencrypt <= %{version}
 Provides: %{name}-reencrypt = %{version}
 
 %global upstream_version %{version_no_tilde}
-Source0: https://www.kernel.org/pub/linux/utils/cryptsetup/v2.7/cryptsetup-%{upstream_version}.tar.xz
+Source0: https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.8/cryptsetup-%{upstream_version}.tar.xz
 
 %description
 The cryptsetup package contains a utility for setting up

po/LINGUAS

@@ -13,6 +13,7 @@ pl
 pt_BR
 ro
 ru
+sk
 sr
 sv
 uk

src/integritysetup.c

@@ -211,7 +211,7 @@ static int action_format(void)
 
 	if (!ARG_SET(OPT_BATCH_MODE_ID) && !crypt_get_integrity_info(cd, &params2))
 		log_std(_("Formatted with tag size %u%s, internal integrity %s.\n"),
-			params2.tag_size, ARG_SET(OPT_INTEGRITY_INLINE_ID) ? " (inline hw tags)" : "", params2.integrity);
+			params2.tag_size, ARG_SET(OPT_INTEGRITY_INLINE_ID) ? _(" (inline hw tags)") : "", params2.integrity);
 
 	if (!ARG_SET(OPT_NO_WIPE_ID)) {
 		r = _wipe_data_device(cd, integrity_key);

tests/bitlk-compat-test

@@ -54,7 +54,7 @@ load_vars()
 	fi
 
 	local file=$(echo $1 | sed -e s/^$TST_DIR\\/// | sed -e s/\.img$//)
-	source <(grep = <(grep -A$num_vars "\[$file\]" $TST_DIR/images.conf))
+	eval $(grep -A$num_vars -Fx "[$file]" $TST_DIR/images.conf | grep =)
 }
 
 check_dump()

tests/compat-test

@@ -803,7 +803,7 @@ echo $PWD1 | $CRYPTSETUP luksFormat --type luks1 $FAST_PBKDF_OPT $LOOPDEV --head
 echo $PWD1 | $CRYPTSETUP -q luksFormat --type luks1 $FAST_PBKDF_OPT $LOOPDEV --header $HEADER_IMG --align-payload 8192 || fail
 echo $PWD1 | $CRYPTSETUP -q luksFormat --type luks1 $FAST_PBKDF_OPT $LOOPDEV --header $HEADER_IMG --align-payload 0 || fail
 echo $PWD1 | $CRYPTSETUP -q luksFormat --type luks1 $FAST_PBKDF_OPT $LOOPDEV --header $HEADER_IMG --align-payload 8192 --offset 8192 >/dev/null 2>&1 && fail
-truncate -s 4096 $HEADER_IMG
+truncate -s 4096 $HEADER_IMG || fail
 echo $PWD1 | $CRYPTSETUP -q luksFormat --type luks1 $FAST_PBKDF_OPT $LOOPDEV --header $HEADER_IMG -S7 >/dev/null 2>&1 || fail
 echo $PWD1 | $CRYPTSETUP -q luksFormat --type luks1 $FAST_PBKDF_OPT $LOOPDEV --header $HEADER_IMG --offset 80000 >/dev/null 2>&1 || fail
 echo $PWD1 | $CRYPTSETUP -q luksFormat --type luks1 $FAST_PBKDF_OPT $LOOPDEV --header $HEADER_IMG --offset 8192 || fail

tests/compat-test2

@@ -558,7 +558,7 @@ echo $PWD1 | $CRYPTSETUP luksFormat $FAST_PBKDF_OPT --type luks2 $LOOPDEV -q --o
 $CRYPTSETUP -q luksDump  $LOOPDEV | grep -q "offset: $((512 * 16384)) \[bytes\]" || fail
 echo $PWD1 | $CRYPTSETUP luksFormat $FAST_PBKDF_OPT --type luks2 $LOOPDEV -q --sector-size 1024 --offset 16384 >/dev/null || fail
 $CRYPTSETUP -q luksDump  $LOOPDEV | grep -q "offset: $((512 * 16384)) \[bytes\]" || fail
-truncate -s 4096 $HEADER_IMG
+truncate -s 4096 $HEADER_IMG || fail
 echo $PWD1 | $CRYPTSETUP luksFormat $FAST_PBKDF_OPT --type luks2 $LOOPDEV --header $HEADER_IMG -q --offset 80000 >/dev/null 2>&1 || fail
 
 prepare "[2] Sector size and old payload alignment" wipe

tests/integrity-compat-test

@@ -437,7 +437,7 @@ test_resize() # description detached_metadata wipe args
 	check_device_size $DEV_NAME $WHOLE_DISK_SIZE "Resizing disk to maximum size failed"
 
 	echo -n "[EXPAND FIXED]"
-	fallocate $DEV --len 64M
+	truncate -s 64M $DEV || fail
 	$INTSETUP resize -q $wipe_flag $DEV_NAME --device-size 40MiB || fail "Failed to expand the device to a fixed size."
 	dd if=/dev/mapper/$DEV_NAME >/dev/null 2>&1 || fail "Errors detected after expanding to a fixed size."
 	check_device_size $DEV_NAME $(( 40*1024*1024 / 512 )) "Resizing disk after expanding to a fixed size failed"
@@ -518,6 +518,7 @@ if [ -n "$DM_INTEGRITY_INLINE" ] ; then
 fi
 
 echo "Journal parameters tests:"
+add_device
 # Watermark is calculated in kernel, so it can be rounded down/up
 int_journal crc32  4  512  66 1000 hmac-sha256 $KEY_FILE 32 hmac\(sha256\)
 int_journal sha256 32 4096 34 5000 hmac-sha1   $KEY_FILE 16 hmac\(sha1\)

tests/luks2-reencryption-test

@@ -208,15 +208,15 @@ wipe_dev() # $1 dev
 		fi
 	else
 		local size=$(stat --printf="%s" $1)
-		truncate -s 0 $1
+		truncate -s 0 $1 || fail
 		if [ $# -gt 2 ]; then
 			local diff=$((size-$2*1024*1024))
 			echo "size: $size, diff: $diff"
-			truncate -s $diff $1
+			truncate -s $diff $1 || fail
 			# wipe_dev_head $1 $((diff/(1024*1024)))
 			dd if=/dev/urandom of=$1 bs=1M seek=$2 size=$((diff/(1024*1024))) conv=notrunc >/dev/null 2>&1
 		else
-			truncate -s $size $1
+			truncate -s $size $1 || fail
 		fi
 	fi
 }
@@ -258,7 +258,7 @@ preparebig() # $1 dev1_siz
 		dd if=/dev/urandom of=$KEY1 count=1 bs=32 >/dev/null 2>&1
 	fi
 
-	truncate -s "$1"M $DEVBIG
+	truncate -s "$1"M $DEVBIG || fail
 	LOOPDEV=$(losetup -f)
 	losetup -f $DEVBIG || fail
 	DEV=$LOOPDEV
@@ -293,7 +293,7 @@ check_hash_head() # $1 pwd, $2 len, $3 hash, $4 hdr
 resize_file() # $1 dev, $2 shrink bytes
 {
 	local size=$(stat --printf="%s" $1)
-	truncate -s $(($size + $2)) $1
+	truncate -s $(($size + $2)) $1 || fail
 	losetup -c $LOOPDEV
 }