aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Expand)AuthorFilesLines
2024-01-18LUKS2: add more sanity assignments to header code.wip-luks2Milan Broz1-0/+2
2024-01-18LUKS2: add sanity check for hdr_size.Milan Broz1-5/+14
2024-01-18Add a few tainted data info for coverity to avoid warnings.Milan Broz2-8/+19
2024-01-18Silence false positive cppcheck warning.Milan Broz1-1/+1
2024-01-18Fix signed (error) return from read in loop utils.Milan Broz1-1/+1
2024-01-18Use gcc 13 for GitHub actions.Milan Broz3-3/+3
2024-01-18Add tests for device activation using multiple VKs.Daniel Zatovic3-7/+273
2024-01-18Allow activating multi key devices using VKs in keyring.Daniel Zatovic7-21/+301
2024-01-18Add tests for storing VK in keyring during resume.Daniel Zatovic1-0/+9
2024-01-18Add tests for storing multiple VKs in a custom keyring.Daniel Zatovic2-3/+154
2024-01-18Allow linking multiple VKs (also in reencryption).Daniel Zatovic5-48/+228
2024-01-16Fix some grammar issues suggested by auto-correction tools.Ondrej Kozina1-14/+14
2024-01-16Update kernel keyring usage documentation.Ondrej Kozina1-0/+23
2024-01-15Fix some grammar issues suggested by auto-correction tools.Ondrej Kozina1-15/+15
2024-01-15docs: Describe additional LUKS2 locks.Ondrej Kozina1-0/+36
2024-01-05tests: add in-place LUKS2 encryption api test.Ondrej Kozina1-0/+54
2024-01-05tests: add helper for creating arbitrary linear mapping.Ondrej Kozina2-7/+23
2024-01-05Respect CRYPT_ACTIVATE_SHARED in reencryption.Ondrej Kozina3-4/+7
2024-01-05po: update uk.po (from translationproject.org)Yuri Chornoivan1-152/+163
2024-01-05po: update ro.po (from translationproject.org)Remus-Gabriel Chelu1-152/+164
2024-01-05po: update pl.po (from translationproject.org)Jakub Bogusz1-150/+161
2024-01-05po: update ja.po (from translationproject.org)Hiroshi Takekawa1-150/+161
2024-01-05po: update fr.po (from translationproject.org)Frédéric Marchal1-150/+161
2024-01-05po: update de.po (from translationproject.org)Roland Illig1-151/+162
2023-12-22Add note for luksSuspend to man page.Milan Broz1-0/+4
2023-12-20Update cryptsetup.spec.Milan Broz1-3/+3
2023-12-20man: Update authenticated encryption trim description and add referencesKrassy Boykinov1-4/+6
2023-12-20Version 2.7.0-rc1.v2.7.0-rc1Milan Broz4-155/+166
2023-12-20Fix doxygen tags for API docs.Milan Broz1-14/+28
2023-12-20Update release notes for 2.7.0-rc1 and LUKS2 doc.Milan Broz2-12/+22
2023-12-20Add keyring linking API placeholders for multi-key scenarios.Daniel Zatovic4-50/+87
2023-12-19opal: Fix benign gcc warning for possible uninitialized value.Milan Broz1-1/+1
2023-12-19opal: Do not verify passphrase by default on luksErase.Milan Broz1-1/+1
2023-12-18opal: add comments to all lockless opal calls.Ondrej Kozina1-0/+11
2023-12-17Report Argon2 crypto backend version in debug outputMilan Broz5-11/+42
2023-12-17Use uppercase OPAL in messages.Milan Broz3-9/+9
2023-12-13opal: add exclusive lock to avoid race.Ondrej Kozina5-4/+130
2023-12-13opal: do not always re-lock range on failed activation.Ondrej Kozina3-39/+56
2023-12-13test: check if device remains usable after failed attempt to double activation.Ondrej Kozina1-1/+5
2023-12-13Drop unused crypt_read_lock helper.Ondrej Kozina2-25/+0
2023-12-13opal: no need to export internal opal_enabled function.Ondrej Kozina2-28/+22
2023-12-04opal: erase key cached in kernel when LR gets locked.Ondrej Kozina2-7/+15
2023-12-04po: update zh_CN.po (from translationproject.org)Boyuan Yang1-1464/+3415
2023-12-04po: update uk.po (from translationproject.org)Yuri Chornoivan1-684/+925
2023-12-04po: update ro.po (from translationproject.org)Remus-Gabriel Chelu1-691/+936
2023-12-04po: update pl.po (from translationproject.org)Jakub Bogusz1-681/+919
2023-12-04po: update ja.po (from translationproject.org)Hiroshi Takekawa1-681/+919
2023-12-04po: update fr.po (from translationproject.org)Frédéric Marchal1-687/+925
2023-12-04po: update de.po (from translationproject.org)Roland Illig1-689/+927
2023-12-04Add missing vectors tests in valgrind setup.Ondrej Kozina1-0/+9
2023-12-04Simplify meson tests.Ondrej Kozina1-304/+32
2023-11-30Revert "tests: Temporarily disable veritysetup tasklet option test."Milan Broz1-3/+2
2023-11-30fuzz: Try to limit image size in crypt2_load_proto_plain_json_fuzzMilan Broz1-4/+11
2023-11-29Version 2.7.0-rc0.v2.7.0-rc0Milan Broz1-0/+6
2023-11-29Fix some typos found by lintian.Milan Broz13-18/+18
2023-11-29Update pot file.Milan Broz1-673/+931
2023-11-29Tweak some error messages.Milan Broz3-6/+7
2023-11-28Add release notes for 2.7.0-rc0.Milan Broz1-0/+435
2023-11-28Add hw_opal.c for translation.Milan Broz1-0/+1
2023-11-28Set version 2.7.0-rc0.Milan Broz2-4/+4
2023-11-28meson: fix meson_dist_convert scriptMilan Broz1-1/+1
2023-11-28Add missing files to autoconf make dist.Milan Broz2-1/+3
2023-11-28Use proper integer constant in meson_options.txtOndrej Kozina1-1/+1
2023-11-28Override meson default prefix.Ondrej Kozina1-0/+1
2023-11-28Fix some coverity scan issues.Milan Broz2-2/+8
2023-11-27Always print error message for invalid keyring definition.Milan Broz1-15/+15
2023-11-26po: update sr.po (from translationproject.org)Мирослав Николић1-651/+748
2023-11-26po: update ru.po (from translationproject.org)Yuri Kozlov1-6/+6
2023-11-26po: update pl.po (from translationproject.org)Jakub Bogusz1-245/+249
2023-11-26po: update es.po (from translationproject.org)Antonio Ceballos1-1155/+1519
2023-11-26fuzz: add missing flex (util-linux req.) to fix fuzzing buildMilan Broz1-1/+1
2023-11-22tests: fail early if PSID reset does not work for device.Milan Broz1-6/+14
2023-11-22Suspend and resume also dm-integrity device with AEAD.Milan Broz3-7/+98
2023-11-21Do not run sector read check on suspended device.Milan Broz2-1/+21
2023-11-21Do not require init_done for some deive helpers.Milan Broz1-2/+2
2023-11-21Fix wrong key id set when resuming LUKS2 device.Ondrej Kozina2-1/+4
2023-11-20CI: change TSS package name for Debian 12Daniel Zatovic1-1/+1
2023-11-17Drop fake_token_path symbol from tests.Ondrej Kozina3-30/+2
2023-11-17Do not use fake-token-path in ssh and systemd plugin tests.Ondrej Kozina5-34/+46
2023-11-16Add --external-tokens-path parameter in cryptsetup.Ondrej Kozina11-6/+82
2023-11-16Add crypt_token_set_external_path API.Ondrej Kozina3-1/+46
2023-11-15Drop deprecated use of implicit meson setup command.Ondrej Kozina1-2/+2
2023-11-15Fix systemd-test-plugin initialization.Ondrej Kozina1-2/+2
2023-11-15Fix fake systemd tpm path symbol.Ondrej Kozina1-2/+2
2023-11-15compat-test-opal does not depend on differ util.Ondrej Kozina1-1/+0
2023-11-15Speed up compat-test-opal valgrind test.Ondrej Kozina1-4/+8
2023-11-15Enable valgrind tests in meson.Ondrej Kozina25-73/+538
2023-11-15Fix invalid comparison of bool and int types in root meson.build.Ondrej Kozina1-2/+2
2023-11-15Increase minimal meson version to 0.64Ondrej Kozina3-15/+4
2023-11-15CI: disable -Wdeclaration-after-statement warningDaniel Zatovic1-1/+0
2023-11-15Dont mix declarations with code.Daniel Zatovic1-5/+5
2023-11-15Remove obsolate AC_C_CONST macro.Daniel Zatovic1-1/+0
2023-11-13CI: don't use non-existent meson flagDaniel Zatovic1-1/+1
2023-11-13CI: switch compilation test to Ubuntu Lunar (23.04)Daniel Zatovic2-4/+4
2023-11-13CI: switch Debian runner from 11 to 12Daniel Zatovic1-5/+5
2023-11-13tests: Temporarily disable veritysetup tasklet option test.Milan Broz1-2/+3
2023-11-07tests: Clean up also dm-integrity device in OPAL testMilan Broz1-0/+1
2023-11-07Fix memory leaks detected in compat-test-opal.Ondrej Kozina2-5/+8
2023-11-06tests: Do not run OPAL test with valgrind if variables are not setMilan Broz1-1/+1
2023-11-06Add hint about missing OPAL support in kernel.Ondrej Kozina1-1/+1
2023-11-06Enable tests fixed with recent commits.Ondrej Kozina1-7/+0
2023-11-06Abort LUKS2 reencryption early if OPAL device used.Ondrej Kozina1-0/+5
2023-11-06Add LUKS2 OPAL requirement flag.Ondrej Kozina3-10/+30
2023-11-06Add more onlyLUKS helpers for convenience.Ondrej Kozina3-11/+21
2023-11-03Fix memory leak in kernel keyring keyslot context.Ondrej Kozina2-9/+5
2023-11-03Fix memleak in test.Ondrej Kozina1-7/+0
2023-11-03Fix memory leak in device context.Ondrej Kozina1-0/+1
2023-11-02Remove inital opal-test.Ondrej Kozina3-104/+1
2023-11-02Add basic compat-opal-test.Ondrej Kozina3-0/+1325
2023-11-02Do not allow decryption on devices with unsupported parameters.Ondrej Kozina1-0/+2
2023-11-02Do not allow --integrity option in reencryption action.Ondrej Kozina1-2/+2
2023-11-02Move LUKS2 legacy reencryption flag check.Ondrej Kozina1-5/+9
2023-11-02Restrict --hw-opal options only to luksFormat action.Ondrej Kozina2-2/+4
2023-11-02Fail early if OPAL is selected with LUKS1.Ondrej Kozina1-0/+5
2023-11-02Dump OPAL key size in bits.Ondrej Kozina1-1/+1
2023-11-02Do not fail format actions by interrupting device wipe.Ondrej Kozina2-2/+10
2023-10-31Add missing exclusive open check in crypt_format_luks2_opal.Ondrej Kozina1-0/+14
2023-10-31Improve cmd line options man pages related to SED OPAL.Ondrej Kozina1-2/+18
2023-10-31Add --key-file support in luksErase action with LUKS2 opal.Ondrej Kozina3-5/+18
2023-10-31Correctly erase opal lr when luksFormat action fails.Ondrej Kozina1-7/+22
2023-10-30fuzzing: Fix crypt2_load_fuzz to not touch const dataMilan Broz1-48/+50
2023-10-27crypto_backend: remove superfluous memset fot hash and hmac contextsMilan Broz3-6/+0
2023-10-27tests: fix oss-fuzz buildMilan Broz1-2/+2
2023-10-18Fix tests in FIPS mode.Ondrej Kozina1-1/+1
2023-10-16Respect keyslot id while activating device by token.Ondrej Kozina2-45/+120
2023-10-16libdevmapper: propagate key mgmt related kernel ioctl error on _dm_create_dev...Lennart Poettering1-1/+9
2023-10-09Check passphrase for user selected keyslot only.Ondrej Kozina1-1/+1
2023-10-05plain: Add note to man page about cipher options.Milan Broz1-2/+6
2023-10-05tests: Avoid new plain type warnings if missing options.Milan Broz5-41/+43
2023-10-05plain: Set default cipher to aes-xts-plain64 and hash to sha256.Milan Broz2-4/+4
2023-10-05plain: Print warning if using default cipher ahd hash options.Milan Broz1-0/+18
2023-10-04Fix empty device name in reencryption prompt message.Ondrej Kozina1-1/+1
2023-10-04Close stdin in tests where not expected to be used.Ondrej Kozina1-3/+3
2023-10-04Add test coverage for device activation.Ondrej Kozina1-18/+20
2023-10-04Fix return value in vk description parser.Ondrej Kozina1-7/+4
2023-10-04Fix a bug in vk description parsing helper.Ondrej Kozina1-1/+1
2023-10-04Fix user vk description leak in open action.Ondrej Kozina1-1/+3
2023-10-02Fix devel/debug leftover in LUKS2 api test.Ondrej Kozina1-3/+0
2023-10-02CI: fix annocheck and csmock runnersDaniel Zatovic2-4/+8
2023-09-29We do not need to wipe specific keyslot area only.Ondrej Kozina3-11/+3
2023-09-29Do not wipe keyslot area before in-place overwrite.Ondrej Kozina1-9/+1
2023-09-29Avoid overwritting LUKS2 keyslot area if possible.Ondrej Kozina3-9/+38
2023-09-27Make all returned kernel key ids key_serial_t type.Ondrej Kozina2-7/+7
2023-09-27Do not return -errno codes from keyring utilities.Ondrej Kozina4-19/+16
2023-09-27Drop unused kernel keyring code.Ondrej Kozina2-157/+1
2023-09-27Improve debug output for kernel keyring.Ondrej Kozina7-15/+182
2023-09-27Do not print kernel key sizes in debug output.Ondrej Kozina1-3/+3
2023-09-26Correctly cleanup volume key from kernel keyring on error.Ondrej Kozina3-27/+66
2023-09-25Fix posible NULL dereference bug.Ondrej Kozina1-2/+5
2023-09-25Split volume key only if activating SED OPAL LUKS2.Ondrej Kozina1-17/+27
2023-09-25Drop unused and unreleased API.Ondrej Kozina3-40/+0
2023-09-25Drop setting kernel key permissions.Ondrej Kozina1-15/+0
2023-09-25Split logic for uploading keys in kernel key service.Ondrej Kozina15-270/+537
2023-09-25Set correct volume key descripion when uploading key in keyring.Ondrej Kozina1-6/+3
2023-09-25Add helper utility to search only for keyrings.Ondrej Kozina3-2/+22
2023-09-25Rename internal keyring utilities.Ondrej Kozina3-23/+23
2023-09-25Reduce code duplication in kernel keyring utilities.Ondrej Kozina5-30/+13
2023-09-25Drop redundant request_key call.Ondrej Kozina1-4/+0
2023-09-25Fix wrong return value on error in keyring utils.Ondrej Kozina1-1/+1
2023-09-20Do not set flush and lockfs for DM device if resize grows the device.Milan Broz1-10/+23
2023-09-12Try to sort options alphabetically.Milan Broz5-54/+54
2023-09-12Remove dot from some option descriptions.Milan Broz2-18/+18
2023-09-12Add --disable-blkid CLI option.Milan Broz10-22/+53
2023-09-12Print blkid scan failure.Milan Broz4-7/+32
2023-08-29Opal: print descriptive error if format locks the drive.Milan Broz1-0/+4
2023-08-29opal: Remove key length debug msg.Milan Broz1-2/+0
2023-08-29Opal: add debug of Opal ioctl callsMilan Broz1-22/+169
2023-08-29Opal: open device read-only as it is enough for ioctl.Milan Broz1-7/+7
2023-08-28Fix unused symbol warnings in tests.Milan Broz2-4/+8
2023-08-28Enable -Wunused-parameter in CI tests.Milan Broz2-2/+2
2023-08-28Fix unused parameter warning in password utils.Milan Broz1-0/+1
2023-08-28Fix signed/unsigned warning in gcrypt backend.Milan Broz1-1/+1
2023-08-28Fix unused parameter in crypto backend handlers.Milan Broz4-4/+24
2023-08-28Fix unused parameter in LUKS2 reencryption handlers.Milan Broz1-21/+48
2023-08-28Fix unused parameter in LUKS2 external tokens handlers.Milan Broz1-43/+49
2023-08-28Fix unused parameter in blkid handlers.Milan Broz1-67/+101
2023-08-28Fix unused parameter in keyring handlers.Milan Broz1-35/+62
2023-08-28Mark unused parameters.Milan Broz10-34/+35
2023-08-26keyring: Fix possible sscanf string overflow.Milan Broz1-2/+2
2023-08-16Switch crypt_activate_by_signed_key to keyslot context based activation.Ondrej Kozina7-115/+264
2023-08-16Split volume key verification and device activation.Ondrej Kozina3-134/+150
2023-08-16Allow activation, resume and luksAddKey using VK stored in keyring.Daniel Zatovic8-11/+86
2023-08-16Add tests for linking VK to a keyring and changing VK type.Daniel Zatovic2-9/+190
2023-08-16Add keyslot_context for volume key stored in a keyring.Daniel Zatovic6-0/+166
2023-08-16Support specifying keyring and key using keyctl syntax.Daniel Zatovic6-18/+222
2023-08-16Support specifying volume key keyring type.Daniel Zatovic10-15/+106
2023-08-16Allow linking VK to a user-specified keyring.Daniel Zatovic9-0/+83
2023-08-16Don't revoke volume key in keyring.Daniel Zatovic1-16/+1
2023-08-16Allow resume by keyslot context.Daniel Zatovic6-128/+127
2023-08-16Add keyring keyslot_context.Daniel Zatovic6-25/+181
2023-08-15Add tests for activation by keyslot contextDaniel Zatovic1-0/+62
2023-08-15Add new token activation API tests.Ondrej Kozina1-0/+100
2023-08-15Allow activation via keyslot context.Daniel Zatovic6-111/+255
2023-08-15Allow priority ignore keyslots with specific token or keyslot specified.Ondrej Kozina1-25/+60
2023-08-15Allow keyslot in internal LUKS2 token activation code.Ondrej Kozina4-28/+61
2023-08-15Fix a bug in LUKS2 header wipe function with keyslots area.Ondrej Kozina1-0/+8
2023-08-15Do not mention --new-keyfile option in luksChangeKey action man page.Ondrej Kozina1-0/+6
2023-08-03Add algorithm specification warning to integritysetup.8.adoc.sad-goldfish1-0/+4
2023-08-02Minor reencrypt man page typo fixesBrandon Enright1-2/+2
2023-08-02Add OPAL2 detached header tests.Ondrej Kozina1-39/+51
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-15 18:27:01 +0000