aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Expand)AuthorFilesLines
2023-11-03Fix memleak in test.Ondrej Kozina1-7/+0
2023-11-03Fix memory leak in device context.Ondrej Kozina1-0/+1
2023-11-02Remove inital opal-test.Ondrej Kozina3-104/+1
2023-11-02Add basic compat-opal-test.Ondrej Kozina3-0/+1325
2023-11-02Do not allow decryption on devices with unsupported parameters.Ondrej Kozina1-0/+2
2023-11-02Do not allow --integrity option in reencryption action.Ondrej Kozina1-2/+2
2023-11-02Move LUKS2 legacy reencryption flag check.Ondrej Kozina1-5/+9
2023-11-02Restrict --hw-opal options only to luksFormat action.Ondrej Kozina2-2/+4
2023-11-02Fail early if OPAL is selected with LUKS1.Ondrej Kozina1-0/+5
2023-11-02Dump OPAL key size in bits.Ondrej Kozina1-1/+1
2023-11-02Do not fail format actions by interrupting device wipe.Ondrej Kozina2-2/+10
2023-10-31Add missing exclusive open check in crypt_format_luks2_opal.Ondrej Kozina1-0/+14
2023-10-31Improve cmd line options man pages related to SED OPAL.Ondrej Kozina1-2/+18
2023-10-31Add --key-file support in luksErase action with LUKS2 opal.Ondrej Kozina3-5/+18
2023-10-31Correctly erase opal lr when luksFormat action fails.Ondrej Kozina1-7/+22
2023-10-30fuzzing: Fix crypt2_load_fuzz to not touch const dataMilan Broz1-48/+50
2023-10-27crypto_backend: remove superfluous memset fot hash and hmac contextsMilan Broz3-6/+0
2023-10-27tests: fix oss-fuzz buildMilan Broz1-2/+2
2023-10-18Fix tests in FIPS mode.Ondrej Kozina1-1/+1
2023-10-16Respect keyslot id while activating device by token.Ondrej Kozina2-45/+120
2023-10-16libdevmapper: propagate key mgmt related kernel ioctl error on _dm_create_dev...Lennart Poettering1-1/+9
2023-10-09Check passphrase for user selected keyslot only.Ondrej Kozina1-1/+1
2023-10-05plain: Add note to man page about cipher options.Milan Broz1-2/+6
2023-10-05tests: Avoid new plain type warnings if missing options.Milan Broz5-41/+43
2023-10-05plain: Set default cipher to aes-xts-plain64 and hash to sha256.Milan Broz2-4/+4
2023-10-05plain: Print warning if using default cipher ahd hash options.Milan Broz1-0/+18
2023-10-04Fix empty device name in reencryption prompt message.Ondrej Kozina1-1/+1
2023-10-04Close stdin in tests where not expected to be used.Ondrej Kozina1-3/+3
2023-10-04Add test coverage for device activation.Ondrej Kozina1-18/+20
2023-10-04Fix return value in vk description parser.Ondrej Kozina1-7/+4
2023-10-04Fix a bug in vk description parsing helper.Ondrej Kozina1-1/+1
2023-10-04Fix user vk description leak in open action.Ondrej Kozina1-1/+3
2023-10-02Fix devel/debug leftover in LUKS2 api test.Ondrej Kozina1-3/+0
2023-10-02CI: fix annocheck and csmock runnersDaniel Zatovic2-4/+8
2023-09-29We do not need to wipe specific keyslot area only.Ondrej Kozina3-11/+3
2023-09-29Do not wipe keyslot area before in-place overwrite.Ondrej Kozina1-9/+1
2023-09-29Avoid overwritting LUKS2 keyslot area if possible.Ondrej Kozina3-9/+38
2023-09-27Make all returned kernel key ids key_serial_t type.Ondrej Kozina2-7/+7
2023-09-27Do not return -errno codes from keyring utilities.Ondrej Kozina4-19/+16
2023-09-27Drop unused kernel keyring code.Ondrej Kozina2-157/+1
2023-09-27Improve debug output for kernel keyring.Ondrej Kozina7-15/+182
2023-09-27Do not print kernel key sizes in debug output.Ondrej Kozina1-3/+3
2023-09-26Correctly cleanup volume key from kernel keyring on error.Ondrej Kozina3-27/+66
2023-09-25Fix posible NULL dereference bug.Ondrej Kozina1-2/+5
2023-09-25Split volume key only if activating SED OPAL LUKS2.Ondrej Kozina1-17/+27
2023-09-25Drop unused and unreleased API.Ondrej Kozina3-40/+0
2023-09-25Drop setting kernel key permissions.Ondrej Kozina1-15/+0
2023-09-25Split logic for uploading keys in kernel key service.Ondrej Kozina15-270/+537
2023-09-25Set correct volume key descripion when uploading key in keyring.Ondrej Kozina1-6/+3
2023-09-25Add helper utility to search only for keyrings.Ondrej Kozina3-2/+22
2023-09-25Rename internal keyring utilities.Ondrej Kozina3-23/+23
2023-09-25Reduce code duplication in kernel keyring utilities.Ondrej Kozina5-30/+13
2023-09-25Drop redundant request_key call.Ondrej Kozina1-4/+0
2023-09-25Fix wrong return value on error in keyring utils.Ondrej Kozina1-1/+1
2023-09-20Do not set flush and lockfs for DM device if resize grows the device.Milan Broz1-10/+23
2023-09-12Try to sort options alphabetically.Milan Broz5-54/+54
2023-09-12Remove dot from some option descriptions.Milan Broz2-18/+18
2023-09-12Add --disable-blkid CLI option.Milan Broz10-22/+53
2023-09-12Print blkid scan failure.Milan Broz4-7/+32
2023-08-29Opal: print descriptive error if format locks the drive.Milan Broz1-0/+4
2023-08-29opal: Remove key length debug msg.Milan Broz1-2/+0
2023-08-29Opal: add debug of Opal ioctl callsMilan Broz1-22/+169
2023-08-29Opal: open device read-only as it is enough for ioctl.Milan Broz1-7/+7
2023-08-28Fix unused symbol warnings in tests.Milan Broz2-4/+8
2023-08-28Enable -Wunused-parameter in CI tests.Milan Broz2-2/+2
2023-08-28Fix unused parameter warning in password utils.Milan Broz1-0/+1
2023-08-28Fix signed/unsigned warning in gcrypt backend.Milan Broz1-1/+1
2023-08-28Fix unused parameter in crypto backend handlers.Milan Broz4-4/+24
2023-08-28Fix unused parameter in LUKS2 reencryption handlers.Milan Broz1-21/+48
2023-08-28Fix unused parameter in LUKS2 external tokens handlers.Milan Broz1-43/+49
2023-08-28Fix unused parameter in blkid handlers.Milan Broz1-67/+101
2023-08-28Fix unused parameter in keyring handlers.Milan Broz1-35/+62
2023-08-28Mark unused parameters.Milan Broz10-34/+35
2023-08-26keyring: Fix possible sscanf string overflow.Milan Broz1-2/+2
2023-08-16Switch crypt_activate_by_signed_key to keyslot context based activation.Ondrej Kozina7-115/+264
2023-08-16Split volume key verification and device activation.Ondrej Kozina3-134/+150
2023-08-16Allow activation, resume and luksAddKey using VK stored in keyring.Daniel Zatovic8-11/+86
2023-08-16Add tests for linking VK to a keyring and changing VK type.Daniel Zatovic2-9/+190
2023-08-16Add keyslot_context for volume key stored in a keyring.Daniel Zatovic6-0/+166
2023-08-16Support specifying keyring and key using keyctl syntax.Daniel Zatovic6-18/+222
2023-08-16Support specifying volume key keyring type.Daniel Zatovic10-15/+106
2023-08-16Allow linking VK to a user-specified keyring.Daniel Zatovic9-0/+83
2023-08-16Don't revoke volume key in keyring.Daniel Zatovic1-16/+1
2023-08-16Allow resume by keyslot context.Daniel Zatovic6-128/+127
2023-08-16Add keyring keyslot_context.Daniel Zatovic6-25/+181
2023-08-15Add tests for activation by keyslot contextDaniel Zatovic1-0/+62
2023-08-15Add new token activation API tests.Ondrej Kozina1-0/+100
2023-08-15Allow activation via keyslot context.Daniel Zatovic6-111/+255
2023-08-15Allow priority ignore keyslots with specific token or keyslot specified.Ondrej Kozina1-25/+60
2023-08-15Allow keyslot in internal LUKS2 token activation code.Ondrej Kozina4-28/+61
2023-08-15Fix a bug in LUKS2 header wipe function with keyslots area.Ondrej Kozina1-0/+8
2023-08-15Do not mention --new-keyfile option in luksChangeKey action man page.Ondrej Kozina1-0/+6
2023-08-03Add algorithm specification warning to integritysetup.8.adoc.sad-goldfish1-0/+4
2023-08-02Minor reencrypt man page typo fixesBrandon Enright1-2/+2
2023-08-02Add OPAL2 detached header tests.Ondrej Kozina1-39/+51
2023-08-02Make luksErase work with detached header.Ondrej Kozina1-2/+2
2023-08-02Fix LUKS2 OPAL deactivation when header is missing.Ondrej Kozina1-5/+24
2023-08-01Do not set default data offset with LUKS2 OPAL detached header.Ondrej Kozina1-2/+7
2023-08-01Add support for suspend/resume with LUKS2 OPAL2 devices.Ondrej Kozina2-30/+183
2023-08-01Introduce LUKS2-OPAL private dm uuid prefix.Ondrej Kozina3-2/+11
2023-08-01Check dm uuid matches LUKS metadata during crypt_suspend.Ondrej Kozina2-33/+45
2023-07-26Do not reinitialize dm backend when not needed.Ondrej Kozina1-4/+1
2023-07-18Simplify crypt_get_hw_encryption_type internals.Ondrej Kozina3-11/+34
2023-07-18Fix leak of volume key in activation code error path.Milan Broz1-2/+2
2023-07-17Print better metadata dump and status info for OPAL segment.Milan Broz7-15/+65
2023-07-17Properly handle authenticated encryption on OPAL device.Ondrej Kozina4-26/+111
2023-07-17opal: Limit sector size to maximum 4096 bytes.Milan Broz1-0/+2
2023-07-17man: document OPAL supportLuca Boccassi3-10/+46
2023-07-17Add OPAL2 basic test.Ondrej Kozina3-1/+69
2023-07-17cryptsetup: support for hw-opal in luksEraseLuca Boccassi7-3/+140
2023-07-17Add crypt_get_hw_encryption_type API call.Milan Broz3-0/+41
2023-07-17cryptsetup: add --hw-opal and --hw-opal-onlyLuca Boccassi4-2/+37
2023-07-17libcryptsetup: add OPAL type and paramsLuca Boccassi19-48/+1872
2023-06-28Fix option name in error outputLudwig Nussel1-1/+1
2023-06-26Fix activation of LUKS2 with capi format cipher and kernel crypt name.Milan Broz5-2/+25
2023-06-26Fix reencryption to fail properly for unknown cipher.Milan Broz1-0/+6
2023-06-22Create optional reduced dm-integrity device.Ondrej Kozina3-24/+102
2023-06-22tcrypt: Fix test in FIPS mode.Milan Broz1-8/+8
2023-06-22tcrypt: Support new Blake2 hash.Milan Broz3-0/+3
2023-06-22tcrypt: use hash values as substring if limiting KDF check.Milan Broz1-1/+1
2023-06-22Fix init_by_name to allow unknown cipher format in dm-crypt as null context.Milan Broz2-3/+8
2023-06-06Add helper function to change segment size.Ondrej Kozina2-0/+25
2023-06-04Use unconditionally sleep 1 in scsi_debug testMilan Broz8-11/+11
2023-05-29Refactor json_segment_create_crypt helper.Ondrej Kozina1-15/+28
2023-05-29Refactor LUKS2 encryption parameters verification.Ondrej Kozina1-82/+125
2023-05-29Use defined constant for cipher_spec buffer size.Ondrej Kozina1-1/+1
2023-05-29Move cipher parsing outside LUKS2 header generator function.Ondrej Kozina3-14/+14
2023-05-29Move integrity fields in json_segment_create_crypt segment helper.Ondrej Kozina4-21/+31
2023-05-29Refactor LUKS2 metadata parameters calculations.Ondrej Kozina4-71/+124
2023-05-24Fix wrong return value from LUKS2_generate_hdr on error.Ondrej Kozina1-0/+1
2023-05-24CI: Add apt-get update to Debian jobs.Daniel Zatovic1-0/+1
2023-05-02Also disallow active devices with internal kernel names.Milan Broz3-1/+15
2023-05-02tests: Fix memory leak introduced in previous patches.Milan Broz1-1/+1
2023-04-29Workaround for oss-fuzz build.Milan Broz1-1/+3
2023-04-25Disallow use of internal kenrel crypto driver names in "capi" specification.Milan Broz2-1/+13
2023-04-24Add Aria cipher support and block size info.Milan Broz1-0/+1
2023-04-24Do not decrease PBKDF parameters if a user forces them.Milan Broz4-4/+18
2023-04-20Fix PBKDF vector test in FIPS mode.Milan Broz1-39/+47
2023-04-19Use only half of detected free memory on systems without swap.Milan Broz1-1/+8
2023-04-19Check for physical memory available also in PBKDF benchmark.Milan Broz3-2/+12
2023-04-19Fix PBKDF2 vectors test for RHEL8 OpenSSL.Milan Broz1-0/+8
2023-04-19Remove unused code in reencryption.Ondrej Kozina1-14/+7
2023-04-19Support OpenSSL 3.2 Argon2 implementation.Milan Broz3-2/+73
2023-04-19Add support for Argon2 from libgcrypt.Milan Broz6-10/+207
2023-04-18bitlk: Fix segfaults when attempting to test volume keyVojtech Trefny4-0/+13
2023-04-18Link only libcrypto from opensslAlex Xu (Hello71)2-6/+6
2023-04-17configure.ac: remove += bashismAlex Xu (Hello71)1-6/+6
2023-04-13Fix fips mode detection in gcrypt backend.Ondrej Kozina1-0/+3
2023-03-31Disable reencryption for DAX devices.Milan Broz1-0/+10
2023-03-31Detect DAX devices and and warn in LUKS format.Milan Broz4-0/+34
2023-03-31Print message if device is not aligned to sector size.Milan Broz1-0/+5
2023-03-18Fix fuzz tests build.Milan Broz1-1/+1
2023-03-10Remove testing branch from CI script.Milan Broz1-1/+0
2023-03-10Update CodeQL config.Milan Broz1-3/+1
2023-03-10Add header guard to ssh-utils.h.Milan Broz1-0/+5
2023-03-10Do not overload global crc32 table name by a function parameter name.Milan Broz1-2/+2
2023-03-10test: Do not overload global crypt_device variable name.Milan Broz1-17/+17
2023-03-09reencrypt: fix checking of context name arguments.Milan Broz1-1/+1
2023-03-09User more restrictive attributes for device file lock.Milan Broz1-1/+1
2023-03-09tests: avoid possible overflow in multiplicationMilan Broz1-1/+1
2023-03-09tests: reserve one byte for trailing zero in global log bufferMilan Broz1-2/+2
2023-03-09bitlk: avoid use ctime() with pointer to shared memory.Milan Broz1-1/+3
2023-03-09meson: Add dist hook only when asciidoctor is found.Daniel Zatovic1-8/+8
2023-03-08Fix unlikely occurences of json_object leaks on error path.Ondrej Kozina5-7/+35
2023-03-08Improve code clarity a bit.Ondrej Kozina1-10/+8
2023-03-08Correct error paths in LUKS2 reencryption code path.Ondrej Kozina1-89/+141
2023-03-08Add json_object_object_add_by_uint_by_ref helper.Ondrej Kozina2-0/+15
2023-03-07Replace LGTM with GitHub CodeQL.Milan Broz4-12/+85
2023-03-06CI: move autogen.sh to specific build scripts.Milan Broz4-1/+9
2023-03-04Print warning when keyslot requires more memory than availableMilan Broz1-1/+11
2023-03-04Try to avoid OOM killer on low-memory systems without swap.Milan Broz4-5/+67
2023-03-04Improve README.md.Milan Broz1-36/+33
2023-03-03fuzz: Do not calculate checksum for too small headers.Milan Broz1-17/+12
2023-03-03Update devel version.Milan Broz3-4/+5
2023-03-03Add support for meson build system.Daniel Zatovic20-14/+2067
2023-02-21Fix sector_size display for non-LUKS2 crypt devices.Milan Broz2-0/+8
2023-02-21Fix integrity info display for non-LUKS2 crypt devices.Milan Broz4-5/+29
2023-02-21Fix crypt_init_by_name() for dm-crypt with integrity.Milan Broz2-4/+16
2023-02-20CI: upgrade csmock image to RHEL 9.Daniel Zatovic1-1/+1
2023-02-15fuzzing: Fix OSS-Fuzz static build script.Daniel Zatovic1-5/+3
2023-02-10Update file cryptsetup-ssh.cwangzhiqiang1-1/+0
2023-02-10fix potential null pointer dereference.wangzhiqiang10-5/+110
2023-02-09Version 2.6.1.v2.6.1Milan Broz2-5/+5
2023-02-09Update Copyright year.Milan Broz133-247/+247
2023-02-09Some more cleanup of Release notes.Milan Broz1-11/+13
2023-02-09Clarify when cryptsetup asks for LUKS2 token PINs.Ondrej Kozina2-5/+18
2023-02-09Reformat and cleanup README.Milan Broz1-54/+86
2023-02-08Add 2.6.1 Release notes.Milan Broz1-0/+48
2023-02-06po: update uk.po (from translationproject.org)Yuri Chornoivan1-248/+249
2023-02-06po: update ru.po (from translationproject.org)Yuri Kozlov1-248/+249
2023-02-06po: update ro.po (from translationproject.org)Remus-Gabriel Chelu1-245/+250
2023-02-06po: update ja.po (from translationproject.org)Hiroshi Takekawa1-245/+249
2023-02-06po: update fr.po (from translationproject.org)Frédéric Marchal1-249/+250
2023-02-06po: update de.po (from translationproject.org)Roland Illig1-249/+250
2023-02-06po: update cs.po (from translationproject.org)Petr Pisar1-248/+249
2023-02-01Prepare 2.6.1-rc0 version.Milan Broz2-229/+233
2023-02-01Add fuzz patch file to tarball.Milan Broz1-1/+2
2023-02-01Update po/LINGUAS.Milan Broz1-0/+2
2023-02-01po: add ro.po (from translationproject.org)Remus-Gabriel Chelu1-0/+3869
2023-02-01po: add ka.po (from translationproject.org)Temuri Doghonadze1-0/+3756
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-15 14:49:43 +0000