37 lines
1.5 KiB
Text
37 lines
1.5 KiB
Text
Cryptsetup 1.7.2 Release Notes
|
|
==============================
|
|
|
|
Changes since version 1.7.1
|
|
|
|
* Update LUKS documentation format.
|
|
Clarify fixed sector size and keyslots alignment.
|
|
|
|
* Support activation options for error handling modes in Linux kernel
|
|
dm-verity module:
|
|
|
|
--ignore-corruption - dm-verity just logs detected corruption
|
|
|
|
--restart-on-corruption - dm-verity restarts the kernel if corruption is detected
|
|
|
|
If the options above are not specified, default behavior for dm-verity remains.
|
|
Default is that I/O operation fails with I/O error if corrupted block is detected.
|
|
|
|
--ignore-zero-blocks - Instructs dm-verity to not verify blocks that are expected
|
|
to contain zeroes and always return zeroes directly instead.
|
|
|
|
NOTE that these options could have security or functional impacts,
|
|
do not use them without assessing the risks!
|
|
|
|
* Fix help text for cipher benchmark specification (mention --cipher option).
|
|
|
|
* Fix off-by-one error in maximum keyfile size.
|
|
Allow keyfiles up to compiled-in default and not that value minus one.
|
|
|
|
* Support resume of interrupted decryption in cryptsetup-reencrypt utility.
|
|
To resume decryption, LUKS device UUID (--uuid option) option must be used.
|
|
|
|
* Do not use direct-io for LUKS header with unaligned keyslots.
|
|
Such headers were used only by the first cryptsetup-luks-1.0.0 release (2005).
|
|
|
|
* Fix device block size detection to properly work on particular file-based
|
|
containers over underlying devices with 4k sectors.
|