diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 17:44:12 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 17:44:12 +0000 |
commit | 1be69c2c660b70ac2f4de2a5326e27e3e60eb82d (patch) | |
tree | bb299ab6f411f4fccd735907035de710e4ec6abc /docs/v1.7.2-ReleaseNotes | |
parent | Initial commit. (diff) | |
download | cryptsetup-1be69c2c660b70ac2f4de2a5326e27e3e60eb82d.tar.xz cryptsetup-1be69c2c660b70ac2f4de2a5326e27e3e60eb82d.zip |
Adding upstream version 2:2.3.7.upstream/2%2.3.7upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'docs/v1.7.2-ReleaseNotes')
-rw-r--r-- | docs/v1.7.2-ReleaseNotes | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/docs/v1.7.2-ReleaseNotes b/docs/v1.7.2-ReleaseNotes new file mode 100644 index 0000000..6323430 --- /dev/null +++ b/docs/v1.7.2-ReleaseNotes @@ -0,0 +1,37 @@ +Cryptsetup 1.7.2 Release Notes +============================== + +Changes since version 1.7.1 + +* Update LUKS documentation format. + Clarify fixed sector size and keyslots alignment. + +* Support activation options for error handling modes in Linux kernel + dm-verity module: + + --ignore-corruption - dm-verity just logs detected corruption + + --restart-on-corruption - dm-verity restarts the kernel if corruption is detected + + If the options above are not specified, default behavior for dm-verity remains. + Default is that I/O operation fails with I/O error if corrupted block is detected. + + --ignore-zero-blocks - Instructs dm-verity to not verify blocks that are expected + to contain zeroes and always return zeroes directly instead. + + NOTE that these options could have security or functional impacts, + do not use them without assessing the risks! + +* Fix help text for cipher benchmark specification (mention --cipher option). + +* Fix off-by-one error in maximum keyfile size. + Allow keyfiles up to compiled-in default and not that value minus one. + +* Support resume of interrupted decryption in cryptsetup-reencrypt utility. + To resume decryption, LUKS device UUID (--uuid option) option must be used. + +* Do not use direct-io for LUKS header with unaligned keyslots. + Such headers were used only by the first cryptsetup-luks-1.0.0 release (2005). + +* Fix device block size detection to properly work on particular file-based + containers over underlying devices with 4k sectors. |