summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--debian/changelog77
-rw-r--r--debian/control2
-rw-r--r--debian/cryptsetup-bin.NEWS18
-rw-r--r--debian/cryptsetup-suspend.lintian-overrides2
-rw-r--r--debian/initramfs/hooks/cryptroot2
-rw-r--r--debian/libcryptsetup12.symbols12
-rw-r--r--debian/patches/Check-for-physical-memory-available-also-in-PBKDF-benchma.patch74
-rw-r--r--debian/patches/Print-warning-when-keyslot-requires-more-memory-than-avai.patch49
-rw-r--r--debian/patches/Try-to-avoid-OOM-killer-on-low-memory-systems-without-swa.patch163
-rw-r--r--debian/patches/Use-only-half-of-detected-free-memory-on-systems-without-.patch43
-rw-r--r--debian/patches/series4
-rw-r--r--debian/tests/control4
-rwxr-xr-xdebian/tests/cryptdisks6
-rwxr-xr-xdebian/tests/cryptdisks.init2
-rwxr-xr-xdebian/tests/crypto-backend66
-rw-r--r--debian/tests/cryptroot-nested.d/preinst2
-rw-r--r--debian/tests/cryptroot-nested.d/setup4
-rw-r--r--debian/tests/utils/mock.pm28
18 files changed, 208 insertions, 350 deletions
diff --git a/debian/changelog b/debian/changelog
index 1666b8f..d15ff89 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,55 @@
+cryptsetup (2:2.7.0-1) unstable; urgency=medium
+
+ * Upload to unstable.
+ * Revert "d/gbp.conf: Set ‘debian-branch = debian/experimental’."
+ * Revert "Use OpenSSL's own argon2 implementation" (since sid doesn't have
+ OpenSSL 3.2 yet).
+ * Revert "d/control: cryptsetup Depends: Bump minimum cryptsetup-bin version
+ to 2.7~."
+ * Revert "d/cryptsetup.lintian-overrides: Ignore ‘conflicts-with-version
+ cryptsetup-nuke-password’."
+ * Revert "d/cryptsetup.lintian-overrides: Remove unused overrides."
+ * Revert "/lib/cryptsetup/askpass: coordinated move to /usr for DEP17"
+
+ -- Guilhem Moulin <guilhem@debian.org> Mon, 26 Feb 2024 12:50:46 +0100
+
+cryptsetup (2:2.7.0-1+exp) experimental; urgency=medium
+
+ * New upstream release.
+
+ [ Guilhem Moulin ]
+ * d/control: cryptsetup Depends: Bump minimum cryptsetup-bin version to 2.7~.
+ * d/control: Build-Depends: Replace pkg-config with pkgconf.
+ * d/cryptsetup-suspend.lintian-overrides: Remove alien tag.
+ * d/cryptsetup.lintian-overrides: Remove unused overrides.
+ * d/cryptsetup.lintian-overrides: Add override ‘conflicts-with-version
+ cryptsetup-nuke-password’.
+ * d/t/cryptroot-*: Fix DEP-8 tests with QEMU 8.2.
+
+ [ Helmut Grohne ]
+ * /lib/cryptsetup/askpass: coordinated move to /usr for DEP17.
+ (Closes: #1060270)
+
+ -- Guilhem Moulin <guilhem@debian.org> Mon, 26 Feb 2024 11:57:19 +0100
+
+cryptsetup (2:2.7.0~rc1-1) experimental; urgency=medium
+
+ * New upstream release candidate.
+ * d/gbp.conf: Set ‘debian-branch = debian/experimental’.
+ * Add new DEP-8 test to check crypto backend flags. (And whether system
+ libargon2 is used.)
+ * Use OpenSSL's own argon2 implementation rather than libargon2. This drops
+ libargon2 from (Build-)Depends and bumps the minimum required OpenSSL
+ version to 3.2.
+
+ -- Guilhem Moulin <guilhem@debian.org> Wed, 20 Dec 2023 18:28:36 +0100
+
+cryptsetup (2:2.7.0~rc0-2) experimental; urgency=medium
+
+ Rebuild for experimental.
+
+ -- Guilhem Moulin <guilhem@debian.org> Tue, 05 Dec 2023 21:11:42 +0100
+
cryptsetup (2:2.6.1-6~progress7.99u1) graograman-backports; urgency=medium
* Initial reupload to graograman-backports.
@@ -13,7 +65,7 @@ cryptsetup (2:2.6.1-6~progress7.99u1) graograman-backports; urgency=medium
cryptsetup (2:2.6.1-6) unstable; urgency=medium
[ Kevin Locke ]
- * cryptsetup-initramfs: Add support from compressed kernel modules.
+ * cryptsetup-initramfs: Add support for compressed kernel modules.
(Closes: #1036049, #1057441)
[ Guilhem Moulin ]
@@ -23,6 +75,29 @@ cryptsetup (2:2.6.1-6) unstable; urgency=medium
-- Guilhem Moulin <guilhem@debian.org> Tue, 05 Dec 2023 17:48:58 +0100
+cryptsetup (2:2.7.0~rc0-1) experimental; urgency=medium
+
+ * New upstream release candidate 2.7.0:
+ + Add support for (opt-in) hardware OPAL disk encryption.
+ + plain mode: Set default cipher to aes-xts-plain64 and password hashing
+ to sha256. This is a backward incompatible change for plain mode when
+ relying on the defaults. It doesn't affect LUKS volumes. Defaults for
+ plain mode should not be relied upon anyway; for many releases the
+ Debian wrappers found in the ‘cryptsetup’ binary package spew a loud
+ warning when ‘cipher=’ or ‘hash=’ are not explicitly specified in the
+ crypttab(5) options of plain devices. The cryptsetup(8) executable now
+ issue such a warning as well.
+ + Allow activation (open), luksResume, and luksAddKey to use the volume
+ key stored in a keyring.
+ + Allow one to store volume key to a user-specified keyring in open and
+ luksResume commands.
+ * Update d/libcryptsetup12.symbols.
+ * Remove d/patches applied upstream.
+ * Update debian/* to reflect current cipher and hash for plain mode.
+ * d/tests: Replace `passwd --delete` with `busybox passwd -d`.
+
+ -- Guilhem Moulin <guilhem@debian.org> Wed, 29 Nov 2023 17:19:10 +0100
+
cryptsetup (2:2.6.1-5) unstable; urgency=medium
[ Guilhem Moulin ]
diff --git a/debian/control b/debian/control
index a885251..e2f7ccb 100644
--- a/debian/control
+++ b/debian/control
@@ -28,7 +28,7 @@ Build-Depends: asciidoctor <!nodoc>,
libssh-dev,
libssl-dev,
libtool,
- pkg-config,
+ pkgconf,
po-debconf,
procps <!nocheck>,
uuid-dev,
diff --git a/debian/cryptsetup-bin.NEWS b/debian/cryptsetup-bin.NEWS
index ec5bf13..54ec605 100644
--- a/debian/cryptsetup-bin.NEWS
+++ b/debian/cryptsetup-bin.NEWS
@@ -1,3 +1,21 @@
+cryptsetup (2:2.7.0~rc0-1) experimental; urgency=medium
+
+ Default cipher and password hashing for plain mode have respectively
+ been changed to aes-xts-plain64 and sha256 (from aes-cbc-essiv:sha256
+ resp. ripemd160).
+
+ The new values matches what is used for LUKS, but the change does NOT
+ affect LUKS volumes.
+
+ This is a backward incompatible change for plain mode when relying on
+ the defaults, which (for plain mode only) is strongly advised against.
+ For many releases the Debian wrappers found in the ‘cryptsetup’ binary
+ package have spewed a loud warning for plain devices from crypttab(5)
+ where ‘cipher=’ or ‘hash=’ are not explicitly specified. The
+ cryptsetup(8) executable now issue such a warning as well.
+
+ -- Guilhem Moulin <guilhem@debian.org> Wed, 29 Nov 2023 17:19:10 +0100
+
cryptsetup (2:2.3.6-1+exp1) bullseye-security; urgency=high
This release fixes a key truncation issue for standalone dm-integrity
diff --git a/debian/cryptsetup-suspend.lintian-overrides b/debian/cryptsetup-suspend.lintian-overrides
deleted file mode 100644
index c5a34f6..0000000
--- a/debian/cryptsetup-suspend.lintian-overrides
+++ /dev/null
@@ -1,2 +0,0 @@
-# cryptsetup-suspend depends on systemd and doesn't work with sysvinit
-cryptsetup-suspend: package-supports-alternative-init-but-no-init.d-script
diff --git a/debian/initramfs/hooks/cryptroot b/debian/initramfs/hooks/cryptroot
index c16f7c2..83d29fd 100644
--- a/debian/initramfs/hooks/cryptroot
+++ b/debian/initramfs/hooks/cryptroot
@@ -220,7 +220,7 @@ populate_CRYPTO_HASHES() {
elif [ "$CRYPTTAB_TYPE" = "plain" ]; then
# --hash is being ignored when opening via key file
if [ "$CRYPTTAB_KEY" = "none" ] && [ -z "${CRYPTTAB_OPTION_keyscript+x}" ]; then
- hash="${CRYPTTAB_OPTION_hash-ripemd160}" # default password hashing as of cryptsetup 2.5
+ hash="${CRYPTTAB_OPTION_hash-sha256}" # default password hashing as of cryptsetup 2.7
fi
else
hash="" # or hash="@@UNKNOWN@@"?
diff --git a/debian/libcryptsetup12.symbols b/debian/libcryptsetup12.symbols
index f124910..5b30b7f 100644
--- a/debian/libcryptsetup12.symbols
+++ b/debian/libcryptsetup12.symbols
@@ -4,9 +4,11 @@ libcryptsetup.so.12 libcryptsetup12 #MINVER#
CRYPTSETUP_2.4@CRYPTSETUP_2.4 2:2.4
CRYPTSETUP_2.5@CRYPTSETUP_2.5 2:2.5
CRYPTSETUP_2.6@CRYPTSETUP_2.6 2:2.6
+ CRYPTSETUP_2.7@CRYPTSETUP_2.7 2:2.7
crypt_activate_by_keyfile@CRYPTSETUP_2.0 2:1.4
crypt_activate_by_keyfile_offset@CRYPTSETUP_2.0 2:1.4.3
crypt_activate_by_keyring@CRYPTSETUP_2.0 2:2.0
+ crypt_activate_by_keyslot_context@CRYPTSETUP_2.7 2:2.7
crypt_activate_by_keyfile_device_offset@CRYPTSETUP_2.0 2:2.0.1
crypt_activate_by_passphrase@CRYPTSETUP_2.0 2:1.4
crypt_activate_by_signed_key@CRYPTSETUP_2.0 2:2.3
@@ -23,6 +25,7 @@ libcryptsetup.so.12 libcryptsetup12 #MINVER#
crypt_dump_json@CRYPTSETUP_2.4 2:2.4
crypt_format@CRYPTSETUP_2.0 2:1.4
crypt_format@CRYPTSETUP_2.4 2:2.4
+ crypt_format_luks2_opal@CRYPTSETUP_2.7 2:2.7
crypt_free@CRYPTSETUP_2.0 2:1.4
crypt_get_active_device@CRYPTSETUP_2.0 2:1.4
crypt_get_active_integrity_failures@CRYPTSETUP_2.0 2:2.0.3
@@ -33,6 +36,8 @@ libcryptsetup.so.12 libcryptsetup12 #MINVER#
crypt_get_default_type@CRYPTSETUP_2.0 2:2.1
crypt_get_device_name@CRYPTSETUP_2.0 2:1.4
crypt_get_dir@CRYPTSETUP_2.0 2:1.4
+ crypt_get_hw_encryption_key_size@CRYPTSETUP_2.7 2:2.7
+ crypt_get_hw_encryption_type@CRYPTSETUP_2.7 2:2.7
crypt_get_integrity_info@CRYPTSETUP_2.0 2:2.0
crypt_get_iv_offset@CRYPTSETUP_2.0 2:1.4
crypt_get_label@CRYPTSETUP_2.5 2:2.5
@@ -69,8 +74,11 @@ libcryptsetup.so.12 libcryptsetup12 #MINVER#
crypt_keyslot_context_get_error@CRYPTSETUP_2.6 2:2.6
crypt_keyslot_context_get_type@CRYPTSETUP_2.6 2:2.6
crypt_keyslot_context_init_by_keyfile@CRYPTSETUP_2.6 2:2.6
+ crypt_keyslot_context_init_by_keyring@CRYPTSETUP_2.7 2:2.7
crypt_keyslot_context_init_by_passphrase@CRYPTSETUP_2.6 2:2.6
+ crypt_keyslot_context_init_by_signed_key@CRYPTSETUP_2.7 2:2.7
crypt_keyslot_context_init_by_token@CRYPTSETUP_2.6 2:2.6
+ crypt_keyslot_context_init_by_vk_in_keyring@CRYPTSETUP_2.7 2:2.7
crypt_keyslot_context_init_by_volume_key@CRYPTSETUP_2.6 2:2.6
crypt_keyslot_context_set_pin@CRYPTSETUP_2.6 2:2.6
crypt_keyslot_destroy@CRYPTSETUP_2.0 2:1.4
@@ -99,6 +107,7 @@ libcryptsetup.so.12 libcryptsetup12 #MINVER#
crypt_resume_by_keyfile@CRYPTSETUP_2.0 2:1.4
crypt_resume_by_keyfile_device_offset@CRYPTSETUP_2.0 2:2.0.1
crypt_resume_by_keyfile_offset@CRYPTSETUP_2.0 2:1.4.3
+ crypt_resume_by_keyslot_context@CRYPTSETUP_2.7 2:2.7
crypt_resume_by_passphrase@CRYPTSETUP_2.0 2:1.4
crypt_resume_by_token_pin@CRYPTSETUP_2.5 2:2.5
crypt_resume_by_volume_key@CRYPTSETUP_2.0 2:2.3
@@ -112,6 +121,7 @@ libcryptsetup.so.12 libcryptsetup12 #MINVER#
crypt_set_data_offset@CRYPTSETUP_2.0 2:2.1
crypt_set_debug_level@CRYPTSETUP_2.0 2:1.4
crypt_set_iteration_time@CRYPTSETUP_2.0 2:1.4.1
+ crypt_set_keyring_to_link@CRYPTSETUP_2.7 2:2.7
crypt_set_label@CRYPTSETUP_2.0 2:2.0
crypt_set_log_callback@CRYPTSETUP_2.0 2:1.4
crypt_set_metadata_size@CRYPTSETUP_2.0 2:2.1
@@ -130,6 +140,7 @@ libcryptsetup.so.12 libcryptsetup12 #MINVER#
crypt_token_luks2_keyring_set@CRYPTSETUP_2.0 2:2.0
crypt_token_max@CRYPTSETUP_2.4 2:2.4
crypt_token_register@CRYPTSETUP_2.0 2:2.0
+ crypt_token_set_external_path@CRYPTSETUP_2.7 2:2.7
crypt_token_status@CRYPTSETUP_2.0 2:2.0
crypt_token_unassign_keyslot@CRYPTSETUP_2.0 2:2.0
crypt_volume_key_get@CRYPTSETUP_2.0 2:1.4
@@ -137,3 +148,4 @@ libcryptsetup.so.12 libcryptsetup12 #MINVER#
crypt_volume_key_keyring@CRYPTSETUP_2.0 2:2.0
crypt_volume_key_verify@CRYPTSETUP_2.0 2:1.4
crypt_wipe@CRYPTSETUP_2.0 2:2.0
+ crypt_wipe_hw_opal@CRYPTSETUP_2.7 2:2.7
diff --git a/debian/patches/Check-for-physical-memory-available-also-in-PBKDF-benchma.patch b/debian/patches/Check-for-physical-memory-available-also-in-PBKDF-benchma.patch
deleted file mode 100644
index 2032283..0000000
--- a/debian/patches/Check-for-physical-memory-available-also-in-PBKDF-benchma.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-From: Milan Broz <gmazyland@gmail.com>
-Date: Mon, 3 Apr 2023 13:31:16 +0200
-Subject: Check for physical memory available also in PBKDF benchmark.
-
-Origin: https://gitlab.com/cryptsetup/cryptsetup/-/commit/7893c33d71cde09e240234c484c6c468f22c2fe7
-Bug: https://gitlab.com/cryptsetup/cryptsetup/-/issues/802#note_1328592911
-Bug-Debian: https://bugs.debian.org/1028250
----
- lib/internal.h | 1 +
- lib/utils_benchmark.c | 9 +++++++++
- lib/utils_pbkdf.c | 4 ++--
- 3 files changed, 12 insertions(+), 2 deletions(-)
-
-diff --git a/lib/internal.h b/lib/internal.h
-index 98095fa..f261cae 100644
---- a/lib/internal.h
-+++ b/lib/internal.h
-@@ -89,6 +89,7 @@ int crypt_benchmark_pbkdf_internal(struct crypt_device *cd,
- struct crypt_pbkdf_type *pbkdf,
- size_t volume_key_size);
- const char *crypt_get_cipher_spec(struct crypt_device *cd);
-+uint32_t pbkdf_adjusted_phys_memory_kb(void);
-
- /* Device backend */
- struct device;
-diff --git a/lib/utils_benchmark.c b/lib/utils_benchmark.c
-index 728e4df..a0326ce 100644
---- a/lib/utils_benchmark.c
-+++ b/lib/utils_benchmark.c
-@@ -101,6 +101,7 @@ int crypt_benchmark_pbkdf(struct crypt_device *cd,
- {
- int r, priority;
- const char *kdf_opt;
-+ uint32_t memory_kb;
-
- if (!pbkdf || (!password && password_size))
- return -EINVAL;
-@@ -113,6 +114,14 @@ int crypt_benchmark_pbkdf(struct crypt_device *cd,
-
- log_dbg(cd, "Running %s(%s) benchmark.", pbkdf->type, kdf_opt);
-
-+ memory_kb = pbkdf_adjusted_phys_memory_kb();
-+ if (memory_kb < pbkdf->max_memory_kb) {
-+ log_dbg(cd, "Not enough physical memory detected, "
-+ "PBKDF max memory decreased from %dkB to %dkB.",
-+ pbkdf->max_memory_kb, memory_kb);
-+ pbkdf->max_memory_kb = memory_kb;
-+ }
-+
- crypt_process_priority(cd, &priority, true);
- r = crypt_pbkdf_perf(pbkdf->type, pbkdf->hash, password, password_size,
- salt, salt_size, volume_key_size, pbkdf->time_ms,
-diff --git a/lib/utils_pbkdf.c b/lib/utils_pbkdf.c
-index d8f41c7..b2d4fa0 100644
---- a/lib/utils_pbkdf.c
-+++ b/lib/utils_pbkdf.c
-@@ -61,7 +61,7 @@ const struct crypt_pbkdf_type *crypt_get_pbkdf_type_params(const char *pbkdf_typ
- return NULL;
- }
-
--static uint32_t adjusted_phys_memory(void)
-+uint32_t pbkdf_adjusted_phys_memory_kb(void)
- {
- uint64_t free_kb, memory_kb = crypt_getphysmemory_kb();
-
-@@ -258,7 +258,7 @@ int init_pbkdf_type(struct crypt_device *cd,
- }
-
- if (cd_pbkdf->max_memory_kb) {
-- memory_kb = adjusted_phys_memory();
-+ memory_kb = pbkdf_adjusted_phys_memory_kb();
- if (cd_pbkdf->max_memory_kb > memory_kb) {
- log_dbg(cd, "Not enough physical memory detected, "
- "PBKDF max memory decreased from %dkB to %dkB.",
diff --git a/debian/patches/Print-warning-when-keyslot-requires-more-memory-than-avai.patch b/debian/patches/Print-warning-when-keyslot-requires-more-memory-than-avai.patch
deleted file mode 100644
index 91bab91..0000000
--- a/debian/patches/Print-warning-when-keyslot-requires-more-memory-than-avai.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From: Milan Broz <gmazyland@gmail.com>
-Date: Tue, 28 Feb 2023 14:18:10 +0100
-Subject: Print warning when keyslot requires more memory than available
-
-This warning is displayed only if maximum memory was adjusted:
-no swap, not enough memory, but is not printed if user set keyslot
-memory cost above default limit intentionally.
-
-In the latter case we have to check all available memory and guess
-if swap is enough - this is not job af cryptsetup and also
-it should not excessively parse any /sys files during keyslot open.
-
-Origin: https://gitlab.com/cryptsetup/cryptsetup/-/commit/27f8e5c08f0e0054225c9a2b1eda5b4200d4565b
-Bug: https://gitlab.com/cryptsetup/cryptsetup/-/issues/802#note_1287298872
-Bug-Debian: https://bugs.debian.org/1032734
----
- lib/luks2/luks2_keyslot_luks2.c | 12 +++++++++++-
- 1 file changed, 11 insertions(+), 1 deletion(-)
-
-diff --git a/lib/luks2/luks2_keyslot_luks2.c b/lib/luks2/luks2_keyslot_luks2.c
-index 491dcad..3be1135 100644
---- a/lib/luks2/luks2_keyslot_luks2.c
-+++ b/lib/luks2/luks2_keyslot_luks2.c
-@@ -307,7 +307,7 @@ static int luks2_keyslot_get_key(struct crypt_device *cd,
- char *volume_key, size_t volume_key_len)
- {
- struct volume_key *derived_key = NULL;
-- struct crypt_pbkdf_type pbkdf;
-+ struct crypt_pbkdf_type pbkdf, *cd_pbkdf;
- char *AfKey = NULL;
- size_t AFEKSize;
- const char *af_hash = NULL;
-@@ -360,6 +360,16 @@ static int luks2_keyslot_get_key(struct crypt_device *cd,
- goto out;
- }
-
-+ /*
-+ * Print warning when keyslot requires more memory than available
-+ * (if maximum memory was adjusted - no swap, not enough memory),
-+ * but be silent if user set keyslot memory cost above default limit intentionally.
-+ */
-+ cd_pbkdf = crypt_get_pbkdf(cd);
-+ if (cd_pbkdf->max_memory_kb && pbkdf.max_memory_kb > cd_pbkdf->max_memory_kb &&
-+ pbkdf.max_memory_kb <= DEFAULT_LUKS2_MEMORY_KB)
-+ log_std(cd, _("Warning: keyslot operation could fail as it requires more than available memory.\n"));
-+
- /*
- * If requested, serialize unlocking for memory-hard KDF. Usually NOOP.
- */
diff --git a/debian/patches/Try-to-avoid-OOM-killer-on-low-memory-systems-without-swa.patch b/debian/patches/Try-to-avoid-OOM-killer-on-low-memory-systems-without-swa.patch
deleted file mode 100644
index b8f81b9..0000000
--- a/debian/patches/Try-to-avoid-OOM-killer-on-low-memory-systems-without-swa.patch
+++ /dev/null
@@ -1,163 +0,0 @@
-From: Milan Broz <gmazyland@gmail.com>
-Date: Mon, 20 Feb 2023 16:45:36 +0100
-Subject: Try to avoid OOM killer on low-memory systems without swap.
-
-Benchmark for memory-hard KDF is tricky, seems that relying
-on maximum half of physical memory is not enough.
-
-Let's allow only free physical available space if there is no swap.
-This should not cause changes on normal systems, at least.
-
-Origin: https://gitlab.com/cryptsetup/cryptsetup/-/commit/899bad8c06957a94a198d1eaa293ed8db205f1de
-Bug: https://gitlab.com/cryptsetup/cryptsetup/-/issues/802
-Bug-Debian: https://bugs.debian.org/1028250
----
- lib/internal.h | 2 ++
- lib/utils.c | 47 +++++++++++++++++++++++++++++++++++++++++++++++
- lib/utils_pbkdf.c | 11 ++++++++++-
- tests/api-test-2.c | 12 ++++++++----
- 4 files changed, 67 insertions(+), 5 deletions(-)
-
-diff --git a/lib/internal.h b/lib/internal.h
-index b5cb4e3..98095fa 100644
---- a/lib/internal.h
-+++ b/lib/internal.h
-@@ -168,6 +168,8 @@ int crypt_uuid_cmp(const char *dm_uuid, const char *hdr_uuid);
- size_t crypt_getpagesize(void);
- unsigned crypt_cpusonline(void);
- uint64_t crypt_getphysmemory_kb(void);
-+uint64_t crypt_getphysmemoryfree_kb(void);
-+bool crypt_swapavailable(void);
-
- int init_crypto(struct crypt_device *ctx);
-
-diff --git a/lib/utils.c b/lib/utils.c
-index bfcf60d..e9d5b5b 100644
---- a/lib/utils.c
-+++ b/lib/utils.c
-@@ -59,6 +59,53 @@ uint64_t crypt_getphysmemory_kb(void)
- return phys_memory_kb;
- }
-
-+uint64_t crypt_getphysmemoryfree_kb(void)
-+{
-+ long pagesize, phys_pages;
-+ uint64_t phys_memoryfree_kb;
-+
-+ pagesize = sysconf(_SC_PAGESIZE);
-+ phys_pages = sysconf(_SC_AVPHYS_PAGES);
-+
-+ if (pagesize < 0 || phys_pages < 0)
-+ return 0;
-+
-+ phys_memoryfree_kb = pagesize / 1024;
-+ phys_memoryfree_kb *= phys_pages;
-+
-+ return phys_memoryfree_kb;
-+}
-+
-+bool crypt_swapavailable(void)
-+{
-+ int fd;
-+ ssize_t size;
-+ char buf[4096], *p;
-+ uint64_t total;
-+
-+ if ((fd = open("/proc/meminfo", O_RDONLY)) < 0)
-+ return true;
-+
-+ size = read(fd, buf, sizeof(buf));
-+ close(fd);
-+ if (size < 1)
-+ return true;
-+
-+ if (size < (ssize_t)sizeof(buf))
-+ buf[size] = 0;
-+ else
-+ buf[sizeof(buf) - 1] = 0;
-+
-+ p = strstr(buf, "SwapTotal:");
-+ if (!p)
-+ return true;
-+
-+ if (sscanf(p, "SwapTotal: %" PRIu64 " kB", &total) != 1)
-+ return true;
-+
-+ return total > 0;
-+}
-+
- void crypt_process_priority(struct crypt_device *cd, int *priority, bool raise)
- {
- int _priority, new_priority;
-diff --git a/lib/utils_pbkdf.c b/lib/utils_pbkdf.c
-index 4d7e18d..d8f41c7 100644
---- a/lib/utils_pbkdf.c
-+++ b/lib/utils_pbkdf.c
-@@ -63,7 +63,7 @@ const struct crypt_pbkdf_type *crypt_get_pbkdf_type_params(const char *pbkdf_typ
-
- static uint32_t adjusted_phys_memory(void)
- {
-- uint64_t memory_kb = crypt_getphysmemory_kb();
-+ uint64_t free_kb, memory_kb = crypt_getphysmemory_kb();
-
- /* Ignore bogus value */
- if (memory_kb < (128 * 1024) || memory_kb > UINT32_MAX)
-@@ -75,6 +75,15 @@ static uint32_t adjusted_phys_memory(void)
- */
- memory_kb /= 2;
-
-+ /*
-+ * Never use more that available free space on system without swap.
-+ */
-+ if (!crypt_swapavailable()) {
-+ free_kb = crypt_getphysmemoryfree_kb();
-+ if (free_kb > (64 * 1024) && free_kb < memory_kb)
-+ return free_kb;
-+ }
-+
- return memory_kb;
- }
-
-diff --git a/tests/api-test-2.c b/tests/api-test-2.c
-index 824ae65..923165c 100644
---- a/tests/api-test-2.c
-+++ b/tests/api-test-2.c
-@@ -2802,7 +2802,8 @@ static void Pbkdf(void)
- OK_(strcmp(pbkdf->type, default_luks2_pbkdf));
- OK_(strcmp(pbkdf->hash, default_luks1_hash));
- EQ_(pbkdf->time_ms, default_luks2_iter_time);
-- EQ_(pbkdf->max_memory_kb, adjusted_pbkdf_memory());
-+ GE_(pbkdf->max_memory_kb, 64 * 1024);
-+ GE_(adjusted_pbkdf_memory(), pbkdf->max_memory_kb);
- EQ_(pbkdf->parallel_threads, _min(cpus_online(), default_luks2_parallel_threads));
- // set and verify argon2 type
- OK_(crypt_set_pbkdf_type(cd, &argon2));
-@@ -2827,7 +2828,8 @@ static void Pbkdf(void)
- OK_(strcmp(pbkdf->type, default_luks2_pbkdf));
- OK_(strcmp(pbkdf->hash, default_luks1_hash));
- EQ_(pbkdf->time_ms, default_luks2_iter_time);
-- EQ_(pbkdf->max_memory_kb, adjusted_pbkdf_memory());
-+ GE_(pbkdf->max_memory_kb, 64 * 1024);
-+ GE_(adjusted_pbkdf_memory(), pbkdf->max_memory_kb);
- EQ_(pbkdf->parallel_threads, _min(cpus_online(), default_luks2_parallel_threads));
- // try to pass illegal values
- argon2.parallel_threads = 0;
-@@ -2858,14 +2860,16 @@ static void Pbkdf(void)
- OK_(strcmp(pbkdf->type, default_luks2_pbkdf));
- OK_(strcmp(pbkdf->hash, default_luks1_hash));
- EQ_(pbkdf->time_ms, default_luks2_iter_time);
-- EQ_(pbkdf->max_memory_kb, adjusted_pbkdf_memory());
-+ GE_(pbkdf->max_memory_kb, 64 * 1024);
-+ GE_(adjusted_pbkdf_memory(), pbkdf->max_memory_kb);
- EQ_(pbkdf->parallel_threads, _min(cpus_online(), default_luks2_parallel_threads));
- crypt_set_iteration_time(cd, 1);
- OK_(crypt_load(cd, CRYPT_LUKS, NULL));
- OK_(strcmp(pbkdf->type, default_luks2_pbkdf));
- OK_(strcmp(pbkdf->hash, default_luks1_hash));
- EQ_(pbkdf->time_ms, 1);
-- EQ_(pbkdf->max_memory_kb, adjusted_pbkdf_memory());
-+ GE_(pbkdf->max_memory_kb, 64 * 1024);
-+ GE_(adjusted_pbkdf_memory(), pbkdf->max_memory_kb);
- EQ_(pbkdf->parallel_threads, _min(cpus_online(), default_luks2_parallel_threads));
- CRYPT_FREE(cd);
-
diff --git a/debian/patches/Use-only-half-of-detected-free-memory-on-systems-without-.patch b/debian/patches/Use-only-half-of-detected-free-memory-on-systems-without-.patch
deleted file mode 100644
index caf47ce..0000000
--- a/debian/patches/Use-only-half-of-detected-free-memory-on-systems-without-.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From: Milan Broz <gmazyland@gmail.com>
-Date: Mon, 17 Apr 2023 13:41:17 +0200
-Subject: Use only half of detected free memory on systems without swap.
-
-As tests shows, limiting used Argon2 memory to free memory on
-systems without swap is still not enough.
-Use just half of it, this should bring needed margin while
-still use Argon2.
-
-Note, for very-low memory constrained systems user should
-avoid memory-hard PBKDF (IOW manually select PBKDF2), we
-do not do this automatically.
-
-Origin: https://gitlab.com/cryptsetup/cryptsetup/-/commit/6721d3a8b29b13fe88aeeaefe09d457e99d1c6fa
-Bug: https://gitlab.com/cryptsetup/cryptsetup/-/issues/802#note_1328592911
-Bug-Debian: https://bugs.debian.org/1028250
----
- lib/utils_pbkdf.c | 9 ++++++++-
- 1 file changed, 8 insertions(+), 1 deletion(-)
-
-diff --git a/lib/utils_pbkdf.c b/lib/utils_pbkdf.c
-index b2d4fa0..7399bd2 100644
---- a/lib/utils_pbkdf.c
-+++ b/lib/utils_pbkdf.c
-@@ -76,10 +76,17 @@ uint32_t pbkdf_adjusted_phys_memory_kb(void)
- memory_kb /= 2;
-
- /*
-- * Never use more that available free space on system without swap.
-+ * Never use more that half of available free memory on system without swap.
- */
- if (!crypt_swapavailable()) {
- free_kb = crypt_getphysmemoryfree_kb();
-+
-+ /*
-+ * Using exactly free memory causes OOM too, use only half of the value.
-+ * Ignore small values (< 64MB), user should use PBKDF2 in such environment.
-+ */
-+ free_kb /= 2;
-+
- if (free_kb > (64 * 1024) && free_kb < memory_kb)
- return free_kb;
- }
diff --git a/debian/patches/series b/debian/patches/series
deleted file mode 100644
index f64f6f7..0000000
--- a/debian/patches/series
+++ /dev/null
@@ -1,4 +0,0 @@
-Try-to-avoid-OOM-killer-on-low-memory-systems-without-swa.patch
-Print-warning-when-keyslot-requires-more-memory-than-avai.patch
-Check-for-physical-memory-available-also-in-PBKDF-benchma.patch
-Use-only-half-of-detected-free-memory-on-systems-without-.patch
diff --git a/debian/tests/control b/debian/tests/control
index 52752a3..193d0f0 100644
--- a/debian/tests/control
+++ b/debian/tests/control
@@ -131,3 +131,7 @@ Depends: linux-image-generic,
linux-image-686-pae [i386]
Restrictions: hint-testsuite-triggers
Architecture: amd64 i386
+
+Tests: crypto-backend
+Depends: cryptsetup-bin
+Restrictions: superficial
diff --git a/debian/tests/cryptdisks b/debian/tests/cryptdisks
index 3d3223b..b8c6bcc 100755
--- a/debian/tests/cryptdisks
+++ b/debian/tests/cryptdisks
@@ -151,7 +151,7 @@ cryptdisks_stop plain_crypt
disk_setup
cat >/etc/crypttab <<-EOF
- sector_crypt $CRYPT_DEV /dev/urandom plain,cipher=aes-cbc-essiv:sha256,size=256,sector-size=4096
+ sector_crypt $CRYPT_DEV /dev/urandom plain,cipher=aes-xts-plain64,size=256,sector-size=4096
EOF
cryptdisks_start sector_crypt
@@ -168,7 +168,7 @@ cryptdisks_stop sector_crypt
disk_setup
cat /proc/sys/kernel/random/uuid >"$TMPDIR/passphrase"
cat >/etc/crypttab <<-EOF
- hash_crypt $CRYPT_DEV none plain,cipher=aes-cbc-essiv:sha256,size=256,hash=sha256
+ hash_crypt $CRYPT_DEV none plain,cipher=aes-xts-plain64,size=256,hash=sha256
EOF
cryptdisks_start hash_crypt </dev/tty & pid=$!
@@ -192,7 +192,7 @@ offset=2048 # in 512 byte sectors
skip=256 # in 512 byte sectors
disk_setup
cat >/etc/crypttab <<-EOF
- offset_crypt $CRYPT_DEV /dev/urandom plain,cipher=aes-cbc-essiv:sha256,size=256,offset=$offset,skip=$skip
+ offset_crypt $CRYPT_DEV /dev/urandom plain,cipher=aes-xts-plain64,size=256,offset=$offset,skip=$skip
EOF
# having an existing file system before the offset has no effect (cf. #994056)
diff --git a/debian/tests/cryptdisks.init b/debian/tests/cryptdisks.init
index 408c325..2019e03 100755
--- a/debian/tests/cryptdisks.init
+++ b/debian/tests/cryptdisks.init
@@ -23,7 +23,7 @@ dmsetup create disk12 <<-EOF
$((64 * 2*1024)) $((64 * 2*1024)) linear /dev/mapper/disk2 0
EOF
-cipher="aes-cbc-essiv:sha256"
+cipher="aes-xts-plain64"
size=32 # bytes
cat >/etc/crypttab <<-EOF
crypt_disk0 /dev/mapper/disk0 /dev/urandom plain,cipher=$cipher,size=$((8*size))
diff --git a/debian/tests/crypto-backend b/debian/tests/crypto-backend
new file mode 100755
index 0000000..47dc5a8
--- /dev/null
+++ b/debian/tests/crypto-backend
@@ -0,0 +1,66 @@
+#!/bin/sh
+
+# Check crypto backend, see https://gitlab.com/cryptsetup/cryptsetup/-/issues/851 .
+
+set -ue
+PATH="/usr/bin:/bin"
+export PATH
+
+CRYPTSETUP="/sbin/cryptsetup"
+
+NAME="crypto-backend"
+TEMPDIR="$AUTOPKGTEST_TMP/$NAME"
+
+mkdir "$TEMPDIR"
+trap 'rm -rf -- "$TEMPDIR"' EXIT INT TERM
+
+IMG="$TEMPDIR/disk.img"
+KEYFILE="$TEMPDIR/keyfile"
+DEBUG="$TEMPDIR/debug"
+
+dd if=/dev/zero bs=1M count=64 status="none" of="$IMG"
+head -c32 /dev/urandom >"$KEYFILE"
+
+"$CRYPTSETUP" luksFormat --batch-mode \
+ --key-file="$KEYFILE" \
+ --type=luks2 \
+ --pbkdf=argon2id \
+ --pbkdf-force-iterations=4 \
+ --pbkdf-memory=32 \
+ -- "$IMG"
+
+"$CRYPTSETUP" luksOpen --debug --key-file="$KEYFILE" --test-passphrase "$IMG" >"$DEBUG"
+sed -nri '/^# Crypto backend\s+/ {s/.*?\(([^()]+)\).*/\1/p;q}' "$DEBUG"
+cat "$DEBUG"
+
+if ! grep -qE '^OpenSSL\b' <"$DEBUG"; then
+ echo "ERROR: Crypto backend isn't OpenSSL" >&2
+ exit 1
+fi
+
+sed -ri 's/^[^\[]*//' "$DEBUG"
+# " [cryptsetup libargon2]": bundled libargon2
+# " [external libargon2]": system libargon2
+# "][argon2]": crypto backend's own implementation
+if ! grep -qF " [external libargon2]" <"$DEBUG"; then
+ echo "ERROR: Unexpected argon2 backend" >&2
+ exit 1
+fi
+
+LIBCRYPTSETUP="$(env --unset=LD_PRELOAD ldd "$CRYPTSETUP" | sed -nr '/^\s*libcryptsetup\.so(\.[0-9]+)*\s+=>\s+/ {s///;s/\s.*//;p;q}')"
+if [ -z "$LIBCRYPTSETUP" ] || [ ! -e "$LIBCRYPTSETUP" ]; then
+ echo "ERROR: $CRYPTSETUP doesn't link against libcryptsetup??" >&2
+ exit 1
+fi
+
+assert_linked_argon2() {
+ local path="$1"
+ if ! env --unset=LD_PRELOAD ldd "$path" | grep -qE '^\s*libargon2\.so(\.[0-9]+)*\s+=>\s'; then
+ echo "ERROR: $path does not link against libargon2" >&2
+ exit 1
+ fi
+ return 0
+}
+
+assert_linked_argon2 "$CRYPTSETUP"
+assert_linked_argon2 "$LIBCRYPTSETUP"
diff --git a/debian/tests/cryptroot-nested.d/preinst b/debian/tests/cryptroot-nested.d/preinst
index c5f576b..bf5876a 100644
--- a/debian/tests/cryptroot-nested.d/preinst
+++ b/debian/tests/cryptroot-nested.d/preinst
@@ -2,7 +2,7 @@
cat >/etc/crypttab <<-EOF
md0_crypt UUID=$(blkid -s UUID -o value /dev/md0) none
vdd_crypt UUID=$(blkid -s UUID -o value /dev/vdd) none
- testvg-lv0_crypt /dev/mapper/testvg-lv0 none plain,cipher=aes-cbc-essiv:sha256,size=256,hash=ripemd160
+ testvg-lv0_crypt /dev/mapper/testvg-lv0 none plain,cipher=aes-xts-plain64,size=256,hash=sha256
testvg-lv1_crypt UUID=$(blkid -s UUID -o value /dev/testvg/lv1) none
EOF
diff --git a/debian/tests/cryptroot-nested.d/setup b/debian/tests/cryptroot-nested.d/setup
index 6fb6ccd..b08da17 100644
--- a/debian/tests/cryptroot-nested.d/setup
+++ b/debian/tests/cryptroot-nested.d/setup
@@ -44,9 +44,9 @@ udevadm settle
echo -n "testvg-lv0_crypt" >/keyfile
cryptsetup open --batch-mode \
--type=plain \
- --cipher="aes-cbc-essiv:sha256" \
+ --cipher="aes-xts-plain64" \
--key-size=256 \
- --hash="ripemd160" \
+ --hash="sha256" \
-- "/dev/testvg/lv0" "testvg-lv0_crypt" </keyfile
udevadm settle
diff --git a/debian/tests/utils/mock.pm b/debian/tests/utils/mock.pm
index 10db3e6..8bddfa0 100644
--- a/debian/tests/utils/mock.pm
+++ b/debian/tests/utils/mock.pm
@@ -25,7 +25,7 @@ our $PS1 = qr/root\@[\-\.0-9A-Z_a-z]+ : [~\/][\-\.\/0-9A-Z_a-z]* [\#\$]\ /aax;
package CryptrootTest::Utils;
use Socket qw/PF_UNIX SOCK_STREAM SOCK_CLOEXEC SOCK_NONBLOCK SHUT_RD SHUT_WR/;
-use Errno qw/EINTR ENOENT ECONNREFUSED/;
+use Errno qw/EINTR ENOENT ECONNREFUSED ECONNRESET/;
use Time::HiRes ();
my (%SOCKET, %BUFFER, $WBITS, $RBITS);
@@ -62,11 +62,12 @@ sub read_data($) {
my $bits = shift;
while (my ($chan, $fh) = each %SOCKET) {
next unless vec($bits, fileno($fh), 1); # nothing to read here
- my $n = sysread($fh, my $buf, 4096) // die "read: $!";
- if ($n > 0) {
+ my $n = sysread($fh, my $buf, 4096);
+ if (defined $n and $n > 0) {
STDOUT->printflush($buf);
$BUFFER{$chan} .= $buf;
} else {
+ die "read: $!" unless defined $n or $! == ECONNRESET;
#print STDERR "INFO done reading from $chan\n";
shutdown($fh, SHUT_RD) or die "shutdown: $!";
vec($RBITS, fileno($fh), 1) = 0;
@@ -228,6 +229,8 @@ sub shell($%) {
# enter S3 sleep state (suspend to ram aka standby)
sub suspend() {
+ @QMP::EVENTS = (); # flush the event queue
+
write_data($CONSOLE => q{systemctl suspend});
# while the command is asynchronous the system might suspend before
# we have a chance to read the next $PS1
@@ -242,6 +245,8 @@ sub suspend() {
}
sub wakeup() {
+ @QMP::EVENTS = (); # flush the event queue
+
my $r = QMP::command(q{system_wakeup});
die if %$r;
@@ -256,6 +261,8 @@ sub wakeup() {
# enter S4 sleep state (suspend to disk aka hibernate)
sub hibernate() {
+ @QMP::EVENTS = (); # flush the event queue
+
# an alternative is to send {"execute":"guest-suspend-disk"} on the
# guest agent socket, but we don't want to require qemu-guest-agent
# on the guest so this will have to do
@@ -267,6 +274,8 @@ sub hibernate() {
}
sub poweroff() {
+ @QMP::EVENTS = (); # flush the event queue
+
# XXX would be nice to use the QEMU monitor here but the guest
# doesn't seem to respond to system_powerdown QMP commands
write_data($CONSOLE => q{poweroff});
@@ -283,6 +292,7 @@ package QMP;
# https://qemu.readthedocs.io/en/latest/interop/qemu-qmp-ref.html
use JSON ();
+our @EVENTS;
# read and decode a QMP server line
sub getline() {
@@ -305,6 +315,7 @@ sub command($;$) {
my $resp = QMP::getline() // next;
# ignore unsolicited server responses (such as events)
return $resp->{return} if exists $resp->{return};
+ push @EVENTS, $resp;
}
}
@@ -330,9 +341,16 @@ BEGIN {
sub wait_for_event($) {
my $event_name = shift;
+ my @events2;
while(1) {
- my $resp = QMP::getline() // next;
- return if exists $resp->{event} and $resp->{event} eq $event_name;
+ my $resp = @EVENTS ? shift @EVENTS : QMP::getline();
+ next unless defined $resp;
+ if (exists $resp->{event} and $resp->{event} eq $event_name) {
+ @EVENTS = @events2;
+ return;
+ } else {
+ push @events2, $resp;
+ }
}
}