1. 25 Sep, 2018 1 commit
  2. 09 Aug, 2018 1 commit
  3. 11 Jul, 2018 2 commits
    • Ondrej Kozina's avatar
      Make LUKS2 auto-recovery aware of device signatures. · 2c1a6e3f
      Ondrej Kozina authored
      auto-recovery triggers any time when only single correct LUKS2
      header instance was found. That may be dangerous.
      
      We should suppress auto-recovery in case blkid decided the
      device is no longer LUKS device. For example if secondary (intact)
      LUKS2 header was left behind and blkid declares the device is LVM2
      member.
      
      Moreover if at least one header instance is corrupted and blkid
      declares device non-empty and non-LUKS in the same time, header load
      operation will be aborted with error.
      2c1a6e3f
    • Milan Broz's avatar
      Use explicit list for LUKS2 secondary header offsets. · 09877e4e
      Milan Broz authored
      The code scan for the second header only if primary is corrrupted.
      
      Let's set the possible offsets more clear.
      
      This patch also removes 8kB header offset (that was not supported anyway).
      09877e4e
  4. 19 Jun, 2018 1 commit
    • joerichey@google.com's avatar
      Fix declaration of logger() · 2d94d7ab
      joerichey@google.com authored
      This change makes the declaration of logger() match its definition,
      it also avoids the use of the "class" C++ keyword. This is useful for
      importing cryptsetup into Bazel/Blaze.
      2d94d7ab
  5. 26 Apr, 2018 1 commit
  6. 11 Apr, 2018 1 commit
  7. 22 Feb, 2018 2 commits
    • Milan Broz's avatar
      Clean up keyring handling. · fb6b4739
      Milan Broz authored
      Move all keyring functions to one place and separate LUKS2 specific
      code to generic handling.
      
      Also fix possible mismatch if volume key is in keyring but it is not native
      LUKS2 device (libarary cannot process such a device properly).
      fb6b4739
    • Milan Broz's avatar
      Allocate key description in volume key. · 1ac353d2
      Milan Broz authored
      The key description is now allocated by volume key wrappers.
      1ac353d2
  8. 08 Feb, 2018 1 commit
  9. 20 Jan, 2018 2 commits
  10. 18 Jan, 2018 1 commit
    • Ondrej Kozina's avatar
      Detect kernel version for dm-crypt kernel key bugfix. · 598dd672
      Ondrej Kozina authored
      When loading first dm-crypt table (or action that triggers dm-crypt
      module load) we do not know dm-crypt version yet. Let's assume all
      kernels before 4.15.0 are flawed and reject VK load via kernel keyring
      service.
      
      When dm-crypt is already in kernel, check for correct target version
      instead (v1.18.1 or later).
      598dd672
  11. 07 Dec, 2017 1 commit
    • Milan Broz's avatar
      Limit KDF memory by available physical memory. · fa1f8c0d
      Milan Broz authored
      On some systems the requested amount of memory causes OOM killer
      to kill the process (instead of returning ENOMEM).
      
      For now, we never try to use more than half of available
      physical memory.
      fa1f8c0d
  12. 30 Nov, 2017 1 commit
  13. 23 Nov, 2017 1 commit
  14. 10 Oct, 2017 1 commit
  15. 06 Oct, 2017 1 commit
  16. 24 Sep, 2017 5 commits
  17. 12 Aug, 2017 1 commit
    • Milan Broz's avatar
      Move PBKDF internal benchmark to one place. · 5fc79f56
      Milan Broz authored
      Also cache its value in active context, so we run benchmark
      only once.
      
      The patch also changes calculated value for LUKS1 key digest
      to 125 miliseconds (it means that for full 8 used slots
      the additional slow-down is circa 1 second).
      
      Note that there is no need to have too high iteration count
      for key digest; if it is too computationally expensive, attacker
      will better decrypt of one sector with candidate key anyway.
      (Check for a known signature.)
      
      The reason to have some delay for key digest check was
      to complicate brute-force search for volume key with LUKS header
      only (and if RNG used to generate volumekey was flawed
      allowing such a search i reasonable time).
      5fc79f56
  18. 06 Aug, 2017 2 commits
    • Milan Broz's avatar
      Use only crypt_get_integrity_info in API. · 3435f9cb
      Milan Broz authored
      Some other functions remain internal only.
      Signed-off-by: Milan Broz's avatarMilan Broz <gmazyland@gmail.com>
      3435f9cb
    • Milan Broz's avatar
      Change PBKDF interface API. · 0abf57be
      Milan Broz authored
      Prepare API for PBKDF that can set three costs
        - time (similar to iterations in PBKDF2)
        - memory (required memory for memory-hard function)
        - threads (required number of threads/CPUs).
      
      This patch also removes wrongly designed API call
      crypt_benchmark_kdf and replaces it with the new call
      crypt_benchmark_pbkdf.
      
      Two functions for PBKDF per context setting
      are introduced: crypt_set_pbkdf_type and crypt_get_pbkdf_type.
      
      The patch should be backward compatible when using
      crypt_set_iteration_time function (works only for PBKDF2).
      Signed-off-by: Milan Broz's avatarMilan Broz <gmazyland@gmail.com>
      0abf57be
  19. 27 Jul, 2017 1 commit
    • Milan Broz's avatar
      Allow to open device without read check. · 12040570
      Milan Broz authored
      In some specific situation we do not want to read the devices
      before initialization.
      
      Here it is integrity checking that will produce warning, because
      the device is not yet initialized.
      
      Used only in wipe function (here we must use direct-io anyway)
      and expect the device is capable of direct-io.
      12040570
  20. 28 Jun, 2017 1 commit
  21. 08 Jun, 2017 2 commits
  22. 07 Jun, 2017 1 commit
  23. 14 Apr, 2017 1 commit
  24. 12 Mar, 2017 1 commit
  25. 13 Dec, 2016 1 commit
  26. 02 Jul, 2016 2 commits
  27. 23 Mar, 2016 1 commit
  28. 03 Jan, 2016 1 commit
  29. 12 Dec, 2015 1 commit
  30. 01 Dec, 2015 1 commit