summaryrefslogtreecommitdiff
path: root/src/cryptsetup
AgeCommit message (Collapse)Author
2015-10-19strv: Add _cleanup_strv_free_erase_ and _cleanup_string_free_erase_Zbigniew Jędrzejewski-Szmek
2015-10-19tree-wide: whenever we deal with passwords, erase them from memory after useLennart Poettering
A bit snake-oilish, but can't hurt.
2015-10-07ask-password: add support for caching passwords in the kernel keyringLennart Poettering
This adds support for caching harddisk passwords in the kernel keyring if it is available, thus supporting caching without Plymouth being around. This is also useful for hooking up "gdm-auto-login" with the collected boot-time harddisk password, in order to support gnome keyring passphrase unlocking via the HDD password, if it is the same. Any passwords added to the kernel keyring this way have a timeout of 2.5min at which time they are purged from the kernel.
2015-09-10cryptsetup-generator: Properly check return codeJan Janssen
2015-09-09tree-wide: drop {} from one-line if blocksLennart Poettering
Patch via coccinelle.
2015-07-31tree-wide: introduce mfree()David Herrmann
Pretty trivial helper which wraps free() but returns NULL, so we can simplify this: free(foobar); foobar = NULL; to this: foobar = mfree(foobar);
2015-06-09cryptsetup: craft a unique ID with the source deviceHarald Hoyer
If cryptsetup is called with a source device as argv[3], then craft the ID for the password agent with a unique device path. If possible "/dev/block/<maj>:<min>" is used, otherwise the original argv[3] is used. This enables password agents like petera [1] to provide a password according to the source device. The original ID did not carry enough information and was more targeted for a human readable string, which is specified in the "Message" field anyway. With this patch the ID of the ask.XXX ini file looks like this: ID=cryptsetup:/dev/block/<maj>:<min> [1] https://github.com/npmccallum/petera
2015-05-16Use fflush_and_check() in more placesZbigniew Jędrzejewski-Szmek
2015-05-05core: rework unit name validation and manipulation logicLennart Poettering
A variety of changes: - Make sure all our calls distuingish OOM from other errors if OOM is not the only error possible. - Be much stricter when parsing escaped paths, do not accept trailing or leading escaped slashes. - Change unit validation to take a bit mask for allowing plain names, instance names or template names or an combination thereof. - Refuse manipulating invalid unit name
2015-04-17cryptsetup: Implement offset and skip optionsMartin Pitt
These are useful for plain devices as they don't have any metadata by themselves. Instead of using an unreliable hardcoded device name in crypttab you can then put static metadata at the start of the partition for a stable UUID or label. https://bugs.freedesktop.org/show_bug.cgi?id=87717 https://bugs.debian.org/751707 https://launchpad.net/bugs/953875
2015-04-02cryptsetup: port from libudev to sd-deviceTom Gundersen
2015-03-14cryptsetup-generator: remove warning about crypttab access modeZbigniew Jędrzejewski-Szmek
This file contains no privileged data — just names of devices to decrypt and files containing keys. On a running system most of this can be inferred from the device tree anyway.
2015-02-23remove unused includesThomas Hindoe Paaboel Andersen
This patch removes includes that are not used. The removals were found with include-what-you-use which checks if any of the symbols from a header is in use.
2015-02-03util: rework strappenda(), and rename it strjoina()Lennart Poettering
After all it is now much more like strjoin() than strappend(). At the same time, add support for NULL sentinels, even if they are normally not necessary.
2015-02-02cryptsetup: only warn on real key filesMartin Pitt
Simplify the check from commit 05f73ad to only apply the warning to regular files instead of enumerating device nodes.
2015-02-02cryptsetup: Do not warn If the key is /dev/*randomCristian Rodríguez
Using /dev/urandom as a key is valid for swap, do not warn if this devices are world readable.
2015-01-11Support negated fstab optionsZbigniew Jędrzejewski-Szmek
We would ignore options like "fail" and "auto", and for any option which takes a value the first assignment would win. Repeated and options equivalent to the default are rarely used, but they have been documented forever, and people might use them. Especially on the kernel command line it is easier to append a repeated or negated option at the end.
2015-01-11cryptsetup-generator: remove duplicated functionZbigniew Jędrzejewski-Szmek
2015-01-08cryptsetup: support header= optionAndrey Chaser
https://bugs.freedesktop.org/show_bug.cgi?id=66396
2014-12-05cryptsetup-generator: Add support for naming luks devices on kernel cmdlineJan Janssen
2014-12-05cryptsetup-generator: Add support for UUID-specific key files on kernel ↵Jan Janssen
command line
2014-12-05cryptsetup-generator: Split main() into more functions and use hasmapsJan Janssen
2014-11-28treewide: another round of simplificationsMichal Schmidt
Using the same scripts as in f647962d64e "treewide: yet more log_*_errno + return simplifications".
2014-11-28treewide: use log_*_errno whenever %m is in the format stringMichal Schmidt
If the format string contains %m, clearly errno must have a meaningful value, so we might as well use log_*_errno to have ERRNO= logged. Using: find . -name '*.[ch]' | xargs sed -r -i -e \ 's/log_(debug|info|notice|warning|error|emergency)\((".*%m.*")/log_\1_errno(errno, \2/' Plus some whitespace, linewrap, and indent adjustments.
2014-11-28treewide: more log_*_errno + return simplificationsMichal Schmidt
2014-11-28treewide: no need to negate errno for log_*_errno()Michal Schmidt
It corrrectly handles both positive and negative errno values.
2014-11-28treewide: auto-convert the simple cases to log_*_errno()Michal Schmidt
As a followup to 086891e5c1 "log: add an "error" parameter to all low-level logging calls and intrdouce log_error_errno() as log calls that take error numbers", use sed to convert the simple cases to use the new macros: find . -name '*.[ch]' | xargs sed -r -i -e \ 's/log_(debug|info|notice|warning|error|emergency)\("(.*)%s"(.*), strerror\(-([a-zA-Z_]+)\)\);/log_\1_errno(-\4, "\2%m"\3);/' Multi-line log_*() invocations are not covered. And we also should add log_unit_*_errno().
2014-11-24cryptsetup: default to no hash when keyfile is specifiedZbigniew Jędrzejewski-Szmek
For plain dm-crypt devices, the behavior of cryptsetup package is to ignore the hash algorithm when a key file is provided. It seems wrong to ignore a hash when it is explicitly specified, but we should default to no hash if the keyfile is specified. https://bugs.freedesktop.org/show_bug.cgi?id=52630
2014-11-07util: simplify proc_cmdline() to reuse get_process_cmdline()Lennart Poettering
Also, make all parsing of the kernel cmdline non-fatal.
2014-11-06s/commandline/command line/gHarald Hoyer
2014-10-24cryptsetup: Fix timeout on dm device.Hugo Grostabussiat
Fix a bug in systemd-cryptsetup-generator which caused the drop-in setting the job timeout for the dm device unit to be written with a name different than the unit name. https://bugs.freedesktop.org/show_bug.cgi?id=84409
2014-10-23cryptsetup: fix an OOM checkLennart Poettering
2014-09-25readahead: wipe out readaheadDaniel Buch
2014-07-31Reject invalid quoted stringsZbigniew Jędrzejewski-Szmek
String which ended in an unfinished quote were accepted, potentially with bad memory accesses. Reject anything which ends in a unfished quote, or contains non-whitespace characters right after the closing quote. _FOREACH_WORD now returns the invalid character in *state. But this return value is not checked anywhere yet. Also, make 'word' and 'state' variables const pointers, and rename 'w' to 'word' in various places. Things are easier to read if the same name is used consistently. mbiebl_> am I correct that something like this doesn't work mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-passwd "Unlock EncFS"' mbiebl_> systemd seems to strip of the quotes mbiebl_> systemctl status shows mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-password Unlock EncFS $RootDir $MountPoint mbiebl_> which is pretty weird
2014-07-26Always check asprintf return codeKarel Zak
There is a small number of the places in sources where we don't check asprintf() return code and assume that after error the function returns NULL pointer via the first argument. That's wrong, after error the content of pointer is undefined.
2014-06-30cryptsetup: allow x-systemd.device-timeoutZbigniew Jędrzejewski-Szmek
https://bugs.freedesktop.org/show_bug.cgi?id=54210
2014-06-23cryptsetup: don't add unit dependency on /dev/null devices when it is listed ↵Lennart Poettering
as password file As special magic, don't create device dependencies for /dev/null. Of course, there might be similar devices we might want to include, but given that none of them really make sense to specify as password source there's really no point in checking for anything else here. https://bugs.freedesktop.org/show_bug.cgi?id=75816
2014-06-19stop complaining about unknown kernel cmdline optionsLennart Poettering
Also stop warning about unknown kernel cmdline options in the various tools, not just in PID 1
2014-06-18cryptsetup: introduce new cryptsetup-pre.traget unit so that services can ↵Lennart Poettering
make sure they are started before and stopped after any LUKS setup https://bugzilla.redhat.com/show_bug.cgi?id=1097938
2014-06-13cryptsetup: check that password is not nullThomas Hindoe Paaboel Andersen
Beef up the assert to protect against passing null to strlen. Found with scan-build.
2014-04-24Fix keysize handling in cryptsetup (bits vs. bytes)David Härdeman
The command line key-size is in bits but the libcryptsetup API expects bytes. Note that the modulo 8 check is in the original cryptsetup binary as well, so it's no new limitation. (v2: changed the point at which the /= 8 is performed, rebased, removed tabs)
2014-04-24Add more password agent informationDavid Härdeman
Add an (optional) "Id" key in the password agent .ask files. The Id is supposed to be a simple string in "<subsystem>:<target>" form which is used to provide more information on what the requested passphrase is to be used for (which e.g. allows an agent to only react to cryptsetup requests). (v2: rebased, fixed indentation, escape name, use strappenda)
2014-04-19cryptsetup: copy value, not key for (rd.)luks.keyMatthew Monaco
2014-03-24cryptsetup: minor typo fixLennart Poettering
2014-03-13cryptsetup: call static variables parsed from command line arg_XYZ like in ↵Lennart Poettering
all other tools
2014-03-06generators: add Documentation= fields that point to the generator man pagesLennart Poettering
2014-03-06util: move more intellegince into parse_proc_cmdline()Lennart Poettering
Already split variable assignments before invoking the callback. And drop "rd." settings if we are not in an initrd.
2014-03-06cryptsetup: some fixesLennart Poettering
2014-02-17Extract looping over /proc/cmdline into a shared functionZbigniew Jędrzejewski-Szmek
In cryptsetup-generator automatic cleanup had to be replaced with manual cleanup, and the code gets a bit longer. But existing code had the issue that it returned negative values from main(), which was wrong, so should be reworked anyway.
2014-02-08cryptsetup-generator: auto add deps for device as passwordDave Reisner
If the password is a device file, we can add Requires/After dependencies on the device rather than requiring the user to do so.