summaryrefslogtreecommitdiff
path: root/src/cryptsetup
AgeCommit message (Collapse)Author
2017-01-31cryptsetup: do not return uninitialized value on errorZbigniew Jędrzejewski-Szmek
CID #1368416.
2017-01-15cryptsetup: fix unitialized variableZbigniew Jędrzejewski-Szmek
CID #1368416. Coverity web interface is back, yay!
2016-12-21cryptsetup: various coding style improvementsLennart Poettering
No functional changes.
2016-12-21util-lib: various improvements to kernel command line parsingLennart Poettering
This improves kernel command line parsing in a number of ways: a) An kernel option "foo_bar=xyz" is now considered equivalent to "foo-bar-xyz", i.e. when comparing kernel command line option names "-" and "_" are now considered equivalent (this only applies to the option names though, not the option values!). Most of our kernel options used "-" as word separator in kernel command line options so far, but some used "_". With this change, which was a source of confusion for users (well, at least of one user: myself, I just couldn't remember that it's systemd.debug-shell, not systemd.debug_shell). Considering both as equivalent is inspired how modern kernel module loading normalizes all kernel module names to use underscores now too. b) All options previously using a dash for separating words in kernel command line options now use an underscore instead, in all documentation and in code. Since a) has been implemented this should not create any compatibility problems, but normalizes our documentation and our code. c) All kernel command line options which take booleans (or are boolean-like) have been reworked so that "foobar" (without argument) is now equivalent to "foobar=1" (but not "foobar=0"), thus normalizing the handling of our boolean arguments. Specifically this means systemd.debug-shell and systemd_debug_shell=1 are now entirely equivalent. d) All kernel command line options which take an argument, and where no argument is specified will now result in a log message. e.g. passing just "systemd.unit" will no result in a complain that it needs an argument. This is implemented in the proc_cmdline_missing_value() function. e) There's now a call proc_cmdline_get_bool() similar to proc_cmdline_get_key() that parses booleans (following the logic explained in c). f) The proc_cmdline_parse() call's boolean argument has been replaced by a new flags argument that takes a common set of bits with proc_cmdline_get_key(). g) All kernel command line APIs now begin with the same "proc_cmdline_" prefix. h) There are now tests for much of this. Yay!
2016-12-20tree-wide: always invoke setmntent() with "re" modeLennart Poettering
Let's make sure O_CLOEXEC is set for the file descriptor.
2016-12-07minor code beautificationsLennart Poettering
2016-11-03Merge pull request #4510 from keszybz/tree-wide-cleanupsLennart Poettering
Tree wide cleanups
2016-10-30Implement VeraCrypt volume handling in crypttab (#4501)George Hilliard
This introduces a new option, `tcrypt-veracrypt`, that sets the corresponding VeraCrypt flag in the flags passed to cryptsetup.
2016-10-23tree-wide: drop NULL sentinel from strjoinZbigniew Jędrzejewski-Szmek
This makes strjoin and strjoina more similar and avoids the useless final argument. spatch -I . -I ./src -I ./src/basic -I ./src/basic -I ./src/shared -I ./src/shared -I ./src/network -I ./src/locale -I ./src/login -I ./src/journal -I ./src/journal -I ./src/timedate -I ./src/timesync -I ./src/nspawn -I ./src/resolve -I ./src/resolve -I ./src/systemd -I ./src/core -I ./src/core -I ./src/libudev -I ./src/udev -I ./src/udev/net -I ./src/udev -I ./src/libsystemd/sd-bus -I ./src/libsystemd/sd-event -I ./src/libsystemd/sd-login -I ./src/libsystemd/sd-netlink -I ./src/libsystemd/sd-network -I ./src/libsystemd/sd-hwdb -I ./src/libsystemd/sd-device -I ./src/libsystemd/sd-id128 -I ./src/libsystemd-network --sp-file coccinelle/strjoin.cocci --in-place $(git ls-files src/*.c) git grep -e '\bstrjoin\b.*NULL' -l|xargs sed -i -r 's/strjoin\((.*), NULL\)/strjoin(\1)/' This might have missed a few cases (spatch has a really hard time dealing with _cleanup_ macros), but that's no big issue, they can always be fixed later.
2016-10-22tree-wide: use startswith return value to avoid hardcoded offsetZbigniew Jędrzejewski-Szmek
I think it's an antipattern to have to count the number of bytes in the prefix by hand. We should do this automatically to avoid wasting programmer time, and possible errors. I didn't any offsets that were wrong, so this change is mostly to make future development easier.
2016-10-22tree-wide: make parse_proc_cmdline() strip "rd." prefix automaticallyZbigniew Jędrzejewski-Szmek
This stripping is contolled by a new boolean parameter. When the parameter is true, it means that the caller does not care about the distinction between initrd and real root, and wants to act on both rd-dot-prefixed and unprefixed parameters in the initramfs, and only on the unprefixed parameters in real root. If the parameter is false, behaviour is the same as before. Changes by caller: log.c (systemd.log_*): changed to accept rd-dot-prefix params pid1: no change, custom logic cryptsetup-generator: no change, still accepts rd-dot-prefix params debug-generator: no change, does not accept rd-dot-prefix params fsck: changed to accept rd-dot-prefix params fstab-generator: no change, custom logic gpt-auto-generator: no change, custom logic hibernate-resume-generator: no change, does not accept rd-dot-prefix params journald: changed to accept rd-dot-prefix params modules-load: no change, still accepts rd-dot-prefix params quote-check: no change, does not accept rd-dot-prefix params udevd: no change, still accepts rd-dot-prefix params I added support for "rd." params in the three cases where I think it's useful: logging, fsck options, journald forwarding options.
2016-10-22tree-wide: allow state to be passed through to parse_proc_cmdline_itemZbigniew Jędrzejewski-Szmek
No functional change.
2016-10-16tree-wide: use mfree moreZbigniew Jędrzejewski-Szmek
2016-04-01cryptsetup: do not 'fail' if trying to detach a nonexistent deviceMantas Mikulėnas
It could be that our .service is being stopped precisely because the device already disappeared (e.g. due to a manual `cryptsetup close`, or due to UDisks2 cleaning up).
2016-02-10tree-wide: remove Emacs lines from all filesDaniel Mack
This should be handled fine now by .dir-locals.el, so need to carry that stuff in every file.
2015-11-27tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easyLennart Poettering
GLIB has recently started to officially support the gcc cleanup attribute in its public API, hence let's do the same for our APIs. With this patch we'll define an xyz_unrefp() call for each public xyz_unref() call, to make it easy to use inside a __attribute__((cleanup())) expression. Then, all code is ported over to make use of this. The new calls are also documented in the man pages, with examples how to use them (well, I only added docs where the _unref() call itself already had docs, and the examples, only cover sd_bus_unrefp() and sd_event_unrefp()). This also renames sd_lldp_free() to sd_lldp_unref(), since that's how we tend to call our destructors these days. Note that this defines no public macro that wraps gcc's attribute and makes it easier to use. While I think it's our duty in the library to make our stuff easy to use, I figure it's not our duty to make gcc's own features easy to use on its own. Most likely, client code which wants to make use of this should define its own: #define _cleanup_(function) __attribute__((cleanup(function))) Or similar, to make the gcc feature easier to use. Making this logic public has the benefit that we can remove three header files whose only purpose was to define these functions internally. See #2008.
2015-10-27util-lib: split out allocation calls into alloc-util.[ch]Lennart Poettering
2015-10-27util-lib: move /proc/cmdline parsing code to proc-cmdline.[ch]Lennart Poettering
2015-10-27util-lib: move mount related utility calls to mount-util.[ch]Lennart Poettering
2015-10-27util-lib: move more file I/O related calls into fileio.[ch]Lennart Poettering
2015-10-27util-lib: split string parsing related calls from util.[ch] into parse-util.[ch]Lennart Poettering
2015-10-25util-lib: split out fd-related operations into fd-util.[ch]Lennart Poettering
There are more than enough to deserve their own .c file, hence move them over.
2015-10-24util-lib: split our string related calls from util.[ch] into its own file ↵Lennart Poettering
string-util.[ch] There are more than enough calls doing string manipulations to deserve its own files, hence do something about it. This patch also sorts the #include blocks of all files that needed to be updated, according to the sorting suggestions from CODING_STYLE. Since pretty much every file needs our string manipulation functions this effectively means that most files have sorted #include blocks now. Also touches a few unrelated include files.
2015-10-24util: split out escaping code into escape.[ch]Lennart Poettering
This really deserves its own file, given how much code this is now.
2015-10-19strv: Add _cleanup_strv_free_erase_ and _cleanup_string_free_erase_Zbigniew Jędrzejewski-Szmek
2015-10-19tree-wide: whenever we deal with passwords, erase them from memory after useLennart Poettering
A bit snake-oilish, but can't hurt.
2015-10-07ask-password: add support for caching passwords in the kernel keyringLennart Poettering
This adds support for caching harddisk passwords in the kernel keyring if it is available, thus supporting caching without Plymouth being around. This is also useful for hooking up "gdm-auto-login" with the collected boot-time harddisk password, in order to support gnome keyring passphrase unlocking via the HDD password, if it is the same. Any passwords added to the kernel keyring this way have a timeout of 2.5min at which time they are purged from the kernel.
2015-09-10cryptsetup-generator: Properly check return codeJan Janssen
2015-09-09tree-wide: drop {} from one-line if blocksLennart Poettering
Patch via coccinelle.
2015-07-31tree-wide: introduce mfree()David Herrmann
Pretty trivial helper which wraps free() but returns NULL, so we can simplify this: free(foobar); foobar = NULL; to this: foobar = mfree(foobar);
2015-06-09cryptsetup: craft a unique ID with the source deviceHarald Hoyer
If cryptsetup is called with a source device as argv[3], then craft the ID for the password agent with a unique device path. If possible "/dev/block/<maj>:<min>" is used, otherwise the original argv[3] is used. This enables password agents like petera [1] to provide a password according to the source device. The original ID did not carry enough information and was more targeted for a human readable string, which is specified in the "Message" field anyway. With this patch the ID of the ask.XXX ini file looks like this: ID=cryptsetup:/dev/block/<maj>:<min> [1] https://github.com/npmccallum/petera
2015-05-16Use fflush_and_check() in more placesZbigniew Jędrzejewski-Szmek
2015-05-05core: rework unit name validation and manipulation logicLennart Poettering
A variety of changes: - Make sure all our calls distuingish OOM from other errors if OOM is not the only error possible. - Be much stricter when parsing escaped paths, do not accept trailing or leading escaped slashes. - Change unit validation to take a bit mask for allowing plain names, instance names or template names or an combination thereof. - Refuse manipulating invalid unit name
2015-04-17cryptsetup: Implement offset and skip optionsMartin Pitt
These are useful for plain devices as they don't have any metadata by themselves. Instead of using an unreliable hardcoded device name in crypttab you can then put static metadata at the start of the partition for a stable UUID or label. https://bugs.freedesktop.org/show_bug.cgi?id=87717 https://bugs.debian.org/751707 https://launchpad.net/bugs/953875
2015-04-02cryptsetup: port from libudev to sd-deviceTom Gundersen
2015-03-14cryptsetup-generator: remove warning about crypttab access modeZbigniew Jędrzejewski-Szmek
This file contains no privileged data — just names of devices to decrypt and files containing keys. On a running system most of this can be inferred from the device tree anyway.
2015-02-23remove unused includesThomas Hindoe Paaboel Andersen
This patch removes includes that are not used. The removals were found with include-what-you-use which checks if any of the symbols from a header is in use.
2015-02-03util: rework strappenda(), and rename it strjoina()Lennart Poettering
After all it is now much more like strjoin() than strappend(). At the same time, add support for NULL sentinels, even if they are normally not necessary.
2015-02-02cryptsetup: only warn on real key filesMartin Pitt
Simplify the check from commit 05f73ad to only apply the warning to regular files instead of enumerating device nodes.
2015-02-02cryptsetup: Do not warn If the key is /dev/*randomCristian Rodríguez
Using /dev/urandom as a key is valid for swap, do not warn if this devices are world readable.
2015-01-11Support negated fstab optionsZbigniew Jędrzejewski-Szmek
We would ignore options like "fail" and "auto", and for any option which takes a value the first assignment would win. Repeated and options equivalent to the default are rarely used, but they have been documented forever, and people might use them. Especially on the kernel command line it is easier to append a repeated or negated option at the end.
2015-01-11cryptsetup-generator: remove duplicated functionZbigniew Jędrzejewski-Szmek
2015-01-08cryptsetup: support header= optionAndrey Chaser
https://bugs.freedesktop.org/show_bug.cgi?id=66396
2014-12-05cryptsetup-generator: Add support for naming luks devices on kernel cmdlineJan Janssen
2014-12-05cryptsetup-generator: Add support for UUID-specific key files on kernel ↵Jan Janssen
command line
2014-12-05cryptsetup-generator: Split main() into more functions and use hasmapsJan Janssen
2014-11-28treewide: another round of simplificationsMichal Schmidt
Using the same scripts as in f647962d64e "treewide: yet more log_*_errno + return simplifications".
2014-11-28treewide: use log_*_errno whenever %m is in the format stringMichal Schmidt
If the format string contains %m, clearly errno must have a meaningful value, so we might as well use log_*_errno to have ERRNO= logged. Using: find . -name '*.[ch]' | xargs sed -r -i -e \ 's/log_(debug|info|notice|warning|error|emergency)\((".*%m.*")/log_\1_errno(errno, \2/' Plus some whitespace, linewrap, and indent adjustments.
2014-11-28treewide: more log_*_errno + return simplificationsMichal Schmidt
2014-11-28treewide: no need to negate errno for log_*_errno()Michal Schmidt
It corrrectly handles both positive and negative errno values.