aboutsummaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Expand)AuthorFilesLines
2026-01-22Fix gcc-16 warnings (with fanalyzer)Milan Broz3-3/+3
2026-01-21integritysetup: fix grow of bitmap protected devices.Ondrej Kozina1-1/+7
2026-01-02Fix wrong device size status reports in cryptsetup and integritysetupMilan Broz3-10/+6
2025-11-21bitlocker: Open bitlocker devices with clearkeyKfir Kahanov1-7/+16
2025-11-21Fix key-size descriptionsMilan Broz2-3/+4
2025-11-20verity: Support status info about FEC repaired eventsMilan Broz1-0/+3
2025-11-03Fix typo in volume-key-file help.Milan Broz1-1/+1
2025-07-29meson: install binariesFunda Wang1-0/+6
2025-06-09Fix message translation (missing macro).Milan Broz1-1/+1
2025-06-02Allow --reduce-device-size and --device-size in encrypt action.Ondrej Kozina2-4/+3
2025-06-02Do not allow null cipher for LUKS2 keyslot even in conversion.Milan Broz1-1/+6
2025-05-27Fix integer and double types in keyslot checker.Milan Broz1-3/+3
2025-05-22Add keyslot check code.Milan Broz5-0/+207
2025-05-22Define opaques crypt_device struct in local header.Milan Broz1-0/+2
2025-05-22Fix cryptsetup repair to use header device and UUID spec.Milan Broz1-4/+6
2025-05-22LUKS2: support Inline tags format and activation for integrity protectionMilan Broz3-1/+18
2025-05-22integrity: support Inline tags format and activationMilan Broz4-29/+59
2025-05-22Avoid false positive for static scan (integer overflow).Milan Broz1-2/+4
2025-05-20cryptsetup: Adjust XTS keys size also if cipher is specified with capi: prefix.Milan Broz4-5/+5
2025-05-20Add error message for missing volume key.Ondrej Kozina2-0/+4
2025-05-20Extend options for initializing reencrypiton from cli.Ondrej Kozina4-187/+839
2025-05-20Allow reencryption resume by new methods.Ondrej Kozina4-10/+117
2025-05-20Allow device in reencryption to be activated by volume keys in files.Ondrej Kozina1-10/+48
2025-05-20Use crypt_get_old_volume_key_size in action reencrypt.Ondrej Kozina1-39/+7
2025-05-12Add support for --decrypt init by keyslot contexts.Ondrej Kozina1-44/+123
2025-05-12Refactor activation by volume key(s) in helper routine.Ondrej Kozina3-47/+111
2025-05-12Make changes in token unlock for further changes in reencrypt action.Ondrej Kozina3-12/+24
2025-05-12Move try_token_unlock to luks utils.Ondrej Kozina3-80/+92
2025-05-12Switch reencrypt --encrypt initialization to keyslot context.Ondrej Kozina4-68/+67
2025-05-12Move init_keyslot_context in luks utils.Ondrej Kozina3-41/+50
2025-05-12Fix mistake in reencryption change detection logic.Ondrej Kozina1-4/+2
2025-05-12Refactor get_adjusted_key_size.Ondrej Kozina4-7/+9
2025-05-12Fix memory leak on error path in luksAddKey.Ondrej Kozina1-2/+4
2025-05-12Verify volume key passed by kernel keyring.Ondrej Kozina1-4/+9
2025-05-12Print error message in cryptetup cli.Ondrej Kozina1-0/+2
2025-04-29Fix unused PIM query actions list.Milan Broz1-1/+1
2025-04-22Opal: limit PSID keyfile read if not set otherwiseMilan Broz1-2/+10
2025-03-24Fix dirfd() handling.Milan Broz1-2/+5
2025-02-16veritysetup: Support --error-as-corruption option.Milan Broz4-1/+15
2025-01-27Use #if for password quality libs defines.Milan Broz2-6/+6
2025-01-27Use #if for rest of defines.Milan Broz1-1/+1
2025-01-27Use #if for HAVE_BLKID_* defines.Milan Broz1-1/+1
2025-01-27Use #if for HAVE*_H defines.Milan Broz1-1/+1
2025-01-27Use #if for other ENABLE* options.Milan Broz3-3/+3
2025-01-27Use #if for ENABLE_AF_ALG.Milan Broz2-2/+2
2025-01-27Use #if for USE_UDEV.Milan Broz1-1/+1
2025-01-27Use #if for KERNEL_KEYRING.Milan Broz1-1/+1
2025-01-27Fix integer cast for sector_size.Milan Broz1-1/+1
2025-01-26Print message about reaching maximal interactive passphrase to error output.Milan Broz1-1/+1
2025-01-16Avoid if (not NULL) free().Milan Broz1-2/+1
2025-01-15Update copyright year.Milan Broz22-48/+48
2024-12-12Mark all sizes in status and dump output in the correct units.Milan Broz3-23/+27
2024-12-03Use real integrity key size in format operation.Milan Broz1-1/+1
2024-12-03Add --integrity-key-size option to cryptsetup.Milan Broz2-3/+25
2024-11-25Support plain resize with keyring key.Milan Broz1-16/+18
2024-11-25Support trusted & encrypted keyring for plain device.Milan Broz1-5/+25
2024-11-25Move keyring utilities to separate file.Milan Broz5-155/+175
2024-11-23Print warning if some options were ignored for OPAL hw-only encryption.Milan Broz1-0/+10
2024-10-30Add crypt_reencrypt_init_by_keyslot_context.Ondrej Kozina1-1/+1
2024-10-09Unify integer format parameter in prompt.Ondrej Kozina1-1/+1
2024-09-29Adapt cryptsetup to self-contained keyslot contexts.Ondrej Kozina1-45/+41
2024-08-26Fix return code for ssize_t.Milan Broz1-1/+1
2024-07-24Add --shared option in veritysetup open action.Ondrej Kozina3-0/+5
2024-07-16Check for bad device-mapper name earlyMilan Broz5-0/+38
2024-07-10Fix leaked fd gcc analyzer warning.Milan Broz2-3/+8
2024-07-10Fix warning about unitialized passwordLen.Milan Broz1-1/+1
2024-07-10Use buffer functions and fix potential fd leak.Milan Broz1-13/+11
2024-06-18Add support for high-priority dm-crypt flag.Milan Broz4-3/+11
2024-06-03Allow "capi:" cipher format for benchmark command.Milan Broz1-4/+13
2024-06-03Use SPDX license identifiers.Milan Broz21-294/+21
2024-05-10Add --key-description and --new-key-description for luksAddKey command.Milan Broz2-50/+47
2024-05-10Add --key-description for luksResume command.Milan Broz2-7/+7
2024-05-10Add --key-description for open command.Milan Broz5-17/+22
2024-05-10Add --key-description for resize command.Milan Broz2-7/+8
2024-05-10Add --key-description for luksFormat command.Milan Broz2-7/+12
2024-05-10Add --key-description for luksDump command.Milan Broz2-6/+30
2024-05-10Fix --key-description actions and define --new-key-description.Milan Broz4-1/+10
2024-05-07Use crypt_wipe to zero rest of data device.Ondrej Kozina1-40/+15
2024-05-07Use proper write_buffer in LUKS1 reencryption code.Ondrej Kozina1-17/+9
2024-05-07Use proper read_buffer function from utils.Ondrej Kozina1-31/+2
2024-05-03Fix various coverity issues.Ondrej Kozina2-20/+45
2024-04-03Do not check passphrase quality in-before erase.Ondrej Kozina1-2/+1
2024-03-05Fix regression in LUKS1 decryption.Ondrej Kozina1-1/+2
2024-02-29Allow --link-vk-to-keyring with --test-passphrase option.Ondrej Kozina1-0/+3
2024-02-28Fix abort triggered by initializing decryption via --active-name.Ondrej Kozina1-10/+19
2024-01-23Fix local variable name that hides global one.Milan Broz1-4/+4
2024-01-23Update copyright notice to include 2024 year.Milan Broz21-45/+45
2024-01-19Allow activating multi key devices using VKs in keyring.Daniel Zatovic1-11/+44
2024-01-19Allow linking multiple VKs (also in reencryption).Daniel Zatovic1-7/+95
2023-12-20Add keyring linking API placeholders for multi-key scenarios.Daniel Zatovic1-4/+4
2023-12-19opal: Do not verify passphrase by default on luksErase.Milan Broz1-1/+1
2023-11-29Tweak some error messages.Milan Broz1-2/+2
2023-11-27Always print error message for invalid keyring definition.Milan Broz1-15/+15
2023-11-16Add --external-tokens-path parameter in cryptsetup.Ondrej Kozina4-0/+68
2023-11-07Fix memory leaks detected in compat-test-opal.Ondrej Kozina1-5/+6
2023-11-06Abort LUKS2 reencryption early if OPAL device used.Ondrej Kozina1-0/+5
2023-11-02Do not allow decryption on devices with unsupported parameters.Ondrej Kozina1-0/+2
2023-11-02Do not allow --integrity option in reencryption action.Ondrej Kozina1-2/+2
2023-11-02Move LUKS2 legacy reencryption flag check.Ondrej Kozina1-5/+9
2023-11-02Restrict --hw-opal options only to luksFormat action.Ondrej Kozina2-2/+4
2023-11-02Fail early if OPAL is selected with LUKS1.Ondrej Kozina1-0/+5
2023-11-02Do not fail format actions by interrupting device wipe.Ondrej Kozina2-2/+10
2023-10-31Add --key-file support in luksErase action with LUKS2 opal.Ondrej Kozina1-3/+4
2023-10-31Correctly erase opal lr when luksFormat action fails.Ondrej Kozina1-7/+22
2023-10-16Respect keyslot id while activating device by token.Ondrej Kozina1-45/+55
2023-10-09Check passphrase for user selected keyslot only.Ondrej Kozina1-1/+1
2023-10-05plain: Print warning if using default cipher ahd hash options.Milan Broz1-0/+18
2023-10-04Fix empty device name in reencryption prompt message.Ondrej Kozina1-1/+1
2023-10-04Fix return value in vk description parser.Ondrej Kozina1-7/+4
2023-10-04Fix a bug in vk description parsing helper.Ondrej Kozina1-1/+1
2023-10-04Fix user vk description leak in open action.Ondrej Kozina1-1/+3
2023-09-25Split logic for uploading keys in kernel key service.Ondrej Kozina4-35/+107
2023-09-12Try to sort options alphabetically.Milan Broz5-54/+54
2023-09-12Remove dot from some option descriptions.Milan Broz2-18/+18
2023-09-12Add --disable-blkid CLI option.Milan Broz8-22/+39
2023-09-12Print blkid scan failure.Milan Broz4-7/+32
2023-08-28Fix unused parameter warning in password utils.Milan Broz1-0/+1
2023-08-16Allow activation, resume and luksAddKey using VK stored in keyring.Daniel Zatovic3-0/+24
2023-08-16Support specifying keyring and key using keyctl syntax.Daniel Zatovic2-5/+9
2023-08-16Support specifying volume key keyring type.Daniel Zatovic3-0/+23
2023-08-16Allow linking VK to a user-specified keyring.Daniel Zatovic4-0/+15
2023-08-02Make luksErase work with detached header.Ondrej Kozina1-2/+2
2023-07-17Print better metadata dump and status info for OPAL segment.Milan Broz1-4/+22
2023-07-17cryptsetup: support for hw-opal in luksEraseLuca Boccassi4-3/+49
2023-07-17cryptsetup: add --hw-opal and --hw-opal-onlyLuca Boccassi4-2/+37
2023-07-17libcryptsetup: add OPAL type and paramsLuca Boccassi1-4/+9
2023-06-28Fix option name in error outputLudwig Nussel1-1/+1
2023-06-26Fix reencryption to fail properly for unknown cipher.Milan Broz1-0/+6
2023-03-03Add support for meson build system.Daniel Zatovic1-0/+77
2023-02-21Fix integrity info display for non-LUKS2 crypt devices.Milan Broz1-0/+2
2023-02-10fix potential null pointer dereference.wangzhiqiang3-0/+9
2023-02-09Update Copyright year.Milan Broz21-45/+45
2022-12-23Replace off64_t with off_tKhem Raj1-6/+6
2022-12-14Abort encryption when header and data devices are same.Ondrej Kozina1-5/+37
2022-12-08Run PBKDF benchmark with 8 bytes long well-known passphrase.Ondrej Kozina1-2/+2
2022-11-28Do not log score from pwquality.Milan Broz1-3/+1
2022-11-20Fix some strings for translations.Milan Broz1-5/+5
2022-11-18Fix possible undefined use od preprocessor.Milan Broz1-12/+17
2022-11-18Print warning early if LUKS container is too small for activation.Milan Broz1-0/+9
2022-11-14fvault2: some minor code reformatting changes.Milan Broz1-4/+1
2022-11-14fvault2: fix --test-passphrase optionMilan Broz1-2/+3
2022-11-14Add missing support for fvault2 commandsVojtech Trefny1-3/+9
2022-11-14Show error when trying to run fvault2Dump on a non-fvault deviceVojtech Trefny1-1/+3
2022-11-14Fvault2: implement openPavel Tobias1-0/+65
2022-11-14Fvault2: implement dumpPavel Tobias2-0/+79
2022-11-14Annotate some functions to prevent Coverity tainted input error.Milan Broz1-0/+1
2022-09-29Extend luksAddKey action options via crypt_keyslot_add_by_keyslot_context API.Ondrej Kozina4-28/+166
2022-09-16Add cryptsetup token unassign action.Ondrej Kozina1-1/+31
2022-09-16Enable adding unassigned luks2-keyring token in cryptsetup.Ondrej Kozina3-2/+12
2022-08-25Add support for dm-verity try_verify_in_tasklet option.Milan Broz4-3/+11
2022-08-16Remove call to explicit memlockall from cryptsetup.Milan Broz1-33/+26
2022-08-10Delegate FIPS mode detection to configured crypto backend.Ondrej Kozina1-1/+0
2022-07-28Add prompt for LUKS2 decryption with header export.Ondrej Kozina1-1/+13
2022-07-28Add early warning for reencryption of image files.Ondrej Kozina1-3/+38
2022-07-28Improve reencryption parameters verification in cli.Ondrej Kozina1-36/+44
2022-07-27Use bool instead od int in LUKS1 reencryption context.Milan Broz1-8/+9
2022-07-27Do not use huge LUKS1 reencryption context on heap.Milan Broz1-19/+26
2022-07-27Avoid using huge dummy context in LUKS1 reencryption check.Milan Broz1-9/+3
2022-07-20Add support for `--key-slot` in luksResume action.Guilhem Moulin2-2/+2
2022-07-15More typo and spelling fixes.Guilhem Moulin1-1/+1
2022-07-13Add error message for failed in-use auto-detect.Ondrej Kozina1-0/+4
2022-06-21Fix decryption with datashift initialization.Ondrej Kozina1-3/+21
2022-06-20Fix minor typo.Yuri Chornoivan1-1/+1
2022-06-17Enable LUKS2 decryption datashift support in cli.Ondrej Kozina1-23/+216
2022-06-17Check user provided correct passphrase before initializing decryption.Ondrej Kozina1-3/+23
2022-06-17Wrap some long lines.Ondrej Kozina1-9/+21
2022-06-17Move load_luks2_by_name helper.Ondrej Kozina1-29/+29
2022-06-17Sync signature wipes in tools_wipe_all_signutares.Ondrej Kozina1-1/+1
2022-06-17Add options parameters to tools_wipe_all_signatures routine.Ondrej Kozina4-7/+11
2022-06-09Properly update hash parameter for checksum resilience.Ondrej Kozina1-8/+25
2022-06-09Separate reencryption params verification for update.Ondrej Kozina1-25/+37
2022-06-05Annotate LGTM TOCTOU condition.Milan Broz2-2/+2
2022-06-05Use %s for JSON progress print.Milan Broz1-1/+1
2022-05-26Move LUKS2 reencrypt keyslot update procedure.Ondrej Kozina1-12/+19
2022-05-26Fix error message for LUKS2 only cryptsetup commands.Milan Broz1-4/+4
2022-05-26Make crypt_load quiet if metadata is not detected.Milan Broz3-2/+14
2022-05-26Allow use of --header option for cryptsetup close.Milan Broz1-1/+1
2022-05-24integritysetup: clarify format question message and man page if data device i...Milan Broz1-1/+6
2022-05-24Fix two more lowercase ARG macro undefs.Milan Broz2-2/+2
2022-05-23The `ARG` macro should be uppercased when undefining itDaniel Parks1-1/+1
2022-05-09Verity: dump device sizes.Milan Broz1-0/+3
2022-04-28Introduce crypt_log_hex helper and use it for log_std output.Milan Broz2-35/+8
2022-04-26Silent reencryption by volume key passed in file.Ondrej Kozina1-1/+1
2022-04-25Silent crypt_volume_key_verify call.Ondrej Kozina1-0/+2
2022-04-25Do not allow sector size increase reencryption in offline mode.Ondrej Kozina1-0/+8
2022-04-25Check sb block size only if actual sector size gets increased.Ondrej Kozina1-4/+5
2022-04-20Add compile-in flag to program version output.Milan Broz5-7/+36
2022-04-19Do not allow dangerous sector size change during reencryption.Ondrej Kozina1-5/+61
2022-04-19Add tools helper reporting blkid support.Ondrej Kozina2-0/+6
2022-04-19Refactor reencrypt_get_active_name helper.Ondrej Kozina1-9/+8
2022-04-19Add superblock BLOCK_SIZE detection in tools.Ondrej Kozina2-0/+52
2022-04-17Skip question if batch mode is set for volume key bitlk dump.Milan Broz1-1/+1
2022-04-11Detect broken LUKS metadata in-before encryption.Ondrej Kozina3-12/+53
2022-04-11Prepare tools_detect_signatures for new filter type.Ondrej Kozina4-7/+13
2022-04-07Ask user for confirmation before resuming reencryption.Ondrej Kozina1-0/+13
2022-04-07Do not resume reencryption with conflicting parameters.Ondrej Kozina1-1/+31
2022-04-07Asks offline reencryption confirmation only with image files.Ondrej Kozina1-3/+5
2022-04-06Add --force-offline-reencrypt option.Ondrej Kozina5-1/+11
2022-04-06Active device auto-detection code cleanup.Ondrej Kozina1-17/+8
2022-04-06Reduce code duplication in active device auto-detection.Ondrej Kozina3-68/+56
generated by cgit 1.2.3-korg (git 2.43.0) at 2026-02-05 21:12:38 +0000