aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-11-10mkfs.ubifs: fscrypt: bail from encrypt_block if gen_essiv_salt failsDavid Oberhollenzer
What originally cought my attention was that gen_essiv_salt has a size_t return type and error paths that return -1 on failure. Further investigation revealed that the error value is never checked for. The encrypt_block function doesn't use the return value in any way and simply continues onward. Furthermore, the gen_essiv_salt function has an error case that emits an error message but returns success state. This patch modifes gen_essiv_salt to return an error status in all error branches, changes the return type to ssize_t and adds a check to encrypt_block if gen_essiv_salt fails. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-10-28flashcp: Add option -A/--erase-allAndrij Abyzov
Sometimes there's a need to erase the whole device when programming an image, and not just the area under the image itself. Therefore, option -A/--erase-all has been added which erases the whole device before writing the image. Signed-off-by: Andrij Abyzov <drolevar@gmail.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-10-07ubihealthd: Add option -h/--helpAlexander Dahl
Using '?' as option did not work, and would be strange to pass anyway, because it's a glob char for the shell and you would have to escape it like ./ubihealthd -\? … use the more common -h/--help instead. Note: this does not touch the output, just changes the options itself. Signed-off-by: Alexander Dahl <post@lespocky.de> Acked-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-10-07ubihealthd: Add missing sentinel in options arrayAlexander Dahl
`getopt_long()` requires a null terminated array, otherwise we get segfaults when passing invalid options. Fixes: 7f0e2dc21fb2 ("ubi-utils: Implement a ubihealthd") Signed-off-by: Alexander Dahl <post@lespocky.de> Acked-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-09-10ubiupdatevol: Prevent null pointer dereferenceBastian Germann
libubi_close(libubi) is called in the error handler if libubi is null. Prevent that by handling the error case similar to the other ubi executables. Signed-off-by: Bastian Germann <bastiangermann@fishpost.de> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-08-25Add ubihealthd to gitignore fileDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-08-25ubi-utils: Implement a ubihealthdRichard Weinberger
ubihealthd is a simple daemon which scans every PEB of an UBI device in random order. It helps to deal with read disturb on systems which either reboot seldom, use fastmap or read few data. To use this daemon you need Linux >= v5.1. Signed-off-by: Richard Weinberger <richard@nod.at>
2019-08-19mkfs.ubifs: Add authentication supportSascha Hauer
This adds support for authenticated UBIFS images. In authenticated images all UBIFS nodes are hashed as described in the UBIFS authentication whitepaper. Additionally the superblock node contains a hash of the master node and itself is cryptographically signed in a node following the superblock node. The signature is in PKCS #7 CMS format. To generate an authenticated image these options are necessary: --hash-algo=NAME hash algorithm to use for signed images (Valid options include sha1, sha256, sha512) --auth-key=FILE filename or PKCS #11 uri containing the authentication key for signing --auth-cert=FILE Authentication certificate filename for signing. Unused when certificate is provided via PKCS #11 Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-08-19ubifs-media: Update to Linux-5.3-rc3Sascha Hauer
This updates ubifs-media.h to Linux-5.3-rc3 which brings us the bits and pieces necessary for UBIFS authentication and offline signing. Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-07-21Release mtd-utils-2.1.1v2.1.1David Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-07-18mkfs.ubifs: fix description of favor_lzoUwe Kleine-König
"favor_lzo" uses "lzo" unless the space savings when using "zlib" are big. The current wording got this wrong. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-07-16mkfs.ubifs: fix compilation without ZSTDMartin Kaiser
Fix a trivial typo to make sure that zstd.h is included only if zstd is not disabled. Signed-off-by: Martin Kaiser <martin@kaiser.cx> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-07-09mkfs.ubifs: remove ZSTD_CLEVEL_DEFAULT for backwards compatibillityDavid Oberhollenzer
Support for ZSTD compression has been added recently through the ZSTD library, which is famously known for its incredibly well designed and stable API. This patch removes usage of ZSTD_CLEVEL_DEFAULT, which isn't exposed in older versions of the ZSTD library, and replaces it with with the constant parameter 0. According to the documentation this should then use a reasonable default (which is defined internally). Other possible approachs include defining ZSTD_CLEVEL_DEFAULT to 3 (the value it _currently_ has) if it isn't defined. This patch chooses the approach of passing 0 since this seems to be encouraged by the existing documentation. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-07-02ubinize: Exit with non-zero exit code on error.Patrick Doyle
...specifically -1 in all of the new cases. Signed-off-by: Patrick Doyle <pdoyle@irobot.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-06-16ubi-tests: fm_param: Replace 'fm_auto' with 'fm_autoconvert'Zhihao Cheng
The value of fm_param should be 'fm_autoconvert' rather than 'fm_auto' when fastmap is supported by kernel. Currently, following verbose will appear in dmesg when fm_param is set to 'fm_auto': ubi: unknown parameter 'fm_auto' ignored This patch replace 'fm_auto' with 'fm_autoconvert' for fm_param, so ubi kernel module can receive correct parameters. ---------------------------------------- Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-06-16ubi-tests: mkvol test: Checks return value 'ENOSPC' for 'ubi_mkvol'Zhihao Cheng
UBI tests try to create too many volumes in mkvol_bad and mkvol_basic. Currently mtd-utils allows return value 'ENFILE' from 'ubi_mkvol', that works fine in most situations. But what if the number of PEBs equals to the maximum count of volumes? For example, mkvol_basic test will fail in a 64MiB flash with 512KiB PEB size. Following is the output of mkvol_basic test: ====================================================================== ====================================================================== ====================================================================== Test on mtdram, fastmap enabled, VID header offset factor 1 ====================================================================== ====================================================================== ====================================================================== mtdram: 64MiB, PEB size 512KiB, fastmap enabled Running mkvol_basic /dev/ubi0 [mkvol_basic] mkvol_multiple():182: function ubi_mkvol() failed with error 28 (No space left on device) [mkvol_basic] mkvol_multiple():183: vol_id 122 Error: mkvol_basic failed FAILURE The reason is that there is no available PEB to support a new volume. We can see following verbose in dmesg: ubi0: attached mtd0 (name "mtdram test device", size 64 MiB) ubi0: user volume: 0, internal volumes: 1, max. volumes count: 128 ubi0: available PEBs: 122, total reserved PEBs: 6, PEBs reserved for bad PEB handling: 0 The maximum count of volumes is 128, so we can create 128 volumes theoretically. But there are 122 available PEBs becauese of existence of reserved PEBs. In addition, a volume occupies at least one PEB. Actually, we can only create 122 volumes, Therefore, 'ubi_mkvol' returns 'ENOSPC' when mkvol_basic tries to create 123rd volume. And we can see corresponding error message in dmesg: ubi0 error: ubi_create_volume [ubi]: not enough PEBs, only 0 available ubi0 error: ubi_create_volume [ubi]: cannot create volume 122, error -28 So, 'ENOSPC' can happen before 'ENFILE' in flash with a small amount of PEBs. This patch checks return value 'ENOSPC' for 'ubi_mkvol' when mkvol test is trying to create too many volumes. ---------------------------------------- Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-06-16ubi-tests: io_read: Filter invalid offset value before 'lseek' in io_read testZhihao Cheng
There are many different offset values passed in 'lseek' during io_read testing of ubi test. The offset value maybe a negative number or a big number that exceeds the volume data size, which can lead to ubi tests failure by passing invalid offset value to 'lseek'. For example: Example 1: The data size of volume is 39525 bytes, offset = (sz) - MAX_NAND_PAGE_SIZE - 1, where MAX_NAND_PAGE_SIZE is 65536. Here, offset is a negative value passed to 'lseek', which leads to fail in io_read. ====================================================================== ====================================================================== ====================================================================== Test on mtdram, fastmap enabled, VID header offset factor 1 ====================================================================== ====================================================================== ====================================================================== mtdram: 16MiB, PEB size 16KiB, fastmap enabled Running mkvol_basic /dev/ubi0 Running mkvol_bad /dev/ubi0 Running mkvol_paral /dev/ubi0 Running rsvol /dev/ubi0 Running io_basic /dev/ubi0 Running io_read /dev/ubi0 [io_basic] test_read3():189: function seek() failed with error 22 (Invalid argument) [io_basic] test_read3():190: len = 1 [io_basic] test_read2():237: offset = -26012 [io_basic] test_read1():303: length = 1 [io_basic] test_read():362: alignment = 7905 Error: io_read failed FAILURE Example 2: The data size of volume is 79035 bytes, offset = 2 * MAX_NAND_PAGE_SIZE, where MAX_NAND_PAGE_SIZE is 65536. Here, offset is a value exceeds volume size, which leads to fail in io_read. ====================================================================== ====================================================================== ====================================================================== Test on mtdram, fastmap enabled, VID header offset factor 1 ====================================================================== ====================================================================== ====================================================================== mtdram: 16MiB, PEB size 16KiB, fastmap enabled Running mkvol_basic /dev/ubi0 Running mkvol_bad /dev/ubi0 Running mkvol_paral /dev/ubi0 Running rsvol /dev/ubi0 Running io_basic /dev/ubi0 Running io_read /dev/ubi0 [io_basic] test_read3():185: function seek() failed with error 22 (Invalid argument) [io_basic] test_read3():186: len = 1 [io_basic] test_read2():233: offset = 131072 [io_basic] test_read1():299: length = 1 [io_basic] test_read():358: alignment = 3 Error: io_read failed FAILURE This patch checks offset value before executing 'lseek', invalid offset values are filtered. ---------------------------------------- Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-06-16ubi-tests: ubi_mkvol_request: Fully initialize 'struct ubi_mkvol_request req'Zhihao Cheng
'struct ubi_mkvol_request req' is one parameter of the function 'ubi_mkvol' , this parameter will be passed to kernel and then be checked. It acts as a local variable in many ubi tests, such as io_basic, io_read, mkvol_bad, mkvol_basic, etc. After commit c355aa465fce ("ubi: expose the volume CRC check skip flag") in linux-stable, 'struct ubi_mkvol_request' supports a new configuration named 'flags', and req.flags will be checked in kernel function 'verify_mkvol_req'. Currently, there is no initialization for req.flags before 'ubi_mkvol' invoked. So, req.flags can be an arbitrary number passed to kernel. When we run ubi tests in qemu (x86_64, kernel image: 5.2.0-rc4), the following errors may occur: ====================================================================== ====================================================================== ====================================================================== Test on mtdram, fastmap enabled, VID header offset factor 1 ====================================================================== ====================================================================== ====================================================================== mtdram: 16MiB, PEB size 16KiB, fastmap enabled Running mkvol_basic /dev/ubi0 Running mkvol_bad /dev/ubi0 [mkvol_bad] test_mkvol():105: ubi_mkvol failed with error 22 (Invalid argument), expected 28 (No space left on device) [mkvol_bad] test_mkvol():105: bytes = 16060929 Error: mkvol_bad failed FAILURE This patch fully initializes every 'struct ubi_mkvol_request req' passed to 'ubi_mkvol', which can fix the bug that the ubi test failed caused by that req.flags was not initialized. And it is still compatible with old kernel before kernel commit c355aa465fce ("ubi: expose the volume CRC check skip flag"). ---------------------------------------- Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-06-01mkfs.ubifs: Add ZSTD compressionSebastian Andrzej Siewior
I added ZSTD support to mkfs.ubifs and compared the ZSTD results with zlib/lzo and the available ZSTD compression levels. The results are in the following table: Comp image MiB time image2 MiB time none 271 0m 0,723s 223 0m 0,589s lzo 164 0m13,705s 116 0m11,636s zlib 150 0m 7,654s 103 0m 6,347s favor-lzo 158 0m21,137s 110 0m17,764s zstd-01 154 0m 1,607s 106 0m 1,429s zstd-02 153 0m 1,704s 105 0m 1,479s zstd-03* 152 0m 1,888s 104 0m 1,668s zstd-04 151 0m 2,741s 103 0m 2,391s zstd-05 150 0m 3,257s 102 0m 2,916s zstd-06 150 0m 3,735s 102 0m 3,356s zstd-07 150 0m 4,066s 102 0m 3,705s zstd-08 152 0m 1,857s 104 0m 1,644s zstd-09 152 0m 1,855s 104 0m 1,639s zstd-10 150 0m 6,654s 102 0m 6,195s zstd-11 150 0m10,027s 102 0m 9,130s zstd-12 149 0m14,724s 101 0m13,415s zstd-13 148 0m18,232s 100 0m16,719s zstd-14 148 0m20,859s 100 0m19,554s zstd-15 148 0m25,033s 100 0m23,186s zstd-16 148 0m38,837s 100 0m36,543s zstd-17 148 0m46,051s 100 0m43,120s zstd-18 148 0m49,157s 100 0m45,807s zstd-19 148 0m49,421s 100 0m45,951s zstd-20 148 0m51,271s 100 0m48,030s zstd-21 148 0m51,015s 100 0m48,676s zstd-22 148 0m52,575s 100 0m50,013s The UBIFS image was created via mkfs.ubifs -x $Comp -m 512 -e 128KiB -c 2200 -r $image $out I used "debootstrap sid" to create a basic RFS and the results are in the `image' column. The image2 column denotes the results for the same image but with .deb files removed. The time column contains the output of the run time of the command. ZSTD's compression level three is currently default. Based on the compression results (for the default level) it outperforms LZO in run time and compression and is almost as good as ZLIB in terms of compression but quicker. The higher compression levels make almost no difference in compression but take a lot of time. The compression level used is the default offered by ZSTD. It does not make sense the higher levels. Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-05-13ubiformat: Dont ignore sequence number CLI optionAmol Vengurlekar
Image sequence number for the UBI header can be specified for the ubiformat tool according to the documentation and the help message for ubiformat. The CLI option --image-seq for image sequence number is not supported. -Q option for image sequence number is silently ignored. This patch adds the CLI support for image sequence number. Signed-off-by: Amol Vengurlekar <amol.sven@gmail.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-04-29mtd-tests: nandbiterrs: Fix issue that just insert error at bit 7Xiaolei Li
The function insert_biterror should be designed to insert error at the first '1' bit starting at offset byte. But now, only bit 7 of each byte is checked, because checking mask is always 0x80. So, do right shift for checking mask after each checking to check the whole 8 bits of each bytes. Signed-off-by: Xiaolei Li <xiaolei.li@mediatek.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-04-25unittests: Define the use of _GNU_SOURCEOlliver Schinagl
The unittest suite actually makes use of some _GNU extensions during the build (loff_t for example). So lets enable this in the makefile. Signed-off-by: Olliver Schinagl <oliver@schinagl.nl> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-04-25unittests/libmtd_test: Include fcntl headerOlliver Schinagl
The test library for the mtd unit tests include various type's and macro's that officially live in fcntl. Each file and header should always properly include what they use, so lets add the fcntl headers. Signed-off-by: Olliver Schinagl <oliver@schinagl.nl> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-04-25unittests/test_lib: Include proper header for _IOC_SIZEOlliver Schinagl
The macro _IOC_SIZE is not part of sys/ioctl.h but lives in asm/ioctl.h so we should include the proper header. If we do not, some systems complain during linking that they cannot find the symbol _IOC_SIZE() which was not expanded by the pre-compiler. Signed-off-by: Olliver Schinagl <oliver@schinagl.nl> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-04-03mkfs.ubifs: fix regression when trying to store device special filesDavid Oberhollenzer
Commit a767dd30 added a check to add_inode that bails when trying to store extra data in anything other than a symlink. The symlink encryption support added by that commit relies on the assumption. Unfortionately it was overlooked that device special files also store the device number as additional data in the inode. The check added in commit a767dd30 broke support for device files in mkfs.ubifs. This commit adds a quick and dirty fix, moving the check into the fscrypt branch, breaking only the fscrypt version but restoring old functionality for unencrypted file systems. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-03-29mkfs.ubifs: fix build without opensslBaruch Siach
Exclude openssl headers when WITH_CRYPTO is not defined. Fixes this build failure: In file included from ubifs-utils/mkfs.ubifs/mkfs.ubifs.c:25:0: ubifs-utils/mkfs.ubifs/mkfs.ubifs.h:49:10: fatal error: openssl/rand.h: No such file or directory #include <openssl/rand.h> ^~~~~~~~~~~~~~~~ Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-03-13Release mtd-utils-2.1.0v2.1.0David Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-02-26mtd-utils: fixes verification percent display in flashcpAndrij Abyzov
flashcp was always showing 0% progress due to incorrect printf format specifier. Signed-off-by: Andrij Abyzov <drolevar@gmail.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-02-11mtd-utils: fixes double free in mkfs.ubifsYufen Yu
In inode_add_xattr(), it malloc a buffer for name, and then passes the bufffer ptr to add_xattr(). The ptr will be used to create a new idx_entry in add_to_index(). However, inode_add_xattr() will free the buffer before return. which can cause double free in write_index(): free(idx_ptr[i]->name) *** Error in `./mkfs.ubifs': double free or corruption (fasttop): 0x0000000000aae220 *** ======= Backtrace: ========= /lib64/libc.so.6(+0x7cbac)[0x7f4881ff5bac] /lib64/libc.so.6(+0x87a59)[0x7f4882000a59] /lib64/libc.so.6(cfree+0x16e)[0x7f48820063be] ./mkfs.ubifs[0x402fbf] /lib64/libc.so.6(__libc_start_main+0xea)[0x7f4881f9988a] ./mkfs.ubifs[0x40356a] Signed-off-by: Yufen Yu <yuyufen@huawei.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-01-25mtd-utils: avoid to create two UBI_LAYOUT_VOLUME_ID volumeYufen Yu
When we create a ubi image by ubinize, a UBI_LAYOUT_VOLUME_ID volume will be created by ubigen_write_layout_vol(). However, after the commit 4c00cf2c5816 (ubiformat: remove no-volume-table option), ubiformat remove novtbl args in format(). As a result, it will also create a layout volume. When we attempt to do ubiattach, it will fail for ubi_compare_lebs error: ubi0 error: ubi_compare_lebs: unsupported on-flash UBI format ubi0 error: ubi_attach_mtd_dev: failed to attach mtd1, error -22 Signed-off-by: Yufen Yu <yuyufen@huawei.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-12-17mkfs.ubifs: fix default cipher in help outputDavid Gstir
AES-256-XTS is the default since dd0d9c623e22 ("mkfs.ubifs: Use AES-256-XTS as default"), we want that to be correctly reflected in the help output as well. Signed-off-by: David Gstir <david@sigma-star.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-09mkfs.ubifs: Don't compress by default if filesystem is encryptedRichard Weinberger
Encryption and compression are not friends. Enable compression in encryption mode only if the user explicitly sets a compressor. Signed-off-by: Richard Weinberger <richard@nod.at> Tested-by: Heiko Schocher <hsdenx.de> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-09mkfs.ubifs: Store compr_size in correct endianness.Richard Weinberger
compr_size has to be in LE16. Signed-off-by: Richard Weinberger <richard@nod.at> Tested-by: Heiko Schocher <hsdenx.de> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-09mkfs.ubifs: Fix IV selectionRichard Weinberger
We need to check for AES being in 128-cbc mode and not 256-cbc. fscrypt supports only 128-cbc and 256-xts so far. Signed-off-by: Richard Weinberger <richard@nod.at> Tested-by: Heiko Schocher <hsdenx.de> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Use AES-256-XTS as defaultRichard Weinberger
AES-128-CBC should only being used when 256-XTS is too slow on low end hardware. Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Print key descriptor only when generatedRichard Weinberger
Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Enable support for building without cryptoRichard Weinberger
Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Move RAND_poll to crypto.cRichard Weinberger
Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: More fscryptctl compatibilityRichard Weinberger
fscryptctl reads up to FS_MAX_KEY_SIZE bytes from the source key to compute the descriptor. Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Fix key descriptor printingRichard Weinberger
normsg() sucks. Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Compute encryption key descriptor automaticallyRichard Weinberger
...if none is given. To be compatible with fscryptctl. Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Fixup AES-XTS modeRichard Weinberger
In XTS mode we don't need ESSIV, just use the block number as tweak. Also apply EVP_EncryptFinal(). Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Use correct sizes for keys and hash lengthsRichard Weinberger
This works currently by chance since the sizes match, but that might change with different cipher setups. Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Enable Cipher selectionRichard Weinberger
No longer hard code AES-128-CBC, we support AES-256-XTS too. Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Correctly use iv lengths in aes-cts modeRichard Weinberger
The key length can be very long, for example in xts mode. So we have to use the right sizes for block and iv lengths. Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Accept 0x prefix for key descriptorDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> Signed-off-by: Richard Weinberger <richard@nod.at>
2018-11-01mkfs.ubifs: Check length of master keyDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> Signed-off-by: Richard Weinberger <richard@nod.at>
2018-11-01mkfs.ubifs: Cleanup over-long linesDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> Signed-off-by: Richard Weinberger <richard@nod.at>
2018-11-01mkfs.ubifs: Move fscrypt definitions and functions out of mkfs.ubifs.cDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> Signed-off-by: Richard Weinberger <richard@nod.at>
2018-11-01mkfs.ubifs: Remove cipher implementations from public headerDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> Signed-off-by: Richard Weinberger <richard@nod.at>