Age | Commit message (Collapse) | Author |
|
First, there is no option named of X509_OPTION. It was presumably
changed during development to AUTH_CERT_OPTION. This commit fixes
the name in the !WITH_CRYPTO branch.
Similarly, '}' got moved into the WITH_CRYPTO branch, but not into
else branch, resulting in tons of errors if fscrypt is disabled.
This commit pulls it back out of both branches.
Fixes: a739b59e ("mkfs.ubifs: Add authentication support")
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
For some command line flags, the argument string is copied. Simply
writing over the buffer leads to a resource leak if the same flag
is specified on the command line more than once.
This patch adds a free() call to the old buffer before overwriting
it with the new copy.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The existing code sets 'err' to -1 and breaks the readdir loop, but
the error state is never read. This patch modifies the readdir loop
to actualy jump to the error handling branch if readdir fails.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
What originally cought my attention was that gen_essiv_salt has a
size_t return type and error paths that return -1 on failure.
Further investigation revealed that the error value is never checked
for. The encrypt_block function doesn't use the return value in any
way and simply continues onward.
Furthermore, the gen_essiv_salt function has an error case that emits
an error message but returns success state.
This patch modifes gen_essiv_salt to return an error status in all
error branches, changes the return type to ssize_t and adds a check
to encrypt_block if gen_essiv_salt fails.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
This adds support for authenticated UBIFS images. In authenticated
images all UBIFS nodes are hashed as described in the UBIFS
authentication whitepaper. Additionally the superblock node contains a
hash of the master node and itself is cryptographically signed in a node
following the superblock node. The signature is in PKCS #7 CMS format.
To generate an authenticated image these options are necessary:
--hash-algo=NAME hash algorithm to use for signed images
(Valid options include sha1, sha256, sha512)
--auth-key=FILE filename or PKCS #11 uri containing the authentication key
for signing
--auth-cert=FILE Authentication certificate filename for signing. Unused
when certificate is provided via PKCS #11
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
"favor_lzo" uses "lzo" unless the space savings when using "zlib" are
big. The current wording got this wrong.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Fix a trivial typo to make sure that zstd.h is included only if
zstd is not disabled.
Signed-off-by: Martin Kaiser <martin@kaiser.cx>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Support for ZSTD compression has been added recently through the ZSTD
library, which is famously known for its incredibly well designed and
stable API.
This patch removes usage of ZSTD_CLEVEL_DEFAULT, which isn't exposed
in older versions of the ZSTD library, and replaces it with with the
constant parameter 0. According to the documentation this should then
use a reasonable default (which is defined internally).
Other possible approachs include defining ZSTD_CLEVEL_DEFAULT to 3
(the value it _currently_ has) if it isn't defined. This patch chooses
the approach of passing 0 since this seems to be encouraged by the
existing documentation.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
I added ZSTD support to mkfs.ubifs and compared the ZSTD results with
zlib/lzo and the available ZSTD compression levels. The results are in
the following table:
Comp image MiB time image2 MiB time
none 271 0m 0,723s 223 0m 0,589s
lzo 164 0m13,705s 116 0m11,636s
zlib 150 0m 7,654s 103 0m 6,347s
favor-lzo 158 0m21,137s 110 0m17,764s
zstd-01 154 0m 1,607s 106 0m 1,429s
zstd-02 153 0m 1,704s 105 0m 1,479s
zstd-03* 152 0m 1,888s 104 0m 1,668s
zstd-04 151 0m 2,741s 103 0m 2,391s
zstd-05 150 0m 3,257s 102 0m 2,916s
zstd-06 150 0m 3,735s 102 0m 3,356s
zstd-07 150 0m 4,066s 102 0m 3,705s
zstd-08 152 0m 1,857s 104 0m 1,644s
zstd-09 152 0m 1,855s 104 0m 1,639s
zstd-10 150 0m 6,654s 102 0m 6,195s
zstd-11 150 0m10,027s 102 0m 9,130s
zstd-12 149 0m14,724s 101 0m13,415s
zstd-13 148 0m18,232s 100 0m16,719s
zstd-14 148 0m20,859s 100 0m19,554s
zstd-15 148 0m25,033s 100 0m23,186s
zstd-16 148 0m38,837s 100 0m36,543s
zstd-17 148 0m46,051s 100 0m43,120s
zstd-18 148 0m49,157s 100 0m45,807s
zstd-19 148 0m49,421s 100 0m45,951s
zstd-20 148 0m51,271s 100 0m48,030s
zstd-21 148 0m51,015s 100 0m48,676s
zstd-22 148 0m52,575s 100 0m50,013s
The UBIFS image was created via
mkfs.ubifs -x $Comp -m 512 -e 128KiB -c 2200 -r $image $out
I used "debootstrap sid" to create a basic RFS and the results are in
the `image' column. The image2 column denotes the results for the same
image but with .deb files removed.
The time column contains the output of the run time of the command.
ZSTD's compression level three is currently default. Based on the
compression results (for the default level) it outperforms LZO in
run time and compression and is almost as good as ZLIB in terms of
compression but quicker.
The higher compression levels make almost no difference in compression
but take a lot of time.
The compression level used is the default offered by ZSTD. It does not
make sense the higher levels.
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Commit a767dd30 added a check to add_inode that bails when trying to
store extra data in anything other than a symlink. The symlink
encryption support added by that commit relies on the assumption.
Unfortionately it was overlooked that device special files also store
the device number as additional data in the inode. The check added in
commit a767dd30 broke support for device files in mkfs.ubifs.
This commit adds a quick and dirty fix, moving the check into the
fscrypt branch, breaking only the fscrypt version but restoring old
functionality for unencrypted file systems.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Exclude openssl headers when WITH_CRYPTO is not defined.
Fixes this build failure:
In file included from ubifs-utils/mkfs.ubifs/mkfs.ubifs.c:25:0:
ubifs-utils/mkfs.ubifs/mkfs.ubifs.h:49:10: fatal error: openssl/rand.h: No such file or directory
#include <openssl/rand.h>
^~~~~~~~~~~~~~~~
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
In inode_add_xattr(), it malloc a buffer for name, and then passes
the bufffer ptr to add_xattr(). The ptr will be used to create a new
idx_entry in add_to_index().
However, inode_add_xattr() will free the buffer before return.
which can cause double free in write_index(): free(idx_ptr[i]->name)
*** Error in `./mkfs.ubifs': double free or corruption (fasttop): 0x0000000000aae220 ***
======= Backtrace: =========
/lib64/libc.so.6(+0x7cbac)[0x7f4881ff5bac]
/lib64/libc.so.6(+0x87a59)[0x7f4882000a59]
/lib64/libc.so.6(cfree+0x16e)[0x7f48820063be]
./mkfs.ubifs[0x402fbf]
/lib64/libc.so.6(__libc_start_main+0xea)[0x7f4881f9988a]
./mkfs.ubifs[0x40356a]
Signed-off-by: Yufen Yu <yuyufen@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
AES-256-XTS is the default since dd0d9c623e22 ("mkfs.ubifs: Use AES-256-XTS as default"),
we want that to be correctly reflected in the help output as well.
Signed-off-by: David Gstir <david@sigma-star.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Encryption and compression are not friends.
Enable compression in encryption mode only if the user explicitly
sets a compressor.
Signed-off-by: Richard Weinberger <richard@nod.at>
Tested-by: Heiko Schocher <hsdenx.de>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
compr_size has to be in LE16.
Signed-off-by: Richard Weinberger <richard@nod.at>
Tested-by: Heiko Schocher <hsdenx.de>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
We need to check for AES being in 128-cbc mode and not 256-cbc.
fscrypt supports only 128-cbc and 256-xts so far.
Signed-off-by: Richard Weinberger <richard@nod.at>
Tested-by: Heiko Schocher <hsdenx.de>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
AES-128-CBC should only being used when 256-XTS is too slow
on low end hardware.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
fscryptctl reads up to FS_MAX_KEY_SIZE bytes from the source key
to compute the descriptor.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
normsg() sucks.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
...if none is given. To be compatible with fscryptctl.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
In XTS mode we don't need ESSIV, just use the block number
as tweak.
Also apply EVP_EncryptFinal().
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
This works currently by chance since the sizes match, but
that might change with different cipher setups.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
No longer hard code AES-128-CBC, we support AES-256-XTS too.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The key length can be very long, for example in xts mode.
So we have to use the right sizes for block and iv lengths.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
...and make valgrind memcheck happy
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
fscrypto is using the max key lenth (64), so we cannot use the
AES-128-ECB len.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|