Accepting request 1142597 from security

OBS-URL: https://build.opensuse.org/request/show/1142597 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/cryptsetup?expand=0&rev=125
2024-01-30 17:24:12 +00:00 · 2024-01-30 17:24:12 +00:00 · 97f8c697a5
commit 97f8c697a5
parent 540dc9dc26 9a7370c09b
9 changed files with 89 additions and 300 deletions
--- a/cryptsetup-2.6.1.tar.sign
+++ b/cryptsetup-2.6.1.tar.sign
@ -1,16 +0,0 @@
 -----BEGIN PGP SIGNATURE-----
 iQIzBAABCAAdFiEEKikYJD/eRmSNBob52bBXe9k+mPwFAmPlHwIACgkQ2bBXe9k+
 mPwtxg/+PohA6Ygk3e61i0IZmLdvHO2PJG3JefLxf1QDqImkKcALgUdNrt/qv1SZ
 CBtM4pmYXfhIpYzavSPZdAC0nLvKkx66PpQRCk/ZmUSNZJ8IzmoM5MPZhWLspYtK
 Z4mVXJz+UVdCAf7ayK7li9A+a947jpVKFlc5hSiQ8SnmkT8X0MhqGPLsO9Z6ndNK
 +VpBPozZ1YQ6THYp2so5lF3BW9G6YAkm5XhN6IQreDCdZwF0Y4lff6G9PNHFSLpC
 k9yLmvUgDsDNTcEjXeKbtvIlOzjjHfhJkEmyo9jNDWNUSU6wt5RqnCZmd1VbCQyB
 HVCKb9Y0Yoz9rvzFBWnU6d1ZCe3aKLrVF89yK6mJ7CYh4CVURMJmIJ+1rEeg2z5n
 NhXSLrMMF+Q9P/VNupOMec1DOg2OMRKExps5r7kvDeVOz9FmJoguMxAu1+dt0Ze8
 4b86ii2F+Py2tOy5OzQu7PvQkKbl8dvi8qJM8cEovKIsWiHTp/2Heo0gjXaLJ/kK
 v/821T9v3ZO7dmtlhgps9q4xEjWV/u3kWwXXFgEtKby48UVzTGNXsDDdkrVEdy2J
 jKBnqO31mGa8ButNRQvZ6rEOPFaCmdpy95/u5v22LhlACdkEwt5Cky0t6NMKSpvp
 sSgVzYmU6Pk5RdOzZCt1pyIPwEfJa1y5N1k/kuBasdqPw95RRsM=
 =m/Re
 -----END PGP SIGNATURE-----
--- a/cryptsetup-2.6.1.tar.xz
+++ b/cryptsetup-2.6.1.tar.xz
--- a/cryptsetup-2.7.0.tar.sign
+++ b/cryptsetup-2.7.0.tar.sign
@ -0,0 +1,16 @@
 -----BEGIN PGP SIGNATURE-----
 iQIzBAABCAAdFiEEKikYJD/eRmSNBob52bBXe9k+mPwFAmWw5zoACgkQ2bBXe9k+
 mPztwhAAh8ieUWCcw7WwW4lc00ZH77sLc7Ro5J2/0ZAg/HpowOqGqhzJQZ+KJdeF
 b6mebw7mKq4PHyzUS7Rba4wQiVEUD2kAQuoyXZJljsxegFOc1LxL/DSOCt7IFJyc
 WB+525kPoRrpBWJhGXMn4OcVaelmIJAgDFHcYAccJJTKNgPjDrivpkTAxUsfdTTf
 a1F/4I2o7eP5zkWkPqqQIvXzlwQnfD5ulZvnJ30t8E/07CZJ5Hf9iLRa6vruo7Rg
 8cJHcOu4MhjuMu+oDvuefj8hM4FyfLU+tt0L7Z3iOZXAGffe+iQUQUyChvN/waEI
 R8mpdc89amTHkMTCjYOo2X4sAH9a7mo5L2v+rm5NTZTZn53Gy1Ytbzy2agXY+ebf
 DeKTVL3KTMe6KvQUfIqMSrM9oub6o8JDfO+0La9GSkNU/1VvHU5LK3FIomuP8Top
 BPfdL8IxSgIityBbby1ZQD97aIgzPZkGsC7/5bVY7mj/LUZxJK61p49U0dlolwss
 uzJarjAtDY0iNCfOv/AKZGnVzHAc2cEmVKJ6X243h2NRB5z1snFP8lDtB2AIdcUf
 0vEZz1HcwW1de1C0jjQsf9elkeVJfrsFhRhRrEEiHyplR3/uaVwUtrDGOxPsRE+J
 SE2sSfURqQPuBKeTO/ymVDt7G0iPd8Ts/BOhQYTn94rsjhONiz8=
 =6sya
 -----END PGP SIGNATURE-----
--- a/cryptsetup-2.7.0.tar.xz
+++ b/cryptsetup-2.7.0.tar.xz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:94003a00cd5a81944f45e8dc529e0cfd2a6ff629bd2cd21cf5e574e465daf795
 size 11632432
--- a/cryptsetup-Check-for-physical-memory-available-also-in-PBKDF-be.patch
+++ b/cryptsetup-Check-for-physical-memory-available-also-in-PBKDF-be.patch
@ -1,72 +0,0 @@
 From 7893c33d71cde09e240234c484c6c468f22c2fe7 Mon Sep 17 00:00:00 2001
 From: Milan Broz <gmazyland@gmail.com>
 Date: Mon, 3 Apr 2023 13:31:16 +0200
 Subject: [PATCH] Check for physical memory available also in PBKDF benchmark.
 ---
 lib/internal.h        | 1 +
 lib/utils_benchmark.c | 9 +++++++++
 lib/utils_pbkdf.c     | 4 ++--
 3 files changed, 12 insertions(+), 2 deletions(-)
 Index: cryptsetup-2.6.1/lib/internal.h
 ===================================================================
 --- cryptsetup-2.6.1.orig/lib/internal.h
 +++ cryptsetup-2.6.1/lib/internal.h
@@ -89,6 +89,7 @@ int crypt_benchmark_pbkdf_internal(struc
 				   struct crypt_pbkdf_type *pbkdf,
 				   size_t volume_key_size);
 const char *crypt_get_cipher_spec(struct crypt_device *cd);
 +uint32_t pbkdf_adjusted_phys_memory_kb(void);
 /* Device backend */
 struct device;
 Index: cryptsetup-2.6.1/lib/utils_benchmark.c
 ===================================================================
 --- cryptsetup-2.6.1.orig/lib/utils_benchmark.c
 +++ cryptsetup-2.6.1/lib/utils_benchmark.c
@@ -101,6 +101,7 @@ int crypt_benchmark_pbkdf(struct crypt_d
 {
 	int r, priority;
 	const char *kdf_opt;
 +	uint32_t memory_kb;
 	if (!pbkdf || (!password && password_size))
 		return -EINVAL;
@@ -113,6 +114,14 @@ int crypt_benchmark_pbkdf(struct crypt_d
 	log_dbg(cd, "Running %s(%s) benchmark.", pbkdf->type, kdf_opt);
 +	memory_kb = pbkdf_adjusted_phys_memory_kb();
 +	if (memory_kb < pbkdf->max_memory_kb) {
 +		log_dbg(cd, "Not enough physical memory detected, "
 +			"PBKDF max memory decreased from %dkB to %dkB.",
 +			pbkdf->max_memory_kb, memory_kb);
 +		pbkdf->max_memory_kb = memory_kb;
 +	}
 +
 	crypt_process_priority(cd, &priority, true);
 	r = crypt_pbkdf_perf(pbkdf->type, pbkdf->hash, password, password_size,
 			     salt, salt_size, volume_key_size, pbkdf->time_ms,
 Index: cryptsetup-2.6.1/lib/utils_pbkdf.c
 ===================================================================
 --- cryptsetup-2.6.1.orig/lib/utils_pbkdf.c
 +++ cryptsetup-2.6.1/lib/utils_pbkdf.c
@@ -61,7 +61,7 @@ const struct crypt_pbkdf_type *crypt_get
 	return NULL;
 }
 -static uint32_t adjusted_phys_memory(void)
 +uint32_t pbkdf_adjusted_phys_memory_kb(void)
 {
 	uint64_t memory_kb = crypt_getphysmemory_kb();
@@ -249,7 +249,7 @@ int init_pbkdf_type(struct crypt_device
 	}
 	if (cd_pbkdf->max_memory_kb) {
 -		memory_kb = adjusted_phys_memory();
 +		memory_kb = pbkdf_adjusted_phys_memory_kb();
 		if (cd_pbkdf->max_memory_kb > memory_kb) {
 			log_dbg(cd, "Not enough physical memory detected, "
 				"PBKDF max memory decreased from %dkB to %dkB.",
--- a/cryptsetup-Try-to-avoid-OOM-killer-on-low-memory-systems-withou.patch
+++ b/cryptsetup-Try-to-avoid-OOM-killer-on-low-memory-systems-withou.patch
@ -1,160 +0,0 @@
 From 899bad8c06957a94a198d1eaa293ed8db205f1de Mon Sep 17 00:00:00 2001
 From: Milan Broz <gmazyland@gmail.com>
 Date: Mon, 20 Feb 2023 16:45:36 +0100
 Subject: [PATCH] Try to avoid OOM killer on low-memory systems without swap.
 Benchmark for memory-hard KDF is tricky, seems that relying
 on maximum half of physical memory is not enough.
 Let's allow only free physical available space if there is no swap.
 This should not cause changes on normal systems, at least.
 ---
 lib/internal.h     |  2 ++
 lib/utils.c        | 47 ++++++++++++++++++++++++++++++++++++++++++++++
 lib/utils_pbkdf.c  | 11 ++++++++++-
 tests/api-test-2.c | 12 ++++++++----
 4 files changed, 67 insertions(+), 5 deletions(-)
 Index: cryptsetup-2.6.1/lib/internal.h
 ===================================================================
 --- cryptsetup-2.6.1.orig/lib/internal.h
 +++ cryptsetup-2.6.1/lib/internal.h
@@ -169,6 +169,8 @@ int crypt_uuid_cmp(const char *dm_uuid,
 size_t crypt_getpagesize(void);
 unsigned crypt_cpusonline(void);
 uint64_t crypt_getphysmemory_kb(void);
 +uint64_t crypt_getphysmemoryfree_kb(void);
 +bool crypt_swapavailable(void);
 int init_crypto(struct crypt_device *ctx);
 Index: cryptsetup-2.6.1/lib/utils.c
 ===================================================================
 --- cryptsetup-2.6.1.orig/lib/utils.c
 +++ cryptsetup-2.6.1/lib/utils.c
@@ -59,6 +59,53 @@ uint64_t crypt_getphysmemory_kb(void)
 	return phys_memory_kb;
 }
 +uint64_t crypt_getphysmemoryfree_kb(void)
 +{
 +	long pagesize, phys_pages;
 +	uint64_t phys_memoryfree_kb;
 +
 +	pagesize = sysconf(_SC_PAGESIZE);
 +	phys_pages = sysconf(_SC_AVPHYS_PAGES);
 +
 +	if (pagesize < 0 || phys_pages < 0)
 +		return 0;
 +
 +	phys_memoryfree_kb = pagesize / 1024;
 +	phys_memoryfree_kb *= phys_pages;
 +
 +	return phys_memoryfree_kb;
 +}
 +
 +bool crypt_swapavailable(void)
 +{
 +	int fd;
 +	ssize_t size;
 +	char buf[4096], *p;
 +	uint64_t total;
 +
 +	if ((fd = open("/proc/meminfo", O_RDONLY)) < 0)
 +		return true;
 +
 +	size = read(fd, buf, sizeof(buf));
 +	close(fd);
 +	if (size < 1)
 +		return true;
 +
 +	if (size < (ssize_t)sizeof(buf))
 +		buf[size] = 0;
 +	else
 +		buf[sizeof(buf) - 1] = 0;
 +
 +	p = strstr(buf, "SwapTotal:");
 +	if (!p)
 +		return true;
 +
 +	if (sscanf(p, "SwapTotal: %" PRIu64 " kB", &total) != 1)
 +		return true;
 +
 +	return total > 0;
 +}
 +
 void crypt_process_priority(struct crypt_device *cd, int *priority, bool raise)
 {
 	int _priority, new_priority;
 Index: cryptsetup-2.6.1/lib/utils_pbkdf.c
 ===================================================================
 --- cryptsetup-2.6.1.orig/lib/utils_pbkdf.c
 +++ cryptsetup-2.6.1/lib/utils_pbkdf.c
@@ -63,7 +63,7 @@ const struct crypt_pbkdf_type *crypt_get
 uint32_t pbkdf_adjusted_phys_memory_kb(void)
 {
 -	uint64_t memory_kb = crypt_getphysmemory_kb();
 +	uint64_t free_kb, memory_kb = crypt_getphysmemory_kb();
 	/* Ignore bogus value */
 	if (memory_kb < (128 * 1024) || memory_kb > UINT32_MAX)
@@ -75,6 +75,15 @@ uint32_t pbkdf_adjusted_phys_memory_kb(v
 	 */
 	memory_kb /= 2;
 +	/*
 +	 * Never use more that available free space on system without swap.
 +	 */
 +	if (!crypt_swapavailable()) {
 +		free_kb = crypt_getphysmemoryfree_kb();
 +		if (free_kb > (64 * 1024) && free_kb < memory_kb)
 +			return free_kb;
 +	}
 +
 	return memory_kb;
 }
 Index: cryptsetup-2.6.1/tests/api-test-2.c
 ===================================================================
 --- cryptsetup-2.6.1.orig/tests/api-test-2.c
 +++ cryptsetup-2.6.1/tests/api-test-2.c
@@ -2802,7 +2802,8 @@ static void Pbkdf(void)
 	OK_(strcmp(pbkdf->type, default_luks2_pbkdf));
 	OK_(strcmp(pbkdf->hash, default_luks1_hash));
 	EQ_(pbkdf->time_ms, default_luks2_iter_time);
 -	EQ_(pbkdf->max_memory_kb, adjusted_pbkdf_memory());
 +	GE_(pbkdf->max_memory_kb, 64 * 1024);
 +	GE_(adjusted_pbkdf_memory(), pbkdf->max_memory_kb);
 	EQ_(pbkdf->parallel_threads, _min(cpus_online(), default_luks2_parallel_threads));
 	// set and verify argon2 type
 	OK_(crypt_set_pbkdf_type(cd, &argon2));
@@ -2827,7 +2828,8 @@ static void Pbkdf(void)
 	OK_(strcmp(pbkdf->type, default_luks2_pbkdf));
 	OK_(strcmp(pbkdf->hash, default_luks1_hash));
 	EQ_(pbkdf->time_ms, default_luks2_iter_time);
 -	EQ_(pbkdf->max_memory_kb, adjusted_pbkdf_memory());
 +	GE_(pbkdf->max_memory_kb, 64 * 1024);
 +	GE_(adjusted_pbkdf_memory(), pbkdf->max_memory_kb);
 	EQ_(pbkdf->parallel_threads, _min(cpus_online(), default_luks2_parallel_threads));
 	// try to pass illegal values
 	argon2.parallel_threads = 0;
@@ -2858,14 +2860,16 @@ static void Pbkdf(void)
 	OK_(strcmp(pbkdf->type, default_luks2_pbkdf));
 	OK_(strcmp(pbkdf->hash, default_luks1_hash));
 	EQ_(pbkdf->time_ms, default_luks2_iter_time);
 -	EQ_(pbkdf->max_memory_kb, adjusted_pbkdf_memory());
 +	GE_(pbkdf->max_memory_kb, 64 * 1024);
 +	GE_(adjusted_pbkdf_memory(), pbkdf->max_memory_kb);
 	EQ_(pbkdf->parallel_threads, _min(cpus_online(), default_luks2_parallel_threads));
 	crypt_set_iteration_time(cd, 1);
 	OK_(crypt_load(cd, CRYPT_LUKS, NULL));
 	OK_(strcmp(pbkdf->type, default_luks2_pbkdf));
 	OK_(strcmp(pbkdf->hash, default_luks1_hash));
 	EQ_(pbkdf->time_ms, 1);
 -	EQ_(pbkdf->max_memory_kb, adjusted_pbkdf_memory());
 +	GE_(pbkdf->max_memory_kb, 64 * 1024);
 +	GE_(adjusted_pbkdf_memory(), pbkdf->max_memory_kb);
 	EQ_(pbkdf->parallel_threads, _min(cpus_online(), default_luks2_parallel_threads));
 	CRYPT_FREE(cd);
--- a/cryptsetup-Use-only-half-of-detected-free-memory-on-systems-wit.patch
+++ b/cryptsetup-Use-only-half-of-detected-free-memory-on-systems-wit.patch
@ -1,41 +0,0 @@
 From 6721d3a8b29b13fe88aeeaefe09d457e99d1c6fa Mon Sep 17 00:00:00 2001
 From: Milan Broz <gmazyland@gmail.com>
 Date: Mon, 17 Apr 2023 13:41:17 +0200
 Subject: [PATCH] Use only half of detected free memory on systems without
 swap.
 As tests shows, limiting used Argon2 memory to free memory on
 systems without swap is still not enough.
 Use just half of it, this should bring needed margin while
 still use Argon2.
 Note, for very-low memory constrained systems user should
 avoid memory-hard PBKDF (IOW manually select PBKDF2), we
 do not do this automatically.
 ---
 lib/utils_pbkdf.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)
 Index: cryptsetup-2.6.1/lib/utils_pbkdf.c
 ===================================================================
 --- cryptsetup-2.6.1.orig/lib/utils_pbkdf.c
 +++ cryptsetup-2.6.1/lib/utils_pbkdf.c
@@ -76,10 +76,17 @@ uint32_t pbkdf_adjusted_phys_memory_kb(v
 	memory_kb /= 2;
 	/*
 -	 * Never use more that available free space on system without swap.
 +	 * Never use more that half of available free memory on system without swap.
 	 */
 	if (!crypt_swapavailable()) {
 		free_kb = crypt_getphysmemoryfree_kb();
 +
 +		/*
 +		 * Using exactly free memory causes OOM too, use only half of the value.
 +		 * Ignore small values (< 64MB), user should use PBKDF2 in such environment.
 +		 */
 +		free_kb /= 2;
 +
 		if (free_kb > (64 * 1024) && free_kb < memory_kb)
 			return free_kb;
 	}
--- a/cryptsetup.changes
+++ b/cryptsetup.changes
@ -1,3 +1,69 @@
 -------------------------------------------------------------------
 Mon Jan 29 16:40:40 UTC 2024 - Pedro Monreal <pmonreal@suse.com>
 - Update to 2.7.0:
  * Full changelog in:
    mirrors.edge.kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.0-ReleaseNotes
  * Introduce support for hardware OPAL disk encryption.
  * plain mode: Set default cipher to aes-xts-plain64 and password hashing
    to sha256.
  * Allow activation (open), luksResume, and luksAddKey to use the volume
    key stored in a keyring.
  * Allow to store volume key to a user-specified keyring in open and
    luksResume commands.
  * Do not flush IO operations if resize grows the device.
    This can help performance in specific cases where the encrypted device
    is extended automatically while running many IO operations.
  * Use only half of detected free memory for Argon2 PBKDF on systems
    without swap (for LUKS2 new keyslot or format operations).
  * Add the possibility to specify a directory for external LUKS2 token
    handlers (plugins).
  * Do not allow reencryption/decryption on LUKS2 devices with
    authenticated encryption or hardware (OPAL) encryption.
  * Do not fail LUKS format if the operation was interrupted on subsequent
    device wipe.
  * Fix the LUKS2 keyslot option to be used while activating the device
    by a token.
  * Properly report if the dm-verity device cannot be activated due to
    the inability to verify the signed root hash (ENOKEY).
  * Fix to check passphrase for selected keyslot only when adding
    new keyslot.
  * Fix to not wipe the keyslot area before in-place overwrite.
  * bitlk: Fix segfaults when attempting to verify the volume key.
  * Add --disable-blkid command line option to avoid blkid device check.
  * Add support for the meson build system.
  * Fix wipe operation that overwrites the whole device if used for LUKS2
    header with no keyslot area.
  * Fix luksErase to work with detached LUKS header.
  * Disallow the use of internal kernel crypto driver names in "capi"
    specification.
  * Fix reencryption to fail early for unknown cipher.
  * tcrypt: Support new Blake2 hash for VeraCrypt.
  * tcrypt: use hash values as substring for limiting KDF check.
  * Add Aria cipher support and block size info.
  * Do not decrease PBKDF parameters if the user forces them.
  * Support OpenSSL 3.2 Argon2 implementation.
  * Add support for Argon2 from libgcrypt
    (requires yet unreleased gcrypt 1.11).
  * Used Argon2 PBKDF implementation is now reported in debug mode
    in the cryptographic backend version. For native support in
    OpenSSL 3.2 or libgcrypt 1.11, "argon2" is displayed.
    If libargon2 is used, "cryptsetup libargon2" (for embedded
    library) or "external libargon2" is displayed.
  * Link only libcrypto from OpenSSL.
  * Disable reencryption for Direct-Access (DAX) devices.
  * Print a warning message if the device is not aligned to sector size.
  * Fix sector size and integrity fields display for non-LUKS2 crypt
    devices for the status command.
  * Fix suspend for LUKS2 with authenticated encryption (also suspend
    dm-integrity device underneath).
  * Update keyring and locking documentation and LUKS2 specification
    for OPAL2 support.
  * Remove patches fixed upstream:
    - cryptsetup-Check-for-physical-memory-available-also-in-PBKDF-be.patch
    - cryptsetup-Try-to-avoid-OOM-killer-on-low-memory-systems-withou.patch
    - cryptsetup-Use-only-half-of-detected-free-memory-on-systems-wit.patch
 -------------------------------------------------------------------
 Thu Jul 13 09:46:24 UTC 2023 - Pedro Monreal <pmonreal@suse.com>
--- a/cryptsetup.spec
+++ b/cryptsetup.spec
@ -1,7 +1,7 @@
 #
 # spec file for package cryptsetup
 #
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -18,21 +18,17 @@
 %define so_ver 12
 Name:           cryptsetup
-Version:        2.6.1
+Version:        2.7.0
 Release:        0
 Summary:        Setup program for dm-crypt Based Encrypted Block Devices
 License:        LGPL-2.0-or-later AND SUSE-GPL-2.0-with-openssl-exception
 Group:          System/Base
 URL:            https://gitlab.com/cryptsetup/cryptsetup/
-Source0:        https://www.kernel.org/pub/linux/utils/cryptsetup/v2.6/cryptsetup-%{version}.tar.xz
+Source0:        https://www.kernel.org/pub/linux/utils/cryptsetup/v2.7/cryptsetup-%{version}.tar.xz
 # GPG signature of the uncompressed tarball.
-Source1:        https://www.kernel.org/pub/linux/utils/cryptsetup/v2.6/cryptsetup-%{version}.tar.sign
+Source1:        https://www.kernel.org/pub/linux/utils/cryptsetup/v2.7/cryptsetup-%{version}.tar.sign
 Source2:        baselibs.conf
 Source3:        cryptsetup.keyring
 #PATCH-FIX-UPSTREAM bsc#1211079 luksFormat: handle system with low memory and no swap space
 Patch0:         cryptsetup-Check-for-physical-memory-available-also-in-PBKDF-be.patch
 Patch1:         cryptsetup-Try-to-avoid-OOM-killer-on-low-memory-systems-withou.patch
 Patch2:         cryptsetup-Use-only-half-of-detected-free-memory-on-systems-wit.patch
 BuildRequires:  device-mapper-devel
 BuildRequires:  libjson-c-devel
 BuildRequires:  libpwquality-devel