diff --git a/README.loop-AES-v2.2d b/README.loop-AES-v2.2d deleted file mode 100644 index c3903f9..0000000 --- a/README.loop-AES-v2.2d +++ /dev/null @@ -1,1231 +0,0 @@ -Written by Jari Ruusu , October 26 2004 - -Copyright 2001,2002,2003,2004 by Jari Ruusu. -Redistribution of this file is permitted under the GNU Public License. - - -Table of Contents -~~~~~~~~~~~~~~~~~ -1. Loop device primer -2. General information -2.1. Key setup and IV modes -2.2. Use of journaling file systems on loop device -2.3. Use of offsets and sizelimits -2.4. Use of software suspend -2.5. File system soft block sizes -2.6. Compatibility with earlier versions -3. Instructions for building loop.o driver -4. Instructions for building new mount, umount, losetup, swapon and swapoff -5. Instructions for building new gpg -6. Testing the loop.o driver and losetup program -7. Examples -7.1 Example 1 - Encrypting swap on 2.4 and newer kernels -7.2. Example 2 - Partition backed loop with gpg encrypted key file -7.3. Example 3 - Encrypted partition that multiple users can mount -7.4. Example 4 - Encrypting /tmp partition with random keys -7.5. Example 5 - Encrypting root partition -7.6. Example 6 - Boot from CD-ROM + encrypted root partition -8. Security levels -9. Performance tuning for 2.4 and newer kernels -10. Files -11. Credits - - -1. Loop device primer -~~~~~~~~~~~~~~~~~~~~~ -Loop devices are block devices that do not store any data directly but loop -all reads and writes to underlying block device or file, possibly encrypting -and decrypting data in the process. Normally you don't write to a loop -device directly, but set up a file system on it. The file system will then -read from and write to loop device. - -By default, 8 loop devices are available: /dev/loop0, /dev/loop1 ... -/dev/loop7 (on devfs /dev/loop/0 ... /dev/loop/7). All devices are -identical, and each can be tied to one real block device or one file on some -file system. You have to decide and allocate which loop to use for which -purpose. - -losetup(8) program is used to make and tear down the connection between a -loop device and underlying device or file. You don't have to specify type of -underlying device as loop driver detects that automatically. mount(8), -umount(8), swapon(8) and swapoff(8) programs can also set up and tear down -loop devices. - -File backed loops may deadlock under some kernel + file system combinations. -So, if you can choose between device backed and file backed, choose device -backed even if it means that you have to re-partition your disks. - - -2. General information -~~~~~~~~~~~~~~~~~~~~~~ -This package provides loadable Linux kernel module (loop.o or loop.ko on 2.6 -kernels) that has AES cipher built-in. The AES cipher can be used to encrypt -local file systems and disk partitions. - -Loop device encrypts data but does not authenticate ciphertext. In other -words, it delivers data privacy, but does not guarantee that data has not -been tampered with. Admins setting up encrypted file systems should ensure -that neither ciphertext, nor tools used to access ciphertext (kernel + -kernel modules, mount, losetup, and other utilities) can be trojaned or -tampered. - -This package does *not* modify your kernel in any way, so you are free to -use kernels of your choice, with or without cool patches. This package works -with 2.0.x, 2.2.x, 2.4.x (2.4.7 or later) and 2.6.x kernels. - -Latest version of this package can be found at: - - http://loop-aes.sourceforge.net/ - http://members.tiscali.fi/ce6c8edf/ (limited downloads) - -New versions are announced to linux-crypto mailing list: - - http://mail.nl.linux.org/linux-crypto/ - http://www.spinics.net/lists/crypto/ - -List-subscribe: - - -2.1. Key setup and IV modes -~~~~~~~~~~~~~~~~~~~~~~~~~~~ -The AES cipher is used in CBC (cipher block chaining) mode. Data is -encrypted and decrypted in 512 byte chains. Two key setup modes are -supported; single-key mode and multi-key mode. Single-key mode uses simple -sector IV and one AES key to encrypt and decrypt all sectors in the loop -device. Multi-key mode uses cryptographically more secure MD5 IV and 64 -different AES keys to encrypt and decrypt sectors in the loop device. In -multi-key mode first key is used for first sector, second key for second -sector, and so on. - -Password string has a minimum length of 20 characters. Optional password -seed (salt) and key iteration count can be used to slow down dictionary -attacks. Password seed is appended to user supplied password before password -is hashed using one way hash. If password iteration count is specified, -password hash output is encrypted N thousand times using AES-256. Unique -seed prevents an adversary from precomputing hashes of passwords in his -dictionary in advance, and thus making an optimized attack slower. Large -password iteration count makes dictionary attack painfully slow. - -If encryption type is specified as AES128 or AES, password string is hashed -with SHA-256, and 128 bit AES encryption is used. If encryption type is -specified as AES192, password string is hashed with SHA-384, and 192 bit AES -encryption is used. If encryption type is specified as AES256, password -string is hashed with SHA-512, and 256 bit AES encryption is used. - - -2.2. Use of journaling file systems on loop device -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -Don't use a journaling file system on top of file backed loop device. Device -backed loop device can be used with journaling file systems as device backed -loops guarantee that writes reach disk platters in order required by -journaling file system (write caching must be disabled on the disk drive, of -course). With file backed loop devices, correct write ordering may extend -only to page cache (which resides in RAM) of underlying file system. VM can -write such pages to disk in any order it wishes, and thus break write order -expectation of journaling file system. - - -2.3. Use of offsets and sizelimits -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -losetup and mount programs support using offset to underlying device or -file. 2.4.x and later kernels also support use of sizelimit that limit size -of device to some subset of full underlying device or file size. Both offset -and sizelimit are specified in bytes. If no offset is specified, zero offset -is used. If no sizelimit is specified, full device/file size is used. If you -do use nonzero offsets, make sure offset is integer multiple of 512 bytes. -Nonzero offsets that are not integer multiple of 512 bytes are NOT supported -as they may be nonportable and/or nonworking. - - -2.4. Use of software suspend -~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -Encryption keys are kept in kernel RAM while loop is active. Key is -immediately erased when loop is deactivated. Use of suspend-to-disk while -there are active encrypted loops should be used with caution: it would be -really bad security wise because encryption keys are written to disk when -kernel RAM is saved to disk. Once key is written to disk it may be -recoverable from that disk pretty much forever. Security of data encrypted -with such recoverable key is void. - - -2.5. File system soft block sizes -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -If you intend to move encrypted file system to some other device (CD-ROM for -example), be sure to create file system with soft block size that is integer -multiple of device hard sector size. CD-ROMs have 2048 byte sectors. File -system with 1024 byte soft block size is not going to work with all CD-ROM -drives and/or drivers. - - -2.6. Compatibility with earlier versions -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -This version is compatible with on-disk formats of all previous relased -versions. This version is compatible with recommended mount, losetup and -swapon command line syntax and /etc/fstab option syntax since -loop-AES-v1.1b. - -Unhashed encryption type as created using ancient loop-AES-v1.0c, now needs -'mount -o phash=unhashed1' or 'losetup -H unhashed1' options. - -Mount and losetup programs from loop-AES-v2.0g and older accepted unlimited -long passphrase when passphrase was read from a file descriptor using '-p 0' -option. To prevent abuse of mlock()ed RAM by non-root users, mount and -losetup programs from loop-AES-v2.1a and newer limit max passphrase length -to 4094 bytes. - - -3. Instructions for building loop.o driver -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -Before you attempt to build loop.o driver (loop.ko on 2.6 kernels), you -*must* configure, compile and install new kernel so that CONFIG_MODULES=y -and CONFIG_BLK_DEV_LOOP=n. Also, CONFIG_KMOD=y is recommended but not -required (kernel 2.0 doesn't have CONFIG_KMOD, set CONFIG_KERNELD=y -instead). Configuring your kernel so that loop driver is built-in -(CONFIG_BLK_DEV_LOOP=y) or module (CONFIG_BLK_DEV_LOOP=m) will *not* work. -After building and installing your new kernel, do not attempt to clean -kernel tree, or rename path to kernel sources. - -(Re)configuring and (re)compiling your kernel are required for following -reasons: (1) to disable loop driver in your kernel, (2) to get your kernel -sources to match your running kernel, (3) to get your kernel .config to -match your running kernel, (4) to set up configure time generated links -properly, (5) to generate compile time created header files properly to -match your kernel configuration. Failure to fulfill *all* above requirements -may cause loop.o driver compilation to fail or generate incorrectly -operating code. If you are just upgrading existing loop-AES with newer -version, there is no need to recompile kernel or reboot. Just unmount all -file systems using old loop driver, and remove loop driver from kernel with -rmmod command before compiling new loop driver. - -This is how loop.o is compiled and installed: - -2.2 and older kernels: Makefile copies your kernel's loop.c to this - directory. Then, Makefile patches that copy with a - kernel version specific patch. If patching a copy of - your kernel's loop.c fails, then a local copy of - known-to-work and patch-able loop.c-2.X.original is - used instead. - -2.4 and newer kernels: Makefile copies pre-patched loop.c-2.X.patched to - file called patched-loop.c. - -Resulting patched-loop.c along with other source files is then compiled and -linked to form a new loop.o driver that is (usually) installed in -/lib/modules/`uname -r`/block directory. AES cipher is permanently glued to -loop.o driver so that when loop.o is loaded it automagically has AES support -built in. There is no need to define any aliases in /etc/modules.conf file. - -To compile and install loop.o driver, as root, use commands: - - make clean - make - -Makefile tries to locate running kernel source directory, steal definitions -from kernel Makefile, and build a version that matches your running kernel. -Following directories are tried, in this order: - - /lib/modules/`uname -r`/source - /lib/modules/`uname -r`/build - /usr/src/linux - /usr/src/linux-`uname -r` - /usr/src/kernel-source-`uname -r` - -You can override automatic kernel source directory detection by specifying -LINUX_SOURCE like this: make LINUX_SOURCE=/usr/src/linux-2.4.22aa1 - -Both LINUX_SOURCE and KBUILD_OUTPUT must be specified when compiling for -2.6.x kernel with separate object directory. - -You can disable automatic module installation and creation of module -dependencies by specifying MODINST=n RUNDM=n on make command line. - -Automatic kernel source directory detection is not foolproof. For best -results, always specify LINUX_SOURCE, especially if loop.o module appears to -compile for wrong kernel. Observe last five lines of make output for clues. - -If you are upgrading your kernel and you need loop.o module during boot, you -probably need to build new version of loop.o module that matches your new -kernel *before* you boot the new kernel. To build loop.o module for other -kernel than running kernel, you *must* specify LINUX_SOURCE parameter to -make. - -You can override default installation root directory by specifying -INSTALL_MOD_PATH like this: make INSTALL_MOD_PATH=/path/to/destination/root - -Makefile detects processor type from kernel configuration. If selected -processor type is x86 processor or AMD64 processor, optimized assembler -implementations of AES and MD5 are used instead of C implementations. If you -want to unconditionally disable x86 assembler AES and MD5 implementations, -specify X86_ASM=n on make command line. If you want to unconditionally -disable AMD64 assembler AES and MD5 implementations, specify AMD64_ASM=n on -make command line. - -If you want to enable encryption key scrubbing, specify KEYSCRUB=y on make -command line. Loop encryption key scrubbing moves and inverts key bits in -kernel RAM so that the thin oxide which forms the storage capacitor -dielectric of DRAM cells is not permitted to develop detectable property. -For more info, see Peter Gutmann's paper: -http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html - -Note: If your patch program is very old, it may not understand the --dry-run -option, and may puke lengthy error messages. Even if that happens, the build -process should still produce a working loop driver. - - -4. Instructions for building new mount, umount, losetup, swapon and swapoff -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -In order to support AES and other ciphers, mount, umount, losetup, swapon -and swapoff need to be patched and recompiled. A patch is included. Mount, -umount, losetup, swapon and swapoff sources are in util-linux package which -you can get from: - - ftp://ftp.win.tue.nl/pub/linux-local/utils/util-linux/ - or - ftp://ftp.kernel.org/pub/linux/utils/util-linux/ - -Just in case if the tarball is not properly signed, the md5 sum of -util-linux-2.12h.tar.gz is f8f1b2096abbf52fadf86d470c5035dd - -Do *not* install all the utilities in the util-linux package without -thinking. You may ruin your system if you do that. Read the INSTALL file -provided with util-linux tarball. - -These commands, as root user, will recompile and install mount, umount, -losetup, swapon, swapoff and their man pages: - - zcat util-linux-2.12h.tar.gz | tar xvf - - cd util-linux-2.12h - patch -p1 <../util-linux-2.12h.diff - CFLAGS=-O2 ./configure - make SUBDIRS="lib mount" - cd mount - install -m 4755 -o root mount umount /bin - install -m 755 losetup swapon /sbin - rm -f /sbin/swapoff && ( cd /sbin && ln -s swapon swapoff ) - rm -f /usr/share/man/man8/{mount,umount,losetup,swapon,swapoff}.8.gz - install -m 644 mount.8 umount.8 losetup.8 /usr/share/man/man8 - install -m 644 swapon.8 swapoff.8 /usr/share/man/man8 - rm -f /usr/share/man/man5/fstab.5.gz - install -m 644 fstab.5 /usr/share/man/man5 - mandb - cd ../.. - -Debian users may want to put mount package on hold like this: - - echo mount hold | dpkg --set-selections - - -5. Instructions for building new gpg -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -When gpg encrypts data with symmetric cipher only or when gpg encrypts -secret keyring keys with secret passphrase, gpg uses seeded (salted) and -iterated key setup. However, default amount of iteration is tuned for slow -processors and can be increased for better resistance against dictionary -attacks. Larger key iteration makes key setup much slower, but also makes -dictionary attacks much slower too. - -Included optional gpg patch makes gpg password iteration 128 times slower. -gpg stores new iteration value along with seed bytes into symmetric cipher -encrypted output file or secret keyring, so unpatched gpg versions will read -and decrypt the data just fine. - -gpg sources are available from: - - ftp://ftp.gnupg.org/gcrypt/gnupg/ - -These commands, as root user, will recompile and install gpg and gpgv and -their man pages: - - zcat gnupg-1.2.6.tar.gz | tar xvf - - cd gnupg-1.2.6 - patch -p1 <../gnupg-1.2.6.diff - CFLAGS="-O2" LDFLAGS="-static -s" ./configure --prefix=/usr --enable-static-rnd=linux - make - rm -f /usr/share/man/man1/{gpg,gpgv}.1.gz - make install - chown root.root /usr/bin/gpg - chmod 4755 /usr/bin/gpg - -Note: Above instructions create statically linked version of gpg. Static -linking is necessary if you ever decide to encrypt your root partition. - -If /usr/bin directory is not on your root partition, then it is necessary to -move gpg to /bin directory on your root partition: - - cd /usr/bin - mv gpg ../../bin - ln -s ../../bin/gpg gpg - -Debian users may want to put gnupg package on hold like this: - - echo gnupg hold | dpkg --set-selections - - -6. Testing the loop.o driver and losetup program -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -Run this command, as root, and Makefile will run series of tests. - - make tests - -Makefile will display "*** Test results ok ***" message if tests are -completed successfully. If tests fail, do not use the driver as it is -broken. - -If gpg isn't available, then tests that involve decrypting gpg encrypted key -files will fail. You can skip gpg key file tests by specifying -TEST_GPG_TYPES=n on make command line. - - -7. Examples -~~~~~~~~~~~ -Many of following examples depend on gpg encrypted key file. gpg appears to -prevent its own keys from being leaked to swap, but does not appear to -prevent data handled by it from being leaked to swap. In gpg encrypted key -file cases, the data handled by gpg are loop encryption keys, and they may -leak to swap. Therefore, use of gpg encrypted key file depends on encrypted -swap. - -When using gpg encrypted key file, the password that is used to encrypt the -key file is the password that losetup and mount programs want. losetup and -mount programs run gpg to decrypt the key file, and pipe the password to -gpg. gpg then decrypts the file and pipes the real loop keys back to losetup -or mount program. - -Many of following examples need uuencode program. Not all boxes have it -installed by default. If you need to install uuencode program, it is usually -part of sharutils package. - -Many of following examples attempt to use loop in multi-key mode and thus -*require* losetup/mount programs from loop-AES-v2.0b or later. Setting up -multi-key gpg key-file and using that key-file with old single-key only -aware losetup/mount programs is *dangerous*. In multi-key loop cases -"losetup -a" command run by root user should output "multi-key" indicating -that loop is really in multi-key mode. If no "multi-key" string shows up, -your loop setup is a time bomb. If you later upgrade your losetup/mount -programs to version that can understand multi-key mode, those new -losetup/mount programs will correctly setup loop in multi-key mode instead -of single-key mode, and you may not be able to access your data any more. -New losetup/mount programs are compatible with both single-key and multi-key -key-files. New losetup/mount programs will recognize single-key key-files -and set up loop in single-key mode in those cases. Old single-key only aware -losetup/mount programs need single-key examples. None of the following gpg -key-file examples are such. - - -7.1. Example 1 - Encrypting swap on 2.4 and newer kernels -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -Device backed (partition backed) loop is capable of encrypting swap on 2.4 -and newer kernels. File backed loops can't be used for swap. - -First, run "swapoff -a" to turn off swap devices in your /etc/fstab file. -Second, add "loop=/dev/loop?" and "encryption=AES128" options to swap lines -in your /etc/fstab file. Example: - - /dev/hda666 none swap sw,loop=/dev/loop6,encryption=AES128 0 0 - ^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^ -Third, there may be old unencrypted data on your swap devices, in which case -you can try to overwrite that data with command like this: - - dd if=/dev/zero of=/dev/hda666 bs=64k conv=notrunc - mkswap /dev/hda666 - -Fourth, run "swapon -a" and "rm -rf /var/log/ksymoops" and you are done. - -Running "swapon -a" will set up loop devices using random keys, run mkswap -on them, and enable encrypted swap on specified loop devices. Usually your -distro's startup scripts will run the "swapon -a" command so you don't need -to change your startup scripts at all. As expected, "swapoff -a" will tear -down such loop devices. - -Removing /var/log/ksymoops directory is often required because some versions -of modprobe (part of modutils package) try to log loaded modules to -/var/log/ksymoops/*.log files. This is bad because swap is often enabled -(and loop.o modprobe'd to kernel) before any partitions are mounted -writable. Without /var/log/ksymoops directory on root partition, modprobe -will not try to log loaded modules, and you won't see annoying error -messages. - -Note: If you are using encrypted swap and you are upgrading your kernel, you -probably need to build new version of loop.o module that matches your new -kernel *before* you boot the new kernel. See "Instructions for building -loop.o driver" section for more details. - - -7.2. Example 2 - Partition backed loop with gpg encrypted key file -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -This example, originally from Michael H. Warfield, shows how to create an -ext2 file system on encrypted hard disk partition, and creates 64 random -encryption keys that are encrypted using gpg. Store the key file where ever -you like, on separate removable media, USB dongle, or on a smart card if you -like. You have to have both your passphrase and that key file in order to -mount that file system. - -This example uses a fictitious partition /dev/hda666 for storage and -fictitious directory /mnt666 as mount point. A removable USB dongle is -assumed to be (auto-)mounted at /a/usbdongle directory. - -Create 64 random encryption keys and encrypt those keys using gpg. Reading -from /dev/random may take indefinitely long if kernel's random entropy pool -is empty. If that happens, do some other work on some other console (use -keyboard, mouse and disks). Use of gpg encrypted key file depends on -encrypted swap. - - head -c 2880 /dev/random | uuencode -m - | head -n 65 | tail -n 64 \ - | gpg --symmetric -a >/a/usbdongle/keyfile.gpg - -Fill the partition with random looking data. "dd" command may take a while -to execute if partition is large. - - head -c 15 /dev/urandom | uuencode -m - | head -n 2 | tail -n 1 \ - | losetup -p 0 -e AES128 /dev/loop3 /dev/hda666 - dd if=/dev/zero of=/dev/loop3 bs=4k conv=notrunc 2>/dev/null - losetup -d /dev/loop3 - -Add this to your /etc/fstab file: - - /dev/hda666 /mnt666 ext2 defaults,noauto,loop=/dev/loop3,encryption=AES128,gpgkey=/a/usbdongle/keyfile.gpg 0 0 - -The "losetup -F" command asks for passphrase to unlock your key file. -Losetup -F option reads loop related options from /etc/fstab. Partition name -/dev/hda666, encryption=AES128 and gpgkey=/a/usbdongle/keyfile.gpg come from -/etc/fstab. - - losetup -F /dev/loop3 - mkfs -t ext2 /dev/loop3 - losetup -d /dev/loop3 - mkdir /mnt666 - -Now you should be able to mount the file system like this. The "mount" -command asks for passphrase to unlock your key file. - - mount /mnt666 - -Check that loop is really in multi-key mode. Losetup -a output should -include string "multi-key" indicating that loop is really in multi-key mode. -If no "multi-key" string shows up, you somehow managed to mess up gpg key -file generation part or you are trying to use old losetup/mount programs -that only understand single-key mode. - - losetup -a - -You can unmount partition like this: - - umount /mnt666 - -Unmounted filesystem can be fsck'ed like this. -F option reads loop related -options from /etc/fstab. Partition name /dev/hda666, encryption=AES128 and -gpgkey=/a/usbdongle/keyfile.gpg come from /etc/fstab. - - losetup -F /dev/loop3 - fsck -t ext2 -f -y /dev/loop3 - losetup -d /dev/loop3 - - -7.3. Example 3 - Encrypted partition that multiple users can mount -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -This example shows how to create encrypted partition that multiple non-root -users can mount, each with their own gpg key. Non-root users don't have -access to file system key that is actually used to encrypt data. Root can -add or remove user's permission to mount encrypted partition at any time. -This example uses a fictitious partition /dev/hda666 for storage and -fictitious directory /secret1 as mount point. - -Create 64 random file system keys and encrypt those keys using root's gpg -public key. Reading from /dev/random may take indefinitely long if kernel's -random entropy pool is empty. If that happens, do some other work on some -other console (use keyboard, mouse and disks). Use of gpg encrypted key file -depends on encrypted swap. - - umask 077 - head -c 2880 /dev/random | uuencode -m - | head -n 65 | tail -n 64 \ - | gpg -e -a -r "Superuser" > /root/masterkey-secret1.gpg - -Fill the partition with random looking data. "dd" command may take a while -to execute if partition is large. - - head -c 15 /dev/urandom | uuencode -m - | head -n 2 | tail -n 1 \ - | losetup -p 0 -e AES128 /dev/loop0 /dev/hda666 - dd if=/dev/zero of=/dev/loop0 bs=4k conv=notrunc 2>/dev/null - losetup -d /dev/loop0 - -Use file system keys to setup /dev/loop0 to partition /dev/hda666 and create -encrypted ext2 file system. The "losetup -e" command asks for root's gpg -passphrase to unlock root's secret gpg key. - - losetup -e AES128 -K /root/masterkey-secret1.gpg /dev/loop0 /dev/hda666 - mkfs -t ext2 /dev/loop0 - losetup -d /dev/loop0 - mkdir /secret1 - -Add mount information to /etc/fstab file. Something like this: - - /dev/hda666 /secret1 ext2 defaults,user,noauto,encryption=AES128,loop=/dev/loop0,gpgkey=/etc/userkey-secret1.gpg 0 0 - ^^^^ -You may want to check non-obvious side effects of above "user" mount option. -It's all explained in mount man page. - -Create root-only-readable /etc/userkey-secret1.gpg file which contains file -system key encrypted with each user's public key. List all users as -recipient who should be able to mount /secret1 encrypted partition. Repeat -this every time you want to add or remove users. - - umask 077 - gpg --decrypt < /root/masterkey-secret1.gpg | gpg -e -a --always-trust \ - -r "Superuser" -r "John Doe" -r "Tea Lipton" > /etc/userkey-secret1.gpg - -Users can mount encrypted partition like this. mount asks for gpg passphrase -to unlock user's secret gpg key. Each user can use their own gpg key. - - mount /secret1 - -Root user can check that loop is really in multi-key mode. Losetup -a output -should include string "multi-key" indicating that loop is really in -multi-key mode. If no "multi-key" string shows up, you somehow managed to -mess up gpg key file generation part or you are trying to use old -losetup/mount programs that only understand single-key mode. - - losetup -a - -You can unmount partition like this: - - umount /secret1 - -Root user can fsck unmounted filesystem like this. -F option reads loop -related options from /etc/fstab. Partition name /dev/hda666, -encryption=AES128 and gpgkey=/etc/userkey-secret1.gpg come from /etc/fstab. - - losetup -F /dev/loop0 - fsck -t ext2 -f -y /dev/loop0 - losetup -d /dev/loop0 - - -7.4. Example 4 - Encrypting /tmp partition with random keys -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -When mount passphrase hash function is specified as random, mount does not -ask for password but sets up 64 random keys and attempts to put loop to -multi-key mode and creates new file system on that encrypted loop device -before that file system is mounted. - -First, unmount your existing /tmp partition by running "umount /tmp". There -may be open files in there, so you may have to do this from single user -mode. - -Second, add loop= encryption= and phash=random mount options to /etc/fstab -file. The sixth /etc/fstab field (fs_passno) must be zero so that fcsk will -not attempt to check this partition. - - /dev/hda555 /tmp ext2 defaults,loop=/dev/loop2,encryption=AES128,phash=random/1777 0 0 - ^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^ ^ -Third, run "mount /tmp" command and you are done. - -Octal digits after phash=random/ mount option specify initial permissions of -file system root directory that gets created on the loop device. 1777 means -read+write+search permissions for all and sticky bit set. Type "man 2 stat" -for more info about what each bit stands for. - -Encryption keys and plaintext data on above type mount vanish on unmount or -power off. Using journaled file system in such case does not make much -sense, because file system is re-created with different encryption keys on -each mount, and file system jounal is never used. - -This example requires that mount program is derived from util-linux patch -found in loop-AES-v2.2d or later version. - - -7.5. Example 5 - Encrypting root partition -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -Encrypting root partition requires a small unencrypted /boot partition. -Everything else (root, swap and other partitions) can be encrypted. Kernels -and tools required to boot kernels reside in the /boot partition. Included -build-initrd.sh script builds a small "initrd" ram-disk that works with 2.2 -2.4, and 2.6 kernels. build-initrd.sh script depends on having minix file -system support in the kernel and working mkfs.minix program binary. -Util-linux includes source for mkfs.minix if you don't have it and need to -build it yourself. You need to temporarily boot from rescue floppy/CD-ROM or -other partition to do the actual encrypting work. The rescue floppy/CD-ROM -or other partition kernel doesn't need to support loop crypto, so just about -anything that boots will work. - -1) build-initrd.sh script needs dietlibc. Dietlibc source is available - from: - - http://www.fefe.de/dietlibc/ - ftp://ftp.kernel.org/pub/linux/libs/dietlibc/ - - To compile and install dietlibc, follow instructions in the dietlibc - README file. For example, on a x86 box, do this: - - make - install bin-i386/diet /usr/local/bin - -2) You need to use aespipe program (v2.2a or later) with your rescue - floppy/CD-ROM or other partition. aespipe source is available from: - - http://loop-aes.sourceforge.net/ - http://members.tiscali.fi/ce6c8edf/ (limited downloads) - - Download latest version of aespipe-*.tar.bz2 - - Dynamically linked aespipe program may have library dependency problems - with rescue floppy/CD-ROM or other partition C library. To avoid such - trouble, aespipe program needs to be linked statically. Static linking - with glibc makes aespipe much bigger (hundreds of kilobytes), and may - also create link warning about 'getpwuid'. Big program size and link - warning can be ignored here. - - Compile aespipe program like this: - - CFLAGS="-O2" LDFLAGS="-static -s" ./configure - make - make tests - - Copy statically linked aespipe program to /boot partition. - - cp -p aespipe /boot - -3) If you followed advise about recompiling and statically linking gpg - program, you don't need to do that again. However, if you don't have - statically linked gpg, you need to do that now because later steps in - root partition encryption depend on it. - -4) Backup all important data before proceeding with root partition - encryption. - -5) Recompile your kernel. These are required: CONFIG_BLK_DEV_RAM=y - CONFIG_BLK_DEV_RAM_SIZE=4096 CONFIG_BLK_DEV_INITRD=y CONFIG_MINIX_FS=y - CONFIG_PROC_FS=y CONFIG_CRAMFS=n (or CONFIG_CRAMFS=m) - - CONFIG_BLK_DEV_{RAM,INITRD}=y are needed because kernel needs to support - initial ramdisk. CONFIG_MINIX_FS=y is needed because file system on - initrd is minix. CONFIG_CRAMFS=n is needed because cramfs code may - incorrectly detect initrd's compressed minix file system as cramfs file - system. If cramfs must be built-in, then build-initrd.sh must be - configured with USEPIVOT=1, and kernel parameter "rootfstype=minix" must - be added to bootloader configuration file. 2.2.x and older kernels have - neither CONFIG_CRAMFS nor cramfs, so that kernel configuration setting - can be ignored on those kernels. - - All kernel subsystems needed by root and /boot file systems must be - compiled directly into kernel (and not be modules). - - cd /usr/src/linux-2.4.22aa1 - cp .config ../somewhere/somename.config - make distclean - cp ../somewhere/somename.config .config - make config - make dep && make clean && make bzImage - make modules && make modules_install - cat arch/i386/boot/bzImage >/boot/vmlinuz - cp System.map /boot/System.map-2.4.22aa1 - -6) Compile loop-AES loop.o module for your kernel. - - cd ../loop-AES-* - make LINUX_SOURCE=/usr/src/linux-2.4.22aa1 - -7) Copy kernel version specific loop.o (2.4 and older kernels) or loop.ko - (2.6 kernels) to /boot/modules-KERNELRELEASE/ - - mkdir /boot/modules-2.4.22aa1 - ^^^^^^^^^ - cp -p /lib/modules/2.4.22aa1/block/loop.*o /boot/modules-2.4.22aa1/ - ^^^^^^^^^ ^^^^^^^^^ - Note: You need to have a kernel version specific loop.o or loop.ko - module in /boot/modules-KERNELRELEASE/ directory for every kernel you - intend to use. - -8) If your boot scripts automatically run "umount /initrd" and "blockdev - --flushbufs /dev/ram0" commands, you may want to disable those commands. - If you don't disable them, you may see annoying error messages when - booting to encrypted root partition. - - Root partition loop device node is inside initrd, and that device node - will remain busy forever. This means that encrypted root initrd can't be - unmounted and RAM used by initrd file system can't be freed. This - unable-to-unmount side effect is the reason why initrd is intentionally - made as small as possible. - -9) Create 64 random encryption keys and encrypt those keys using gpg. - Reading from /dev/random may take indefinitely long if kernel's random - entropy pool is empty. If that happens, do some other work on some other - console (use keyboard, mouse and disks). Use of gpg encrypted key file - depends on encrypted swap. - - umask 077 - head -c 2880 /dev/random | uuencode -m - | head -n 65 | tail -n 64 \ - | gpg --symmetric -a >/boot/rootkey.gpg - -10) Edit build-initrd.sh to match your setup. Set BOOTDEV, BOOTTYPE, - CRYPTROOT and ROOTTYPE variables to correct values. If you are using 2.2 - or older kernels, set USEPIVOT=0 because 2.2 and older kernels do not - have pivot_root functionality. You may also want to set - LOADNATIONALKEYB=1 and manually copy your uncompressed national keyboard - layout file (in "loadkeys" format) to /boot/default.kmap - - loadkeys configuration files for some popular distros: - - Debian: /etc/console/boottime.kmap.gz - Mandrake: /usr/lib/kbd/keymaps/i386/qwert[yz]/*.kmap.gz - Red Hat: /lib/kbd/keymaps/i386/qwert[yz]/*.kmap.gz - SuSE: /usr/lib/kbd/keymaps/i386/qwert[yz]/*.map.gz - Slackware: /usr/share/kbd/keymaps/i386/qwert[yz]/*.map.gz - - Or alternatively, you can create keyboard map using your current - keyboard layout. Like this: - - dumpkeys >/boot/default.kmap - - devfs enabled kernel users (CONFIG_DEVFS_FS=y and CONFIG_DEVFS_MOUNT=y - in kernel configuration) need to pay special attention to comments above - these build-initrd.sh options: USEDEVFS, BOOTDEV, CRYPTROOT and - EXTERNALGPGDEV. - -11) Edit /etc/lilo.conf (or whatever) and set root= initrd= and append= as - explained in comments at beginning of build-initrd.sh script. - -12) Build a new /boot/initrd.gz - - ./build-initrd.sh - - Note: /boot/initrd.gz is supposed to be small (2 KB to 3 KB). All other - utilities (loop.o module, insmod, losetup, loadkeys and possibly - libraries) are copied to /boot directory. Libraries are not copied if - programs are statically linked. - -13) Run lilo (or whatever) - - lilo - -14) Reboot your computer from rescue floppy/CD-ROM or other partition, so - that the partition you are about to encrypt is *not* mounted. - -15) Now you should be running a shell from rescue floppy/CD-ROM or other - partition. This example assumes that /dev/hda1 is your /boot partition - and /dev/hda2 is your root partition. Temporarily mount your root - partition under /mnt - - mount -t ext2 /dev/hda2 /mnt - -16) Edit root partition entry in /mnt/etc/fstab file. Replace old /dev/hda2 - with /dev/loop5 or whatever loop you are using for root partition. Loop - device number must match ROOTLOOPINDEX= in build-initrd.sh - configuration. The default in build-initrd.sh is 5, meaning /dev/loop5. - - Old /etc/fstab line: - /dev/hda2 / ext2 defaults 0 1 - New /etc/fstab line: - /dev/loop5 / ext2 defaults 0 1 - - devfs enabled kernel users (CONFIG_DEVFS_FS=y and CONFIG_DEVFS_MOUNT=y - in kernel configuration) need to substitute /dev/loop5 with /dev/loop/5 - -17) Unmount your root partition (and sync for extra safety). - - umount /mnt - sync - -18) Mount your normal /boot partition under /mnt so that you can use - previously built statically linked aespipe and gpg programs and read gpg - encrypted key file 'rootkey.gpg'. Statically linked gpg program was - copied there by build-initrd.sh script. - - mount -r -t ext2 /dev/hda1 /mnt - -19) Use dd program to read your root partition contents, pipe that data - through aespipe program, and finally write encrypted data back to same - partition with another dd program. This is going to take a while if - partition is large. - - dd if=/dev/hda2 bs=64k \ - | /mnt/aespipe -e AES128 -K /mnt/rootkey.gpg -G / \ - | dd of=/dev/hda2 bs=64k conv=notrunc - - aespipe program tries to run gpg from obvious locations on your rescue - floppy/CD-ROM file system, but if it can't find gpg from those obvious - locations, aespipe finally tries to run gpg from same directory that - aespipe was run from (/mnt/) and should find statically linked gpg - program there. - -20) Clean up and reboot your computer. - - umount /mnt - sync - reboot - -If you are upgrading kernel of a system where root partition is already -encrypted, only steps 5 to 7 and 13 are needed. /boot/initrd.gz is kernel -independent and there is no need to re-create it for each kernel. However, -if you are upgrading from 2.4 kernel to 2.6 kernel, new insmod may need to -be copied to /boot directory by running step 12 before running step 13. - -If you want to fsck and mount partitions automatically and are indeed -encrypting root partition, it may be easier to just losetup required -partitions early in init scripts (before partitions are fsck'ed and -mounted). Don't losetup root partition again, as root partition has already -been losetup'ed by /linuxrc program in the "initrd" ram-disk. - -Init scripts reside on root partition and encryption keys within such init -scripts are protected by root partition encryption. Of course, init scripts -containing sensitive keys must be readable only by root user: - - -rwx------ 1 root root 162 Nov 24 19:23 /etc/rcS.d/S07losetup.sh - -Here is an example of /etc/rcS.d/S07losetup.sh Debian init script. Other -distros may store such init scripts in different directory under different -name. On SuSE, /etc/init.d/boot.d/S01losetup.sh may be more appropriate. - -#!/bin/sh -echo "Pd1eXapMJk0XAJnNSIzE" | losetup -p 0 -e AES128 -K /etc/swapkey.gpg /dev/loop6 /dev/hda666 -echo "D0aZNSNnu6FdAph+zrHt" | losetup -p 0 -e AES128 -K /etc/homekey.gpg /dev/loop4 /dev/hdd666 - -Above partitions use gpg encrypted key files. Having encrypted files on -encrypted partition may seem little bit silly, but currently -K option is -the easiest way to activate multi-key mode with more secure MD5 IV -computation. - -Here are example lines of /etc/fstab file. It's not necessary to give -"loop=/dev/loop4,encryption=AES128" mount options as loop devices are -already losetup'ed and there is no need for mount program to do that again. - - /dev/loop5 / ext2 defaults 0 1 - /dev/loop6 none swap sw 0 0 - /dev/loop4 /home ext2 defaults 0 2 - -In above example, device /dev/hda666 is used as encrypted swap with fixed -key. If you set up swap with fixed key like in above example, don't forget -to initialize swap space by running "mkswap /dev/loop6" once. /dev/hdd666 is -used as encrypted /home partition. /dev/loop5 is encrypted root partition, -and it set up by /linuxrc program in "initrd" ram-disk. - - -7.6. Example 6 - Boot from CD-ROM + encrypted root partition -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -Here is slight variation of above 'encrypting root partition' instructions. -Computer gets booted from read-only CD-ROM and there is no need for any -unencrypted partitions on the hard disk. - -1-6) Same as above 'encrypting root partition' steps 1-6. - -7) Copy kernel version specific loop.o or loop.ko module to CD-ROM source - directory - - rm -r -f /boot/iso/modules-* - mkdir -p /boot/iso/modules-2.4.22aa1 - ^^^^^^^^^ - cp -p /lib/modules/2.4.22aa1/block/loop.*o /boot/iso/modules-2.4.22aa1/ - ^^^^^^^^^ ^^^^^^^^^ -8-9) Same as above 'encrypting root partition' steps 8-9, with exception - that in step 9 you must write rootkey.gpg to /boot/iso directory instead - of /boot directory. - -10a) Contents of /boot/initrd.conf configuration file are below. - - BOOTDEV=/dev/hdc # CD-ROM device - BOOTTYPE=iso9660 - CRYPTROOT=/dev/hda2 - ROOTTYPE=ext2 - CIPHERTYPE=AES128 - DESTINATIONPREFIX=/boot/iso - INITRDGZNAME=../initrd.gz - LOADNATIONALKEYB=1 - - devfs enabled kernel users (CONFIG_DEVFS_FS=y and CONFIG_DEVFS_MOUNT=y - in kernel configuration) need to pay special attention to comments above - these build-initrd.sh options: USEDEVFS, BOOTDEV, CRYPTROOT and - EXTERNALGPGDEV. - -10b) Copy your national keyboard layout to CD-ROM source directory in - uncompressed form. - - dumpkeys >/boot/iso/default.kmap - -11) Contents of /etc/lilo.conf configuration file are below. Two copies of - '/dev/loop7' on first two lines refer to temporary file backed loop - mount that is mounted on /mnt later in step 13a. - - boot=/dev/loop7 - disk=/dev/loop7 - bios=0x00 - sectors=36 - heads=2 - cylinders=80 - geometric - compact - read-only - prompt - timeout=30 - vga=normal - backup=/dev/null - install=text - map=/mnt/map - image=/mnt/vmlinuz - label=Linux - append="init=/linuxrc rootfstype=minix" - initrd=/mnt/initrd.gz - root=/dev/ram0 - -12) Build new /boot/initrd.gz - - ./build-initrd.sh /boot/initrd.conf - -13a) Build and mount minix file system on floppy image - - dd if=/dev/zero of=/boot/iso/fdimage.bin bs=1024 count=2880 - mkfs -t minix -i 32 /boot/iso/fdimage.bin 2880 - mount -t minix /boot/iso/fdimage.bin /mnt -o loop=/dev/loop7 - -13b) Copy kernel and initrd.gz to floppy image - - cp -p /boot/vmlinuz /mnt/vmlinuz - cp -p /boot/initrd.gz /mnt/initrd.gz - -13c) Run lilo and unmount floppy image - - lilo - umount /mnt - sync - -13d) Create boot CD-ROM image - - mkisofs -r -b fdimage.bin /boot/iso >/boot/bootcdimage.iso - -13e) Burn /boot/bootcdimage.iso to CD-R. Resulting CD-ROM is your boot - CD-ROM that you use to boot to encrypted root, not the rescue CD-ROM - referred to in above 'encrypting root partition' step 14. - - You may want to burn two copies or at least archive bootcdimage.iso to - some unencrypted partition so that you can burn new copy if original - CD-ROM gets damaged. - -13f) Temporarily disable swap partitions and put a "temporary file system on - swap" into one of swap partitions. This example assumes that /dev/hda3 - is such swap partition. The 'dd' command clears first 64KB of that - partition so that dangerously buggy rescue floppies/CD-ROMs don't enable - swap on it. - - swapoff -a - dd if=/dev/zero of=/dev/hda3 bs=64k count=1 conv=notrunc - mkfs -t ext2 /dev/hda3 - mount -t ext2 /dev/hda3 /mnt - -13g) Copy statically linked aespipe and gpg programs and rootkey.gpg file to - "temporary file system on swap" partition. - - cp -p /boot/aespipe /boot/iso/rootkey.gpg /usr/bin/gpg /mnt - umount /mnt - -14-19) Same as above 'encrypting root partition' steps 14-19, with exception - that in step 18 you must rw mount (no -r option to mount) "temporary - file system on swap" /dev/hda3 instead of /boot partition. - -20) Clean up and reboot your computer. The 'dd' command attempts to - overwrite gpg encrypted root partition key file and 'mkswap' command - restores "temporary file system on swap" /dev/hda3 back to swap usage. - - dd if=/dev/zero of=/mnt/rootkey.gpg bs=64k count=1 conv=notrunc - umount /mnt - sync - mkswap /dev/hda3 - sync - reboot - -If you are upgrading kernel of a system where root partition is already -encrypted, only steps 5 to 7 and 13a to 13e are needed. However, if you are -upgrading from 2.4 kernel to 2.6 kernel, new insmod may need to be copied to -/boot/iso directory by running step 12 before running step 13a. - - -8. Security levels -~~~~~~~~~~~~~~~~~~ -Loop encryption key can be set up in different ways. Just in case it isn't -obvious how these different ways rank security wise, here is a list of -security levels from 1 (highest security) to 4 (lowest security). - -1) gpg encrypted 'multi-key' key file and/or gpg public+private keys are - stored on separate removable USB dongle that is not available to - attacker. If USB dongle and its key files are available to attacker, - security level is equivalent to level 2. (Example 2) - -2) gpg encrypted 'multi-key' key file and gpg public+private keys are - stored on disk that is available to attacker. This assumes that included - gpg patch is applied to gpg and symmetric cipher encrypted key file or - private keyring password was created/changed with patched version. - (Example 3) - -3) Loop is used in single-key mode. Random password seed and iteration - count are used to slow down optimized dictionary attacks. This level is - vulnerable to watermark attacks. Watermarked files contain special bit - patterns that can be detected without decryption. - -4) Loop is used in single-key mode. Neither password seed nor gpg encrypted - key file are used. This level is vulnerable to optimized dictionary - attacks as well as watermark attacks. (mainline linux cryptoloop is - example of this type of backdoored crypto) - - -9. Performance tuning for 2.4 and newer kernels -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -Loop-AES driver for 2.4 and newer kernels understand two additional options: -lo_prealloc and lo_nice. First number of 'lo_prealloc' is the default number -of RAM pages to pre-allocate for each device backed (partition backed) loop. -Every configured device backed loop pre-allocates this amount of RAM pages -unless later 'lo_prealloc' numbers provide an override. 'lo_prealloc' -overrides are defined in pairs: loop_index,number_of_pages. If 'lo_prealloc' -is undefined, all pre-allocations default to 125 pages. A maximum of four -overrides (four number pairs) can be used. - -This example line added to your /etc/modules.conf file means that each -device backed loop device pre-allocates 100 pages of RAM at losetup/mount -time, except that /dev/loop6 allocates 200 pages, and /dev/loop5 allocates -250 pages. - - options loop lo_prealloc=100,6,200,5,250 - -On x86 systems page size is 4 Kbytes, some other architectures have 8 Kbyte -page size. - -lo_nice option sets scheduler nice for loop helper threads. Values between 0 -(low priority) to -20 (high priority) can be used. If loop transfers are -disk transfer rate limited, lowering loop thread priority may improve -performance. If loop transfers are CPU processing power limited, increasing -loop thread priority may improve performance. renice(8) command can be used -to alter nice values of loop helper threads while loop is being used. -Example /etc/modules.conf line: - - options loop lo_nice=-4 - -If lo_nice is not set, default nice value for kernels with old scheduler is --20. For kernels with O(1) scheduler, default nice value is -1. - -2.6 kernels include anticipatory (the default) and deadline I/O schedulers. -Deadline I/O scheduler may improve performance of device backed loop -devices. Please read kernel's Documentation/as-iosched.txt file for more -information. - - -10. Files -~~~~~~~~~ -ChangeLog History of changes and public releases. - -Makefile Makefile to build and install loop.o module. - -README This README file. - -aes-GPL.diff A patch for aes-amd64.S and aes-x86.S files that - updates licenses to be fully GPL compatible. - aes-amd64.S and aes-x86.S files are derived from - Brian Gladman's December 2001 published version - that had no mention of GPL, but both Brian - Gladman and Jari Ruusu permit this license - change. - -aes-amd64.S Optimized assembler implementation of AES cipher - for AMD64 and compatible processors. - -aes-x86.S Optimized assembler implementation of AES cipher - for x86 processors. - -aes.[ch] AES encryption functions, portable and usable in - kernel and in user space, as well as in other - operating systems. - -build-initrd.sh Bash shell script to build a small initrd - ram-disk that can be used when root partition is - encrypted. - -dkms.conf Configuration file for Dynamic Kernel Module - Support. http://linux.dell.com/dkms/dkms.html - for more info. This dkms.conf can't be used to - compile loop module with partial kernel sources - that some distros provide. Build procedure - depends on presence of full kernel sources, and - using partial kernel source to build loop module - will guarantee miscompiled loop module. - -glue.c Glue logic between loop driver and encryption - functions in aes.c / aes-*.S and md5.c / md5-*.S - -gnupg-*.diff Optional patch for gpg that increases password - iteration and thus slows down dictionary attacks - against gpg encrypted key files. - -gpgkey[12].asc gpg encrypted key files that are used by - Makefile when "make tests" command is run. These - key files are encrypted with symmetric cipher - using 12345678901234567890 password. - -kernel-2.[46].*.diff Kernel patch for those people who prefer not to - use modules. Before this patch can be applied to - your kernel, drivers/block/loop.c and - include/linux/loop.h source files must be - removed using 'rm' command. Obviously applying - this patch changes your kernel sources, so this - is not entirely hassle free. This patch is - against recent mainline kernel. If this patch - doesn't apply cleanly to your kernel, I don't - want to know about it. Note: you only need to - build loop.o module or apply this patch but not - both. - -loop.c-2.[02].diff Kernel version specific patches that fix bugs - and preregisters AES cipher transfer to latest - loop.c source. - -loop.c-2.[02].original Unmodified loop.c sources that are used as - secondary source if patch does not apply cleanly - to primary source. Primary source is the loop.c - of your kernel. - -loop.c-2.[46].patched Pre-patched loop.c sources for kernels where - changes are so extensive that distributing - *.original plus *.diff does not make sense. - -md5-amd64.S Optimized assembler implementation of MD5 - transform function for AMD64 and compatible - processors. - -md5-x86.S Optimized assembler implementation of MD5 - transform function for x86 processors. - -md5.[ch] MD5 transform function implementation that is - used to compute IVs. This source code was copied - from Linux kernel CryptoAPI implementation. - -util-linux-2.12*.diff Util-linux patch that adds support for AES and - other ciphers. - - -11. Credits -~~~~~~~~~~~ -This package uses AES cipher sources that were originally written by -Dr Brian Gladman: - -// Copyright (c) 2001, Dr Brian Gladman , Worcester, UK. -// All rights reserved. -// -// TERMS -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted subject to the following conditions: -// -// 1. Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright -// notice, this list of conditions and the following disclaimer in the -// documentation and/or other materials provided with the distribution. -// -// 3. The copyright holder's name must not be used to endorse or promote -// any products derived from this software without his specific prior -// written permission. -// -// This software is provided 'as is' with no express or implied warranties -// of correctness or fitness for purpose. - -Util-linux patch has few lines of documentation copied from international -crypto patch: -p option documentation in losetup and mount man pages were -written by Marc Mutz. - -Util-linux patch includes rmd160.[ch] files that were copied from -international crypto patch: they were originally written by GnuPG team and -modified by Marc Mutz. diff --git a/README.loop-AES-v2.2d.SuSE b/README.loop-AES-v2.2d.SuSE deleted file mode 100644 index 9ba6775..0000000 --- a/README.loop-AES-v2.2d.SuSE +++ /dev/null @@ -1,11 +0,0 @@ -loop-AES patch in util-linux -============================ - -To enhance the feature of mount, umount, losetup, swapon and swapoff we have -included the patch to util-linux from Jari Ruusu's loop-AES package -(http://loop-aes.sourceforge.net/). More details about this patch can be found -in /usr/share/doc/packages/util-linux/README.loop-AES-* -Please note, that we have only used the patch to util-linux and not the ones -for gpg or the new kernel loop driver. - -Your SuSE team diff --git a/etc_filesystems b/etc_filesystems new file mode 100644 index 0000000..a0d3c30 --- /dev/null +++ b/etc_filesystems @@ -0,0 +1,5 @@ +vfat +hfs +minix +reiserfs +* diff --git a/guessfstype.8 b/guessfstype.8 deleted file mode 100644 index 35bf2fd..0000000 --- a/guessfstype.8 +++ /dev/null @@ -1,13 +0,0 @@ -.\" Michal Svec -.TH GUESSFSTYPE 8 "25 January 2002" "Linux 2.4" "Linux Programmer's Manual" -.SH NAME -guessfstype \- guess the device file system type -.SH SYNOPSIS -.BI guessfstype " device" -.SH DESCRIPTION -.B guessfstype -guess the device file system type from the device super block -.SH "SEE ALSO" -.BR mount (8) -.SH AUTHOR -Michal Svec diff --git a/guessfstype2.patch b/guessfstype2.patch deleted file mode 100644 index 24c4593..0000000 --- a/guessfstype2.patch +++ /dev/null @@ -1,48 +0,0 @@ ---- util-linux-2.12q/mount/guessfstype.c -+++ util-linux-2.12q/mount/guessfstype.c -@@ -0,0 +1,22 @@ -+#include -+#include "mount_guess_fstype.h" -+ -+int verbose = 0; -+int mount_quiet=0; -+int sloppy = 0; -+ -+char *progname; -+ -+int main(int argc, char *argv[]) { -+ char *device, *type; -+ -+ if(argc != 2) return 1; -+ -+ progname = argv[0]; -+ device = argv[1]; -+ -+ type = do_guess_fstype(device); -+ printf("%s *appears* to be: %s\n", device, type); -+ -+ return 0; -+} ---- util-linux-2.12q/mount/Makefile -+++ util-linux-2.12q/mount/Makefile -@@ -11,7 +11,7 @@ - LINK = $(CC) $(LDFLAGS) - - SUID_PROGS = mount umount --NOSUID_PROGS = swapon losetup -+NOSUID_PROGS = swapon losetup guessfstype - MAN5 = fstab.5 nfs.5 - MAN8 = mount.8 swapoff.8 swapon.8 umount.8 losetup.8 - -@@ -57,6 +57,11 @@ - version.o $(LIB)/env.o loumount.o - $(LINK) $^ -o $@ $(BLKID_LIB) - -+guessfstype: guessfstype.o mount_guess_fstype.o sundries.o realpath.o \ -+ fstab.o mntent.o get_label_uuid.o mount_blkid.o mount_by_label.o \ -+ xmalloc.o -+ $(LINK) $^ -o $@ -+ - swapon: swapon.o version.o xmalloc.o \ - get_label_uuid.o mount_by_label.o mount_blkid.o loop.o sha512.o $(LIB)/xstrncpy.o - $(LINK) $^ -o $@ $(BLKID_LIB) diff --git a/loop-AES-v3.0a-util-linux-2.12p.diff b/loop-AES-v3.0a-util-linux-2.12p.diff deleted file mode 100644 index 6301224..0000000 --- a/loop-AES-v3.0a-util-linux-2.12p.diff +++ /dev/null @@ -1,4345 +0,0 @@ -If this patch does not apply cleanly to newer version of util-linux, try -replacing original lomount.c lomount.h loop.h losetup.8 files in mount -subdirectory with versions from util-linux that the patch is for. And then -apply this patch. - -================================================================================ ---- util-linux-2.12q/mount/aes.c -+++ util-linux-2.12q/mount/aes.c -@@ -0,0 +1,299 @@ -+// I retain copyright in this code but I encourage its free use provided -+// that I don't carry any responsibility for the results. I am especially -+// happy to see it used in free and open source software. If you do use -+// it I would appreciate an acknowledgement of its origin in the code or -+// the product that results and I would also appreciate knowing a little -+// about the use to which it is being put. I am grateful to Frank Yellin -+// for some ideas that are used in this implementation. -+// -+// Dr B. R. Gladman 6th April 2001. -+// -+// This is an implementation of the AES encryption algorithm (Rijndael) -+// designed by Joan Daemen and Vincent Rijmen. This version is designed -+// to provide both fixed and dynamic block and key lengths and can also -+// run with either big or little endian internal byte order (see aes.h). -+// It inputs block and key lengths in bytes with the legal values being -+// 16, 24 and 32. -+ -+/* -+ * Modified by Jari Ruusu, May 1 2001 -+ * - Fixed some compile warnings, code was ok but gcc warned anyway. -+ * - Changed basic types: byte -> unsigned char, word -> u_int32_t -+ * - Major name space cleanup: Names visible to outside now begin -+ * with "aes_" or "AES_". A lot of stuff moved from aes.h to aes.c -+ * - Removed C++ and DLL support as part of name space cleanup. -+ * - Eliminated unnecessary recomputation of tables. (actual bug fix) -+ * - Merged precomputed constant tables to aes.c file. -+ * - Removed data alignment restrictions for portability reasons. -+ * - Made block and key lengths accept bit count (128/192/256) -+ * as well byte count (16/24/32). -+ * - Removed all error checks. This change also eliminated the need -+ * to preinitialize the context struct to zero. -+ * - Removed some totally unused constants. -+ */ -+ -+/* -+ * Modified by Jari Ruusu, June 9 2003 -+ * - Removed all code not necessary for small size -+ * optimized encryption using 256 bit keys. -+ */ -+ -+#include "aes.h" -+ -+#if AES_BLOCK_SIZE != 16 -+#error an illegal block size has been specified -+#endif -+ -+// upr(x,n): rotates bytes within words by n positions, moving bytes -+// to higher index positions with wrap around into low positions -+// bval(x,n): extracts a byte from a word -+ -+#define upr(x,n) (((x) << 8 * (n)) | ((x) >> (32 - 8 * (n)))) -+#define bval(x,n) ((unsigned char)((x) >> 8 * (n))) -+#define bytes2word(b0, b1, b2, b3) \ -+ ((u_int32_t)(b3) << 24 | (u_int32_t)(b2) << 16 | (u_int32_t)(b1) << 8 | (b0)) -+ -+#if defined(i386) || defined(_I386) || defined(__i386__) || defined(__i386) -+/* little endian processor without data alignment restrictions */ -+#define word_in(x) *(u_int32_t*)(x) -+#define word_out(x,v) *(u_int32_t*)(x) = (v) -+#else -+/* slower but generic big endian or with data alignment restrictions */ -+#define word_in(x) ((u_int32_t)(((unsigned char *)(x))[0])|((u_int32_t)(((unsigned char *)(x))[1])<<8)|((u_int32_t)(((unsigned char *)(x))[2])<<16)|((u_int32_t)(((unsigned char *)(x))[3])<<24)) -+#define word_out(x,v) ((unsigned char *)(x))[0]=(v),((unsigned char *)(x))[1]=((v)>>8),((unsigned char *)(x))[2]=((v)>>16),((unsigned char *)(x))[3]=((v)>>24) -+#endif -+ -+// the finite field modular polynomial and elements -+ -+#define ff_poly 0x011b -+#define ff_hi 0x80 -+ -+static int tab_gen = 0; -+static unsigned char s_box[256]; // the S box -+static u_int32_t rcon_tab[AES_RC_LENGTH]; // table of round constants -+static u_int32_t ft_tab[4][256]; -+static u_int32_t fl_tab[4][256]; -+ -+// Generate the tables for the dynamic table option -+ -+// It will generally be sensible to use tables to compute finite -+// field multiplies and inverses but where memory is scarse this -+// code might sometimes be better. -+ -+// return 2 ^ (n - 1) where n is the bit number of the highest bit -+// set in x with x in the range 1 < x < 0x00000200. This form is -+// used so that locals within FFinv can be bytes rather than words -+ -+static unsigned char hibit(const u_int32_t x) -+{ unsigned char r = (unsigned char)((x >> 1) | (x >> 2)); -+ -+ r |= (r >> 2); -+ r |= (r >> 4); -+ return (r + 1) >> 1; -+} -+ -+// return the inverse of the finite field element x -+ -+static unsigned char FFinv(const unsigned char x) -+{ unsigned char p1 = x, p2 = 0x1b, n1 = hibit(x), n2 = 0x80, v1 = 1, v2 = 0; -+ -+ if(x < 2) return x; -+ -+ for(;;) -+ { -+ if(!n1) return v1; -+ -+ while(n2 >= n1) -+ { -+ n2 /= n1; p2 ^= p1 * n2; v2 ^= v1 * n2; n2 = hibit(p2); -+ } -+ -+ if(!n2) return v2; -+ -+ while(n1 >= n2) -+ { -+ n1 /= n2; p1 ^= p2 * n1; v1 ^= v2 * n1; n1 = hibit(p1); -+ } -+ } -+} -+ -+// define the finite field multiplies required for Rijndael -+ -+#define FFmul02(x) ((((x) & 0x7f) << 1) ^ ((x) & 0x80 ? 0x1b : 0)) -+#define FFmul03(x) ((x) ^ FFmul02(x)) -+ -+// The forward and inverse affine transformations used in the S-box -+ -+#define fwd_affine(x) \ -+ (w = (u_int32_t)x, w ^= (w<<1)^(w<<2)^(w<<3)^(w<<4), 0x63^(unsigned char)(w^(w>>8))) -+ -+static void gen_tabs(void) -+{ u_int32_t i, w; -+ -+ for(i = 0, w = 1; i < AES_RC_LENGTH; ++i) -+ { -+ rcon_tab[i] = bytes2word(w, 0, 0, 0); -+ w = (w << 1) ^ (w & ff_hi ? ff_poly : 0); -+ } -+ -+ for(i = 0; i < 256; ++i) -+ { unsigned char b; -+ -+ s_box[i] = b = fwd_affine(FFinv((unsigned char)i)); -+ -+ w = bytes2word(b, 0, 0, 0); -+ fl_tab[0][i] = w; -+ fl_tab[1][i] = upr(w,1); -+ fl_tab[2][i] = upr(w,2); -+ fl_tab[3][i] = upr(w,3); -+ w = bytes2word(FFmul02(b), b, b, FFmul03(b)); -+ ft_tab[0][i] = w; -+ ft_tab[1][i] = upr(w,1); -+ ft_tab[2][i] = upr(w,2); -+ ft_tab[3][i] = upr(w,3); -+ } -+} -+ -+#define four_tables(x,tab,vf,rf,c) \ -+ ( tab[0][bval(vf(x,0,c),rf(0,c))] \ -+ ^ tab[1][bval(vf(x,1,c),rf(1,c))] \ -+ ^ tab[2][bval(vf(x,2,c),rf(2,c))] \ -+ ^ tab[3][bval(vf(x,3,c),rf(3,c))]) -+ -+#define vf1(x,r,c) (x) -+#define rf1(r,c) (r) -+#define rf2(r,c) ((r-c)&3) -+ -+#define ls_box(x,c) four_tables(x,fl_tab,vf1,rf2,c) -+ -+#define nc (AES_BLOCK_SIZE / 4) -+ -+// Initialise the key schedule from the user supplied key. -+// The key length is now specified in bytes, 32. -+// This corresponds to bit length of 256 bits, and -+// to Nk value of 8 respectively. -+ -+void aes_set_key(aes_context *cx, const unsigned char in_key[], int n_bytes, const int f) -+{ u_int32_t *kf, *kt, rci; -+ -+ if(!tab_gen) { gen_tabs(); tab_gen = 1; } -+ -+ cx->aes_Nkey = 8; -+ cx->aes_Nrnd = (cx->aes_Nkey > nc ? cx->aes_Nkey : nc) + 6; -+ -+ cx->aes_e_key[0] = word_in(in_key ); -+ cx->aes_e_key[1] = word_in(in_key + 4); -+ cx->aes_e_key[2] = word_in(in_key + 8); -+ cx->aes_e_key[3] = word_in(in_key + 12); -+ -+ kf = cx->aes_e_key; -+ kt = kf + nc * (cx->aes_Nrnd + 1) - cx->aes_Nkey; -+ rci = 0; -+ -+ switch(cx->aes_Nkey) -+ { -+ case 8: cx->aes_e_key[4] = word_in(in_key + 16); -+ cx->aes_e_key[5] = word_in(in_key + 20); -+ cx->aes_e_key[6] = word_in(in_key + 24); -+ cx->aes_e_key[7] = word_in(in_key + 28); -+ do -+ { kf[ 8] = kf[0] ^ ls_box(kf[7],3) ^ rcon_tab[rci++]; -+ kf[ 9] = kf[1] ^ kf[ 8]; -+ kf[10] = kf[2] ^ kf[ 9]; -+ kf[11] = kf[3] ^ kf[10]; -+ kf[12] = kf[4] ^ ls_box(kf[11],0); -+ kf[13] = kf[5] ^ kf[12]; -+ kf[14] = kf[6] ^ kf[13]; -+ kf[15] = kf[7] ^ kf[14]; -+ kf += 8; -+ } -+ while (kf < kt); -+ break; -+ } -+} -+ -+// y = output word, x = input word, r = row, c = column -+// for r = 0, 1, 2 and 3 = column accessed for row r -+ -+#define s(x,c) x[c] -+ -+// I am grateful to Frank Yellin for the following constructions -+// which, given the column (c) of the output state variable that -+// is being computed, return the input state variables which are -+// needed for each row (r) of the state -+ -+// For the fixed block size options, compilers reduce these two -+// expressions to fixed variable references. For variable block -+// size code conditional clauses will sometimes be returned -+ -+#define fwd_var(x,r,c) \ -+ ( r==0 ? \ -+ ( c==0 ? s(x,0) \ -+ : c==1 ? s(x,1) \ -+ : c==2 ? s(x,2) \ -+ : c==3 ? s(x,3) \ -+ : c==4 ? s(x,4) \ -+ : c==5 ? s(x,5) \ -+ : c==6 ? s(x,6) \ -+ : s(x,7)) \ -+ : r==1 ? \ -+ ( c==0 ? s(x,1) \ -+ : c==1 ? s(x,2) \ -+ : c==2 ? s(x,3) \ -+ : c==3 ? nc==4 ? s(x,0) : s(x,4) \ -+ : c==4 ? s(x,5) \ -+ : c==5 ? nc==8 ? s(x,6) : s(x,0) \ -+ : c==6 ? s(x,7) \ -+ : s(x,0)) \ -+ : r==2 ? \ -+ ( c==0 ? nc==8 ? s(x,3) : s(x,2) \ -+ : c==1 ? nc==8 ? s(x,4) : s(x,3) \ -+ : c==2 ? nc==4 ? s(x,0) : nc==8 ? s(x,5) : s(x,4) \ -+ : c==3 ? nc==4 ? s(x,1) : nc==8 ? s(x,6) : s(x,5) \ -+ : c==4 ? nc==8 ? s(x,7) : s(x,0) \ -+ : c==5 ? nc==8 ? s(x,0) : s(x,1) \ -+ : c==6 ? s(x,1) \ -+ : s(x,2)) \ -+ : \ -+ ( c==0 ? nc==8 ? s(x,4) : s(x,3) \ -+ : c==1 ? nc==4 ? s(x,0) : nc==8 ? s(x,5) : s(x,4) \ -+ : c==2 ? nc==4 ? s(x,1) : nc==8 ? s(x,6) : s(x,5) \ -+ : c==3 ? nc==4 ? s(x,2) : nc==8 ? s(x,7) : s(x,0) \ -+ : c==4 ? nc==8 ? s(x,0) : s(x,1) \ -+ : c==5 ? nc==8 ? s(x,1) : s(x,2) \ -+ : c==6 ? s(x,2) \ -+ : s(x,3))) -+ -+#define si(y,x,k,c) s(y,c) = word_in(x + 4 * c) ^ k[c] -+#define so(y,x,c) word_out(y + 4 * c, s(x,c)) -+ -+#define fwd_rnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,ft_tab,fwd_var,rf1,c) -+#define fwd_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,fl_tab,fwd_var,rf1,c) -+ -+#define locals(y,x) x[4],y[4] -+ -+#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \ -+ s(y,2) = s(x,2); s(y,3) = s(x,3); -+#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3) -+#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3) -+#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3) -+ -+void aes_encrypt(const aes_context *cx, const unsigned char in_blk[], unsigned char out_blk[]) -+{ u_int32_t locals(b0, b1); -+ const u_int32_t *kp = cx->aes_e_key; -+ -+ state_in(b0, in_blk, kp); kp += nc; -+ -+ { u_int32_t rnd; -+ -+ for(rnd = 0; rnd < cx->aes_Nrnd - 1; ++rnd) -+ { -+ round(fwd_rnd, b1, b0, kp); -+ l_copy(b0, b1); kp += nc; -+ } -+ -+ round(fwd_lrnd, b0, b1, kp); -+ } -+ -+ state_out(out_blk, b0); -+} ---- util-linux-2.12q/mount/aes.h -+++ util-linux-2.12q/mount/aes.h -@@ -0,0 +1,97 @@ -+// I retain copyright in this code but I encourage its free use provided -+// that I don't carry any responsibility for the results. I am especially -+// happy to see it used in free and open source software. If you do use -+// it I would appreciate an acknowledgement of its origin in the code or -+// the product that results and I would also appreciate knowing a little -+// about the use to which it is being put. I am grateful to Frank Yellin -+// for some ideas that are used in this implementation. -+// -+// Dr B. R. Gladman 6th April 2001. -+// -+// This is an implementation of the AES encryption algorithm (Rijndael) -+// designed by Joan Daemen and Vincent Rijmen. This version is designed -+// to provide both fixed and dynamic block and key lengths and can also -+// run with either big or little endian internal byte order (see aes.h). -+// It inputs block and key lengths in bytes with the legal values being -+// 16, 24 and 32. -+ -+/* -+ * Modified by Jari Ruusu, May 1 2001 -+ * - Fixed some compile warnings, code was ok but gcc warned anyway. -+ * - Changed basic types: byte -> unsigned char, word -> u_int32_t -+ * - Major name space cleanup: Names visible to outside now begin -+ * with "aes_" or "AES_". A lot of stuff moved from aes.h to aes.c -+ * - Removed C++ and DLL support as part of name space cleanup. -+ * - Eliminated unnecessary recomputation of tables. (actual bug fix) -+ * - Merged precomputed constant tables to aes.c file. -+ * - Removed data alignment restrictions for portability reasons. -+ * - Made block and key lengths accept bit count (128/192/256) -+ * as well byte count (16/24/32). -+ * - Removed all error checks. This change also eliminated the need -+ * to preinitialize the context struct to zero. -+ * - Removed some totally unused constants. -+ */ -+ -+#ifndef _AES_H -+#define _AES_H -+ -+#if defined(__linux__) && defined(__KERNEL__) -+# include -+#else -+# include -+#endif -+ -+// CONFIGURATION OPTIONS (see also aes.c) -+// -+// Define AES_BLOCK_SIZE to set the cipher block size (16, 24 or 32) or -+// leave this undefined for dynamically variable block size (this will -+// result in much slower code). -+// IMPORTANT NOTE: AES_BLOCK_SIZE is in BYTES (16, 24, 32 or undefined). If -+// left undefined a slower version providing variable block length is compiled -+ -+#define AES_BLOCK_SIZE 16 -+ -+// The number of key schedule words for different block and key lengths -+// allowing for method of computation which requires the length to be a -+// multiple of the key length -+// -+// Nk = 4 6 8 -+// ------------- -+// Nb = 4 | 60 60 64 -+// 6 | 96 90 96 -+// 8 | 120 120 120 -+ -+#if !defined(AES_BLOCK_SIZE) || (AES_BLOCK_SIZE == 32) -+#define AES_KS_LENGTH 120 -+#define AES_RC_LENGTH 29 -+#else -+#define AES_KS_LENGTH 4 * AES_BLOCK_SIZE -+#define AES_RC_LENGTH (9 * AES_BLOCK_SIZE) / 8 - 8 -+#endif -+ -+typedef struct -+{ -+ u_int32_t aes_Nkey; // the number of words in the key input block -+ u_int32_t aes_Nrnd; // the number of cipher rounds -+ u_int32_t aes_e_key[AES_KS_LENGTH]; // the encryption key schedule -+ u_int32_t aes_d_key[AES_KS_LENGTH]; // the decryption key schedule -+#if !defined(AES_BLOCK_SIZE) -+ u_int32_t aes_Ncol; // the number of columns in the cipher state -+#endif -+} aes_context; -+ -+// THE CIPHER INTERFACE -+ -+#if !defined(AES_BLOCK_SIZE) -+extern void aes_set_blk(aes_context *, const int); -+#endif -+extern void aes_set_key(aes_context *, const unsigned char [], const int, const int); -+extern void aes_encrypt(const aes_context *, const unsigned char [], unsigned char []); -+extern void aes_decrypt(const aes_context *, const unsigned char [], unsigned char []); -+ -+// The block length inputs to aes_set_block and aes_set_key are in numbers -+// of bytes or bits. The calls to subroutines must be made in the above -+// order but multiple calls can be made without repeating earlier calls -+// if their parameters have not changed. -+ -+#endif // _AES_H ---- util-linux-2.12q/mount/lomount.c -+++ util-linux-2.12q/mount/lomount.c -@@ -1,4 +1,15 @@ --/* Originally from Ted's losetup.c */ -+/* Taken from Ted's losetup.c - Mitch */ -+/* Added vfs mount options - aeb - 960223 */ -+/* Removed lomount - aeb - 960224 */ -+ -+/* -+ * 1999-02-22 Arkadiusz Mi¶kiewicz -+ * - added Native Language Support -+ * 1999-03-21 Arnaldo Carvalho de Melo -+ * - fixed strerr(errno) in gettext calls -+ * 2001-04-11 Jari Ruusu -+ * - added AES support -+ */ - - #define LOOPMAJOR 7 - -@@ -13,60 +24,74 @@ - #include - #include - #include -+#include -+#include - #include - #include - #include - #include -+#include -+#include -+#include -+#include -+#include -+#include -+#include - - #include "loop.h" - #include "lomount.h" - #include "xstrncpy.h" - #include "nls.h" -+#include "sha512.h" -+#include "rmd160.h" -+#include "aes.h" - - extern int verbose; --extern char *progname; - extern char *xstrdup (const char *s); /* not: #include "sundries.h" */ - extern void error (const char *fmt, ...); /* idem */ -+extern void show_all_loops(void); -+extern int read_options_from_fstab(char *, char **); - --#ifdef LOOP_SET_FD -- --static int --loop_info64_to_old(const struct loop_info64 *info64, struct loop_info *info) --{ -- memset(info, 0, sizeof(*info)); -- info->lo_number = info64->lo_number; -- info->lo_device = info64->lo_device; -- info->lo_inode = info64->lo_inode; -- info->lo_rdevice = info64->lo_rdevice; -- info->lo_offset = info64->lo_offset; -- info->lo_encrypt_type = info64->lo_encrypt_type; -- info->lo_encrypt_key_size = info64->lo_encrypt_key_size; -- info->lo_flags = info64->lo_flags; -- info->lo_init[0] = info64->lo_init[0]; -- info->lo_init[1] = info64->lo_init[1]; -- if (info->lo_encrypt_type == LO_CRYPT_CRYPTOAPI) -- memcpy(info->lo_name, info64->lo_crypt_name, LO_NAME_SIZE); -- else -- memcpy(info->lo_name, info64->lo_file_name, LO_NAME_SIZE); -- memcpy(info->lo_encrypt_key, info64->lo_encrypt_key, LO_KEY_SIZE); -- -- /* error in case values were truncated */ -- if (info->lo_device != info64->lo_device || -- info->lo_rdevice != info64->lo_rdevice || -- info->lo_inode != info64->lo_inode || -- info->lo_offset != info64->lo_offset) -- return -EOVERFLOW; -+#if !defined(LOOP_PASSWORD_MIN_LENGTH) -+# define LOOP_PASSWORD_MIN_LENGTH 20 -+#endif - -- return 0; --} -+char *passFDnumber = (char *)0; -+char *passAskTwice = (char *)0; -+char *passSeedString = (char *)0; -+char *passHashFuncName = (char *)0; -+char *passIterThousands = (char *)0; -+char *loInitValue = (char *)0; -+char *gpgKeyFile = (char *)0; -+char *gpgHomeDir = (char *)0; -+char *loopOffsetBytes = (char *)0; -+char *loopSizeBytes = (char *)0; -+char *loopEncryptionType = (char *)0; -+ -+static int multiKeyMode = 0; /* 0=single-key 64=multi-key-v2 65=multi-key-v3 1000=any */ -+static char *multiKeyPass[65]; -+static char *loopFileName; - - #ifdef MAIN -+static char * -+crypt_name (int id, int *flags) { -+ int i; -+ -+ for (i = 0; loop_crypt_type_tbl[i].id != -1; i++) -+ if(id == loop_crypt_type_tbl[i].id) { -+ *flags = loop_crypt_type_tbl[i].flags; -+ return loop_crypt_type_tbl[i].name; -+ } -+ *flags = 0; -+ if(id == 18) -+ return "CryptoAPI"; -+ return "undefined"; -+} - - static int - show_loop(char *device) { -- struct loop_info loopinfo; -- struct loop_info64 loopinfo64; -- int fd, errsv; -+ struct loop_info64 loopinfo; -+ int fd; - - if ((fd = open(device, O_RDONLY)) < 0) { - int errsv = errno; -@@ -74,70 +99,60 @@ - device, strerror (errsv)); - return 2; - } -- -- if (ioctl(fd, LOOP_GET_STATUS64, &loopinfo64) == 0) { -- -- loopinfo64.lo_file_name[LO_NAME_SIZE-2] = '*'; -- loopinfo64.lo_file_name[LO_NAME_SIZE-1] = 0; -- loopinfo64.lo_crypt_name[LO_NAME_SIZE-1] = 0; -- -- printf("%s: [%04llx]:%llu (%s)", -- device, loopinfo64.lo_device, loopinfo64.lo_inode, -- loopinfo64.lo_file_name); -- -- if (loopinfo64.lo_offset) -- printf(_(", offset %lld"), loopinfo64.lo_offset); -- -- if (loopinfo64.lo_sizelimit) -- printf(_(", sizelimit %lld"), loopinfo64.lo_sizelimit); -- -- if (loopinfo64.lo_encrypt_type || -- loopinfo64.lo_crypt_name[0]) { -- char *e = loopinfo64.lo_crypt_name; -- -- if (*e == 0 && loopinfo64.lo_encrypt_type == 1) -- e = "XOR"; -- printf(_(", encryption %s (type %d)"), -- e, loopinfo64.lo_encrypt_type); -- } -- printf("\n"); -+ if (loop_get_status64_ioctl(fd, &loopinfo) < 0) { -+ int errsv = errno; -+ fprintf(stderr, _("loop: can't get info on device %s: %s\n"), -+ device, strerror (errsv)); - close (fd); -- return 0; -+ return 1; - } -- -- if (ioctl(fd, LOOP_GET_STATUS, &loopinfo) == 0) { -- printf ("%s: [%04x]:%ld (%s)", -- device, loopinfo.lo_device, loopinfo.lo_inode, -- loopinfo.lo_name); -- -- if (loopinfo.lo_offset) -- printf(_(", offset %d"), loopinfo.lo_offset); -- -- if (loopinfo.lo_encrypt_type) -- printf(_(", encryption type %d\n"), -- loopinfo.lo_encrypt_type); -- -- printf("\n"); -- close (fd); -- return 0; -+ loopinfo.lo_file_name[LO_NAME_SIZE-1] = 0; -+ loopinfo.lo_crypt_name[LO_NAME_SIZE-1] = 0; -+ printf("%s: [%04llx]:%llu (%s)", device, (unsigned long long)loopinfo.lo_device, -+ (unsigned long long)loopinfo.lo_inode, loopinfo.lo_file_name); -+ if (loopinfo.lo_offset) { -+ if ((long long)loopinfo.lo_offset < 0) { -+ printf(_(" offset=@%llu"), -((unsigned long long)loopinfo.lo_offset)); -+ } else { -+ printf(_(" offset=%llu"), (unsigned long long)loopinfo.lo_offset); -+ } - } -- -- errsv = errno; -- fprintf(stderr, _("loop: can't get info on device %s: %s\n"), -- device, strerror (errsv)); -+ if (loopinfo.lo_sizelimit) -+ printf(_(" sizelimit=%llu"), (unsigned long long)loopinfo.lo_sizelimit); -+ if (loopinfo.lo_encrypt_type) { -+ int flags; -+ unsigned char *s = crypt_name (loopinfo.lo_encrypt_type, &flags); -+ -+ printf(_(" encryption=%s"), s); -+ /* type 18 == LO_CRYPT_CRYPTOAPI */ -+ if (loopinfo.lo_encrypt_type == 18) { -+ printf("/%s", loopinfo.lo_crypt_name); -+ } else { -+ if(flags & 2) -+ printf("-"); -+ if(flags & 1) -+ printf("%u", (unsigned int)loopinfo.lo_encrypt_key_size << 3); -+ } -+ } -+ switch(loopinfo.lo_flags & 0x180000) { -+ case 0x180000: -+ printf(_(" multi-key-v3")); -+ break; -+ case 0x100000: -+ printf(_(" multi-key-v2")); -+ break; -+ } -+ /* type 2 == LO_CRYPT_DES */ -+ if (loopinfo.lo_init[0] && (loopinfo.lo_encrypt_type != 2)) -+ printf(_(" loinit=%llu"), (unsigned long long)loopinfo.lo_init[0]); -+ if (loopinfo.lo_flags & 0x200000) -+ printf(_(" read-only")); -+ printf("\n"); - close (fd); -- return 1; --} --#endif -- --int --is_loop_device (const char *device) { -- struct stat statbuf; - -- return (stat(device, &statbuf) == 0 && -- S_ISBLK(statbuf.st_mode) && -- major(statbuf.st_rdev) == LOOPMAJOR); -+ return 0; - } -+#endif - - #define SIZE(a) (sizeof(a)/sizeof(a[0])) - -@@ -148,9 +163,8 @@ - So, we just try /dev/loop[0-7]. */ - char dev[20]; - char *loop_formats[] = { "/dev/loop%d", "/dev/loop/%d" }; -- int i, j, fd, somedev = 0, someloop = 0, permission = 0; -+ int i, j, fd, somedev = 0, someloop = 0; - struct stat statbuf; -- struct loop_info loopinfo; - - for (j = 0; j < SIZE(loop_formats); j++) { - for(i = 0; i < 256; i++) { -@@ -159,16 +173,14 @@ - somedev++; - fd = open (dev, O_RDONLY); - if (fd >= 0) { -- if(ioctl (fd, LOOP_GET_STATUS, &loopinfo) == 0) -+ if (is_unused_loop_device(fd) == 0) - someloop++; /* in use */ - else if (errno == ENXIO) { - close (fd); - return xstrdup(dev);/* probably free */ - } - close (fd); -- } else if (errno == EACCES) -- permission++; -- -+ } - continue;/* continue trying as long as devices exist */ - } - break; -@@ -176,75 +188,563 @@ - } - - if (!somedev) -- error(_("%s: could not find any device /dev/loop#"), progname); -- else if (!someloop && permission) -- error(_("%s: no permission to look at /dev/loop#"), progname); -+ error(_("mount: could not find any device /dev/loop#")); - else if (!someloop) -- error(_( -- "%s: Could not find any loop device. Maybe this kernel " -- "does not know\n" -- " about the loop device? (If so, recompile or " -- "`modprobe loop'.)"), progname); -+ error(_("mount: Could not find any loop device. Maybe this kernel does not know\n" -+ " about the loop device? (If so, recompile or `modprobe loop'.)")); - else -- error(_("%s: could not find any free loop device"), progname); -+ error(_("mount: could not find any free loop device")); - return 0; - } - --/* -- * A function to read the passphrase either from the terminal or from -- * an open file descriptor. -- */ --static char * --xgetpass(int pfd, const char *prompt) { -- char *pass; -- int buflen, i; -- -- if (pfd < 0) /* terminal */ -- return getpass(prompt); -- -- pass = NULL; -- buflen = 0; -- for (i=0; ; i++) { -- if (i >= buflen-1) { -- /* we're running out of space in the buffer. -- * Make it bigger: */ -- char *tmppass = pass; -- buflen += 128; -- pass = realloc(tmppass, buflen); -- if (pass == NULL) { -- /* realloc failed. Stop reading. */ -- error("Out of memory while reading passphrase"); -- pass = tmppass; /* the old buffer hasn't changed */ -- break; -- } -- } -- if (read(pfd, pass+i, 1) != 1 || -- pass[i] == '\n' || pass[i] == 0) -+static int rd_wr_retry(int fd, char *buf, int cnt, int w) -+{ -+ int x, y, z; -+ -+ x = 0; -+ while(x < cnt) { -+ y = cnt - x; -+ if(w) { -+ z = write(fd, buf + x, y); -+ } else { -+ z = read(fd, buf + x, y); -+ if (!z) return x; -+ } -+ if(z < 0) { -+ if ((errno == EAGAIN) || (errno == ENOMEM) || (errno == ERESTART) || (errno == EINTR)) { -+ continue; -+ } -+ return x; -+ } -+ x += z; -+ } -+ return x; -+} -+ -+static char *get_FD_pass(int fd) -+{ -+ char *p = NULL, *n; -+ int x = 0, y = 0; -+ -+ do { -+ if(y >= (x - 1)) { -+ x += 128; -+ /* Must enforce some max limit here -- this code */ -+ /* runs as part of mount, and mount is setuid root */ -+ /* and has used mlockall(MCL_CURRENT | MCL_FUTURE) */ -+ if(x > (4*1024)) return(NULL); -+ n = malloc(x); -+ if(!n) return(NULL); -+ if(p) { -+ memcpy(n, p, y); -+ memset(p, 0, y); -+ free(p); -+ } -+ p = n; -+ } -+ if(rd_wr_retry(fd, p + y, 1, 0) != 1) break; -+ if((p[y] == '\n') || !p[y]) break; -+ y++; -+ } while(1); -+ if(p) p[y] = 0; -+ return p; -+} -+ -+static unsigned long long mystrtoull(char *s, int acceptAT) -+{ -+ unsigned long long v = 0; -+ int negative = 0; -+ -+ while ((*s == ' ') || (*s == '\t')) -+ s++; -+ if (acceptAT && (*s == '@')) { -+ s++; -+ negative = 1; -+ } -+ if (*s == '0') { -+ s++; -+ if ((*s == 'x') || (*s == 'X')) { -+ s++; -+ sscanf(s, "%llx", &v); -+ } else { -+ sscanf(s, "%llo", &v); -+ } -+ } else { -+ sscanf(s, "%llu", &v); -+ } -+ return negative ? -v : v; -+} -+ -+static char *do_GPG_pipe(char *pass) -+{ -+ int x, pfdi[2], pfdo[2]; -+ char str[10], *a[16], *e[2], *h; -+ pid_t gpid; -+ struct passwd *p; -+ -+ if((getuid() == 0) && gpgHomeDir && gpgHomeDir[0]) { -+ h = gpgHomeDir; -+ } else { -+ if(!(p = getpwuid(getuid()))) { -+ fprintf(stderr, _("Error: Unable to detect home directory for uid %d\n"), (int)getuid()); -+ return NULL; -+ } -+ h = p->pw_dir; -+ } -+ if(!(e[0] = malloc(strlen(h) + 6))) { -+ nomem1: -+ fprintf(stderr, _("Error: Unable to allocate memory\n")); -+ return NULL; -+ } -+ sprintf(e[0], "HOME=%s", h); -+ e[1] = 0; -+ -+ if(pipe(&pfdi[0])) { -+ nomem2: -+ free(e[0]); -+ goto nomem1; -+ } -+ if(pipe(&pfdo[0])) { -+ close(pfdi[0]); -+ close(pfdi[1]); -+ goto nomem2; -+ } -+ -+ /* -+ * When this code is run as part of losetup, normal read permissions -+ * affect the open() below because losetup is not setuid-root. -+ * -+ * When this code is run as part of mount, only root can set -+ * 'gpgKeyFile' and as such, only root can decide what file is opened -+ * below. However, since mount is usually setuid-root all non-root -+ * users can also open() the file too, but that file's contents are -+ * only piped to gpg. This readable-for-all is intended behaviour, -+ * and is very useful in situations where non-root users mount loop -+ * devices with their own gpg private key, and yet don't have access -+ * to the actual key used to encrypt loop device. -+ */ -+ if((x = open(gpgKeyFile, O_RDONLY)) == -1) { -+ fprintf(stderr, _("Error: unable to open %s for reading\n"), gpgKeyFile); -+ nomem3: -+ free(e[0]); -+ close(pfdo[0]); -+ close(pfdo[1]); -+ close(pfdi[0]); -+ close(pfdi[1]); -+ return NULL; -+ } -+ -+ /* -+ * If someone puts a gpg key file at beginning of device and -+ * puts the real file system at some offset into the device, -+ * this code extracts that gpg key file into a temp file so gpg -+ * won't end up reading whole device when decrypting the key file. -+ * -+ * Example of encrypted cdrom mount with 8192 bytes reserved for gpg key file: -+ * mount -t iso9660 /dev/cdrom /cdrom -o loop=/dev/loop0,encryption=AES128,gpgkey=/dev/cdrom,offset=8192 -+ * ^^^^^^^^^^ ^^^^^^^^^^ ^^^^ -+ */ -+ if(loopOffsetBytes && !strcmp(loopFileName, gpgKeyFile)) { -+ FILE *f; -+ char b[1024]; -+ long long cnt; -+ int cnt2, cnt3; -+ -+ cnt = mystrtoull(loopOffsetBytes, 1); -+ if(cnt < 0) cnt = -cnt; -+ if(cnt > (1024 * 1024)) cnt = 1024 * 1024; /* sanity check */ -+ f = tmpfile(); -+ if(!f) { -+ fprintf(stderr, _("Error: unable to create temp file\n")); -+ close(x); -+ goto nomem3; -+ } -+ while(cnt > 0) { -+ cnt2 = sizeof(b); -+ if(cnt < cnt2) cnt2 = cnt; -+ cnt3 = rd_wr_retry(x, b, cnt2, 0); -+ if(cnt3 && (fwrite(b, cnt3, 1, f) != 1)) { -+ tmpWrErr: -+ fprintf(stderr, _("Error: unable to write to temp file\n")); -+ fclose(f); -+ close(x); -+ goto nomem3; -+ } -+ if(cnt2 != cnt3) break; -+ cnt -= cnt3; -+ } -+ if(fflush(f)) goto tmpWrErr; -+ close(x); -+ x = dup(fileno(f)); -+ fclose(f); -+ lseek(x, 0L, SEEK_SET); -+ } -+ -+ sprintf(str, "%d", pfdi[0]); -+ if(!(gpid = fork())) { -+ dup2(x, 0); -+ dup2(pfdo[1], 1); -+ close(x); -+ close(pfdi[1]); -+ close(pfdo[0]); -+ close(pfdo[1]); -+ if((x = open("/dev/null", O_WRONLY)) >= 0) { -+ dup2(x, 2); -+ close(x); -+ } -+ x = 0; -+ a[x++] = "gpg"; -+ if(gpgHomeDir && gpgHomeDir[0]) { -+ a[x++] = "--homedir"; -+ a[x++] = gpgHomeDir; -+ } -+ a[x++] = "--options"; -+ a[x++] = "/dev/null"; -+ a[x++] = "--quiet"; -+ a[x++] = "--batch"; -+ a[x++] = "--no-tty"; -+ a[x++] = "--passphrase-fd"; -+ a[x++] = str; -+ a[x++] = "--decrypt"; -+ a[x] = 0; -+ setgid(getgid()); -+ setuid(getuid()); -+ for(x = 3; x < 1024; x++) { -+ if(x == pfdi[0]) continue; -+ close(x); -+ } -+ execve("/bin/gpg", &a[0], &e[0]); -+ execve("/usr/bin/gpg", &a[0], &e[0]); -+ execve("/usr/local/bin/gpg", &a[0], &e[0]); -+ exit(1); -+ } -+ free(e[0]); -+ close(x); -+ close(pfdi[0]); -+ close(pfdo[1]); -+ if(gpid == -1) { -+ close(pfdi[1]); -+ close(pfdo[0]); -+ goto nomem1; -+ } -+ -+ x = strlen(pass); -+ rd_wr_retry(pfdi[1], pass, x, 1); -+ rd_wr_retry(pfdi[1], "\n", 1, 1); -+ close(pfdi[1]); -+ memset(pass, 0, x); -+ x = 0; -+ while(x < 65) { -+ multiKeyPass[x] = get_FD_pass(pfdo[0]); -+ if(!multiKeyPass[x]) { -+ /* mem alloc failed - abort */ -+ multiKeyPass[0] = 0; - break; -+ } -+ if(strlen(multiKeyPass[x]) < LOOP_PASSWORD_MIN_LENGTH) break; -+ x++; -+ } -+ if(x == 65) -+ multiKeyMode = 65; -+ if(x == 64) -+ multiKeyMode = 64; -+ close(pfdo[0]); -+ waitpid(gpid, &x, 0); -+ if(!multiKeyPass[0]) goto nomem1; -+ return multiKeyPass[0]; -+} -+ -+static char *sGetPass(int minLen, int warnLen) -+{ -+ char *p, *s, *seed; -+ int i, ask2; -+ -+ if(!passFDnumber) { -+ p = getpass(_("Password: ")); -+ ask2 = passAskTwice ? 1 : 0; -+ } else { -+ i = atoi(passFDnumber); -+ if(gpgKeyFile && gpgKeyFile[0]) { -+ p = get_FD_pass(i); -+ } else { -+ int x = 0; -+ while(x < 65) { -+ multiKeyPass[x] = get_FD_pass(i); -+ if(!multiKeyPass[x]) goto nomem; -+ if(strlen(multiKeyPass[x]) < LOOP_PASSWORD_MIN_LENGTH) break; -+ x++; -+ } -+ if(x == 65) { -+ multiKeyMode = 65; -+ return multiKeyPass[0]; -+ } -+ if(x == 64) { -+ multiKeyMode = 64; -+ return multiKeyPass[0]; -+ } -+ p = multiKeyPass[0]; -+ } -+ ask2 = 0; -+ } -+ if(!p) goto nomem; -+ if(gpgKeyFile && gpgKeyFile[0]) { -+ if(ask2) { -+ i = strlen(p); -+ s = malloc(i + 1); -+ if(!s) goto nomem; -+ strcpy(s, p); -+ p = getpass(_("Retype password: ")); -+ if(!p) goto nomem; -+ if(strcmp(s, p)) goto compareErr; -+ memset(s, 0, i); -+ free(s); -+ ask2 = 0; -+ } -+ p = do_GPG_pipe(p); -+ if(!p) return(NULL); -+ if(!p[0]) { -+ fprintf(stderr, _("Error: gpg key file decryption failed\n")); -+ return(NULL); -+ } -+ if(multiKeyMode) return(p); -+ } -+ i = strlen(p); -+ if(i < minLen) { -+ fprintf(stderr, _("Error: Password must be at least %d characters.\n"), minLen); -+ return(NULL); -+ } -+ seed = passSeedString; -+ if(!seed) seed = ""; -+ s = malloc(i + strlen(seed) + 1); -+ if(!s) { -+ nomem: -+ fprintf(stderr, _("Error: Unable to allocate memory\n")); -+ return(NULL); -+ } -+ strcpy(s, p); -+ memset(p, 0, i); -+ if(ask2) { -+ p = getpass(_("Retype password: ")); -+ if(!p) goto nomem; -+ if(strcmp(s, p)) { -+ compareErr: -+ fprintf(stderr, _("Error: Passwords are not identical\n")); -+ return(NULL); -+ } -+ memset(p, 0, i); - } -+ if(i < warnLen) { -+ fprintf(stderr, _("WARNING - Please use longer password (%d or more characters)\n"), LOOP_PASSWORD_MIN_LENGTH); -+ } -+ strcat(s, seed); -+ return(s); -+} - -- if (pass == NULL) -- return ""; -+/* this is for compatibility with historic loop-AES version */ -+static void unhashed1_key_setup(unsigned char *keyStr, int ile, unsigned char *keyBuf, int bufSize) -+{ -+ register int x, y, z, cnt = ile; -+ unsigned char *kp; - -- pass[i] = 0; -- return pass; -+ memset(keyBuf, 0, bufSize); -+ kp = keyStr; -+ for(x = 0; x < (bufSize * 8); x += 6) { -+ y = *kp++; -+ if(--cnt <= 0) { -+ kp = keyStr; -+ cnt = ile; -+ } -+ if((y >= '0') && (y <= '9')) y -= '0'; -+ else if((y >= 'A') && (y <= 'Z')) y -= ('A' - 10); -+ else if((y >= 'a') && (y <= 'z')) y -= ('a' - 36); -+ else if((y == '.') || (y == '/')) y += (62 - '.'); -+ else y &= 63; -+ z = x >> 3; -+ if(z < bufSize) { -+ keyBuf[z] |= y << (x & 7); -+ } -+ z++; -+ if(z < bufSize) { -+ keyBuf[z] |= y >> (8 - (x & 7)); -+ } -+ } - } - --static int --digits_only(const char *s) { -- while (*s) -- if (!isdigit(*s++)) -- return 0; -- return 1; -+/* this is for compatibility with mainline mount */ -+static void unhashed2_key_setup(unsigned char *keyStr, int ile, unsigned char *keyBuf, int bufSize) -+{ -+ memset(keyBuf, 0, bufSize); -+ strncpy(keyBuf, keyStr, bufSize - 1); -+ keyBuf[bufSize - 1] = 0; -+} -+ -+static void rmd160HashTwiceWithA(unsigned char *ib, int ile, unsigned char *ob, int ole) -+{ -+ char tmpBuf[20 + 20]; -+ char pwdCopy[130]; -+ -+ if(ole < 1) return; -+ memset(ob, 0, ole); -+ if(ole > 40) ole = 40; -+ rmd160_hash_buffer(&tmpBuf[0], ib, ile); -+ pwdCopy[0] = 'A'; -+ if(ile > sizeof(pwdCopy) - 1) ile = sizeof(pwdCopy) - 1; -+ memcpy(pwdCopy + 1, ib, ile); -+ rmd160_hash_buffer(&tmpBuf[20], pwdCopy, ile + 1); -+ memcpy(ob, tmpBuf, ole); -+ memset(tmpBuf, 0, sizeof(tmpBuf)); -+ memset(pwdCopy, 0, sizeof(pwdCopy)); -+} -+ -+static int loop_create_random_keys(char *partition, int loopro, unsigned char *k) -+{ -+ int x, y; -+ sha512_context s; -+ unsigned char b[4096]; -+ FILE *f; -+ -+ if(loopro) { -+ fprintf(stderr, _("Error: read-only device %s\n"), partition); -+ return 1; -+ } -+ -+ /* -+ * Compute SHA-512 over first 40 KB of old fs data. SHA-512 hash -+ * output is then used as entropy for new fs encryption key. -+ */ -+ if(!(f = fopen(partition, "r+"))) { -+ fprintf(stderr, _("Error: unable to open device %s\n"), partition); -+ return 1; -+ } -+ fseek(f, (long)0, SEEK_SET); -+ sha512_init(&s); -+ for(x = 0; x < 10; x++) { -+ if(fread(&b[0], sizeof(b), 1, f) != 1) break; -+ sha512_write(&s, &b[0], sizeof(b)); -+ } -+ sha512_final(&s); -+ -+ /* -+ * Overwrite 40 KB of old fs data 20 times so that recovering -+ * SHA-512 output beyond this point is difficult and expensive. -+ */ -+ for(y = 0; y < 20; y++) { -+ int z; -+ struct { -+ struct timeval tv; -+ unsigned char h[64]; -+ int x,y,z; -+ } j; -+ if(fseek(f, (long)0, SEEK_SET)) break; -+ memcpy(&j.h[0], &s.sha_out[0], 64); -+ gettimeofday(&j.tv, NULL); -+ j.y = y; -+ for(x = 0; x < 10; x++) { -+ j.x = x; -+ for(z = 0; z < sizeof(b); z += 64) { -+ j.z = z; -+ sha512_hash_buffer((unsigned char *)&j, sizeof(j), &b[z], 64); -+ } -+ if(fwrite(&b[0], sizeof(b), 1, f) != 1) break; -+ } -+ memset(&j, 0, sizeof(j)); -+ if(fflush(f)) break; -+ if(fsync(fileno(f))) break; -+ } -+ fclose(f); -+ -+ /* -+ * Use all 512 bits of hash output -+ */ -+ memcpy(&b[0], &s.sha_out[0], 64); -+ memset(&s, 0, sizeof(s)); -+ -+ /* -+ * Read 32 bytes of random entropy from kernel's random -+ * number generator. This code may be executed early on startup -+ * scripts and amount of random entropy may be non-existent. -+ * SHA-512 of old fs data is used as workaround for missing -+ * entropy in kernel's random number generator. -+ */ -+ if(!(f = fopen("/dev/urandom", "r"))) { -+ fprintf(stderr, _("Error: unable to open /dev/urandom\n")); -+ return 1; -+ } -+ fread(&b[64], 32, 1, f); -+ -+ /* generate multi-key hashes */ -+ x = 0; -+ while(x < 65) { -+ fread(&b[64+32], 16, 1, f); -+ sha512_hash_buffer(&b[0], 64+32+16, k, 32); -+ k += 32; -+ x++; -+ } -+ -+ fclose(f); -+ memset(&b[0], 0, sizeof(b)); -+ return 0; -+} -+ -+#if !defined(MAIN) -+static int loop_fork_mkfs_command(char *device, char *fstype) -+{ -+ int x, y = 0; -+ char *a[10], *e[1]; -+ -+ sync(); -+ if(!(x = fork())) { -+ if((x = open("/dev/null", O_WRONLY)) >= 0) { -+ dup2(x, 0); -+ dup2(x, 1); -+ dup2(x, 2); -+ close(x); -+ } -+ x = 0; -+ a[x++] = "mkfs"; -+ a[x++] = "-t"; -+ a[x++] = fstype; -+ /* mkfs.reiserfs and mkfs.xfs need -f option */ -+ if(!strcmp(fstype, "reiserfs") || !strcmp(fstype, "xfs")) { -+ a[x++] = "-f"; -+ } -+ a[x++] = device; -+ a[x] = 0; -+ e[0] = 0; -+ setgid(getgid()); -+ setuid(getuid()); -+ for(x = 3; x < 1024; x++) { -+ close(x); -+ } -+ execve("/sbin/mkfs", &a[0], &e[0]); -+ exit(1); -+ } -+ if(x == -1) { -+ fprintf(stderr, _("Error: fork failed\n")); -+ return 1; -+ } -+ waitpid(x, &y, 0); -+ sync(); -+ if(!WIFEXITED(y) || (WEXITSTATUS(y) != 0)) { -+ fprintf(stderr, _("Error: encrypted file system mkfs failed\n")); -+ return 1; -+ } -+ return 0; - } -+#endif - - int --set_loop(const char *device, const char *file, unsigned long long offset, -- const char *encryption, int pfd, int *loopro) { -- struct loop_info64 loopinfo64; -+set_loop(const char *device, const char *file, int *loopro, const char **fstype, unsigned int *AutoChmodPtr) { -+ struct loop_info64 loopinfo; - int fd, ffd, mode, i; -- char *pass; -+ char *pass, *apiName = NULL; -+ void (*hashFunc)(unsigned char *, int, unsigned char *, int); -+ unsigned char multiKeyBits[65][32]; -+ int minPassLen = LOOP_PASSWORD_MIN_LENGTH; -+ int run_mkfs_command = 0; - -+ loopFileName = (char *)file; -+ multiKeyMode = 0; - mode = (*loopro ? O_RDONLY : O_RDWR); - if ((ffd = open(file, mode)) < 0) { - if (!*loopro && errno == EROFS) -@@ -256,32 +756,25 @@ - } - if ((fd = open(device, mode)) < 0) { - perror (device); -- return 1; -+ goto close_ffd_return1; - } - *loopro = (mode == O_RDONLY); - -- memset(&loopinfo64, 0, sizeof(loopinfo64)); -- -- xstrncpy(loopinfo64.lo_file_name, file, LO_NAME_SIZE); -+ memset (&loopinfo, 0, sizeof (loopinfo)); -+ xstrncpy (loopinfo.lo_file_name, file, LO_NAME_SIZE); -+ if (loopEncryptionType) -+ loopinfo.lo_encrypt_type = loop_crypt_type (loopEncryptionType, &loopinfo.lo_encrypt_key_size, &apiName); -+ if (loopOffsetBytes) -+ loopinfo.lo_offset = mystrtoull(loopOffsetBytes, 1); -+ if (loopSizeBytes) -+ loopinfo.lo_sizelimit = mystrtoull(loopSizeBytes, 0); - -- if (encryption && *encryption) { -- if (digits_only(encryption)) { -- loopinfo64.lo_encrypt_type = atoi(encryption); -- } else { -- loopinfo64.lo_encrypt_type = LO_CRYPT_CRYPTOAPI; -- snprintf(loopinfo64.lo_crypt_name, LO_NAME_SIZE, -- "%s", encryption); -- } -- } -- -- loopinfo64.lo_offset = offset; -- --#ifdef MCL_FUTURE -+#ifdef MCL_FUTURE - /* - * Oh-oh, sensitive data coming up. Better lock into memory to prevent - * passwd etc being swapped out and left somewhere on disk. - */ -- -+ - if(mlockall(MCL_CURRENT | MCL_FUTURE)) { - perror("memlock"); - fprintf(stderr, _("Couldn't lock into memory, exiting.\n")); -@@ -289,126 +782,222 @@ - } - #endif - -- switch (loopinfo64.lo_encrypt_type) { -+ switch (loopinfo.lo_encrypt_type) { - case LO_CRYPT_NONE: -- loopinfo64.lo_encrypt_key_size = 0; -+ loopinfo.lo_encrypt_key_size = 0; - break; - case LO_CRYPT_XOR: -- pass = getpass(_("Password: ")); -- goto gotpass; -+ pass = sGetPass (1, 0); -+ if(!pass) goto close_fd_ffd_return1; -+ xstrncpy (loopinfo.lo_encrypt_key, pass, LO_KEY_SIZE); -+ loopinfo.lo_encrypt_key_size = strlen(loopinfo.lo_encrypt_key); -+ break; -+ case 3: /* LO_CRYPT_FISH2 */ -+ case 4: /* LO_CRYPT_BLOW */ -+ case 7: /* LO_CRYPT_SERPENT */ -+ case 8: /* LO_CRYPT_MARS */ -+ case 11: /* LO_CRYPT_RC6 */ -+ case 12: /* LO_CRYPT_DES_EDE3 */ -+ case 16: /* LO_CRYPT_AES */ -+ case 18: /* LO_CRYPT_CRYPTOAPI */ -+ /* set default hash function */ -+ hashFunc = sha256_hash_buffer; -+ if(loopinfo.lo_encrypt_key_size == 24) hashFunc = sha384_hash_buffer; -+ if(loopinfo.lo_encrypt_key_size == 32) hashFunc = sha512_hash_buffer; -+ /* possibly override default hash function */ -+ if(passHashFuncName) { -+ if(!strcasecmp(passHashFuncName, "sha256")) { -+ hashFunc = sha256_hash_buffer; -+ } else if(!strcasecmp(passHashFuncName, "sha384")) { -+ hashFunc = sha384_hash_buffer; -+ } else if(!strcasecmp(passHashFuncName, "sha512")) { -+ hashFunc = sha512_hash_buffer; -+ } else if(!strcasecmp(passHashFuncName, "rmd160")) { -+ hashFunc = rmd160HashTwiceWithA; -+ minPassLen = 1; -+ } else if(!strcasecmp(passHashFuncName, "unhashed1")) { -+ hashFunc = unhashed1_key_setup; -+ } else if(!strcasecmp(passHashFuncName, "unhashed2")) { -+ hashFunc = unhashed2_key_setup; -+ minPassLen = 1; -+ } else if(!strcasecmp(passHashFuncName, "unhashed3") && passFDnumber && !gpgKeyFile) { -+ /* unhashed3 hash type reads binary key from file descriptor. */ -+ /* This is not compatible with gpgkey= mount option */ -+ if(rd_wr_retry(atoi(passFDnumber), (char *)&loopinfo.lo_encrypt_key[0], LO_KEY_SIZE, 0) < 1) { -+ fprintf(stderr, _("Error: couldn't read binary key\n")); -+ goto close_fd_ffd_return1; -+ } -+ break; /* out of switch(loopinfo.lo_encrypt_type) */ -+ } else if(!strncasecmp(passHashFuncName, "random", 6) && ((passHashFuncName[6] == 0) || (passHashFuncName[6] == '/'))) { -+ /* random hash type sets up 65 random keys */ -+ /* WARNING! DO NOT USE RANDOM HASH TYPE ON PARTITION WITH EXISTING */ -+ /* IMPORTANT DATA ON IT. RANDOM HASH TYPE WILL DESTROY YOUR DATA. */ -+ if(loop_create_random_keys((char*)file, *loopro, &multiKeyBits[0][0])) { -+ goto close_fd_ffd_return1; -+ } -+ memcpy(&loopinfo.lo_encrypt_key[0], &multiKeyBits[0][0], sizeof(loopinfo.lo_encrypt_key)); -+ run_mkfs_command = multiKeyMode = 1000; -+ break; /* out of switch(loopinfo.lo_encrypt_type) */ -+ } -+ } -+ pass = sGetPass (minPassLen, LOOP_PASSWORD_MIN_LENGTH); -+ if(!pass) goto close_fd_ffd_return1; -+ i = strlen(pass); -+ if(hashFunc == unhashed1_key_setup) { -+ /* this is for compatibility with historic loop-AES version */ -+ loopinfo.lo_encrypt_key_size = 16; /* 128 bits */ -+ if(i >= 32) loopinfo.lo_encrypt_key_size = 24; /* 192 bits */ -+ if(i >= 43) loopinfo.lo_encrypt_key_size = 32; /* 256 bits */ -+ } -+ (*hashFunc)(pass, i, &loopinfo.lo_encrypt_key[0], sizeof(loopinfo.lo_encrypt_key)); -+ if(multiKeyMode) { -+ int r = 0, t; -+ while(r < multiKeyMode) { -+ t = strlen(multiKeyPass[r]); -+ (*hashFunc)(multiKeyPass[r], t, &multiKeyBits[r][0], 32); -+ memset(multiKeyPass[r], 0, t); -+ /* -+ * MultiKeyMode uses md5 IV. One key mode uses sector IV. Sector IV -+ * and md5 IV v2 and v3 are all computed differently. This first key -+ * byte XOR with 0x55/0xF4 is needed to cause complete decrypt failure -+ * in cases where data is encrypted with one type of IV and decrypted -+ * with another type IV. If identical key was used but only IV was -+ * computed differently, only first plaintext block of 512 byte CBC -+ * chain would decrypt incorrectly and rest would decrypt correctly. -+ * Partially correct decryption is dangerous. Decrypting all blocks -+ * incorrectly is safer because file system mount will simply fail. -+ */ -+ if(multiKeyMode == 65) { -+ multiKeyBits[r][0] ^= 0xF4; /* version 3 */ -+ } else { -+ multiKeyBits[r][0] ^= 0x55; /* version 2 */ -+ } -+ r++; -+ } -+ } else if(passIterThousands) { -+ aes_context ctx; -+ unsigned long iter = 0; -+ unsigned char tempkey[32]; -+ /* -+ * Set up AES-256 encryption key using same password and hash function -+ * as before but with password bit 0 flipped before hashing. That key -+ * is then used to encrypt actual loop key 'itercountk' thousand times. -+ */ -+ pass[0] ^= 1; -+ (*hashFunc)(pass, i, &tempkey[0], 32); -+ aes_set_key(&ctx, &tempkey[0], 32, 0); -+ sscanf(passIterThousands, "%lu", &iter); -+ iter *= 1000; -+ while(iter > 0) { -+ /* encrypt both 128bit blocks with AES-256 */ -+ aes_encrypt(&ctx, &loopinfo.lo_encrypt_key[ 0], &loopinfo.lo_encrypt_key[ 0]); -+ aes_encrypt(&ctx, &loopinfo.lo_encrypt_key[16], &loopinfo.lo_encrypt_key[16]); -+ /* exchange upper half of first block with lower half of second block */ -+ memcpy(&tempkey[0], &loopinfo.lo_encrypt_key[8], 8); -+ memcpy(&loopinfo.lo_encrypt_key[8], &loopinfo.lo_encrypt_key[16], 8); -+ memcpy(&loopinfo.lo_encrypt_key[16], &tempkey[0], 8); -+ iter--; -+ } -+ memset(&ctx, 0, sizeof(ctx)); -+ memset(&tempkey[0], 0, sizeof(tempkey)); -+ } -+ memset(pass, 0, i); /* erase original password */ -+ break; - default: -- pass = xgetpass(pfd, _("Password: ")); -- gotpass: -- memset(loopinfo64.lo_encrypt_key, 0, LO_KEY_SIZE); -- xstrncpy(loopinfo64.lo_encrypt_key, pass, LO_KEY_SIZE); -- memset(pass, 0, strlen(pass)); -- loopinfo64.lo_encrypt_key_size = LO_KEY_SIZE; -+ fprintf (stderr, _("Error: don't know how to get key for encryption system %d\n"), loopinfo.lo_encrypt_type); -+ goto close_fd_ffd_return1; -+ } -+ -+ if(loInitValue) { -+ /* cipher modules are free to do whatever they want with this value */ -+ i = 0; -+ sscanf(loInitValue, "%d", &i); -+ loopinfo.lo_init[0] = i; - } - - if (ioctl(fd, LOOP_SET_FD, ffd) < 0) { - perror("ioctl: LOOP_SET_FD"); -+keyclean_close_fd_ffd_return1: -+ memset(loopinfo.lo_encrypt_key, 0, sizeof(loopinfo.lo_encrypt_key)); -+ memset(&multiKeyBits[0][0], 0, sizeof(multiKeyBits)); -+close_fd_ffd_return1: -+ close (fd); -+close_ffd_return1: -+ close (ffd); - return 1; - } -- close (ffd); - -- i = ioctl(fd, LOOP_SET_STATUS64, &loopinfo64); -- if (i) { -- struct loop_info loopinfo; -- int errsv = errno; -- -- i = loop_info64_to_old(&loopinfo64, &loopinfo); -- if (i) { -- errno = errsv; -- perror("ioctl: LOOP_SET_STATUS64"); -- } else { -- i = ioctl(fd, LOOP_SET_STATUS, &loopinfo); -- if (i) -- perror("ioctl: LOOP_SET_STATUS"); -+ /* type 18 == LO_CRYPT_CRYPTOAPI */ -+ if ((loopinfo.lo_encrypt_type == 18) || (loop_set_status64_ioctl(fd, &loopinfo) < 0)) { -+ /* direct cipher interface failed - try CryptoAPI interface now */ -+ if(!apiName || (try_cryptoapi_loop_interface(fd, &loopinfo, apiName) < 0)) { -+ fprintf(stderr, _("ioctl: LOOP_SET_STATUS: %s, requested cipher or key length (%d bits) not supported by kernel\n"), strerror(errno), loopinfo.lo_encrypt_key_size << 3); -+ loop_clr_fd_out: -+ (void) ioctl (fd, LOOP_CLR_FD, 0); -+ goto keyclean_close_fd_ffd_return1; - } -- memset(&loopinfo, 0, sizeof(loopinfo)); - } -- memset(&loopinfo64, 0, sizeof(loopinfo64)); -- -- if (i) { -- ioctl (fd, LOOP_CLR_FD, 0); -- close (fd); -- return 1; -+ if(multiKeyMode >= 65) { -+ if(ioctl(fd, LOOP_MULTI_KEY_SETUP_V3, &multiKeyBits[0][0]) < 0) { -+ if(multiKeyMode == 1000) goto try_v2_setup; -+ perror("ioctl: LOOP_MULTI_KEY_SETUP_V3"); -+ goto loop_clr_fd_out; -+ } -+ } else if(multiKeyMode == 64) { -+ try_v2_setup: -+ if((ioctl(fd, LOOP_MULTI_KEY_SETUP, &multiKeyBits[0][0]) < 0) && (multiKeyMode != 1000)) { -+ perror("ioctl: LOOP_MULTI_KEY_SETUP"); -+ goto loop_clr_fd_out; -+ } - } -- close (fd); - -- if (verbose > 1) -- printf(_("set_loop(%s,%s,%llu): success\n"), -- device, file, offset); -- return 0; --} -- --int --del_loop (const char *device) { -- int fd; -- -- if ((fd = open (device, O_RDONLY)) < 0) { -- int errsv = errno; -- fprintf(stderr, _("loop: can't delete device %s: %s\n"), -- device, strerror (errsv)); -- return 1; -- } -- if (ioctl (fd, LOOP_CLR_FD, 0) < 0) { -- perror ("ioctl: LOOP_CLR_FD"); -- return 1; -- } -+ memset(loopinfo.lo_encrypt_key, 0, sizeof(loopinfo.lo_encrypt_key)); -+ memset(&multiKeyBits[0][0], 0, sizeof(multiKeyBits)); - close (fd); -- if (verbose > 1) -- printf(_("del_loop(%s): success\n"), device); -- return 0; --} -- --#else /* no LOOP_SET_FD defined */ --static void --mutter(void) { -- fprintf(stderr, -- _("This mount was compiled without loop support. " -- "Please recompile.\n")); --} -- --int --set_loop (const char *device, const char *file, unsigned long long offset, -- const char *encryption, int *loopro) { -- mutter(); -- return 1; --} -+ close (ffd); - --int --del_loop (const char *device) { -- mutter(); -- return 1; --} -+#if !defined(MAIN) -+ if(run_mkfs_command && fstype && *fstype && **fstype && (getuid() == 0)) { -+ if(!loop_fork_mkfs_command((char *)device, (char *)(*fstype))) { -+ /* !strncasecmp(passHashFuncName, "random", 6) test matched */ -+ /* This reads octal mode for newly created file system root */ -+ /* directory node from '-o phash=random/1777' mount option. */ -+ /* octal mode--^^^^ */ -+ sscanf(passHashFuncName + 6, "/%o", AutoChmodPtr); -+ } else { -+ if((fd = open(device, mode)) >= 0) { -+ ioctl(fd, LOOP_CLR_FD, 0); -+ close(fd); -+ return 1; -+ } -+ } -+ } -+#endif - --char * --find_unused_loop_device (void) { -- mutter(); -+ if (verbose > 1) -+ printf(_("set_loop(%s,%s): success\n"), device, file); - return 0; - } - --#endif -- - #ifdef MAIN - --#ifdef LOOP_SET_FD -- - #include - #include - - int verbose = 0; --char *progname; -+static char *progname; - - static void - usage(void) { - fprintf(stderr, _("usage:\n\ -- %s loop_device # give info\n\ -- %s -d loop_device # delete\n\ -- %s -f # find unused\n\ -- %s [-e encryption] [-o offset] {-f|loop_device} file # setup\n"), -- progname, progname, progname, progname); -+ %s [-e encryption] [options] loop_device file # setup\n\ -+ %s -F [options] loop_device [file] # setup, read /etc/fstab\n\ -+ %s loop_device # give info\n\ -+ %s -a # give info of all loops\n\ -+ %s -d loop_device # delete\n\ -+options: -o offset -s sizelimit -p passwdfd -S pseed -H phash\n\ -+ -I loinit -T -K gpgkey -G gpghome -C itercountk -v -r\n"), -+ progname, progname, progname, progname, progname); - exit(1); - } - -@@ -439,107 +1028,191 @@ - fprintf (stderr, "\n"); - } - -+void -+show_all_loops(void) -+{ -+ char dev[20]; -+ char *lfmt[] = { "/dev/loop%d", "/dev/loop/%d" }; -+ int i, j, fd, x; -+ struct stat statbuf; -+ -+ for(i = 0; i < 256; i++) { -+ for(j = (sizeof(lfmt) / sizeof(lfmt[0])) - 1; j >= 0; j--) { -+ sprintf(dev, lfmt[j], i); -+ if(stat(dev, &statbuf) == 0 && S_ISBLK(statbuf.st_mode)) { -+ fd = open(dev, O_RDONLY); -+ if(fd >= 0) { -+ x = is_unused_loop_device(fd); -+ close(fd); -+ if(x == 0) { -+ show_loop(dev); -+ j = 0; -+ } -+ } -+ } -+ } -+ } -+} -+ -+int -+read_options_from_fstab(char *loopToFind, char **partitionPtr) -+{ -+ FILE *f; -+ struct mntent *m; -+ int y, foundMatch = 0; -+ char *opt, *fr1, *fr2; -+ struct options { -+ char *name; /* name of /etc/fstab option */ -+ char **dest; /* destination where it is written to */ -+ char *line; /* temp */ -+ }; -+ struct options tbl[] = { -+ { "device/file name ", partitionPtr }, /* must be index 0 */ -+ { "loop=", &loopToFind }, /* must be index 1 */ -+ { "offset=", &loopOffsetBytes }, -+ { "sizelimit=", &loopSizeBytes }, -+ { "encryption=", &loopEncryptionType }, -+ { "pseed=", &passSeedString }, -+ { "phash=", &passHashFuncName }, -+ { "loinit=", &loInitValue }, -+ { "gpgkey=", &gpgKeyFile }, -+ { "gpghome=", &gpgHomeDir }, -+ { "itercountk=", &passIterThousands }, -+ }; -+ struct options *p; -+ -+ if (!(f = setmntent("/etc/fstab", "r"))) { -+ fprintf(stderr, _("Error: unable to open /etc/fstab for reading\n")); -+ return 0; -+ } -+ while ((m = getmntent(f)) != NULL) { -+ tbl[0].line = fr1 = xstrdup(m->mnt_fsname); -+ p = &tbl[1]; -+ do { -+ p->line = NULL; -+ } while (++p < &tbl[sizeof(tbl) / sizeof(struct options)]); -+ opt = fr2 = xstrdup(m->mnt_opts); -+ for (opt = strtok(opt, ","); opt != NULL; opt = strtok(NULL, ",")) { -+ p = &tbl[1]; -+ do { -+ y = strlen(p->name); -+ if (!strncmp(opt, p->name, y)) -+ p->line = opt + y; -+ } while (++p < &tbl[sizeof(tbl) / sizeof(struct options)]); -+ } -+ if (tbl[1].line && !strcmp(loopToFind, tbl[1].line)) { -+ if (++foundMatch > 1) { -+ fprintf(stderr, _("Error: multiple loop=%s options found in /etc/fstab\n"), loopToFind); -+ endmntent(f); -+ return 0; -+ } -+ p = &tbl[0]; -+ do { -+ if (!*p->dest && p->line) { -+ *p->dest = p->line; -+ if (verbose) -+ printf(_("using %s%s from /etc/fstab\n"), p->name, p->line); -+ } -+ } while (++p < &tbl[sizeof(tbl) / sizeof(struct options)]); -+ fr1 = fr2 = NULL; -+ } -+ if(fr1) free(fr1); -+ if(fr2) free(fr2); -+ } -+ endmntent(f); -+ if (foundMatch == 0) { -+ fprintf(stderr, _("Error: loop=%s option not found in /etc/fstab\n"), loopToFind); -+ } -+ return foundMatch; -+} -+ - int - main(int argc, char **argv) { -- char *p, *offset, *encryption, *passfd, *device, *file; -- int delete, find, c; -+ char *partitionName = NULL; -+ int delete,c,option_a=0,option_F=0; - int res = 0; - int ro = 0; -- int pfd = -1; -- unsigned long long off; - - setlocale(LC_ALL, ""); - bindtextdomain(PACKAGE, LOCALEDIR); - textdomain(PACKAGE); - -- delete = find = 0; -- off = 0; -- offset = encryption = passfd = NULL; -- -+ delete = 0; - progname = argv[0]; -- if ((p = strrchr(progname, '/')) != NULL) -- progname = p+1; -- -- while ((c = getopt(argc, argv, "de:E:fo:p:v")) != -1) { -+ while ((c = getopt(argc,argv,"aC:de:FG:H:I:K:o:p:rs:S:Tv")) != -1) { - switch (c) { -+ case 'a': /* show status of all loops */ -+ option_a = 1; -+ break; -+ case 'C': -+ passIterThousands = optarg; -+ break; - case 'd': - delete = 1; - break; -- case 'E': - case 'e': -- encryption = optarg; -+ loopEncryptionType = optarg; - break; -- case 'f': -- find = 1; -+ case 'F': /* read loop related options from /etc/fstab */ -+ option_F = 1; -+ break; -+ case 'G': /* GnuPG home dir */ -+ gpgHomeDir = optarg; -+ break; -+ case 'H': /* passphrase hash function name */ -+ passHashFuncName = optarg; -+ break; -+ case 'I': /* lo_init[0] value (in string form) */ -+ loInitValue = optarg; -+ break; -+ case 'K': /* GnuPG key file name */ -+ gpgKeyFile = optarg; - break; - case 'o': -- offset = optarg; -+ loopOffsetBytes = optarg; -+ break; -+ case 'p': /* read passphrase from given fd */ -+ passFDnumber = optarg; - break; -- case 'p': -- passfd = optarg; -+ case 'r': /* read-only */ -+ ro = 1; -+ break; -+ case 's': -+ loopSizeBytes = optarg; -+ break; -+ case 'S': /* optional seed for passphrase */ -+ passSeedString = optarg; -+ break; -+ case 'T': /* ask passphrase _twice_ */ -+ passAskTwice = "T"; - break; - case 'v': -- verbose = 1; -+ verbose++; - break; - default: - usage(); - } - } -- -- if (argc == 1) { -- usage(); -- } else if (delete) { -- if (argc != optind+1 || encryption || offset || find) -- usage(); -- } else if (find) { -- if (argc < optind || argc > optind+1) -- usage(); -- } else { -- if (argc < optind+1 || argc > optind+2) -- usage(); -+ if (argc == 1) usage(); -+ if (option_a) { -+ if (delete || (argc != optind)) usage(); -+ show_all_loops(); -+ exit(0); - } -- -- if (find) { -- device = find_unused_loop_device(); -- if (device == NULL) -- return -1; -- if (verbose) -- printf("Loop device is %s\n", device); -- if (argc == optind) { -- printf("%s\n", device); -- return 0; -- } -- file = argv[optind]; -+ if ((delete && (argc != optind+1 || loopEncryptionType || loopOffsetBytes || loopSizeBytes || option_F)) || -+ (!delete && (argc < optind+1 || argc > optind+2))) -+ usage(); -+ if (argc > optind+1) -+ partitionName = argv[optind+1]; -+ if (option_F && (read_options_from_fstab(argv[optind], &partitionName) != 1)) -+ exit(1); -+ if (delete) { -+ res = del_loop(argv[optind]); -+ } else if ((argc == optind+1) && !option_F) { -+ res = show_loop(argv[optind]); - } else { -- device = argv[optind]; -- if (argc == optind+1) -- file = NULL; -- else -- file = argv[optind+1]; -- } -- -- if (delete) -- res = del_loop(device); -- else if (file == NULL) -- res = show_loop(device); -- else { -- if (offset && sscanf(offset, "%llu", &off) != 1) -- usage(); -- if (passfd && sscanf(passfd, "%d", &pfd) != 1) -- usage(); -- res = set_loop(device, file, off, encryption, pfd, &ro); -+ res = set_loop(argv[optind],partitionName,&ro,(const char**)0,(unsigned int *)0); - } - return res; - } -- --#else /* LOOP_SET_FD not defined */ -- --int --main(int argc, char **argv) { -- fprintf(stderr, -- _("No loop support was available at compile time. " -- "Please recompile.\n")); -- return -1; --} --#endif - #endif ---- util-linux-2.12q/mount/lomount.h -+++ util-linux-2.12q/mount/lomount.h -@@ -1,6 +1,17 @@ - extern int verbose; --extern int set_loop(const char *, const char *, unsigned long long, -- const char *, int, int *); -+extern int set_loop(const char *, const char *, int *, const char **, unsigned int *); - extern int del_loop(const char *); - extern int is_loop_device(const char *); - extern char * find_unused_loop_device(void); -+ -+extern char *passFDnumber; -+extern char *passAskTwice; -+extern char *passSeedString; -+extern char *passHashFuncName; -+extern char *passIterThousands; -+extern char *loInitValue; -+extern char *gpgKeyFile; -+extern char *gpgHomeDir; -+extern char *loopOffsetBytes; -+extern char *loopSizeBytes; -+extern char *loopEncryptionType; ---- util-linux-2.12q/mount/loop.c -+++ util-linux-2.12q/mount/loop.c -@@ -0,0 +1,221 @@ -+/* -+ * loop.c -+ * -+ * Copyright 2003 by Jari Ruusu. -+ * Redistribution of this file is permitted under the GNU GPL -+ */ -+ -+/* collection of loop helper functions used by losetup, mount and swapon */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include "loop.h" -+ -+static void convert_info_to_info64(struct loop_info *info, struct loop_info64 *info64) -+{ -+ memset(info64, 0, sizeof(*info64)); -+ info64->lo_number = info->lo_number; -+ info64->lo_device = info->lo_device; -+ info64->lo_inode = info->lo_inode; -+ info64->lo_rdevice = info->lo_rdevice; -+ info64->lo_offset = info->lo_offset; -+ info64->lo_encrypt_type = info->lo_encrypt_type; -+ info64->lo_encrypt_key_size = info->lo_encrypt_key_size; -+ info64->lo_flags = info->lo_flags; -+ info64->lo_init[0] = info->lo_init[0]; -+ info64->lo_init[1] = info->lo_init[1]; -+ info64->lo_sizelimit = 0; -+ if (info->lo_encrypt_type == 18) /* LO_CRYPT_CRYPTOAPI */ -+ memcpy(info64->lo_crypt_name, info->lo_name, sizeof(info64->lo_crypt_name)); -+ else -+ memcpy(info64->lo_file_name, info->lo_name, sizeof(info64->lo_file_name)); -+ memcpy(info64->lo_encrypt_key, info->lo_encrypt_key, sizeof(info64->lo_encrypt_key)); -+} -+ -+static int convert_info64_to_info(struct loop_info64 *info64, struct loop_info *info) -+{ -+ memset(info, 0, sizeof(*info)); -+ info->lo_number = info64->lo_number; -+ info->lo_device = info64->lo_device; -+ info->lo_inode = info64->lo_inode; -+ info->lo_rdevice = info64->lo_rdevice; -+ info->lo_offset = info64->lo_offset; -+ info->lo_encrypt_type = info64->lo_encrypt_type; -+ info->lo_encrypt_key_size = info64->lo_encrypt_key_size; -+ info->lo_flags = info64->lo_flags; -+ info->lo_init[0] = info64->lo_init[0]; -+ info->lo_init[1] = info64->lo_init[1]; -+ if (info->lo_encrypt_type == 18) /* LO_CRYPT_CRYPTOAPI */ -+ memcpy(info->lo_name, info64->lo_crypt_name, sizeof(info->lo_name)); -+ else -+ memcpy(info->lo_name, info64->lo_file_name, sizeof(info->lo_name)); -+ memcpy(info->lo_encrypt_key, info64->lo_encrypt_key, sizeof(info->lo_encrypt_key)); -+ -+ /* error in case values were truncated */ -+ if (info->lo_device != info64->lo_device || -+ info->lo_rdevice != info64->lo_rdevice || -+ info->lo_inode != info64->lo_inode || -+ info->lo_offset != info64->lo_offset || -+ info64->lo_sizelimit) { -+ errno = EOVERFLOW; -+ return -1; -+ } -+ return 0; -+} -+ -+int loop_set_status64_ioctl(int fd, struct loop_info64 *info64) -+{ -+ struct loop_info info; -+ struct loop_info64 tmp; -+ int r; -+ -+ /* -+ * This ugly work around is needed because some -+ * Red Hat kernels are using same ioctl code: -+ * #define LOOP_CHANGE_FD 0x4C04 -+ * vs. -+ * #define LOOP_SET_STATUS64 0x4C04 -+ * that is used by modern loop driver. -+ * -+ * Attempt to detect presense of LOOP_GET_STATUS64 -+ * ioctl before issuing LOOP_SET_STATUS64 ioctl. -+ * Red Hat kernels with above LOOP_CHANGE_FD damage -+ * should return -1 and set errno to EINVAL. -+ */ -+ r = ioctl(fd, LOOP_GET_STATUS64, &tmp); -+ memset(&tmp, 0, sizeof(tmp)); -+ if ((r == 0) || (errno != EINVAL)) { -+ r = ioctl(fd, LOOP_SET_STATUS64, info64); -+ if (!r) -+ return 0; -+ } -+ r = convert_info64_to_info(info64, &info); -+ if (!r) -+ r = ioctl(fd, LOOP_SET_STATUS, &info); -+ -+ /* don't leave copies of encryption key on stack */ -+ memset(&info, 0, sizeof(info)); -+ return r; -+} -+ -+int loop_get_status64_ioctl(int fd, struct loop_info64 *info64) -+{ -+ struct loop_info info; -+ int r; -+ -+ memset(info64, 0, sizeof(*info64)); -+ r = ioctl(fd, LOOP_GET_STATUS64, info64); -+ if (!r) -+ return 0; -+ r = ioctl(fd, LOOP_GET_STATUS, &info); -+ if (!r) -+ convert_info_to_info64(&info, info64); -+ -+ /* don't leave copies of encryption key on stack */ -+ memset(&info, 0, sizeof(info)); -+ return r; -+} -+ -+/* returns: 1=unused 0=busy */ -+int is_unused_loop_device(int fd) -+{ -+ struct loop_info64 info64; -+ struct loop_info info; -+ int r; -+ -+ r = ioctl(fd, LOOP_GET_STATUS64, &info64); -+ memset(&info64, 0, sizeof(info64)); -+ if (!r) -+ return 0; -+ if (errno == ENXIO) -+ return 1; -+ -+ r = ioctl(fd, LOOP_GET_STATUS, &info); -+ memset(&info, 0, sizeof(info)); -+ if (!r) -+ return 0; -+ if (errno == ENXIO) -+ return 1; -+ if (errno == EOVERFLOW) -+ return 0; -+ return 1; -+} -+ -+struct loop_crypt_type_struct loop_crypt_type_tbl[] = { -+ { 0, 0, 0, "no" }, -+ { 0, 0, 0, "none" }, -+ { 1, 0, 0, "xor" }, -+ { 3, 1, 16, "twofish" }, -+ { 4, 1, 16, "blowfish" }, -+ { 7, 1, 16, "serpent" }, -+ { 8, 1, 16, "mars" }, -+ { 11, 3, 16, "rc6" }, -+ { 12, 0, 21, "tripleDES" }, -+ { 12, 0, 24, "3des" }, -+ { 12, 0, 24, "des3_ede" }, -+ { 16, 1, 16, "AES" }, -+ { -1, 0, 0, NULL } -+}; -+ -+static char *getApiName(char *e, int *len) -+{ -+ int x, y, z = 1, q = -1; -+ unsigned char *s; -+ -+ *len = y = 0; -+ s = strdup(e); -+ if(!s) -+ return ""; -+ x = strlen(s); -+ while(x > 0) { -+ x--; -+ if(!isdigit(s[x])) -+ break; -+ y += (s[x] - '0') * z; -+ z *= 10; -+ q = x; -+ } -+ while(x >= 0) { -+ s[x] = tolower(s[x]); -+ if(s[x] == '-') -+ s[x] = 0; -+ x--; -+ } -+ if(y >= 40) { -+ if(q >= 0) -+ s[q] = 0; -+ *len = y; -+ } -+ return(s); -+} -+ -+int loop_crypt_type(const char *name, u_int32_t *kbyp, char **apiName) -+{ -+ int i, k; -+ -+ *apiName = getApiName((char *)name, &k); -+ if(k < 0) -+ k = 0; -+ if(k > 256) -+ k = 256; -+ for (i = 0; loop_crypt_type_tbl[i].id != -1; i++) { -+ if (!strcasecmp (*apiName , loop_crypt_type_tbl[i].name)) { -+ *kbyp = k ? k >> 3 : loop_crypt_type_tbl[i].keyBytes; -+ return loop_crypt_type_tbl[i].id; -+ } -+ } -+ *kbyp = 16; /* 128 bits */ -+ return 18; /* LO_CRYPT_CRYPTOAPI */ -+} -+ -+int try_cryptoapi_loop_interface(int fd, struct loop_info64 *loopinfo, char *apiName) -+{ -+ snprintf(loopinfo->lo_crypt_name, sizeof(loopinfo->lo_crypt_name), "%s-cbc", apiName); -+ loopinfo->lo_crypt_name[LO_NAME_SIZE - 1] = 0; -+ loopinfo->lo_encrypt_type = 18; /* LO_CRYPT_CRYPTOAPI */ -+ return(loop_set_status64_ioctl(fd, loopinfo)); -+} ---- util-linux-2.12q/mount/loop.h -+++ util-linux-2.12q/mount/loop.h -@@ -1,6 +1,20 @@ --#define LO_CRYPT_NONE 0 --#define LO_CRYPT_XOR 1 --#define LO_CRYPT_DES 2 -+/* -+ * loop.h -+ * -+ * Copyright 2003 by Jari Ruusu. -+ * Redistribution of this file is permitted under the GNU GPL -+ */ -+ -+#ifndef _LOOP_H -+#define _LOOP_H 1 -+ -+#include -+#include -+#include -+ -+#define LO_CRYPT_NONE 0 -+#define LO_CRYPT_XOR 1 -+#define LO_CRYPT_DES 2 - #define LO_CRYPT_CRYPTOAPI 18 - - #define LOOP_SET_FD 0x4C00 -@@ -9,17 +23,25 @@ - #define LOOP_GET_STATUS 0x4C03 - #define LOOP_SET_STATUS64 0x4C04 - #define LOOP_GET_STATUS64 0x4C05 -+#define LOOP_MULTI_KEY_SETUP 0x4C4D -+#define LOOP_MULTI_KEY_SETUP_V3 0x4C4E - --#define LO_NAME_SIZE 64 --#define LO_KEY_SIZE 32 -- --#include "my_dev_t.h" -+#define LO_NAME_SIZE 64 -+#define LO_KEY_SIZE 32 - - struct loop_info { - int lo_number; -- my_dev_t lo_device; -+#if LINUX_VERSION_CODE >= 0x20600 -+ __kernel_old_dev_t lo_device; -+#else -+ __kernel_dev_t lo_device; -+#endif - unsigned long lo_inode; -- my_dev_t lo_rdevice; -+#if LINUX_VERSION_CODE >= 0x20600 -+ __kernel_old_dev_t lo_rdevice; -+#else -+ __kernel_dev_t lo_rdevice; -+#endif - int lo_offset; - int lo_encrypt_type; - int lo_encrypt_key_size; -@@ -30,22 +52,35 @@ - char reserved[4]; - }; - --/* -- * Where to get __u8, __u32, __u64? Let us use unsigned char/int/long long -- * and get punished when someone comes with 128-bit long longs. -- */ - struct loop_info64 { -- unsigned long long lo_device; -- unsigned long long lo_inode; -- unsigned long long lo_rdevice; -- unsigned long long lo_offset; -- unsigned long long lo_sizelimit; /* bytes, 0 == max available */ -- unsigned int lo_number; -- unsigned int lo_encrypt_type; -- unsigned int lo_encrypt_key_size; -- unsigned int lo_flags; -- unsigned char lo_file_name[LO_NAME_SIZE]; -- unsigned char lo_crypt_name[LO_NAME_SIZE]; -- unsigned char lo_encrypt_key[LO_KEY_SIZE]; -- unsigned long long lo_init[2]; -+ u_int64_t lo_device; /* ioctl r/o */ -+ u_int64_t lo_inode; /* ioctl r/o */ -+ u_int64_t lo_rdevice; /* ioctl r/o */ -+ u_int64_t lo_offset; /* bytes */ -+ u_int64_t lo_sizelimit; /* bytes, 0 == max available */ -+ u_int32_t lo_number; /* ioctl r/o */ -+ u_int32_t lo_encrypt_type; -+ u_int32_t lo_encrypt_key_size; /* ioctl w/o */ -+ u_int32_t lo_flags; /* ioctl r/o */ -+ unsigned char lo_file_name[LO_NAME_SIZE]; -+ unsigned char lo_crypt_name[LO_NAME_SIZE]; -+ unsigned char lo_encrypt_key[LO_KEY_SIZE]; /* ioctl w/o */ -+ u_int64_t lo_init[2]; -+}; -+ -+extern int loop_set_status64_ioctl(int, struct loop_info64 *); -+extern int loop_get_status64_ioctl(int, struct loop_info64 *); -+extern int is_unused_loop_device(int); -+ -+struct loop_crypt_type_struct { -+ short int id; -+ unsigned char flags; /* bit0 = show keybits, bit1 = add '-' before keybits */ -+ unsigned char keyBytes; -+ char *name; - }; -+ -+extern struct loop_crypt_type_struct loop_crypt_type_tbl[]; -+extern int loop_crypt_type(const char *, u_int32_t *, char **); -+extern int try_cryptoapi_loop_interface(int, struct loop_info64 *, char *); -+ -+#endif ---- util-linux-2.12q/mount/losetup.8 -+++ util-linux-2.12q/mount/losetup.8 -@@ -1,42 +1,28 @@ --.TH LOSETUP 8 "2003-07-01" "Linux" "MAINTENANCE COMMANDS" -+.TH LOSETUP 8 "2004-11-25" "Linux" "MAINTENANCE COMMANDS" - .SH NAME - losetup \- set up and control loop devices - .SH SYNOPSIS - .ad l --Get info: --.sp --.in +5 - .B losetup -+[ -+.B \-e -+.I encryption -+] [options] -+.I loop_device -+file -+.br -+.B losetup -F -+[options] - .I loop_device --.sp --.in -5 --Delete loop: --.sp --.in +5 --.B "losetup \-d" -+[file] -+.br -+.B losetup -+[ -+.B \-d -+] - .I loop_device --.sp --.in -5 --Print name of first unused loop device: --.sp --.in +5 --.B "losetup \-f" --.sp --.in -5 --Setup loop device: --.sp --.in +5 --.B losetup --.RB [{\-e | \-E} --.IR encryption ] --.RB [ \-o --.IR offset ] --.RB [ \-p --.IR pfd ] --.in +8 --.RB { \-f | \fIloop_device\fP } --.I file --.in -13 -+.br -+.B losetup -a - .ad b - .SH DESCRIPTION - .B losetup -@@ -44,45 +30,108 @@ - to detach loop devices and to query the status of a loop device. If only the - \fIloop_device\fP argument is given, the status of the corresponding loop - device is shown. -- --.SS "Encryption" --It is possible to specify transfer functions (for encryption/decryption --or other purposes) using one of the --.B \-E --and --.B \-e --options. --There are two mechanisms to specify the desired encryption: by number --and by name. If an encryption is specified by number then one --has to make sure that the Linux kernel knows about the encryption with that --number, probably by patching the kernel. Standard numbers that are --always present are 0 (no encryption) and 1 (XOR encryption). --When the cryptoloop module is loaded (or compiled in), it uses number 18. --This cryptoloop module wil take the name of an arbitrary encryption type --and finds the module that knows how to perform that encryption. --(Thus, either one uses a number different from 18 with the --.B \-E --option, or one uses a name with the --.B \-e --option.) - .SH OPTIONS --.IP \fB\-d\fP -+.IP \fB\-a\fP -+Show status of all loop devices. -+.IP "\fB\-C \fIitercountk\fP" -+Runs hashed password through \fIitercountk\fP thousand iterations of AES-256 -+before using it for loop encryption. This consumes lots of CPU cycles at -+loop setup/mount time but not thereafter. In combination with password seed -+this slows down dictionary attacks. Iteration is not done in multi-key mode. -+.IP "\fB\-d\fP" - Detach the file or device associated with the specified loop device. --.IP "\fB\-E \fIencryption_type\fP" --Enable data encryption with specified number. --.IP "\fB\-e \fIencryption_name\fP" --Enable data encryption with specified name. --.IP "\fB\-f\fP" --Find the first unused loop device. If a --.I file --argument is present, use this device. Otherwise, print its name. -+.IP "\fB\-e \fIencryption\fP" -+.RS -+Enable data encryption. Following encryption types are recognized: -+.IP \fBNONE\fP -+Use no encryption (default). -+.PD 0 -+.IP \fBXOR\fP -+Use a simple XOR encryption. -+.IP "\fBAES128 AES\fP" -+Use 128 bit AES encryption. Password is hashed with SHA-256 by default. -+.IP \fBAES192\fP -+Use 192 bit AES encryption. Password is hashed with SHA-384 by default. -+.IP \fBAES256\fP -+Use 256 bit AES encryption. Password is hashed with SHA-512 by default. -+ -+.IP "\fBtwofish128 twofish160 twofish192 twofish256\fP" -+.IP "\fBblowfish128 blowfish160 blowfish192 blowfish256\fP" -+.IP "\fBserpent128 serpent192 serpent256 mars128 mars192\fP" -+.IP "\fBmars256 rc6-128 rc6-192 rc6-256 tripleDES\fP" -+These encryption types are available if they are enabled in kernel -+configuration or corresponding modules have been loaded to kernel. -+.PD -+.RE -+.IP "\fB\-F\fP" -+Reads and uses mount options from /etc/fstab that match specified loop -+device, including offset= sizelimit= encryption= pseed= phash= loinit= -+gpgkey= gpghome= itercountk= and looped to device/file name. loop= option in -+/etc/fstab must match specified loop device name. Command line options take -+precedence in case of conflict. -+.IP "\fB\-G \fIgpghome\fP" -+Set gpg home directory to \fIgpghome\fP, so that gpg uses public/private -+keys on \fIgpghome\fP directory. This is only used when gpgkey file needs to -+be decrypted using public/private keys. If gpgkey file is encrypted with -+symmetric cipher only, public/private keys are not required and this option -+has no effect. -+.IP "\fB\-H \fIphash\fP" -+Uses \fIphash\fP function to hash password. Available hash functions are -+sha256, sha384, sha512 and rmd160. unhashed1, unhashed2 and unhashed3 -+functions also exist for compatibility with some obsolete implementations. -+ -+Hash function random does not ask for password but sets up random keys and -+attempts to put loop to multi-key mode. When random/1777 hash type is used -+as mount option for mount program, mount program will create new file system -+on the loop device and construct initial permissions of file system root -+directory from octal digits that follow the slash character. -+ -+WARNING! DO NOT USE RANDOM HASH TYPE ON PARTITION WITH EXISTING IMPORTANT -+DATA ON IT. RANDOM HASH TYPE WILL DESTROY YOUR DATA. -+.IP "\fB\-I \fIloinit\fP" -+Passes a numeric value of \fIloinit\fP as a parameter to cipher transfer -+function. Cipher transfer functions are free to interpret value as they -+want. -+.IP "\fB\-K \fIgpgkey\fP" -+Password is piped to gpg so that gpg can decrypt file \fIgpgkey\fP which -+contains the real keys that are used to encrypt loop device. If decryption -+requires public/private keys and gpghome is not specified, all users use -+their own gpg public/private keys to decrypt \fIgpgkey\fP. Decrypted -+\fIgpgkey\fP should contain 1 or 64 or 65 keys, each key at least 20 -+characters and separated by newline. If decrypted \fIgpgkey\fP contains 64 -+or 65 keys, then loop device is put to multi-key mode. In multi-key mode -+first key is used for first sector, second key for second sector, and so on. -+65th key, if present, is used as additional input to MD5 IV computation. - .IP "\fB\-o \fIoffset\fP" - The data start is moved \fIoffset\fP bytes into the specified file or --device. --.IP "\fB\-p \fInum\fP" --Read the passphrase from file descriptor with number --.I num --instead of from the terminal. -+device. Normally offset is included in IV (initialization vector) -+computations. If offset is prefixed with @ character, then offset is not -+included in IV computations. @ prefix functionality may not be supported on -+some older kernels and/or loop drivers. -+.IP "\fB\-p \fIpasswdfd\fP" -+Read the passphrase from file descriptor \fIpasswdfd\fP instead of the -+terminal. If -K option is not being used (no gpg key file), then losetup -+attempts to read 65 keys from \fIpasswdfd\fP, each key at least 20 -+characters and separated by newline. If losetup successfully reads 64 or 65 -+keys, then loop device is put to multi-key mode. If losetup encounters -+end-of-file before 64 keys are read, then only first key is used in -+single-key mode. -+.IP "\fB\-r\fP" -+Read-only mode. -+.IP "\fB\-s \fIsizelimit\fP" -+Size of loop device is limited to \fIsizelimit\fP bytes. If unspecified or -+set to zero, loop device size is set to maximum available (file size minus -+offset). This option may not be supported on some older kernels and/or loop -+drivers. -+.IP "\fB\-S \fIpseed\fP" -+Sets encryption password seed \fIpseed\fP which is appended to user supplied -+password before hashing. Using different seeds for different partitions -+makes dictionary attacks slower but does not prevent them if user supplied -+password is guessable. Seed is not used in multi-key mode. -+.IP "\fB\-T\fP" -+Asks password twice. -+.IP "\fB\-v\fP" -+Verbose mode. - .SH RETURN VALUE - .B losetup - returns 0 on success, nonzero on failure. When -@@ -94,43 +143,26 @@ - - .SH FILES - .nf --/dev/loop0, /dev/loop1, ... loop devices (major=7) -+/dev/loop0,/dev/loop1,... loop devices (major=7) - .fi - .SH EXAMPLE --If you are using the loadable module you must have the module loaded --first with the command --.IP --# insmod loop.o --.LP --Maybe also encryption modules are needed. --.IP --# insmod des.o --# insmod cryptoloop.o --.LP - The following commands can be used as an example of using the loop device. - .nf --.IP --# dd if=/dev/zero of=/file bs=1k count=100 --# losetup -e des /dev/loop0 /file --Password: --Init (up to 16 hex digits): --# mkfs -t ext2 /dev/loop0 100 --# mount -t ext2 /dev/loop0 /mnt -+ -+dd if=/dev/zero of=/file bs=1k count=500 -+head -c 2925 /dev/random | uuencode -m - | head -n 66 \\ -+ | tail -n 65 | gpg --symmetric -a >/etc/fskey9.gpg -+losetup -e AES128 -K /etc/fskey9.gpg /dev/loop0 /file -+mkfs -t ext2 /dev/loop0 -+mount -t ext2 /dev/loop0 /mnt - ... --# umount /dev/loop0 --# losetup -d /dev/loop0 --.fi --.LP --If you are using the loadable module you may remove the module with --the command --.IP --# rmmod loop --.LP -+umount /dev/loop0 -+losetup -d /dev/loop0 - .fi - .SH RESTRICTION --DES encryption is painfully slow. On the other hand, XOR is terribly weak. --.\" .SH AUTHORS --.\" .nf --.\" Original version: Theodore Ts'o --.\" Original DES by: Eric Young --.\" .fi -+XOR encryption is terribly weak. -+.SH AUTHORS -+.nf -+Original version: Theodore Ts'o -+AES support: Jari Ruusu -+.fi ---- util-linux-2.12q/mount/loumount.c -+++ util-linux-2.12q/mount/loumount.c -@@ -0,0 +1,60 @@ -+/* -+ * loumount.c -+ * -+ * This code was extracted to separate file from lomount.c so that umount -+ * program doesn't have to link with all loop related setup code -+ */ -+ -+#define LOOPMAJOR 7 -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#include "loop.h" -+#include "lomount.h" -+#include "xstrncpy.h" -+#include "nls.h" -+ -+int -+is_loop_device (const char *device) { -+ struct stat statbuf; -+ -+ return (stat(device, &statbuf) == 0 && -+ S_ISBLK(statbuf.st_mode) && -+ major(statbuf.st_rdev) == LOOPMAJOR); -+} -+ -+int -+del_loop (const char *device) { -+ int fd; -+ -+ if ((fd = open (device, O_RDONLY)) < 0) { -+ int errsv = errno; -+ fprintf(stderr, _("loop: can't delete device %s: %s\n"), -+ device, strerror (errsv)); -+ return 1; -+ } -+ if (ioctl (fd, LOOP_CLR_FD, 0) < 0) { -+ perror ("ioctl: LOOP_CLR_FD"); -+ return 1; -+ } -+ close (fd); -+ if (verbose > 1) -+ printf(_("del_loop(%s): success\n"), device); -+ return 0; -+} ---- util-linux-2.12q/mount/Makefile -+++ util-linux-2.12q/mount/Makefile -@@ -29,7 +29,6 @@ - - MAYBE = pivot_root swapoff - --LO_OBJS = lomount.o $(LIB)/xstrncpy.o - NFS_OBJS = nfsmount.o nfsmount_xdr.o nfsmount_clnt.o - GEN_FILES = nfsmount.h nfsmount_xdr.c nfsmount_clnt.c - -@@ -49,24 +48,33 @@ - - mount: mount.o fstab.o sundries.o xmalloc.o realpath.o mntent.o version.o \ - get_label_uuid.o mount_by_label.o mount_blkid.o mount_guess_fstype.o \ -- getusername.o $(LIB)/setproctitle.o $(LIB)/env.o $(NFS_OBJS) $(LO_OBJS) -+ getusername.o $(LIB)/setproctitle.o $(LIB)/env.o $(NFS_OBJS) lomount.o \ -+ loumount.o loop.o sha512.o rmd160.o aes.o $(LIB)/xstrncpy.o - $(LINK) $^ -o $@ $(BLKID_LIB) - - umount: umount.o fstab.o sundries.o xmalloc.o realpath.o mntent.o \ - getusername.o get_label_uuid.o mount_by_label.o mount_blkid.o \ -- version.o $(LIB)/env.o $(LO_OBJS) -+ version.o $(LIB)/env.o loumount.o - $(LINK) $^ -o $@ $(BLKID_LIB) - - swapon: swapon.o version.o xmalloc.o \ -- get_label_uuid.o mount_by_label.o mount_blkid.o -+ get_label_uuid.o mount_by_label.o mount_blkid.o loop.o sha512.o $(LIB)/xstrncpy.o - $(LINK) $^ -o $@ $(BLKID_LIB) - - main_losetup.o: lomount.c - $(COMPILE) -DMAIN lomount.c -o $@ - --losetup: main_losetup.o $(LIB)/xstrncpy.o -+losetup: main_losetup.o loumount.o loop.o sha512.o rmd160.o aes.o $(LIB)/xstrncpy.o - $(LINK) $^ -o $@ - -+loop.o lomount.o main_losetup.o swapon.o: loop.h -+ -+sha512.o lomount.o main_losetup.o swapon.o: sha512.h -+ -+rmd160.o lomount.o main_losetup.o: rmd160.h -+ -+aes.o lomount.o main_losetup.o: aes.h -+ - mount.o umount.o nfsmount.o losetup.o fstab.o realpath.o sundries.o: sundries.h - - mount.o umount.o fstab.o sundries.o: fstab.h -@@ -79,9 +87,9 @@ - - mount.o umount.o getusername.o: getusername.h - --mount.o umount.o losetup.o lomount.o: lomount.h loop.h my_dev_t.h -+mount.o umount.o losetup.o lomount.o loumount.o: lomount.h loop.h - --swapon.o: swap_constants.h swapargs.h -+swapon.o: swap_constants.h swapargs.h loop.h - - sundries.o nfsmount.o nfsmount_xdr.o nfsmount_clnt.o: nfsmount.h - ---- util-linux-2.12q/mount/mount.8 -+++ util-linux-2.12q/mount/mount.8 -@@ -281,6 +281,16 @@ - .B \-v - Verbose mode. - .TP -+.B \-p "\fIpasswdfd\fP" -+If the mount requires a passphrase to be entered, read it from file -+descriptor \fIpasswdfd\fP instead of from the terminal. If mount uses -+encrypted loop device and gpgkey= mount option is not being used (no gpg key -+file), then mount attempts to read 65 keys from \fIpasswdfd\fP, each key at -+least 20 characters and separated by newline. If mount successfully reads 64 -+or 65 keys, then loop device is put to multi-key mode. If mount encounters -+end-of-file before 64 keys are read, then only first key is used in -+single-key mode. -+.TP - .B \-a - Mount all filesystems (of the given types) mentioned in - .IR fstab . -@@ -328,12 +338,6 @@ - .I /etc - is on a read-only file system. - .TP --.BI \-p " num" --In case of a loop mount with encryption, read the passphrase from --file descriptor --.I num --instead of from the terminal. --.TP - .B \-s - Tolerate sloppy mount options rather than failing. This will ignore - mount options not supported by a filesystem type. Not all filesystems -@@ -1841,13 +1845,17 @@ - and then mount this device on - .IR /mnt . - --This type of mount knows about three options, namely --.BR loop ", " offset " and " encryption , -+This type of mount knows about 10 options, namely -+.BR loop ", " offset ", " sizelimit ", " encryption ", " pseed ", " phash ", " loinit ", " gpgkey ", " gpghome " and " itercountk - that are really options to - .BR \%losetup (8). - (These options can be used in addition to those specific - to the filesystem type.) - -+If the mount requires a passphrase, you will be prompted for one unless you -+specify a file descriptor to read from instead with the -+.BR \-p -+option. - If no explicit loop device is mentioned - (but just an option `\fB\-o loop\fP' is given), then - .B mount ---- util-linux-2.12q/mount/mount.c -+++ util-linux-2.12q/mount/mount.c -@@ -11,6 +11,7 @@ - #include - #include - #include -+#include - - #include - #include -@@ -80,9 +81,6 @@ - /* True if ruid != euid. */ - static int suid = 0; - --/* Contains the fd to read the passphrase from, if any. */ --static int pfd = -1; -- - /* Map from -o and fstab option strings to the flag argument to mount(2). */ - struct opt_map { - const char *opt; /* option name */ -@@ -167,7 +165,7 @@ - { NULL, 0, 0, 0 } - }; - --static const char *opt_loopdev, *opt_vfstype, *opt_offset, *opt_encryption, -+static const char *opt_loopdev, *opt_vfstype, - *opt_speed, *opt_comment; - - static struct string_opt_map { -@@ -177,8 +175,15 @@ - } string_opt_map[] = { - { "loop=", 0, &opt_loopdev }, - { "vfs=", 1, &opt_vfstype }, -- { "offset=", 0, &opt_offset }, -- { "encryption=", 0, &opt_encryption }, -+ { "pseed=", 1, (const char **)&passSeedString }, -+ { "phash=", 0, (const char **)&passHashFuncName }, -+ { "loinit=", 0, (const char **)&loInitValue }, -+ { "gpgkey=", 0, (const char **)&gpgKeyFile }, -+ { "gpghome=", 0, (const char **)&gpgHomeDir }, -+ { "itercountk=", 1, (const char **)&passIterThousands }, -+ { "offset=", 0, (const char **)&loopOffsetBytes }, -+ { "sizelimit=", 0, (const char **)&loopSizeBytes }, -+ { "encryption=", 0, (const char **)&loopEncryptionType }, - { "speed=", 0, &opt_speed }, - { "comment=", 1, &opt_comment }, - { NULL, 0, NULL } -@@ -580,9 +585,8 @@ - - static int - loop_check(const char **spec, const char **type, int *flags, -- int *loop, const char **loopdev, const char **loopfile) { -+ int *loop, const char **loopdev, const char **loopfile, unsigned int *AutoChmodPtr) { - int looptype; -- unsigned long long offset; - - /* - * In the case of a loop mount, either type is of the form lo@/dev/loop5 -@@ -607,7 +611,7 @@ - *type = opt_vfstype; - } - -- *loop = ((*flags & MS_LOOP) || *loopdev || opt_offset || opt_encryption); -+ *loop = ((*flags & MS_LOOP) || *loopdev || loopOffsetBytes || loopSizeBytes || loopEncryptionType); - *loopfile = *spec; - - if (*loop) { -@@ -624,9 +628,7 @@ - return EX_SYSERR; /* no more loop devices */ - if (verbose) - printf(_("mount: going to use the loop device %s\n"), *loopdev); -- offset = opt_offset ? strtoull(opt_offset, NULL, 0) : 0; -- if (set_loop(*loopdev, *loopfile, offset, -- opt_encryption, pfd, &loopro)) { -+ if (set_loop (*loopdev, *loopfile, &loopro, type, AutoChmodPtr)) { - if (verbose) - printf(_("mount: failed setting up loop device\n")); - return EX_FAIL; -@@ -687,14 +689,6 @@ - } - - static void --set_pfd(char *s) { -- if (!isdigit(*s)) -- die(EX_USAGE, -- _("mount: argument to -p or --pass-fd must be a number")); -- pfd = atoi(optarg); --} -- --static void - cdrom_setspeed(const char *spec) { - #define CDROM_SELECT_SPEED 0x5322 /* Set the CD-ROM speed */ - if (opt_speed) { -@@ -788,6 +782,7 @@ - const char *opts, *spec, *node, *types; - char *user = 0; - int loop = 0; -+ unsigned int LoopMountAutomaticChmod = 0; - const char *loopdev = 0, *loopfile = 0; - struct stat statbuf; - int nfs_mount_version = 0; /* any version */ -@@ -820,7 +815,7 @@ - * stale assignments of files to loop devices. Nasty when used for - * encryption. - */ -- res = loop_check(&spec, &types, &flags, &loop, &loopdev, &loopfile); -+ res = loop_check(&spec, &types, &flags, &loop, &loopdev, &loopfile, &LoopMountAutomaticChmod); - if (res) - goto out; - } -@@ -855,9 +850,20 @@ - - block_signals (SIG_BLOCK); - -- if (!fake) -+ if (!fake) { - mnt5_res = guess_fstype_and_mount (spec, node, &types, flags & ~MS_NOSYS, - mount_opts); -+ if(!mnt5_res && LoopMountAutomaticChmod && (getuid() == 0)) { -+ /* -+ * If loop was set up using random keys and new file system -+ * was created on the loop device, initial permissions for -+ * file system root directory need to be set here. -+ */ -+ if(chmod(node, LoopMountAutomaticChmod)) { -+ error (_("Error: encrypted file system chmod() failed")); -+ } -+ } -+ } - - if (fake || mnt5_res == 0) { - /* Mount succeeded, report this (if verbose) and write mtab entry. */ -@@ -1530,8 +1536,8 @@ - else - test_opts = xstrdup(optarg); - break; -- case 'p': /* fd on which to read passwd */ -- set_pfd(optarg); -+ case 'p': /* read passphrase from given fd */ -+ passFDnumber = optarg; - break; - case 'r': /* mount readonly */ - readonly = 1; ---- util-linux-2.12q/mount/rmd160.c -+++ util-linux-2.12q/mount/rmd160.c -@@ -0,0 +1,532 @@ -+/* rmd160.c - RIPE-MD160 -+ * Copyright (C) 1998 Free Software Foundation, Inc. -+ */ -+ -+/* This file was part of GnuPG. Modified for use within the Linux -+ * mount utility by Marc Mutz . None of this code is -+ * by myself. I just removed everything that you don't need when all -+ * you want to do is to use rmd160_hash_buffer(). -+ * My comments are marked with (mm). */ -+ -+/* GnuPG is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 2 of the License, or -+ * (at your option) any later version. -+ * -+ * GnuPG is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ -+ -+#include /* (mm) for memcpy */ -+#include /* (mm) for BIG_ENDIAN and BYTE_ORDER */ -+#include "rmd160.h" -+ -+/* (mm) these are used by the original GnuPG file. In order to modify -+ * that file not too much, we keep the notations. maybe it would be -+ * better to include linux/types.h and typedef __u32 to u32 and __u8 -+ * to byte? */ -+typedef unsigned int u32; /* taken from e.g. util-linux's minix.h */ -+typedef unsigned char byte; -+ -+typedef struct { -+ u32 h0,h1,h2,h3,h4; -+ u32 nblocks; -+ byte buf[64]; -+ int count; -+} RMD160_CONTEXT; -+ -+/**************** -+ * Rotate a 32 bit integer by n bytes -+ */ -+#if defined(__GNUC__) && defined(__i386__) -+static inline u32 -+rol( u32 x, int n) -+{ -+ __asm__("roll %%cl,%0" -+ :"=r" (x) -+ :"0" (x),"c" (n)); -+ return x; -+} -+#else -+ #define rol(x,n) ( ((x) << (n)) | ((x) >> (32-(n))) ) -+#endif -+ -+/********************************* -+ * RIPEMD-160 is not patented, see (as of 25.10.97) -+ * http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html -+ * Note that the code uses Little Endian byteorder, which is good for -+ * 386 etc, but we must add some conversion when used on a big endian box. -+ * -+ * -+ * Pseudo-code for RIPEMD-160 -+ * -+ * RIPEMD-160 is an iterative hash function that operates on 32-bit words. -+ * The round function takes as input a 5-word chaining variable and a 16-word -+ * message block and maps this to a new chaining variable. All operations are -+ * defined on 32-bit words. Padding is identical to that of MD4. -+ * -+ * -+ * RIPEMD-160: definitions -+ * -+ * -+ * nonlinear functions at bit level: exor, mux, -, mux, - -+ * -+ * f(j, x, y, z) = x XOR y XOR z (0 <= j <= 15) -+ * f(j, x, y, z) = (x AND y) OR (NOT(x) AND z) (16 <= j <= 31) -+ * f(j, x, y, z) = (x OR NOT(y)) XOR z (32 <= j <= 47) -+ * f(j, x, y, z) = (x AND z) OR (y AND NOT(z)) (48 <= j <= 63) -+ * f(j, x, y, z) = x XOR (y OR NOT(z)) (64 <= j <= 79) -+ * -+ * -+ * added constants (hexadecimal) -+ * -+ * K(j) = 0x00000000 (0 <= j <= 15) -+ * K(j) = 0x5A827999 (16 <= j <= 31) int(2**30 x sqrt(2)) -+ * K(j) = 0x6ED9EBA1 (32 <= j <= 47) int(2**30 x sqrt(3)) -+ * K(j) = 0x8F1BBCDC (48 <= j <= 63) int(2**30 x sqrt(5)) -+ * K(j) = 0xA953FD4E (64 <= j <= 79) int(2**30 x sqrt(7)) -+ * K'(j) = 0x50A28BE6 (0 <= j <= 15) int(2**30 x cbrt(2)) -+ * K'(j) = 0x5C4DD124 (16 <= j <= 31) int(2**30 x cbrt(3)) -+ * K'(j) = 0x6D703EF3 (32 <= j <= 47) int(2**30 x cbrt(5)) -+ * K'(j) = 0x7A6D76E9 (48 <= j <= 63) int(2**30 x cbrt(7)) -+ * K'(j) = 0x00000000 (64 <= j <= 79) -+ * -+ * -+ * selection of message word -+ * -+ * r(j) = j (0 <= j <= 15) -+ * r(16..31) = 7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8 -+ * r(32..47) = 3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12 -+ * r(48..63) = 1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2 -+ * r(64..79) = 4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13 -+ * r0(0..15) = 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12 -+ * r0(16..31)= 6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2 -+ * r0(32..47)= 15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13 -+ * r0(48..63)= 8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14 -+ * r0(64..79)= 12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11 -+ * -+ * -+ * amount for rotate left (rol) -+ * -+ * s(0..15) = 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8 -+ * s(16..31) = 7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12 -+ * s(32..47) = 11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5 -+ * s(48..63) = 11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12 -+ * s(64..79) = 9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6 -+ * s'(0..15) = 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6 -+ * s'(16..31)= 9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11 -+ * s'(32..47)= 9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5 -+ * s'(48..63)= 15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8 -+ * s'(64..79)= 8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11 -+ * -+ * -+ * initial value (hexadecimal) -+ * -+ * h0 = 0x67452301; h1 = 0xEFCDAB89; h2 = 0x98BADCFE; h3 = 0x10325476; -+ * h4 = 0xC3D2E1F0; -+ * -+ * -+ * RIPEMD-160: pseudo-code -+ * -+ * It is assumed that the message after padding consists of t 16-word blocks -+ * that will be denoted with X[i][j], with 0 <= i <= t-1 and 0 <= j <= 15. -+ * The symbol [+] denotes addition modulo 2**32 and rol_s denotes cyclic left -+ * shift (rotate) over s positions. -+ * -+ * -+ * for i := 0 to t-1 { -+ * A := h0; B := h1; C := h2; D = h3; E = h4; -+ * A' := h0; B' := h1; C' := h2; D' = h3; E' = h4; -+ * for j := 0 to 79 { -+ * T := rol_s(j)(A [+] f(j, B, C, D) [+] X[i][r(j)] [+] K(j)) [+] E; -+ * A := E; E := D; D := rol_10(C); C := B; B := T; -+ * T := rol_s'(j)(A' [+] f(79-j, B', C', D') [+] X[i][r'(j)] -+ [+] K'(j)) [+] E'; -+ * A' := E'; E' := D'; D' := rol_10(C'); C' := B'; B' := T; -+ * } -+ * T := h1 [+] C [+] D'; h1 := h2 [+] D [+] E'; h2 := h3 [+] E [+] A'; -+ * h3 := h4 [+] A [+] B'; h4 := h0 [+] B [+] C'; h0 := T; -+ * } -+ */ -+ -+/* Some examples: -+ * "" 9c1185a5c5e9fc54612808977ee8f548b2258d31 -+ * "a" 0bdc9d2d256b3ee9daae347be6f4dc835a467ffe -+ * "abc" 8eb208f7e05d987a9b044a8e98c6b087f15a0bfc -+ * "message digest" 5d0689ef49d2fae572b881b123a85ffa21595f36 -+ * "a...z" f71c27109c692c1b56bbdceb5b9d2865b3708dbc -+ * "abcdbcde...nopq" 12a053384a9c0c88e405a06c27dcf49ada62eb2b -+ * "A...Za...z0...9" b0e20b6e3116640286ed3a87a5713079b21f5189 -+ * 8 times "1234567890" 9b752e45573d4b39f4dbd3323cab82bf63326bfb -+ * 1 million times "a" 52783243c1697bdbe16d37f97f68f08325dc1528 -+ */ -+ -+ -+static void -+rmd160_init( RMD160_CONTEXT *hd ) -+{ -+ hd->h0 = 0x67452301; -+ hd->h1 = 0xEFCDAB89; -+ hd->h2 = 0x98BADCFE; -+ hd->h3 = 0x10325476; -+ hd->h4 = 0xC3D2E1F0; -+ hd->nblocks = 0; -+ hd->count = 0; -+} -+ -+ -+ -+/**************** -+ * Transform the message X which consists of 16 32-bit-words -+ */ -+static void -+transform( RMD160_CONTEXT *hd, byte *data ) -+{ -+ u32 a,b,c,d,e,aa,bb,cc,dd,ee,t; -+ #if BYTE_ORDER == BIG_ENDIAN -+ u32 x[16]; -+ { int i; -+ byte *p2, *p1; -+ for(i=0, p1=data, p2=(byte*)x; i < 16; i++, p2 += 4 ) { -+ p2[3] = *p1++; -+ p2[2] = *p1++; -+ p2[1] = *p1++; -+ p2[0] = *p1++; -+ } -+ } -+ #else -+ #if 0 -+ u32 *x =(u32*)data; -+ #else -+ /* this version is better because it is always aligned; -+ * The performance penalty on a 586-100 is about 6% which -+ * is acceptable - because the data is more local it might -+ * also be possible that this is faster on some machines. -+ * This function (when compiled with -02 on gcc 2.7.2) -+ * executes on a 586-100 (39.73 bogomips) at about 1900kb/sec; -+ * [measured with a 4MB data and "gpgm --print-md rmd160"] */ -+ u32 x[16]; -+ memcpy( x, data, 64 ); -+ #endif -+ #endif -+ -+ -+#define K0 0x00000000 -+#define K1 0x5A827999 -+#define K2 0x6ED9EBA1 -+#define K3 0x8F1BBCDC -+#define K4 0xA953FD4E -+#define KK0 0x50A28BE6 -+#define KK1 0x5C4DD124 -+#define KK2 0x6D703EF3 -+#define KK3 0x7A6D76E9 -+#define KK4 0x00000000 -+#define F0(x,y,z) ( (x) ^ (y) ^ (z) ) -+#define F1(x,y,z) ( ((x) & (y)) | (~(x) & (z)) ) -+#define F2(x,y,z) ( ((x) | ~(y)) ^ (z) ) -+#define F3(x,y,z) ( ((x) & (z)) | ((y) & ~(z)) ) -+#define F4(x,y,z) ( (x) ^ ((y) | ~(z)) ) -+#define R(a,b,c,d,e,f,k,r,s) do { t = a + f(b,c,d) + k + x[r]; \ -+ a = rol(t,s) + e; \ -+ c = rol(c,10); \ -+ } while(0) -+ -+ /* left lane */ -+ a = hd->h0; -+ b = hd->h1; -+ c = hd->h2; -+ d = hd->h3; -+ e = hd->h4; -+ R( a, b, c, d, e, F0, K0, 0, 11 ); -+ R( e, a, b, c, d, F0, K0, 1, 14 ); -+ R( d, e, a, b, c, F0, K0, 2, 15 ); -+ R( c, d, e, a, b, F0, K0, 3, 12 ); -+ R( b, c, d, e, a, F0, K0, 4, 5 ); -+ R( a, b, c, d, e, F0, K0, 5, 8 ); -+ R( e, a, b, c, d, F0, K0, 6, 7 ); -+ R( d, e, a, b, c, F0, K0, 7, 9 ); -+ R( c, d, e, a, b, F0, K0, 8, 11 ); -+ R( b, c, d, e, a, F0, K0, 9, 13 ); -+ R( a, b, c, d, e, F0, K0, 10, 14 ); -+ R( e, a, b, c, d, F0, K0, 11, 15 ); -+ R( d, e, a, b, c, F0, K0, 12, 6 ); -+ R( c, d, e, a, b, F0, K0, 13, 7 ); -+ R( b, c, d, e, a, F0, K0, 14, 9 ); -+ R( a, b, c, d, e, F0, K0, 15, 8 ); -+ R( e, a, b, c, d, F1, K1, 7, 7 ); -+ R( d, e, a, b, c, F1, K1, 4, 6 ); -+ R( c, d, e, a, b, F1, K1, 13, 8 ); -+ R( b, c, d, e, a, F1, K1, 1, 13 ); -+ R( a, b, c, d, e, F1, K1, 10, 11 ); -+ R( e, a, b, c, d, F1, K1, 6, 9 ); -+ R( d, e, a, b, c, F1, K1, 15, 7 ); -+ R( c, d, e, a, b, F1, K1, 3, 15 ); -+ R( b, c, d, e, a, F1, K1, 12, 7 ); -+ R( a, b, c, d, e, F1, K1, 0, 12 ); -+ R( e, a, b, c, d, F1, K1, 9, 15 ); -+ R( d, e, a, b, c, F1, K1, 5, 9 ); -+ R( c, d, e, a, b, F1, K1, 2, 11 ); -+ R( b, c, d, e, a, F1, K1, 14, 7 ); -+ R( a, b, c, d, e, F1, K1, 11, 13 ); -+ R( e, a, b, c, d, F1, K1, 8, 12 ); -+ R( d, e, a, b, c, F2, K2, 3, 11 ); -+ R( c, d, e, a, b, F2, K2, 10, 13 ); -+ R( b, c, d, e, a, F2, K2, 14, 6 ); -+ R( a, b, c, d, e, F2, K2, 4, 7 ); -+ R( e, a, b, c, d, F2, K2, 9, 14 ); -+ R( d, e, a, b, c, F2, K2, 15, 9 ); -+ R( c, d, e, a, b, F2, K2, 8, 13 ); -+ R( b, c, d, e, a, F2, K2, 1, 15 ); -+ R( a, b, c, d, e, F2, K2, 2, 14 ); -+ R( e, a, b, c, d, F2, K2, 7, 8 ); -+ R( d, e, a, b, c, F2, K2, 0, 13 ); -+ R( c, d, e, a, b, F2, K2, 6, 6 ); -+ R( b, c, d, e, a, F2, K2, 13, 5 ); -+ R( a, b, c, d, e, F2, K2, 11, 12 ); -+ R( e, a, b, c, d, F2, K2, 5, 7 ); -+ R( d, e, a, b, c, F2, K2, 12, 5 ); -+ R( c, d, e, a, b, F3, K3, 1, 11 ); -+ R( b, c, d, e, a, F3, K3, 9, 12 ); -+ R( a, b, c, d, e, F3, K3, 11, 14 ); -+ R( e, a, b, c, d, F3, K3, 10, 15 ); -+ R( d, e, a, b, c, F3, K3, 0, 14 ); -+ R( c, d, e, a, b, F3, K3, 8, 15 ); -+ R( b, c, d, e, a, F3, K3, 12, 9 ); -+ R( a, b, c, d, e, F3, K3, 4, 8 ); -+ R( e, a, b, c, d, F3, K3, 13, 9 ); -+ R( d, e, a, b, c, F3, K3, 3, 14 ); -+ R( c, d, e, a, b, F3, K3, 7, 5 ); -+ R( b, c, d, e, a, F3, K3, 15, 6 ); -+ R( a, b, c, d, e, F3, K3, 14, 8 ); -+ R( e, a, b, c, d, F3, K3, 5, 6 ); -+ R( d, e, a, b, c, F3, K3, 6, 5 ); -+ R( c, d, e, a, b, F3, K3, 2, 12 ); -+ R( b, c, d, e, a, F4, K4, 4, 9 ); -+ R( a, b, c, d, e, F4, K4, 0, 15 ); -+ R( e, a, b, c, d, F4, K4, 5, 5 ); -+ R( d, e, a, b, c, F4, K4, 9, 11 ); -+ R( c, d, e, a, b, F4, K4, 7, 6 ); -+ R( b, c, d, e, a, F4, K4, 12, 8 ); -+ R( a, b, c, d, e, F4, K4, 2, 13 ); -+ R( e, a, b, c, d, F4, K4, 10, 12 ); -+ R( d, e, a, b, c, F4, K4, 14, 5 ); -+ R( c, d, e, a, b, F4, K4, 1, 12 ); -+ R( b, c, d, e, a, F4, K4, 3, 13 ); -+ R( a, b, c, d, e, F4, K4, 8, 14 ); -+ R( e, a, b, c, d, F4, K4, 11, 11 ); -+ R( d, e, a, b, c, F4, K4, 6, 8 ); -+ R( c, d, e, a, b, F4, K4, 15, 5 ); -+ R( b, c, d, e, a, F4, K4, 13, 6 ); -+ -+ aa = a; bb = b; cc = c; dd = d; ee = e; -+ -+ /* right lane */ -+ a = hd->h0; -+ b = hd->h1; -+ c = hd->h2; -+ d = hd->h3; -+ e = hd->h4; -+ R( a, b, c, d, e, F4, KK0, 5, 8); -+ R( e, a, b, c, d, F4, KK0, 14, 9); -+ R( d, e, a, b, c, F4, KK0, 7, 9); -+ R( c, d, e, a, b, F4, KK0, 0, 11); -+ R( b, c, d, e, a, F4, KK0, 9, 13); -+ R( a, b, c, d, e, F4, KK0, 2, 15); -+ R( e, a, b, c, d, F4, KK0, 11, 15); -+ R( d, e, a, b, c, F4, KK0, 4, 5); -+ R( c, d, e, a, b, F4, KK0, 13, 7); -+ R( b, c, d, e, a, F4, KK0, 6, 7); -+ R( a, b, c, d, e, F4, KK0, 15, 8); -+ R( e, a, b, c, d, F4, KK0, 8, 11); -+ R( d, e, a, b, c, F4, KK0, 1, 14); -+ R( c, d, e, a, b, F4, KK0, 10, 14); -+ R( b, c, d, e, a, F4, KK0, 3, 12); -+ R( a, b, c, d, e, F4, KK0, 12, 6); -+ R( e, a, b, c, d, F3, KK1, 6, 9); -+ R( d, e, a, b, c, F3, KK1, 11, 13); -+ R( c, d, e, a, b, F3, KK1, 3, 15); -+ R( b, c, d, e, a, F3, KK1, 7, 7); -+ R( a, b, c, d, e, F3, KK1, 0, 12); -+ R( e, a, b, c, d, F3, KK1, 13, 8); -+ R( d, e, a, b, c, F3, KK1, 5, 9); -+ R( c, d, e, a, b, F3, KK1, 10, 11); -+ R( b, c, d, e, a, F3, KK1, 14, 7); -+ R( a, b, c, d, e, F3, KK1, 15, 7); -+ R( e, a, b, c, d, F3, KK1, 8, 12); -+ R( d, e, a, b, c, F3, KK1, 12, 7); -+ R( c, d, e, a, b, F3, KK1, 4, 6); -+ R( b, c, d, e, a, F3, KK1, 9, 15); -+ R( a, b, c, d, e, F3, KK1, 1, 13); -+ R( e, a, b, c, d, F3, KK1, 2, 11); -+ R( d, e, a, b, c, F2, KK2, 15, 9); -+ R( c, d, e, a, b, F2, KK2, 5, 7); -+ R( b, c, d, e, a, F2, KK2, 1, 15); -+ R( a, b, c, d, e, F2, KK2, 3, 11); -+ R( e, a, b, c, d, F2, KK2, 7, 8); -+ R( d, e, a, b, c, F2, KK2, 14, 6); -+ R( c, d, e, a, b, F2, KK2, 6, 6); -+ R( b, c, d, e, a, F2, KK2, 9, 14); -+ R( a, b, c, d, e, F2, KK2, 11, 12); -+ R( e, a, b, c, d, F2, KK2, 8, 13); -+ R( d, e, a, b, c, F2, KK2, 12, 5); -+ R( c, d, e, a, b, F2, KK2, 2, 14); -+ R( b, c, d, e, a, F2, KK2, 10, 13); -+ R( a, b, c, d, e, F2, KK2, 0, 13); -+ R( e, a, b, c, d, F2, KK2, 4, 7); -+ R( d, e, a, b, c, F2, KK2, 13, 5); -+ R( c, d, e, a, b, F1, KK3, 8, 15); -+ R( b, c, d, e, a, F1, KK3, 6, 5); -+ R( a, b, c, d, e, F1, KK3, 4, 8); -+ R( e, a, b, c, d, F1, KK3, 1, 11); -+ R( d, e, a, b, c, F1, KK3, 3, 14); -+ R( c, d, e, a, b, F1, KK3, 11, 14); -+ R( b, c, d, e, a, F1, KK3, 15, 6); -+ R( a, b, c, d, e, F1, KK3, 0, 14); -+ R( e, a, b, c, d, F1, KK3, 5, 6); -+ R( d, e, a, b, c, F1, KK3, 12, 9); -+ R( c, d, e, a, b, F1, KK3, 2, 12); -+ R( b, c, d, e, a, F1, KK3, 13, 9); -+ R( a, b, c, d, e, F1, KK3, 9, 12); -+ R( e, a, b, c, d, F1, KK3, 7, 5); -+ R( d, e, a, b, c, F1, KK3, 10, 15); -+ R( c, d, e, a, b, F1, KK3, 14, 8); -+ R( b, c, d, e, a, F0, KK4, 12, 8); -+ R( a, b, c, d, e, F0, KK4, 15, 5); -+ R( e, a, b, c, d, F0, KK4, 10, 12); -+ R( d, e, a, b, c, F0, KK4, 4, 9); -+ R( c, d, e, a, b, F0, KK4, 1, 12); -+ R( b, c, d, e, a, F0, KK4, 5, 5); -+ R( a, b, c, d, e, F0, KK4, 8, 14); -+ R( e, a, b, c, d, F0, KK4, 7, 6); -+ R( d, e, a, b, c, F0, KK4, 6, 8); -+ R( c, d, e, a, b, F0, KK4, 2, 13); -+ R( b, c, d, e, a, F0, KK4, 13, 6); -+ R( a, b, c, d, e, F0, KK4, 14, 5); -+ R( e, a, b, c, d, F0, KK4, 0, 15); -+ R( d, e, a, b, c, F0, KK4, 3, 13); -+ R( c, d, e, a, b, F0, KK4, 9, 11); -+ R( b, c, d, e, a, F0, KK4, 11, 11); -+ -+ -+ t = hd->h1 + d + cc; -+ hd->h1 = hd->h2 + e + dd; -+ hd->h2 = hd->h3 + a + ee; -+ hd->h3 = hd->h4 + b + aa; -+ hd->h4 = hd->h0 + c + bb; -+ hd->h0 = t; -+} -+ -+ -+/* Update the message digest with the contents -+ * of INBUF with length INLEN. -+ */ -+static void -+rmd160_write( RMD160_CONTEXT *hd, byte *inbuf, size_t inlen) -+{ -+ if( hd->count == 64 ) { /* flush the buffer */ -+ transform( hd, hd->buf ); -+ hd->count = 0; -+ hd->nblocks++; -+ } -+ if( !inbuf ) -+ return; -+ if( hd->count ) { -+ for( ; inlen && hd->count < 64; inlen-- ) -+ hd->buf[hd->count++] = *inbuf++; -+ rmd160_write( hd, NULL, 0 ); -+ if( !inlen ) -+ return; -+ } -+ -+ while( inlen >= 64 ) { -+ transform( hd, inbuf ); -+ hd->count = 0; -+ hd->nblocks++; -+ inlen -= 64; -+ inbuf += 64; -+ } -+ for( ; inlen && hd->count < 64; inlen-- ) -+ hd->buf[hd->count++] = *inbuf++; -+} -+ -+/* The routine terminates the computation -+ */ -+ -+static void -+rmd160_final( RMD160_CONTEXT *hd ) -+{ -+ u32 t, msb, lsb; -+ byte *p; -+ -+ rmd160_write(hd, NULL, 0); /* flush */; -+ -+ msb = 0; -+ t = hd->nblocks; -+ if( (lsb = t << 6) < t ) /* multiply by 64 to make a byte count */ -+ msb++; -+ msb += t >> 26; -+ t = lsb; -+ if( (lsb = t + hd->count) < t ) /* add the count */ -+ msb++; -+ t = lsb; -+ if( (lsb = t << 3) < t ) /* multiply by 8 to make a bit count */ -+ msb++; -+ msb += t >> 29; -+ -+ if( hd->count < 56 ) { /* enough room */ -+ hd->buf[hd->count++] = 0x80; /* pad */ -+ while( hd->count < 56 ) -+ hd->buf[hd->count++] = 0; /* pad */ -+ } -+ else { /* need one extra block */ -+ hd->buf[hd->count++] = 0x80; /* pad character */ -+ while( hd->count < 64 ) -+ hd->buf[hd->count++] = 0; -+ rmd160_write(hd, NULL, 0); /* flush */; -+ memset(hd->buf, 0, 56 ); /* fill next block with zeroes */ -+ } -+ /* append the 64 bit count */ -+ hd->buf[56] = lsb ; -+ hd->buf[57] = lsb >> 8; -+ hd->buf[58] = lsb >> 16; -+ hd->buf[59] = lsb >> 24; -+ hd->buf[60] = msb ; -+ hd->buf[61] = msb >> 8; -+ hd->buf[62] = msb >> 16; -+ hd->buf[63] = msb >> 24; -+ transform( hd, hd->buf ); -+ -+ p = hd->buf; -+ #if BYTE_ORDER == BIG_ENDIAN -+ #define X(a) do { *p++ = hd->h##a ; *p++ = hd->h##a >> 8; \ -+ *p++ = hd->h##a >> 16; *p++ = hd->h##a >> 24; } while(0) -+ #else /* little endian */ -+ #define X(a) do { *(u32*)p = hd->h##a ; p += 4; } while(0) -+ #endif -+ X(0); -+ X(1); -+ X(2); -+ X(3); -+ X(4); -+ #undef X -+} -+ -+/**************** -+ * Shortcut functions which puts the hash value of the supplied buffer -+ * into outbuf which must have a size of 20 bytes. -+ */ -+void -+rmd160_hash_buffer( char *outbuf, const char *buffer, size_t length ) -+{ -+ RMD160_CONTEXT hd; -+ -+ rmd160_init( &hd ); -+ rmd160_write( &hd, (byte*)buffer, length ); -+ rmd160_final( &hd ); -+ memcpy( outbuf, hd.buf, 20 ); -+} ---- util-linux-2.12q/mount/rmd160.h -+++ util-linux-2.12q/mount/rmd160.h -@@ -0,0 +1,9 @@ -+#ifndef RMD160_H -+#define RMD160_H -+ -+void -+rmd160_hash_buffer( char *outbuf, const char *buffer, size_t length ); -+ -+#endif /*RMD160_H*/ -+ -+ ---- util-linux-2.12q/mount/sha512.c -+++ util-linux-2.12q/mount/sha512.c -@@ -0,0 +1,432 @@ -+/* -+ * sha512.c -+ * -+ * Written by Jari Ruusu, April 16 2001 -+ * -+ * Copyright 2001 by Jari Ruusu. -+ * Redistribution of this file is permitted under the GNU Public License. -+ */ -+ -+#include -+#include -+#include "sha512.h" -+ -+/* Define one or more of these. If none is defined, you get all of them */ -+#if !defined(SHA256_NEEDED)&&!defined(SHA512_NEEDED)&&!defined(SHA384_NEEDED) -+# define SHA256_NEEDED 1 -+# define SHA512_NEEDED 1 -+# define SHA384_NEEDED 1 -+#endif -+ -+#if defined(SHA256_NEEDED) -+static const u_int32_t sha256_hashInit[8] = { -+ 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, -+ 0x1f83d9ab, 0x5be0cd19 -+}; -+static const u_int32_t sha256_K[64] = { -+ 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, -+ 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, -+ 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786, -+ 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, -+ 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, -+ 0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, -+ 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b, -+ 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, -+ 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, -+ 0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, -+ 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 -+}; -+#endif -+ -+#if defined(SHA512_NEEDED) -+static const u_int64_t sha512_hashInit[8] = { -+ 0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL, 0x3c6ef372fe94f82bULL, -+ 0xa54ff53a5f1d36f1ULL, 0x510e527fade682d1ULL, 0x9b05688c2b3e6c1fULL, -+ 0x1f83d9abfb41bd6bULL, 0x5be0cd19137e2179ULL -+}; -+#endif -+ -+#if defined(SHA384_NEEDED) -+static const u_int64_t sha384_hashInit[8] = { -+ 0xcbbb9d5dc1059ed8ULL, 0x629a292a367cd507ULL, 0x9159015a3070dd17ULL, -+ 0x152fecd8f70e5939ULL, 0x67332667ffc00b31ULL, 0x8eb44a8768581511ULL, -+ 0xdb0c2e0d64f98fa7ULL, 0x47b5481dbefa4fa4ULL -+}; -+#endif -+ -+#if defined(SHA512_NEEDED) || defined(SHA384_NEEDED) -+static const u_int64_t sha512_K[80] = { -+ 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL, -+ 0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL, -+ 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, 0xd807aa98a3030242ULL, -+ 0x12835b0145706fbeULL, 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL, -+ 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, 0x9bdc06a725c71235ULL, -+ 0xc19bf174cf692694ULL, 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL, -+ 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, 0x2de92c6f592b0275ULL, -+ 0x4a7484aa6ea6e483ULL, 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL, -+ 0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL, 0xb00327c898fb213fULL, -+ 0xbf597fc7beef0ee4ULL, 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL, -+ 0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, 0x27b70a8546d22ffcULL, -+ 0x2e1b21385c26c926ULL, 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL, -+ 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, 0x81c2c92e47edaee6ULL, -+ 0x92722c851482353bULL, 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL, -+ 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, 0xd192e819d6ef5218ULL, -+ 0xd69906245565a910ULL, 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL, -+ 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, 0x2748774cdf8eeb99ULL, -+ 0x34b0bcb5e19b48a8ULL, 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL, -+ 0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL, 0x748f82ee5defb2fcULL, -+ 0x78a5636f43172f60ULL, 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL, -+ 0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, 0xbef9a3f7b2c67915ULL, -+ 0xc67178f2e372532bULL, 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL, -+ 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, 0x06f067aa72176fbaULL, -+ 0x0a637dc5a2c898a6ULL, 0x113f9804bef90daeULL, 0x1b710b35131c471bULL, -+ 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, 0x3c9ebe0a15c9bebcULL, -+ 0x431d67c49c100d4cULL, 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, -+ 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL -+}; -+#endif -+ -+#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) -+#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) -+#define R(x,y) ((y) >> (x)) -+ -+#if defined(SHA256_NEEDED) -+void sha256_init(sha256_context *ctx) -+{ -+ memcpy(&ctx->sha_H[0], &sha256_hashInit[0], sizeof(ctx->sha_H)); -+ ctx->sha_blocks = 0; -+ ctx->sha_bufCnt = 0; -+} -+ -+#define S(x,y) (((y) >> (x)) | ((y) << (32 - (x)))) -+#define uSig0(x) ((S(2,(x))) ^ (S(13,(x))) ^ (S(22,(x)))) -+#define uSig1(x) ((S(6,(x))) ^ (S(11,(x))) ^ (S(25,(x)))) -+#define lSig0(x) ((S(7,(x))) ^ (S(18,(x))) ^ (R(3,(x)))) -+#define lSig1(x) ((S(17,(x))) ^ (S(19,(x))) ^ (R(10,(x)))) -+ -+static void sha256_transform(sha256_context *ctx, unsigned char *datap) -+{ -+ register int j; -+ u_int32_t a, b, c, d, e, f, g, h; -+ u_int32_t T1, T2, W[64], Wm2, Wm15; -+ -+ /* read the data, big endian byte order */ -+ j = 0; -+ do { -+ W[j] = (((u_int32_t)(datap[0]))<<24) | (((u_int32_t)(datap[1]))<<16) | -+ (((u_int32_t)(datap[2]))<<8 ) | ((u_int32_t)(datap[3])); -+ datap += 4; -+ } while(++j < 16); -+ -+ /* initialize variables a...h */ -+ a = ctx->sha_H[0]; -+ b = ctx->sha_H[1]; -+ c = ctx->sha_H[2]; -+ d = ctx->sha_H[3]; -+ e = ctx->sha_H[4]; -+ f = ctx->sha_H[5]; -+ g = ctx->sha_H[6]; -+ h = ctx->sha_H[7]; -+ -+ /* apply compression function */ -+ j = 0; -+ do { -+ if(j >= 16) { -+ Wm2 = W[j - 2]; -+ Wm15 = W[j - 15]; -+ W[j] = lSig1(Wm2) + W[j - 7] + lSig0(Wm15) + W[j - 16]; -+ } -+ T1 = h + uSig1(e) + Ch(e,f,g) + sha256_K[j] + W[j]; -+ T2 = uSig0(a) + Maj(a,b,c); -+ h = g; g = f; f = e; -+ e = d + T1; -+ d = c; c = b; b = a; -+ a = T1 + T2; -+ } while(++j < 64); -+ -+ /* compute intermediate hash value */ -+ ctx->sha_H[0] += a; -+ ctx->sha_H[1] += b; -+ ctx->sha_H[2] += c; -+ ctx->sha_H[3] += d; -+ ctx->sha_H[4] += e; -+ ctx->sha_H[5] += f; -+ ctx->sha_H[6] += g; -+ ctx->sha_H[7] += h; -+ -+ ctx->sha_blocks++; -+} -+ -+void sha256_write(sha256_context *ctx, unsigned char *datap, int length) -+{ -+ while(length > 0) { -+ if(!ctx->sha_bufCnt) { -+ while(length >= sizeof(ctx->sha_out)) { -+ sha256_transform(ctx, datap); -+ datap += sizeof(ctx->sha_out); -+ length -= sizeof(ctx->sha_out); -+ } -+ if(!length) return; -+ } -+ ctx->sha_out[ctx->sha_bufCnt] = *datap++; -+ length--; -+ if(++ctx->sha_bufCnt == sizeof(ctx->sha_out)) { -+ sha256_transform(ctx, &ctx->sha_out[0]); -+ ctx->sha_bufCnt = 0; -+ } -+ } -+} -+ -+void sha256_final(sha256_context *ctx) -+{ -+ register int j; -+ u_int64_t bitLength; -+ u_int32_t i; -+ unsigned char padByte, *datap; -+ -+ bitLength = (ctx->sha_blocks << 9) | (ctx->sha_bufCnt << 3); -+ padByte = 0x80; -+ sha256_write(ctx, &padByte, 1); -+ -+ /* pad extra space with zeroes */ -+ padByte = 0; -+ while(ctx->sha_bufCnt != 56) { -+ sha256_write(ctx, &padByte, 1); -+ } -+ -+ /* write bit length, big endian byte order */ -+ ctx->sha_out[56] = bitLength >> 56; -+ ctx->sha_out[57] = bitLength >> 48; -+ ctx->sha_out[58] = bitLength >> 40; -+ ctx->sha_out[59] = bitLength >> 32; -+ ctx->sha_out[60] = bitLength >> 24; -+ ctx->sha_out[61] = bitLength >> 16; -+ ctx->sha_out[62] = bitLength >> 8; -+ ctx->sha_out[63] = bitLength; -+ sha256_transform(ctx, &ctx->sha_out[0]); -+ -+ /* return results in ctx->sha_out[0...31] */ -+ datap = &ctx->sha_out[0]; -+ j = 0; -+ do { -+ i = ctx->sha_H[j]; -+ datap[0] = i >> 24; -+ datap[1] = i >> 16; -+ datap[2] = i >> 8; -+ datap[3] = i; -+ datap += 4; -+ } while(++j < 8); -+ -+ /* clear sensitive information */ -+ memset(&ctx->sha_out[32], 0, sizeof(sha256_context) - 32); -+} -+ -+void sha256_hash_buffer(unsigned char *ib, int ile, unsigned char *ob, int ole) -+{ -+ sha256_context ctx; -+ -+ if(ole < 1) return; -+ memset(ob, 0, ole); -+ if(ole > 32) ole = 32; -+ sha256_init(&ctx); -+ sha256_write(&ctx, ib, ile); -+ sha256_final(&ctx); -+ memcpy(ob, &ctx.sha_out[0], ole); -+ memset(&ctx, 0, sizeof(ctx)); -+} -+ -+#endif -+ -+#if defined(SHA512_NEEDED) -+void sha512_init(sha512_context *ctx) -+{ -+ memcpy(&ctx->sha_H[0], &sha512_hashInit[0], sizeof(ctx->sha_H)); -+ ctx->sha_blocks = 0; -+ ctx->sha_blocksMSB = 0; -+ ctx->sha_bufCnt = 0; -+} -+#endif -+ -+#if defined(SHA512_NEEDED) || defined(SHA384_NEEDED) -+#undef S -+#undef uSig0 -+#undef uSig1 -+#undef lSig0 -+#undef lSig1 -+#define S(x,y) (((y) >> (x)) | ((y) << (64 - (x)))) -+#define uSig0(x) ((S(28,(x))) ^ (S(34,(x))) ^ (S(39,(x)))) -+#define uSig1(x) ((S(14,(x))) ^ (S(18,(x))) ^ (S(41,(x)))) -+#define lSig0(x) ((S(1,(x))) ^ (S(8,(x))) ^ (R(7,(x)))) -+#define lSig1(x) ((S(19,(x))) ^ (S(61,(x))) ^ (R(6,(x)))) -+ -+static void sha512_transform(sha512_context *ctx, unsigned char *datap) -+{ -+ register int j; -+ u_int64_t a, b, c, d, e, f, g, h; -+ u_int64_t T1, T2, W[80], Wm2, Wm15; -+ -+ /* read the data, big endian byte order */ -+ j = 0; -+ do { -+ W[j] = (((u_int64_t)(datap[0]))<<56) | (((u_int64_t)(datap[1]))<<48) | -+ (((u_int64_t)(datap[2]))<<40) | (((u_int64_t)(datap[3]))<<32) | -+ (((u_int64_t)(datap[4]))<<24) | (((u_int64_t)(datap[5]))<<16) | -+ (((u_int64_t)(datap[6]))<<8 ) | ((u_int64_t)(datap[7])); -+ datap += 8; -+ } while(++j < 16); -+ -+ /* initialize variables a...h */ -+ a = ctx->sha_H[0]; -+ b = ctx->sha_H[1]; -+ c = ctx->sha_H[2]; -+ d = ctx->sha_H[3]; -+ e = ctx->sha_H[4]; -+ f = ctx->sha_H[5]; -+ g = ctx->sha_H[6]; -+ h = ctx->sha_H[7]; -+ -+ /* apply compression function */ -+ j = 0; -+ do { -+ if(j >= 16) { -+ Wm2 = W[j - 2]; -+ Wm15 = W[j - 15]; -+ W[j] = lSig1(Wm2) + W[j - 7] + lSig0(Wm15) + W[j - 16]; -+ } -+ T1 = h + uSig1(e) + Ch(e,f,g) + sha512_K[j] + W[j]; -+ T2 = uSig0(a) + Maj(a,b,c); -+ h = g; g = f; f = e; -+ e = d + T1; -+ d = c; c = b; b = a; -+ a = T1 + T2; -+ } while(++j < 80); -+ -+ /* compute intermediate hash value */ -+ ctx->sha_H[0] += a; -+ ctx->sha_H[1] += b; -+ ctx->sha_H[2] += c; -+ ctx->sha_H[3] += d; -+ ctx->sha_H[4] += e; -+ ctx->sha_H[5] += f; -+ ctx->sha_H[6] += g; -+ ctx->sha_H[7] += h; -+ -+ ctx->sha_blocks++; -+ if(!ctx->sha_blocks) ctx->sha_blocksMSB++; -+} -+ -+void sha512_write(sha512_context *ctx, unsigned char *datap, int length) -+{ -+ while(length > 0) { -+ if(!ctx->sha_bufCnt) { -+ while(length >= sizeof(ctx->sha_out)) { -+ sha512_transform(ctx, datap); -+ datap += sizeof(ctx->sha_out); -+ length -= sizeof(ctx->sha_out); -+ } -+ if(!length) return; -+ } -+ ctx->sha_out[ctx->sha_bufCnt] = *datap++; -+ length--; -+ if(++ctx->sha_bufCnt == sizeof(ctx->sha_out)) { -+ sha512_transform(ctx, &ctx->sha_out[0]); -+ ctx->sha_bufCnt = 0; -+ } -+ } -+} -+ -+void sha512_final(sha512_context *ctx) -+{ -+ register int j; -+ u_int64_t bitLength, bitLengthMSB; -+ u_int64_t i; -+ unsigned char padByte, *datap; -+ -+ bitLength = (ctx->sha_blocks << 10) | (ctx->sha_bufCnt << 3); -+ bitLengthMSB = (ctx->sha_blocksMSB << 10) | (ctx->sha_blocks >> 54); -+ padByte = 0x80; -+ sha512_write(ctx, &padByte, 1); -+ -+ /* pad extra space with zeroes */ -+ padByte = 0; -+ while(ctx->sha_bufCnt != 112) { -+ sha512_write(ctx, &padByte, 1); -+ } -+ -+ /* write bit length, big endian byte order */ -+ ctx->sha_out[112] = bitLengthMSB >> 56; -+ ctx->sha_out[113] = bitLengthMSB >> 48; -+ ctx->sha_out[114] = bitLengthMSB >> 40; -+ ctx->sha_out[115] = bitLengthMSB >> 32; -+ ctx->sha_out[116] = bitLengthMSB >> 24; -+ ctx->sha_out[117] = bitLengthMSB >> 16; -+ ctx->sha_out[118] = bitLengthMSB >> 8; -+ ctx->sha_out[119] = bitLengthMSB; -+ ctx->sha_out[120] = bitLength >> 56; -+ ctx->sha_out[121] = bitLength >> 48; -+ ctx->sha_out[122] = bitLength >> 40; -+ ctx->sha_out[123] = bitLength >> 32; -+ ctx->sha_out[124] = bitLength >> 24; -+ ctx->sha_out[125] = bitLength >> 16; -+ ctx->sha_out[126] = bitLength >> 8; -+ ctx->sha_out[127] = bitLength; -+ sha512_transform(ctx, &ctx->sha_out[0]); -+ -+ /* return results in ctx->sha_out[0...63] */ -+ datap = &ctx->sha_out[0]; -+ j = 0; -+ do { -+ i = ctx->sha_H[j]; -+ datap[0] = i >> 56; -+ datap[1] = i >> 48; -+ datap[2] = i >> 40; -+ datap[3] = i >> 32; -+ datap[4] = i >> 24; -+ datap[5] = i >> 16; -+ datap[6] = i >> 8; -+ datap[7] = i; -+ datap += 8; -+ } while(++j < 8); -+ -+ /* clear sensitive information */ -+ memset(&ctx->sha_out[64], 0, sizeof(sha512_context) - 64); -+} -+ -+void sha512_hash_buffer(unsigned char *ib, int ile, unsigned char *ob, int ole) -+{ -+ sha512_context ctx; -+ -+ if(ole < 1) return; -+ memset(ob, 0, ole); -+ if(ole > 64) ole = 64; -+ sha512_init(&ctx); -+ sha512_write(&ctx, ib, ile); -+ sha512_final(&ctx); -+ memcpy(ob, &ctx.sha_out[0], ole); -+ memset(&ctx, 0, sizeof(ctx)); -+} -+#endif -+ -+#if defined(SHA384_NEEDED) -+void sha384_init(sha512_context *ctx) -+{ -+ memcpy(&ctx->sha_H[0], &sha384_hashInit[0], sizeof(ctx->sha_H)); -+ ctx->sha_blocks = 0; -+ ctx->sha_blocksMSB = 0; -+ ctx->sha_bufCnt = 0; -+} -+ -+void sha384_hash_buffer(unsigned char *ib, int ile, unsigned char *ob, int ole) -+{ -+ sha512_context ctx; -+ -+ if(ole < 1) return; -+ memset(ob, 0, ole); -+ if(ole > 48) ole = 48; -+ sha384_init(&ctx); -+ sha512_write(&ctx, ib, ile); -+ sha512_final(&ctx); -+ memcpy(ob, &ctx.sha_out[0], ole); -+ memset(&ctx, 0, sizeof(ctx)); -+} -+#endif ---- util-linux-2.12q/mount/sha512.h -+++ util-linux-2.12q/mount/sha512.h -@@ -0,0 +1,45 @@ -+/* -+ * sha512.h -+ * -+ * Written by Jari Ruusu, April 16 2001 -+ * -+ * Copyright 2001 by Jari Ruusu. -+ * Redistribution of this file is permitted under the GNU Public License. -+ */ -+ -+#include -+ -+typedef struct { -+ unsigned char sha_out[64]; /* results are here, bytes 0...31 */ -+ u_int32_t sha_H[8]; -+ u_int64_t sha_blocks; -+ int sha_bufCnt; -+} sha256_context; -+ -+typedef struct { -+ unsigned char sha_out[128]; /* results are here, bytes 0...63 */ -+ u_int64_t sha_H[8]; -+ u_int64_t sha_blocks; -+ u_int64_t sha_blocksMSB; -+ int sha_bufCnt; -+} sha512_context; -+ -+/* no sha384_context, use sha512_context */ -+ -+/* 256 bit hash, provides 128 bits of security against collision attacks */ -+extern void sha256_init(sha256_context *); -+extern void sha256_write(sha256_context *, unsigned char *, int); -+extern void sha256_final(sha256_context *); -+extern void sha256_hash_buffer(unsigned char *, int, unsigned char *, int); -+ -+/* 512 bit hash, provides 256 bits of security against collision attacks */ -+extern void sha512_init(sha512_context *); -+extern void sha512_write(sha512_context *, unsigned char *, int); -+extern void sha512_final(sha512_context *); -+extern void sha512_hash_buffer(unsigned char *, int, unsigned char *, int); -+ -+/* 384 bit hash, provides 192 bits of security against collision attacks */ -+extern void sha384_init(sha512_context *); -+/* no sha384_write(), use sha512_write() */ -+/* no sha384_final(), use sha512_final(), result in ctx->sha_out[0...47] */ -+extern void sha384_hash_buffer(unsigned char *, int, unsigned char *, int); ---- util-linux-2.12q/mount/swapon.8 -+++ util-linux-2.12q/mount/swapon.8 -@@ -142,6 +142,22 @@ - .I /proc/swaps - or - .IR /etc/fstab ). -+.PP -+If -+.I loop=/dev/loop? -+and -+.I encryption=AES128 -+options are present in -+.I /etc/fstab -+then -+.BR "swapon -a" -+will set up loop devices using random keys, run -+.BR "mkswap" -+on them, and enable encrypted swap on specified loop devices. Encrypted loop -+devices are set up with page size offset so that unencrypted swap signatures -+on first page of swap devices are not touched. -+.BR "swapoff -a" -+will tear down such loop devices. - .SH NOTE - You should not use - .B swapon ---- util-linux-2.12q/mount/swapon.c -+++ util-linux-2.12q/mount/swapon.c -@@ -1,22 +1,45 @@ - /* - * A swapon(8)/swapoff(8) for Linux 0.99. - * swapon.c,v 1.1.1.1 1993/11/18 08:40:51 jrs Exp -+ * -+ * 1997-02-xx -+ * - added '-s' (summary option) -+ * 1999-02-22 Arkadiusz Mi¶kiewicz -+ * - added Native Language Support -+ * 1999-03-21 Arnaldo Carvalho de Melo -+ * - fixed strerr(errno) in gettext calls -+ * 2001-03-22 Erik Troan -+ * - added -e option for -a -+ * - -a shouldn't try to add swaps that are already enabled -+ * 2002-04-14 Jari Ruusu -+ * - added encrypted swap support - */ - - #include - #include - #include -+#include - #include - #include - #include - #include -+#include -+#include - #include -+#include -+#include -+#include -+#include -+#include - #include "xmalloc.h" - #include "swap_constants.h" - #include "swapargs.h" - #include "nls.h" - #include "mount_blkid.h" - #include "mount_by_label.h" -+#include "loop.h" -+#include "xstrncpy.h" -+#include "sha512.h" - - #define streq(s, t) (strcmp ((s), (t)) == 0) - -@@ -297,6 +320,260 @@ - } - - static int -+prepare_encrypted_swap(const char *partition, char *loop, char *encryption) -+{ -+ int x, y, fd, ffd; -+ sha512_context s; -+ unsigned char b[4096], multiKeyBits[65][32]; -+ char *a[10], *apiName; -+ struct loop_info64 loopinfo; -+ FILE *f; -+ -+ /* -+ * Some sanity checks -+ */ -+ if(strlen(partition) < 1) { -+ fprintf(stderr, _("swapon: invalid swap device name\n")); -+ return 0; -+ } -+ if(strlen(loop) < 1) { -+ fprintf(stderr, _("swapon: invalid loop device name\n")); -+ return 0; -+ } -+ if(strlen(encryption) < 1) { -+ fprintf(stderr, _("swapon: invalid encryption type\n")); -+ return 0; -+ } -+ -+ /* -+ * Abort if loop device does not exist or is already in use -+ */ -+ if((fd = open(loop, O_RDWR)) == -1) { -+ fprintf(stderr, _("swapon: unable to open loop device %s\n"), loop); -+ return 0; -+ } -+ if(is_unused_loop_device(fd) == 0) { -+ fprintf(stderr, _("swapon: loop device %s already in use\n"), loop); -+ goto errout0; -+ } -+ -+ /* -+ * Compute SHA-512 over first 40 KB of old swap data. This data -+ * is mostly unknown data encrypted using unknown key. SHA-512 hash -+ * output is then used as entropy for new swap encryption key. -+ */ -+ if(!(f = fopen(partition, "r+"))) { -+ fprintf(stderr, _("swapon: unable to open swap device %s\n"), partition); -+ goto errout0; -+ } -+ fseek(f, (long)PAGE_SIZE, SEEK_SET); -+ sha512_init(&s); -+ for(x = 0; x < 10; x++) { -+ if(fread(&b[0], sizeof(b), 1, f) != 1) break; -+ sha512_write(&s, &b[0], sizeof(b)); -+ } -+ sha512_final(&s); -+ -+ /* -+ * Overwrite 40 KB of old swap data 20 times so that recovering -+ * SHA-512 output beyond this point is difficult and expensive. -+ */ -+ for(y = 0; y < 20; y++) { -+ int z; -+ struct { -+ struct timeval tv; -+ unsigned char h[64]; -+ int x,y,z; -+ } j; -+ if(fseek(f, (long)PAGE_SIZE, SEEK_SET)) break; -+ memcpy(&j.h[0], &s.sha_out[0], 64); -+ gettimeofday(&j.tv, NULL); -+ j.y = y; -+ for(x = 0; x < 10; x++) { -+ j.x = x; -+ for(z = 0; z < sizeof(b); z += 64) { -+ j.z = z; -+ sha512_hash_buffer((unsigned char *)&j, sizeof(j), &b[z], 64); -+ } -+ if(fwrite(&b[0], sizeof(b), 1, f) != 1) break; -+ } -+ memset(&j, 0, sizeof(j)); -+ if(fflush(f)) break; -+ if(fsync(fileno(f))) break; -+ } -+ fclose(f); -+ -+ /* -+ * Use all 512 bits of hash output -+ */ -+ memcpy(&b[0], &s.sha_out[0], 64); -+ memset(&s, 0, sizeof(s)); -+ -+ /* -+ * Read 32 bytes of random entropy from kernel's random -+ * number generator. This code may be executed early on startup -+ * scripts and amount of random entropy may be non-existent. -+ * SHA-512 of old swap data is used as workaround for missing -+ * entropy in kernel's random number generator. -+ */ -+ if(!(f = fopen("/dev/urandom", "r"))) { -+ fprintf(stderr, _("swapon: unable to open /dev/urandom\n")); -+ goto errout0; -+ } -+ fread(&b[64], 32, 1, f); -+ -+ /* -+ * Set up struct loop_info64 -+ */ -+ if((ffd = open(partition, O_RDWR)) < 0) { -+ fprintf(stderr, _("swapon: unable to open swap device %s\n"), partition); -+ goto errout1; -+ } -+ memset(&loopinfo, 0, sizeof(loopinfo)); -+ xstrncpy(loopinfo.lo_file_name, partition, LO_NAME_SIZE); -+ loopinfo.lo_encrypt_type = loop_crypt_type(encryption, &loopinfo.lo_encrypt_key_size, &apiName); -+ if(loopinfo.lo_encrypt_type <= 1) { -+ fprintf(stderr, _("swapon: unsupported swap encryption type %s\n"), encryption); -+errout2: -+ close(ffd); -+errout1: -+ fclose(f); -+errout0: -+ close(fd); -+ memset(&loopinfo.lo_encrypt_key[0], 0, sizeof(loopinfo.lo_encrypt_key)); -+ memset(&multiKeyBits[0][0], 0, sizeof(multiKeyBits)); -+ return 0; -+ } -+ loopinfo.lo_offset = PAGE_SIZE; -+ /* single-key hash */ -+ sha512_hash_buffer(&b[0], 64+32, &loopinfo.lo_encrypt_key[0], sizeof(loopinfo.lo_encrypt_key)); -+ /* multi-key hash */ -+ x = 0; -+ while(x < 65) { -+ fread(&b[64+32], 16, 1, f); -+ sha512_hash_buffer(&b[0], 64+32+16, &multiKeyBits[x][0], 32); -+ x++; -+ } -+ -+ /* -+ * Try to set up single-key loop -+ */ -+ if(ioctl(fd, LOOP_SET_FD, ffd) < 0) { -+ fprintf(stderr, _("swapon: LOOP_SET_FD failed\n")); -+ goto errout2; -+ } -+ if ((loopinfo.lo_encrypt_type == 18) || (loop_set_status64_ioctl(fd, &loopinfo) < 0)) { -+ if(try_cryptoapi_loop_interface(fd, &loopinfo, apiName) < 0) { -+ fprintf(stderr, _("swapon: LOOP_SET_STATUS failed\n")); -+ ioctl(fd, LOOP_CLR_FD, 0); -+ goto errout2; -+ } -+ } -+ -+ /* -+ * Try to put loop to multi-key v3 or v2 mode. -+ * If this fails, then let it operate in single-key mode. -+ */ -+ if(ioctl(fd, LOOP_MULTI_KEY_SETUP_V3, &multiKeyBits[0][0]) < 0) { -+ ioctl(fd, LOOP_MULTI_KEY_SETUP, &multiKeyBits[0][0]); -+ } -+ -+ /* -+ * Loop is now set up. Clean up the keys. -+ */ -+ memset(&loopinfo.lo_encrypt_key[0], 0, sizeof(loopinfo.lo_encrypt_key)); -+ memset(&multiKeyBits[0][0], 0, sizeof(multiKeyBits)); -+ close(ffd); -+ fclose(f); -+ close(fd); -+ -+ /* -+ * Write 40 KB of zeroes to loop device. That same data is written -+ * to underlying partition in encrypted form. This is done to guarantee -+ * that next time encrypted swap is initialized, the SHA-512 hash will -+ * be different. And, if encrypted swap data writes over this data, that's -+ * even better. -+ */ -+ if(!(f = fopen(loop, "r+"))) { -+ fprintf(stderr, _("swapon: unable to open loop device %s\n"), loop); -+ return 0; -+ } -+ memset(&b[0], 0, sizeof(b)); -+ for(x = 0; x < 10; x++) { -+ if(fwrite(&b[0], sizeof(b), 1, f) != 1) break; -+ } -+ fflush(f); -+ fsync(fileno(f)); -+ fclose(f); -+ sync(); -+ -+ /* -+ * Run mkswap on loop device so that kernel understands it as swap. -+ * Redirect stderr to /dev/null and ignore exit value. -+ */ -+ if(!(x = fork())) { -+ if((x = open("/dev/null", O_WRONLY)) >= 0) { -+ dup2(x, 2); -+ close(x); -+ } -+ a[0] = "mkswap"; -+ a[1] = loop; -+ a[2] = 0; -+ execvp(a[0], &a[0]); -+ execv("/sbin/mkswap", &a[0]); -+ /* error to stdout, stderr is directed to /dev/null */ -+ printf(_("swapon: unable to execute mkswap\n")); -+ exit(1); -+ } -+ if(x == -1) { -+ fprintf(stderr, _("swapon: fork failed\n")); -+ return 0; -+ } -+ waitpid(x, &y, 0); -+ sync(); -+ -+ return 1; -+} -+ -+static void -+shutdown_encrypted_swap(char *loop) -+{ -+ int fd; -+ struct stat statbuf; -+ struct loop_info64 loopinfo; -+ unsigned char b[32]; -+ FILE *f; -+ -+ if(stat(loop, &statbuf) == 0 && S_ISBLK(statbuf.st_mode)) { -+ if((fd = open(loop, O_RDWR)) >= 0) { -+ if(!loop_get_status64_ioctl(fd, &loopinfo)) { -+ /* -+ * Read 32 bytes of random data from kernel's random -+ * number generator and write that to loop device. -+ * This preserves some of kernel's random entropy -+ * to next activation of encrypted swap on this -+ * partition. -+ */ -+ if((f = fopen("/dev/urandom", "r")) != NULL) { -+ fread(&b[0], 32, 1, f); -+ fclose(f); -+ write(fd, &b[0], 32); -+ fsync(fd); -+ } -+ } -+ close(fd); -+ } -+ sync(); -+ if((fd = open(loop, O_RDONLY)) >= 0) { -+ if(!loop_get_status64_ioctl(fd, &loopinfo)) { -+ ioctl(fd, LOOP_CLR_FD, 0); -+ } -+ close(fd); -+ } -+ } -+} -+ -+static int - swapon_all(void) { - FILE *fp; - struct mntent *fstab; -@@ -317,6 +594,8 @@ - const char *special; - int skip = 0; - int pri = priority; -+ char *opt, *opts; -+ char *loop = NULL, *encryption = NULL; - - if (!streq(fstab->mnt_type, MNTTYPE_SWAP)) - continue; -@@ -325,23 +604,39 @@ - if (!special) - continue; - -- if (!is_in_proc_swaps(special) && -- (!ifexists || !access(special, R_OK))) { -- /* parse mount options; */ -- char *opt, *opts = strdup(fstab->mnt_opts); -- -- for (opt = strtok(opts, ","); opt != NULL; -- opt = strtok(NULL, ",")) { -- if (strncmp(opt, "pri=", 4) == 0) -- pri = atoi(opt+4); -- if (strcmp(opt, "noauto") == 0) -- skip = 1; -+ /* parse mount options; */ -+ opts = strdup(fstab->mnt_opts); -+ if (!opts) { -+ fprintf(stderr, "not enough memory"); -+ exit(1); -+ } -+ for (opt = strtok(opts, ","); opt != NULL; opt = strtok(NULL, ",")) { -+ if (strncmp(opt, "pri=", 4) == 0) -+ pri = atoi(opt+4); -+ if (strcmp(opt, "noauto") == 0) -+ skip = 1; -+ if (strncmp(opt, "loop=", 5) == 0) -+ loop = opt + 5; -+ if (strncmp(opt, "encryption=", 11) == 0) -+ encryption = opt + 11; -+ } -+ if(skip) -+ continue; -+ if (loop && encryption) { -+ if(!is_in_proc_swaps(loop) && (!ifexists || !access(special, R_OK))) { -+ if (!prepare_encrypted_swap(special, loop, encryption)) { -+ status |= -1; -+ continue; -+ } -+ status |= do_swapon(loop, pri); - } -- if (!skip) -- status |= do_swapon(special, pri); -+ continue; -+ } -+ if (!is_in_proc_swaps(special) && (!ifexists || !access(special, R_OK))) { -+ status |= do_swapon(special, pri); - } - } -- fclose(fp); -+ endmntent(fp); - - return status; - } -@@ -504,11 +799,49 @@ - exit(2); - } - while ((fstab = getmntent(fp)) != NULL) { -- if (streq(fstab->mnt_type, MNTTYPE_SWAP) && -- !is_in_proc_swaps(fstab->mnt_fsname)) -- do_swapoff(fstab->mnt_fsname, QUIET); -+ const char *orig_special = fstab->mnt_fsname; -+ const char *special; -+ int skip = 0; -+ char *opt, *opts; -+ char *loop = NULL, *encryption = NULL; -+ -+ if (!streq(fstab->mnt_type, MNTTYPE_SWAP)) -+ continue; -+ -+ special = mount_get_devname(orig_special); -+ if (!special) -+ continue; -+ -+ /* parse mount options; */ -+ opts = strdup(fstab->mnt_opts); -+ if (!opts) { -+ fprintf(stderr, "not enough memory"); -+ exit(1); -+ } -+ for (opt = strtok(opts, ","); opt != NULL; opt = strtok(NULL, ",")) { -+ if (strcmp(opt, "noauto") == 0) -+ skip = 1; -+ if (strncmp(opt, "loop=", 5) == 0) -+ loop = opt + 5; -+ if (strncmp(opt, "encryption=", 11) == 0) -+ encryption = opt + 11; -+ } -+ if (loop && encryption) { -+ if (!is_in_proc_swaps(loop)) { -+ if(skip) -+ continue; -+ do_swapoff(loop, QUIET); -+ } -+ shutdown_encrypted_swap(loop); -+ continue; -+ } -+ if(skip) -+ continue; -+ if (!is_in_proc_swaps(special)) { -+ do_swapoff(special, QUIET); -+ } - } -- fclose(fp); -+ endmntent(fp); - } - - return status; diff --git a/mount-nfs-nonreserved b/mount-nfs-nonreserved deleted file mode 100644 index 58be497..0000000 --- a/mount-nfs-nonreserved +++ /dev/null @@ -1,61 +0,0 @@ -diff -u util-linux-2.11z/mount/nfsmount.c-o util-linux-2.11z/mount/nfsmount.c ---- util-linux-2.11z/mount/nfsmount.c-o 2003-06-18 15:23:06.000000000 +0200 -+++ util-linux-2.11z/mount/nfsmount.c 2003-06-18 15:25:35.000000000 +0200 -@@ -215,7 +215,7 @@ - } status; - struct stat statbuf; - char *s; -- int port, mountport, proto, bg, soft, intr; -+ int port, mountport, proto, bg, soft, intr, nonreserved; - int posix, nocto, noac, nolock, broken_suid, noacl; - int retry, tcp; - int mountprog, mountvers, nfsprog, nfsvers; -@@ -320,6 +320,7 @@ - noac = 0; - retry = 10000; /* 10000 minutes ~ 1 week */ - tcp = 0; -+ nonreserved = 0; - - mountprog = MOUNTPROG; - mountvers = 0; -@@ -411,6 +412,8 @@ - soft = !val; - else if (!strcmp(opt, "intr")) - intr = val; -+ else if (!strcmp(opt, "reserved")) -+ nonreserved = !val; - else if (!strcmp(opt, "posix")) - posix = val; - else if (!strcmp(opt, "cto")) -@@ -445,7 +448,8 @@ - | (intr ? NFS_MOUNT_INTR : 0) - | (posix ? NFS_MOUNT_POSIX : 0) - | (nocto ? NFS_MOUNT_NOCTO : 0) -- | (noac ? NFS_MOUNT_NOAC : 0); -+ | (noac ? NFS_MOUNT_NOAC : 0) -+ | (nonreserved ? NFS_MOUNT_NONRESERVED : 0); - #if NFS_MOUNT_VERSION >= 2 - if (nfs_mount_version >= 2) - data.flags |= (tcp ? NFS_MOUNT_TCP : 0); -diff -u util-linux-2.11z/mount/nfs_mount4.h-o util-linux-2.11z/mount/nfs_mount4.h ---- util-linux-2.11z/mount/nfs_mount4.h-o 2003-06-18 15:23:06.000000000 +0200 -+++ util-linux-2.11z/mount/nfs_mount4.h 2003-06-18 15:26:04.000000000 +0200 -@@ -52,3 +52,4 @@ - #define NFS_MOUNT_NONLM 0x0200 /* 3 */ - #define NFS_MOUNT_BROKEN_SUID 0x0400 /* 4 */ - #define NFS_MOUNT_NOACL 0x0800 /* 4 */ -+#define NFS_MOUNT_NONRESERVED 0x1000 ---- util-linux-2.11z/mount/nfs.5-o 2003-06-18 07:10:54.000000000 -0700 -+++ util-linux-2.11z/mount/nfs.5 2003-06-18 07:14:05.000000000 -0700 -@@ -213,6 +213,11 @@ - NFS version 3. (On NFS version 2 filesystems this option has no effect.) - This option also deactivates the GETACL and SETACL remote procedure calls - which are otherwise used to manipulate ACLs. -+.TP 1.5i -+.I noreserved -+Don't use a reserved source port. This usually requires special options -+on the NFS server (insecure for linux knfsd), but allows more than 1024 -+mounts from a single IP address. - .P - All of the non-value options have corresponding nooption forms. - For example, nointr means don't allow file operations to be diff --git a/schedutils-1.4.0.tar.bz2 b/schedutils-1.4.0.tar.bz2 deleted file mode 100644 index f046c5a..0000000 --- a/schedutils-1.4.0.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:84038ab2b3ea6ff4b31b46638b9ceae56aebc95742e9b75276c6e6f5465f05b1 -size 15930 diff --git a/stupid-programmer.diff b/stupid-programmer.diff deleted file mode 100644 index 6b4f2ee..0000000 --- a/stupid-programmer.diff +++ /dev/null @@ -1,38 +0,0 @@ ---- disk-utils/fsck.cramfs.c -+++ disk-utils/fsck.cramfs.c -@@ -76,16 +76,7 @@ - - #define PAD_SIZE 512 - --#include --#ifdef PAGE_SIZE --#define PAGE_CACHE_SIZE ((int) PAGE_SIZE) --#elif defined __ia64__ --#define PAGE_CACHE_SIZE (16384) --#elif defined __alpha__ --#define PAGE_CACHE_SIZE (8192) --#else --#define PAGE_CACHE_SIZE (4096) --#endif -+#define PAGE_CACHE_SIZE getpagesize() /* Stupid programmer */ - - /* Guarantee access to at least 8kB at a time */ - #define ROMBUFFER_BITS 13 -@@ -95,7 +86,7 @@ - static unsigned long read_buffer_block = ~0UL; - - /* Uncompressing data structures... */ --static char outbuffer[PAGE_CACHE_SIZE*2]; -+static char *outbuffer; /* Stupid programmer */ - z_stream stream; - - #endif /* INCLUDE_FS_TESTS */ -@@ -464,6 +455,8 @@ - int c; /* for getopt */ - int start = 0; - -+ outbuffer = malloc(PAGE_CACHE_SIZE); /* Stupid programmer */ -+ - if (argc) - progname = argv[0]; - diff --git a/util-linux-2.11q-fs_mac.diff b/util-linux-2.11q-fdisk_fs_mac.patch similarity index 71% rename from util-linux-2.11q-fs_mac.diff rename to util-linux-2.11q-fdisk_fs_mac.patch index 58bc11d..c4a27c0 100644 --- a/util-linux-2.11q-fs_mac.diff +++ b/util-linux-2.11q-fdisk_fs_mac.patch @@ -1,5 +1,7 @@ ---- util-linux-2.12q/fdisk/fdiskmaclabel.c -+++ util-linux-2.12q/fdisk/fdiskmaclabel.c +Index: util-linux-ng-2.12r+git20070330/fdisk/fdiskmaclabel.c +=================================================================== +--- /dev/null ++++ util-linux-ng-2.12r+git20070330/fdisk/fdiskmaclabel.c @@ -0,0 +1,87 @@ +/* + Changes: @@ -38,7 +40,7 @@ + "\t2. Be sure that this disk is NOT a still vital\n" + "\t part of a volume group. (Otherwise you may\n" + "\t erase the other disks as well, if unmirrored.)\n") -+ ++ + ); +} + @@ -59,13 +61,13 @@ + Conversion: only 16 bit should compared + e.g.: HFS Label is only 16bit long + */ -+ ++ + int magic_masked = 0 ; + magic_masked = maclabel->magic & MAC_BITMASK ; -+ ++ + switch (magic_masked) { -+ case MAC_LABEL_MAGIC : -+ case MAC_LABEL_MAGIC_2: ++ case MAC_LABEL_MAGIC : ++ case MAC_LABEL_MAGIC_2: + case MAC_LABEL_MAGIC_3: + goto IS_MAC; + break; @@ -88,8 +90,10 @@ + mac_label = 1; /* %% */ + return 1; +} ---- util-linux-2.12q/fdisk/fdiskmaclabel.h -+++ util-linux-2.12q/fdisk/fdiskmaclabel.h +Index: util-linux-ng-2.12r+git20070330/fdisk/fdiskmaclabel.h +=================================================================== +--- /dev/null ++++ util-linux-ng-2.12r+git20070330/fdisk/fdiskmaclabel.h @@ -0,0 +1,40 @@ +#include /* for __u32 etc */ +/* @@ -105,17 +109,17 @@ + unsigned int fillbytes2[124]; +} mac_partition; + -+#define MAC_LABEL_MAGIC 0x45520000 // MAC magic number only 16bits, do i always know that there are 0200 following ? Problem, after magic the uint16_t res1; follows, i donnno know about the 200k -+#define MAC_LABEL_MAGIC_2 0x50530000 -+#define MAC_LABEL_MAGIC_3 0x504d0000 ++#define MAC_LABEL_MAGIC 0x45520000 // MAC magic number only 16bits, do i always know that there are 0200 following ? Problem, after magic the uint16_t res1; follows, i donnno know about the 200k ++#define MAC_LABEL_MAGIC_2 0x50530000 ++#define MAC_LABEL_MAGIC_3 0x504d0000 + + +#define MAC_LABEL_MAGIC_SWAPPED 0x00002554 + -+#define MAC_LABEL_MAGIC_2_SWAPPED 0x00003505 -+#define MAC_LABEL_MAGIC_3_SWAPPED 0x0000d405 ++#define MAC_LABEL_MAGIC_2_SWAPPED 0x00003505 ++#define MAC_LABEL_MAGIC_3_SWAPPED 0x0000d405 ++ + -+ +/* fdisk.c */ +#define maclabel ((mac_partition *)MBRbuffer) +extern char MBRbuffer[MAX_SECTOR_SIZE]; @@ -131,50 +135,19 @@ +extern struct systypes mac_sys_types[]; +extern void mac_nolabel( void ); +extern int check_mac_label( void ); ---- util-linux-2.12q/fdisk/Makefile -+++ util-linux-2.12q/fdisk/Makefile -@@ -39,7 +39,7 @@ - endif - endif - --cfdisk: cfdisk.o llseek.o disksize.o i386_sys_types.o $(LIB)/xstrncpy.o -+cfdisk: cfdisk.o llseek.o disksize.o i386_sys_types.o $(LIB)/xstrncpy.o - ifeq "$(HAVE_SLANG)" "yes" - $(CC) $(LDFLAGS) $^ -o $@ $(LIBSLANG) - else -@@ -55,15 +55,17 @@ - rm -f activate - ln -s sfdisk activate - --fdisk: fdisk.o llseek.o disksize.o fdiskbsdlabel.o fdisksgilabel.o \ -- fdisksunlabel.o fdiskaixlabel.o i386_sys_types.o partname.o -+fdisk: fdisk.o llseek.o disksize.o fdiskbsdlabel.o fdisksgilabel.o fdisksunlabel.o \ -+ fdiskmaclabel.o fdiskaixlabel.o i386_sys_types.o partname.o - fdisk.o: fdisk.c fdisk.h - fdiskbsdlabel.o: fdiskbsdlabel.c fdisk.h fdiskbsdlabel.h - fdisksunlabel.o: fdisksunlabel.c fdisksunlabel.h fdisk.h - fdiskaixlabel.o: fdiskaixlabel.c fdiskaixlabel.h fdisk.h -+fdiskmaclabel.o: fdiskmaclabel.c fdiskmaclabel.h fdisk.h -+ - fdisk.o cfdisk.o sfdisk.o fdiskbsdlabel.o fdisksunlabel.o \ -- fdisksgilabel.o fdiskaixlabel.o i386_sys_types.o partname.o: common.h --sfdisk: sfdisk.o disksize.o i386_sys_types.o partname.o -+ fdisksgilabel.o fdiskaixlabel.o fdiskmaclabel.o i386_sys_types.o partname.o: common.h -+sfdisk: sfdisk.o disksize.o i386_sys_types.o partname.o - - install: all - $(INSTALLDIR) $(SBINDIR) ---- util-linux-2.12q/fdisk/fdisk.c -+++ util-linux-2.12q/fdisk/fdisk.c +Index: util-linux-ng-2.12r+git20070330/fdisk/fdisk.c +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/fdisk/fdisk.c ++++ util-linux-ng-2.12r+git20070330/fdisk/fdisk.c @@ -26,6 +26,7 @@ #include "fdisksunlabel.h" #include "fdisksgilabel.h" #include "fdiskaixlabel.h" +#include "fdiskmaclabel.h" - #include "../defines.h" - #ifdef HAVE_blkpg_h -@@ -165,11 +166,12 @@ + #ifdef HAVE_LINUX_COMPILER_H + #include +@@ -167,11 +168,12 @@ unsigned int heads, unsigned long long total_number_of_sectors; @@ -188,18 +161,18 @@ int possibly_osf_label = 0; jmp_buf listingbuf; -@@ -363,6 +365,10 @@ +@@ -365,6 +367,10 @@ menu(void) { puts(_(" v verify the partition table")); puts(_(" w write table to disk and exit")); } + else if (mac_label) { + puts(_("no Commands available")); -+ ++ + } else if (aix_label) { puts(_("Command action")); puts(_(" m print this menu")); -@@ -443,6 +449,9 @@ +@@ -445,6 +451,9 @@ xmenu(void) { puts(_(" v verify the partition table")); puts(_(" w write table to disk and exit")); } @@ -209,7 +182,7 @@ else { puts(_("Command action")); puts(_(" b move beginning of data in a partition")); /* !sun */ -@@ -943,6 +952,9 @@ +@@ -945,6 +954,9 @@ get_boot(enum action what) { if (check_aix_label()) return 0; @@ -219,11 +192,10 @@ if (check_osf_label()) { possibly_osf_label = 1; if (!valid_part_table_flag(MBRbuffer)) { -@@ -2074,6 +2086,15 @@ - "This will destroy the present disk contents.\n")); +@@ -2077,6 +2089,15 @@ new_partition(void) { return; } -+ + + if (mac_label) { + printf(_("\tSorry - this fdisk cannot handle Mac disk labels." + "\n\tIf you want to add DOS-type partitions, create" @@ -232,10 +204,11 @@ + "This will destroy the present disk contents.\n")); + return; + } - ++ for (i = 0; i < 4; i++) free_primary += !ptes[i].part_table->sys_ind; -@@ -2404,7 +2425,11 @@ + +@@ -2406,7 +2427,11 @@ try(char *device, int user_specified) { if (gb > 0) { /* I/O error */ } else if (gb < 0) { /* no DOS signature */ list_disk_geometry(); @@ -244,7 +217,19 @@ + return; + if (mac_label) + return; -+ if (btrydev(device) < 0) ++ if (btrydev(device) < 0) fprintf(stderr, _("Disk %s doesn't contain a valid " "partition table\n"), device); +Index: util-linux-ng-2.12r+git20070330/fdisk/Makefile.am +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/fdisk/Makefile.am ++++ util-linux-ng-2.12r+git20070330/fdisk/Makefile.am +@@ -8,6 +8,7 @@ sbin_PROGRAMS = fdisk + man_MANS = fdisk.8 + fdisk_SOURCES = fdisk.c disksize.c fdiskbsdlabel.c fdisksgilabel.c \ + fdisksunlabel.c fdiskaixlabel.c i386_sys_types.c partname.c \ ++ fdiskmaclabel.c \ + common.h fdisk.h fdisksunlabel.h fdisksgilabel.h fdiskaixlabel.h \ + fdiskbsdlabel.h + diff --git a/util-linux-2.11u-nfs-mount_acl.diff b/util-linux-2.11u-mount_nfs_mount_acl.patch similarity index 64% rename from util-linux-2.11u-nfs-mount_acl.diff rename to util-linux-2.11u-mount_nfs_mount_acl.patch index 8977f08..83a4cca 100644 --- a/util-linux-2.11u-nfs-mount_acl.diff +++ b/util-linux-2.11u-mount_nfs_mount_acl.patch @@ -5,9 +5,11 @@ change has been discussed and accepted by Trond Myklebust -- Andreas Gruenbacher ================================================================================ ---- util-linux-2.12q/mount/mount.8 -+++ util-linux-2.12q/mount/mount.8 -@@ -1335,7 +1335,8 @@ +Index: util-linux-ng-2.12r+2.13pre7/mount/mount.8 +=================================================================== +--- util-linux-ng-2.12r+2.13pre7.orig/mount/mount.8 ++++ util-linux-ng-2.12r+2.13pre7/mount/mount.8 +@@ -1335,7 +1335,8 @@ are recognized: .BR ac , .BR tcp , .BR udp , @@ -17,9 +19,11 @@ change has been discussed and accepted by Trond Myklebust For details, see .BR nfs (5). ---- util-linux-2.12q/mount/nfs.5 -+++ util-linux-2.12q/mount/nfs.5 -@@ -204,6 +204,15 @@ +Index: util-linux-ng-2.12r+2.13pre7/mount/nfs.5 +=================================================================== +--- util-linux-ng-2.12r+2.13pre7.orig/mount/nfs.5 ++++ util-linux-ng-2.12r+2.13pre7/mount/nfs.5 +@@ -204,6 +204,15 @@ default UDP protocol. Many NFS servers .I udp Mount the NFS filesystem using the UDP protocol. This is the default. @@ -35,17 +39,21 @@ change has been discussed and accepted by Trond Myklebust .P All of the non-value options have corresponding nooption forms. For example, nointr means don't allow file operations to be ---- util-linux-2.12q/mount/nfs_mount4.h -+++ util-linux-2.12q/mount/nfs_mount4.h -@@ -51,4 +51,4 @@ +Index: util-linux-ng-2.12r+2.13pre7/mount/nfs_mount4.h +=================================================================== +--- util-linux-ng-2.12r+2.13pre7.orig/mount/nfs_mount4.h ++++ util-linux-ng-2.12r+2.13pre7/mount/nfs_mount4.h +@@ -51,4 +51,4 @@ struct nfs_mount_data { #define NFS_MOUNT_KERBEROS 0x0100 /* 3 */ #define NFS_MOUNT_NONLM 0x0200 /* 3 */ #define NFS_MOUNT_BROKEN_SUID 0x0400 /* 4 */ - +#define NFS_MOUNT_NOACL 0x0800 /* 4 */ ---- util-linux-2.12q/mount/nfsmount.c -+++ util-linux-2.12q/mount/nfsmount.c -@@ -216,7 +216,7 @@ +Index: util-linux-ng-2.12r+2.13pre7/mount/nfsmount.c +=================================================================== +--- util-linux-ng-2.12r+2.13pre7.orig/mount/nfsmount.c ++++ util-linux-ng-2.12r+2.13pre7/mount/nfsmount.c +@@ -214,7 +214,7 @@ int nfsmount(const char *spec, const cha struct stat statbuf; char *s; int port, mountport, proto, bg, soft, intr; @@ -54,7 +62,7 @@ change has been discussed and accepted by Trond Myklebust int retry, tcp; int mountprog, mountvers, nfsprog, nfsvers; int retval; -@@ -316,6 +316,7 @@ +@@ -314,6 +314,7 @@ int nfsmount(const char *spec, const cha nocto = 0; nolock = 0; broken_suid = 0; @@ -62,7 +70,7 @@ change has been discussed and accepted by Trond Myklebust noac = 0; retry = 10000; /* 10000 minutes ~ 1 week */ tcp = 0; -@@ -427,6 +428,8 @@ +@@ -425,6 +426,8 @@ int nfsmount(const char *spec, const cha printf(_("Warning: option nolock is not supported.\n")); } else if (!strcmp(opt, "broken_suid")) { broken_suid = val; @@ -71,7 +79,7 @@ change has been discussed and accepted by Trond Myklebust } else { if (!sloppy) { printf(_("unknown nfs mount option: " -@@ -452,8 +455,10 @@ +@@ -450,8 +453,10 @@ int nfsmount(const char *spec, const cha data.flags |= (nolock ? NFS_MOUNT_NONLM : 0); #endif #if NFS_MOUNT_VERSION >= 4 diff --git a/util-linux-2.11z-hwclock_geteuid.diff b/util-linux-2.11z-hwclock_geteuid.patch similarity index 52% rename from util-linux-2.11z-hwclock_geteuid.diff rename to util-linux-2.11z-hwclock_geteuid.patch index aa0ed74..b022f41 100644 --- a/util-linux-2.11z-hwclock_geteuid.diff +++ b/util-linux-2.11z-hwclock_geteuid.patch @@ -1,9 +1,11 @@ ---- hwclock/hwclock.c +Index: hwclock/hwclock.c +=================================================================== +--- hwclock/hwclock.c.orig +++ hwclock/hwclock.c -@@ -1446,7 +1446,7 @@ +@@ -1480,7 +1480,7 @@ main(int argc, char **argv) { show = 1; /* default to show */ - + - if (getuid() == 0) + if (geteuid() == 0) permitted = TRUE; diff --git a/util-linux-2.12-enablereplaybuild.diff b/util-linux-2.12-enablereplaybuild.diff deleted file mode 100644 index f824893..0000000 --- a/util-linux-2.12-enablereplaybuild.diff +++ /dev/null @@ -1,20 +0,0 @@ ---- misc-utils/Makefile -+++ misc-utils/Makefile -@@ -12,7 +12,7 @@ - # Where to put man pages? - - MAN1= cal.1 chkdupexe.1 ddate.1 logger.1 look.1 mcookie.1 \ -- namei.1 rename.1 script.1 whereis.1 hostid.1 -+ namei.1 rename.1 script.1 whereis.1 hostid.1 scriptreplay.1 - - # Where to put binaries? - # See the "install" rule for the links. . . -@@ -20,7 +20,7 @@ - BIN= - - USRBIN= cal chkdupexe ddate hostid logger look mcookie \ -- namei rename script whereis -+ namei rename script scriptreplay whereis - - MAYBE= reset setterm - diff --git a/util-linux-2.12-hostid.diff b/util-linux-2.12-misc_utils_hostid.patch similarity index 70% rename from util-linux-2.12-hostid.diff rename to util-linux-2.12-misc_utils_hostid.patch index 0a9423c..170046d 100644 --- a/util-linux-2.12-hostid.diff +++ b/util-linux-2.12-misc_utils_hostid.patch @@ -1,5 +1,7 @@ ---- util-linux-2.12q/misc-utils/hostid.1 -+++ util-linux-2.12q/misc-utils/hostid.1 +Index: util-linux-ng-2.12r+git20070330/misc-utils/hostid.1 +=================================================================== +--- /dev/null ++++ util-linux-ng-2.12r+git20070330/misc-utils/hostid.1 @@ -0,0 +1,24 @@ +.TH hostid 1 +.SH NAME @@ -25,8 +27,10 @@ +.SH SEE ALSO +gethostid(2), sethostid(2) + ---- util-linux-2.12q/misc-utils/hostid.c -+++ util-linux-2.12q/misc-utils/hostid.c +Index: util-linux-ng-2.12r+git20070330/misc-utils/hostid.c +=================================================================== +--- /dev/null ++++ util-linux-ng-2.12r+git20070330/misc-utils/hostid.c @@ -0,0 +1,88 @@ +/* Program hostid. Changed on 7.10.1997 + New: - Hostid 0 is not permitted. @@ -116,22 +120,25 @@ + + return 0; +} ---- util-linux-2.12q/misc-utils/Makefile -+++ util-linux-2.12q/misc-utils/Makefile -@@ -12,14 +12,14 @@ - # Where to put man pages? +Index: util-linux-ng-2.12r+git20070330/misc-utils/Makefile.am +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/misc-utils/Makefile.am ++++ util-linux-ng-2.12r+git20070330/misc-utils/Makefile.am +@@ -9,7 +9,7 @@ EXTRA_DIST = README.* \ + bin_PROGRAMS = - MAN1= cal.1 chkdupexe.1 ddate.1 logger.1 look.1 mcookie.1 \ -- namei.1 rename.1 script.1 whereis.1 -+ namei.1 rename.1 script.1 whereis.1 hostid.1 + usrbinexec_PROGRAMS = cal ddate logger look mcookie \ +- namei script whereis ++ namei script whereis hostid - # Where to put binaries? - # See the "install" rule for the links. . . + mcookie_LDADD = $(top_srcdir)/lib/libmd5.a - BIN= +@@ -24,7 +24,7 @@ scriptreplay: scriptreplay.pl + CLEANFILES = chkdupexe scriptreplay --USRBIN= cal chkdupexe ddate logger look mcookie \ -+USRBIN= cal chkdupexe ddate hostid logger look mcookie \ - namei rename script whereis + man_MANS = cal.1 chkdupexe.1 ddate.1 logger.1 look.1 mcookie.1 \ +- namei.1 script.1 whereis.1 ++ namei.1 script.1 whereis.1 hostid.1 - MAYBE= reset setterm + if HAVE_NCURSES + cal_LDADD = -lncurses diff --git a/util-linux-2.12-mount_base_nfsv4.patch b/util-linux-2.12-mount_base_nfsv4.patch new file mode 100644 index 0000000..ead5f2f --- /dev/null +++ b/util-linux-2.12-mount_base_nfsv4.patch @@ -0,0 +1,859 @@ + +Add basic nfsv4 support + +--- + + util-linux-2.12-bfields/mount/Makefile | 2 + util-linux-2.12-bfields/mount/fstab.5 | 1 + util-linux-2.12-bfields/mount/mount.8 | 75 ++++++ + util-linux-2.12-bfields/mount/mount.c | 13 + + util-linux-2.12-bfields/mount/nfs.5 | 200 +++++++++++++++++ + util-linux-2.12-bfields/mount/nfs4_mount.h | 82 +++++++ + util-linux-2.12-bfields/mount/nfs4mount.c | 335 +++++++++++++++++++++++++++++ + util-linux-2.12-bfields/mount/nfsmount.c | 5 + util-linux-2.12-bfields/mount/sundries.h | 2 + util-linux-2.12-bfields/mount/umount.c | 3 + 10 files changed, 710 insertions(+), 8 deletions(-) + +Index: util-linux-ng-2.12r+git20070330/mount/fstab.5 +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/fstab.5 ++++ util-linux-ng-2.12r+git20070330/mount/fstab.5 +@@ -115,6 +115,7 @@ of filesystem types, such as + .IR msdos , + .IR ncpfs , + .IR nfs , ++.IR nfs4 , + .IR ntfs , + .IR proc , + .IR qnx4 , +Index: util-linux-ng-2.12r+git20070330/mount/mount.8 +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/mount.8 ++++ util-linux-ng-2.12r+git20070330/mount/mount.8 +@@ -385,6 +385,7 @@ currently supported include: + .IR msdos , + .IR ncpfs , + .IR nfs , ++.IR nfs4 , + .IR ntfs , + .IR proc , + .IR qnx4 , +@@ -422,7 +423,7 @@ For most types all the + program has to do is issue a simple + .IR mount (2) + system call, and no detailed knowledge of the filesystem type is required. +-For a few types however (like nfs, cifs, smbfs, ncpfs) ad hoc code is ++For a few types however (like nfs, nfs4, cifs, smbfs, ncpfs) ad hoc code is + necessary. The nfs ad hoc code is built in, but cifs, smbfs, and ncpfs + have a separate mount program. In order to make it possible to + treat all types in a uniform way, mount will execute the program +@@ -450,9 +451,10 @@ or, if that does not exist, + All of the filesystem types listed there will be tried, + except for those that are labeled "nodev" (e.g., + .IR devpts , +-.I proc ++.IR proc , ++.IR nfs , + and +-.IR nfs ). ++.IR nfs4 ). + If + .I /etc/filesystems + ends in a line with a single * only, mount will read +@@ -1380,6 +1382,73 @@ Usually it just causes lots of trouble. + .B nolock + Do not use locking. Do not start lockd. + ++.SH "Mount options for nfs4" ++Instead of a textual option string, parsed by the kernel, the ++.I nfs4 ++file system expects a binary argument of type ++.IR "struct nfs4_mount_data" . ++The program ++.B mount ++itself parses the following options of the form `tag=value', ++and puts them in the structure mentioned: ++.BI rsize= n, ++.BI wsize= n, ++.BI timeo= n, ++.BI retrans= n, ++.BI acregmin= n, ++.BI acregmax= n, ++.BI acdirmin= n, ++.BI acdirmax= n, ++.BI actimeo= n, ++.BI retry= n, ++.BI port= n, ++.BI proto= n, ++.BI clientaddr= n, ++.BI sec= n. ++The option ++.BI addr= n ++is accepted but ignored. ++Also the following Boolean options, possibly preceded by ++.B no ++are recognized: ++.BR bg , ++.BR fg , ++.BR soft , ++.BR hard , ++.BR intr , ++.BR cto , ++.BR ac , ++For details, see ++.BR nfs (5). ++ ++Especially useful options include ++.TP ++.B rsize=32768,wsize=32768 ++This will make your NFS connection faster than with the default ++buffer size of 4096. ++.TP ++.B hard ++The program accessing a file on a NFS mounted file system will hang ++when the server crashes. The process cannot be interrupted or ++killed unless you also specify ++.BR intr . ++When the NFS server is back online the program will continue undisturbed ++from where it was. This is probably what you want. ++.TP ++.B soft ++This option allows the kernel to time out if the NFS server is not ++responding for some time. The time can be ++specified with ++.BR timeo=time . ++This timeout value is expressed in tenths of a second. ++The ++.BR soft ++option might be useful if your NFS server sometimes doesn't respond ++or will be rebooted while some process tries to get a file from the server. ++Avoid using this option with ++.BR proto=udp ++or with a short timeout. ++ + .SH "Mount options for ntfs" + .TP + .BI iocharset= name +Index: util-linux-ng-2.12r+git20070330/mount/mount.c +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/mount.c ++++ util-linux-ng-2.12r+git20070330/mount/mount.c +@@ -860,6 +860,19 @@ try_mount_one (const char *spec0, const + if (res) + goto out; + } ++#ifdef HAVE_NFS ++ /* ++ * NFSv4 support ++ */ ++ if (!fake && types && streq (types, "nfs4")) { ++ mnt_err = nfs4mount(spec, node, &flags, &extra_opts, &mount_opts, bg); ++ if (mnt_err) ++ return mnt_err; ++#else ++ die (EX_SOFTWARE, _("mount: this version was compiled " ++ "without support for the type `nfs4'")); ++#endif ++ } + + /* + * Call mount.TYPE for types that require a separate mount program. +Index: util-linux-ng-2.12r+git20070330/mount/nfs4mount.c +=================================================================== +--- /dev/null ++++ util-linux-ng-2.12r+git20070330/mount/nfs4mount.c +@@ -0,0 +1,335 @@ ++/* ++ * nfs4mount.c -- Linux NFS mount ++ * Copyright (C) 2002 Trond Myklebust ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 2, or (at your option) ++ * any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * Note: this file based on the original nfsmount.c ++ */ ++ ++#include "../config.h" ++ ++#include ++#include ++#undef __FD_CLR ++#undef __FD_SET ++#undef __FD_ISSET ++#undef __FD_ZERO ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include "sundries.h" ++ ++#include "mount_constants.h" ++#include "nfs4_mount.h" ++ ++#include "nls.h" ++ ++#ifndef NFS_PORT ++#define NFS_PORT 2049 ++#endif ++ ++static int parse_devname(char *hostdir, char **hostname, char **dirname) ++{ ++ char *s; ++ ++ if (!(s = strchr(hostdir, ':'))) { ++ fprintf(stderr, ++ _("mount: " ++ "directory to mount not in host:dir format\n")); ++ return -1; ++ } ++ *hostname = hostdir; ++ *dirname = s + 1; ++ *s = '\0'; ++ /* Ignore all but first hostname in replicated mounts ++ until they can be fully supported. (mack@sgi.com) */ ++ if ((s = strchr(hostdir, ','))) { ++ *s = '\0'; ++ fprintf(stderr, ++ _("mount: warning: " ++ "multiple hostnames not supported\n")); ++ } ++ return 0; ++} ++ ++static int fill_ipv4_sockaddr(const char *hostname, struct sockaddr_in *addr) ++{ ++ struct hostent *hp; ++ addr->sin_family = AF_INET; ++ ++ if (inet_aton(hostname, &addr->sin_addr)) ++ return 0; ++ if ((hp = gethostbyname(hostname)) == NULL) { ++ fprintf(stderr, _("mount: can't get address for %s\n"), ++ hostname); ++ return -1; ++ } ++ if (hp->h_length > sizeof(struct in_addr)) { ++ fprintf(stderr, ++ _("mount: got bad hp->h_length\n")); ++ hp->h_length = sizeof(struct in_addr); ++ } ++ memcpy(&addr->sin_addr, hp->h_addr, hp->h_length); ++ return 0; ++} ++ ++static int get_my_ipv4addr(char *ip_addr, int len) ++{ ++ char myname[1024]; ++ struct sockaddr_in myaddr; ++ ++ if (gethostname(myname, sizeof(myname))) { ++ fprintf(stderr, _("mount: can't determine client address\n")); ++ return -1; ++ } ++ if (fill_ipv4_sockaddr(myname, &myaddr)) ++ return -1; ++ snprintf(ip_addr, len, "%s", inet_ntoa(myaddr.sin_addr)); ++ ip_addr[len-1] = '\0'; ++ return 0; ++} ++ ++int nfs4mount(const char *spec, const char *node, int *flags, ++ char **extra_opts, char **mount_opts, ++ int running_bg) ++{ ++ static struct nfs4_mount_data data; ++ static char hostdir[1024]; ++ static char ip_addr[16] = "127.0.0.1"; ++ static struct sockaddr_in server_addr; ++ static int pseudoflavour = 0; ++ ++ char *hostname, *dirname, *old_opts; ++ char new_opts[1024]; ++ char *opt, *opteq; ++ char *s; ++ int val; ++ int bg, soft, intr; ++ int nocto, noac; ++ int retry; ++ int retval; ++ ++ retval = EX_FAIL; ++ if (strlen(spec) >= sizeof(hostdir)) { ++ fprintf(stderr, _("mount: " ++ "excessively long host:dir argument\n")); ++ goto fail; ++ } ++ strcpy(hostdir, spec); ++ if (parse_devname(hostdir, &hostname, &dirname)) ++ goto fail; ++ ++ if (fill_ipv4_sockaddr(hostname, &server_addr)) ++ goto fail; ++ if (get_my_ipv4addr(ip_addr, sizeof(ip_addr))) ++ goto fail; ++ ++ /* add IP address to mtab options for use when unmounting */ ++ s = inet_ntoa(server_addr.sin_addr); ++ old_opts = *extra_opts; ++ if (!old_opts) ++ old_opts = ""; ++ if (strlen(old_opts) + strlen(s) + 10 >= sizeof(new_opts)) { ++ fprintf(stderr, _("mount: " ++ "excessively long option argument\n")); ++ goto fail; ++ } ++ snprintf(new_opts, sizeof(new_opts), "%s%saddr=%s", ++ old_opts, *old_opts ? "," : "", s); ++ *extra_opts = xstrdup(new_opts); ++ ++ /* Set default options. ++ * rsize/wsize and timeo are left 0 in order to ++ * let the kernel decide. ++ */ ++ memset(&data, 0, sizeof(data)); ++ data.retrans = 3; ++ data.acregmin = 3; ++ data.acregmax = 60; ++ data.acdirmin = 30; ++ data.acdirmax = 60; ++ data.proto = IPPROTO_TCP; ++ ++ bg = 0; ++ soft = 0; ++ intr = 0; ++ nocto = 0; ++ noac = 0; ++ retry = 10000; /* 10000 minutes ~ 1 week */ ++ ++ /* ++ * NFSv4 specifies that the default port should be 2049 ++ */ ++ server_addr.sin_port = htons(NFS_PORT); ++ ++ /* parse options */ ++ ++ for (opt = strtok(old_opts, ","); opt; opt = strtok(NULL, ",")) { ++ if ((opteq = strchr(opt, '='))) { ++ val = atoi(opteq + 1); ++ *opteq = '\0'; ++ if (!strcmp(opt, "rsize")) ++ data.rsize = val; ++ else if (!strcmp(opt, "wsize")) ++ data.wsize = val; ++ else if (!strcmp(opt, "timeo")) ++ data.timeo = val; ++ else if (!strcmp(opt, "retrans")) ++ data.retrans = val; ++ else if (!strcmp(opt, "acregmin")) ++ data.acregmin = val; ++ else if (!strcmp(opt, "acregmax")) ++ data.acregmax = val; ++ else if (!strcmp(opt, "acdirmin")) ++ data.acdirmin = val; ++ else if (!strcmp(opt, "acdirmax")) ++ data.acdirmax = val; ++ else if (!strcmp(opt, "actimeo")) { ++ data.acregmin = val; ++ data.acregmax = val; ++ data.acdirmin = val; ++ data.acdirmax = val; ++ } ++ else if (!strcmp(opt, "retry")) ++ retry = val; ++ else if (!strcmp(opt, "port")) ++ server_addr.sin_port = htons(val); ++ else if (!strcmp(opt, "proto")) { ++ if (!strncmp(opteq+1, "tcp", 3)) ++ data.proto = IPPROTO_TCP; ++ else if (!strncmp(opteq+1, "udp", 3)) ++ data.proto = IPPROTO_UDP; ++ else ++ printf(_("Warning: Unrecognized proto= option.\n")); ++ } else if (!strcmp(opt, "clientaddr")) { ++ if (strlen(opteq+1) >= sizeof(ip_addr)) ++ printf(_("Invalid client address %s"), ++ opteq+1); ++ strncpy(ip_addr,opteq+1, sizeof(ip_addr)); ++ ip_addr[sizeof(ip_addr)-1] = '\0'; ++ } else if (!strcmp(opt, "sec")) { ++ if (!strcmp(opteq+1, "krb5")) ++ pseudoflavour = 390003; ++ else if (!strcmp(opteq+1, "krb5i")) ++ pseudoflavour = 390004; ++ else if (!strcmp(opteq+1, "krb5p")) ++ pseudoflavour = 390005; ++ else if (!strcmp(opteq+1, "lipkey")) ++ pseudoflavour = 390006; ++ else if (!strcmp(opteq+1, "lipkey-i")) ++ pseudoflavour = 390007; ++ else if (!strcmp(opteq+1, "lipkey-p")) ++ pseudoflavour = 390008; ++ else if (!strcmp(opteq+1, "spkm3")) ++ pseudoflavour = 390009; ++ else if (!strcmp(opteq+1, "spkm3i")) ++ pseudoflavour = 390010; ++ else if (!strcmp(opteq+1, "spkm3p")) ++ pseudoflavour = 390011; ++ else { ++ printf(_("unknown security type %s\n"), ++ opteq+1); ++ goto fail; ++ } ++ } else if (!strcmp(opt, "addr")) { ++ /* ignore */; ++ } else { ++ printf(_("unknown nfs mount parameter: " ++ "%s=%d\n"), opt, val); ++ goto fail; ++ } ++ } else { ++ val = 1; ++ if (!strncmp(opt, "no", 2)) { ++ val = 0; ++ opt += 2; ++ } ++ if (!strcmp(opt, "bg")) ++ bg = val; ++ else if (!strcmp(opt, "fg")) ++ bg = !val; ++ else if (!strcmp(opt, "soft")) ++ soft = val; ++ else if (!strcmp(opt, "hard")) ++ soft = !val; ++ else if (!strcmp(opt, "intr")) ++ intr = val; ++ else if (!strcmp(opt, "cto")) ++ nocto = !val; ++ else if (!strcmp(opt, "ac")) ++ noac = !val; ++ else { ++ if (!sloppy) { ++ printf(_("unknown nfs mount option: " ++ "%s%s\n"), val ? "" : "no", opt); ++ goto fail; ++ } ++ } ++ } ++ } ++ ++ data.flags = (soft ? NFS4_MOUNT_SOFT : 0) ++ | (intr ? NFS4_MOUNT_INTR : 0) ++ | (nocto ? NFS4_MOUNT_NOCTO : 0) ++ | (noac ? NFS4_MOUNT_NOAC : 0); ++ ++ if (pseudoflavour != 0) { ++ data.auth_flavourlen = 1; ++ data.auth_flavours = &pseudoflavour; ++ } ++ ++ data.client_addr.data = ip_addr; ++ data.client_addr.len = strlen(ip_addr); ++ ++ data.mnt_path.data = dirname; ++ data.mnt_path.len = strlen(dirname); ++ ++ data.hostname.data = hostname; ++ data.hostname.len = strlen(hostname); ++ data.host_addr = (struct sockaddr *)&server_addr; ++ data.host_addrlen = sizeof(server_addr); ++ ++#ifdef NFS_MOUNT_DEBUG ++ printf("rsize = %d, wsize = %d, timeo = %d, retrans = %d\n", ++ data.rsize, data.wsize, data.timeo, data.retrans); ++ printf("acreg (min, max) = (%d, %d), acdir (min, max) = (%d, %d)\n", ++ data.acregmin, data.acregmax, data.acdirmin, data.acdirmax); ++ printf("port = %d, bg = %d, retry = %d, flags = %.8x\n", ++ ntohs(server_addr.sin_port), bg, retry, data.flags); ++ printf("soft = %d, intr = %d, nocto = %d, noac = %d\n", ++ (data.flags & NFS4_MOUNT_SOFT) != 0, ++ (data.flags & NFS4_MOUNT_INTR) != 0, ++ (data.flags & NFS4_MOUNT_NOCTO) != 0, ++ (data.flags & NFS4_MOUNT_NOAC) != 0); ++ printf("proto = %s\n", (data.proto == IPPROTO_TCP) ? "tcp" : "udp"); ++#endif ++ ++ data.version = NFS4_MOUNT_VERSION; ++ ++ *mount_opts = (char *) &data; ++ /* clean up */ ++ return 0; ++ ++fail: ++ return retval; ++} +Index: util-linux-ng-2.12r+git20070330/mount/nfs4_mount.h +=================================================================== +--- /dev/null ++++ util-linux-ng-2.12r+git20070330/mount/nfs4_mount.h +@@ -0,0 +1,82 @@ ++#ifndef _LINUX_NFS4_MOUNT_H ++#define _LINUX_NFS4_MOUNT_H ++ ++/* ++ * linux/include/linux/nfs4_mount.h ++ * ++ * Copyright (C) 2002 Trond Myklebust ++ * ++ * structure passed from user-space to kernel-space during an nfsv4 mount ++ */ ++ ++/* ++ * WARNING! Do not delete or change the order of these fields. If ++ * a new field is required then add it to the end. The version field ++ * tracks which fields are present. This will ensure some measure of ++ * mount-to-kernel version compatibility. Some of these aren't used yet ++ * but here they are anyway. ++ */ ++#define NFS4_MOUNT_VERSION 1 ++ ++struct nfs_string { ++ unsigned int len; ++ const char* data; ++}; ++ ++struct nfs4_mount_data { ++ int version; /* 1 */ ++ int flags; /* 1 */ ++ int rsize; /* 1 */ ++ int wsize; /* 1 */ ++ int timeo; /* 1 */ ++ int retrans; /* 1 */ ++ int acregmin; /* 1 */ ++ int acregmax; /* 1 */ ++ int acdirmin; /* 1 */ ++ int acdirmax; /* 1 */ ++ ++ /* see the definition of 'struct clientaddr4' in RFC3010 */ ++ struct nfs_string client_addr; /* 1 */ ++ ++ /* Mount path */ ++ struct nfs_string mnt_path; /* 1 */ ++ ++ /* Server details */ ++ struct nfs_string hostname; /* 1 */ ++ /* Server IP address */ ++ unsigned int host_addrlen; /* 1 */ ++ struct sockaddr* host_addr; /* 1 */ ++ ++ /* Transport protocol to use */ ++ int proto; /* 1 */ ++ ++ /* Pseudo-flavours to use for authentication. See RFC2623 */ ++ int auth_flavourlen; /* 1 */ ++ int *auth_flavours; /* 1 */ ++}; ++ ++/* bits in the flags field */ ++/* Note: the fields that correspond to existing NFSv2/v3 mount options ++ * should mirror the values from include/linux/nfs_mount.h ++ */ ++ ++#define NFS4_MOUNT_SOFT 0x0001 /* 1 */ ++#define NFS4_MOUNT_INTR 0x0002 /* 1 */ ++#define NFS4_MOUNT_NOCTO 0x0010 /* 1 */ ++#define NFS4_MOUNT_NOAC 0x0020 /* 1 */ ++#define NFS4_MOUNT_STRICTLOCK 0x1000 /* 1 */ ++#define NFS4_MOUNT_FLAGMASK 0xFFFF ++ ++/* pseudoflavors: */ ++ ++#define RPC_AUTH_GSS_KRB5 390003 ++#define RPC_AUTH_GSS_KRB5I 390004 ++#define RPC_AUTH_GSS_KRB5P 390005 ++#define RPC_AUTH_GSS_LKEY 390006 ++#define RPC_AUTH_GSS_LKEYI 390007 ++#define RPC_AUTH_GSS_LKEYP 390008 ++#define RPC_AUTH_GSS_SPKM 390009 ++#define RPC_AUTH_GSS_SPKMI 390010 ++#define RPC_AUTH_GSS_SPKMP 390011 ++ ++#endif +Index: util-linux-ng-2.12r+git20070330/mount/nfs.5 +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/nfs.5 ++++ util-linux-ng-2.12r+git20070330/mount/nfs.5 +@@ -3,7 +3,7 @@ + .\" patches. " + .TH NFS 5 "20 November 1993" "Linux 0.99" "Linux Programmer's Manual" + .SH NAME +-nfs \- nfs fstab format and options ++nfs \- nfs and nfs4 fstab format and options + .SH SYNOPSIS + .B /etc/fstab + .SH DESCRIPTION +@@ -17,14 +17,51 @@ the local directory that is the mount po + and the NFS specific options that control + the way the filesystem is mounted. + .P +-Here is an example from an \fI/etc/fstab\fP file from an NFS mount. ++Three different versions of the NFS protocol are ++supported by the Linux NFS client: ++NFS version 2, NFS version 3, and NFS version 4. ++To mount via NFS version 2, use the ++.BR nfs ++file system type and specify ++.BR nfsvers=2 . ++Version 2 is the default protocol version for the ++.BR nfs ++file system type when ++.BR nfsvers= ++is not specified on the mount command. ++To mount via NFS version 3, use the ++.BR nfs ++file system type and specify ++.BR nfsvers=3 . ++To mount via NFS version 4, use the ++.BR nfs4 ++file system type. ++The ++.BR nfsvers= ++keyword is not supported for the ++.BR nfs4 ++file system type. ++.P ++These file system types share similar mount options; ++the differences are listed below. ++.P ++Here is an example from an \fI/etc/fstab\fP file for an NFSv2 mount ++over UDP. + .sp + .nf + .ta 2.5i +0.75i +0.75i +1.0i + server:/usr/local/pub /pub nfs rsize=8192,wsize=8192,timeo=14,intr + .fi ++.P ++Here is an example for an NFSv4 mount over TCP using Kerberos ++5 mutual authentication. ++.sp ++.nf ++.ta 2.5i +0.75i +0.75i +1.0i ++server:/usr/local/pub /pub nfs4 proto=tcp,sec=krb5,hard,intr ++.fi + .DT +-.SS Options ++.SS Options for the nfs file system type + .TP 1.5i + .I rsize=n + The number of bytes NFS uses when reading files from an NFS server. +@@ -217,6 +254,163 @@ which are otherwise used to manipulate A + All of the non-value options have corresponding nooption forms. + For example, nointr means don't allow file operations to be + interrupted. ++.SS Options for the nfs4 file system type ++.TP 1.5i ++.I rsize=n ++The number of bytes NFS uses when reading files from an NFS server. ++The default value is dependent on the kernel, currently 4096 bytes. ++(However, throughput is improved greatly by asking for ++.IR rsize=32768 .) ++This value is negotiated with the server. ++.TP 1.5i ++.I wsize=n ++The number of bytes NFS uses when writing files to an NFS server. ++The default value is dependent on the kernel, currently 4096 bytes. ++(However, throughput is improved greatly by asking for ++.IR wsize=32768 .) ++This value is negotiated with the server. ++.TP 1.5i ++.I timeo=n ++The value in tenths of a second before sending the ++first retransmission after an RPC timeout. ++The default value depends on whether ++.IR proto=udp ++or ++.IR proto=tcp ++is in effect (see below). ++The default value for UDP is 7 tenths of a second. ++The default value for TCP is 60 seconds. ++After the first timeout, ++the timeout is doubled after each successive timeout until a maximum ++timeout of 60 seconds is reached or the enough retransmissions ++have occured to cause a major timeout. Then, if the filesystem ++is hard mounted, each new timeout cascade restarts at twice the ++initial value of the previous cascade, again doubling at each ++retransmission. The maximum timeout is always 60 seconds. ++.TP 1.5i ++.I retrans=n ++The number of minor timeouts and retransmissions that must occur before ++a major timeout occurs. The default is 5 timeouts for ++.IR proto=udp ++and 2 timeouts for ++.IR proto=tcp . ++When a major timeout ++occurs, the file operation is either aborted or a "server not responding" ++message is printed on the console. ++.TP 1.5i ++.I acregmin=n ++The minimum time in seconds that attributes of a regular file should ++be cached before requesting fresh information from a server. ++The default is 3 seconds. ++.TP 1.5i ++.I acregmax=n ++The maximum time in seconds that attributes of a regular file can ++be cached before requesting fresh information from a server. ++The default is 60 seconds. ++.TP 1.5i ++.I acdirmin=n ++The minimum time in seconds that attributes of a directory should ++be cached before requesting fresh information from a server. ++The default is 30 seconds. ++.TP 1.5i ++.I acdirmax=n ++The maximum time in seconds that attributes of a directory can ++be cached before requesting fresh information from a server. ++The default is 60 seconds. ++.TP 1.5i ++.I actimeo=n ++Using actimeo sets all of ++.I acregmin, ++.I acregmax, ++.I acdirmin, ++and ++.I acdirmax ++to the same value. ++There is no default value. ++.TP 1.5i ++.I retry=n ++The number of minutes to retry an NFS mount operation ++in the foreground or background before giving up. ++The default value is 10000 minutes, which is roughly one week. ++.TP 1.5i ++.I port=n ++The numeric value of the port to connect to the NFS server on. ++If the port number is 0 (the default) then query the ++remote host's portmapper for the port number to use. ++If the remote host's NFS daemon is not registered with ++its portmapper, the standard NFS port number 2049 is ++used instead. ++.TP 1.5i ++.I proto=n ++Mount the NFS filesystem using a specific network protocol ++instead of the default UDP protocol. ++Many NFS version 4 servers only support TCP. ++Valid protocol types are ++.IR udp ++and ++.IR tcp . ++.TP 1.5i ++.I clientaddr=n ++On a multi-homed client, this ++causes the client to use a specific callback address when ++communicating with an NFS version 4 server. ++This option is currently ignored. ++.TP 1.5i ++.I sec=n ++Specify an advanced security mechanism for this file system. ++To use Kerberos 5 mutual authentication, specify ++.IR krb5 . ++Kerberos 5 integrity checking is specified with ++.IR krb5i , ++and Kerberos 5 privacy is specified with ++.IR krb5p . ++Other security mechanisms may become available in the future. ++.TP 1.5i ++.I bg ++If an NFS mount attempt times out, retry the mount ++in the background. ++After a mount operation is backgrounded, all subsequent mounts ++on the same NFS server will be backgrounded immediately, without ++first attempting the mount. ++A missing mount point is treated as a timeout, ++to allow for nested NFS mounts. ++.TP 1.5i ++.I fg ++If the first NFS mount attempt times out, retry the mount ++in the foreground. ++This is the complement of the ++.I bg ++option, and also the default behavior. ++.TP 1.5i ++.I soft ++If an NFS file operation has a major timeout then report an I/O error to ++the calling program. ++The default is to continue retrying NFS file operations indefinitely. ++.TP 1.5i ++.I hard ++If an NFS file operation has a major timeout then report ++"server not responding" on the console and continue retrying indefinitely. ++This is the default. ++.TP 1.5i ++.I intr ++If an NFS file operation has a major timeout and it is hard mounted, ++then allow signals to interupt the file operation and cause it to ++return EINTR to the calling program. The default is to not ++allow file operations to be interrupted. ++.TP 1.5i ++.I nocto ++Suppress the retrieval of new attributes when creating a file. ++.TP 1.5i ++.I noac ++Disable attribute caching, and force synchronous writes. ++This extracts a ++server performance penalty but it allows two different NFS clients ++to get reasonable good results when both clients are actively ++writing to common filesystem on the server. ++.P ++All of the non-value options have corresponding nooption forms. ++For example, nointr means don't allow file operations to be ++interrupted. + .SH FILES + .I /etc/fstab + .SH "SEE ALSO" +Index: util-linux-ng-2.12r+git20070330/mount/sundries.h +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/sundries.h ++++ util-linux-ng-2.12r+git20070330/mount/sundries.h +@@ -40,6 +40,8 @@ void die (int errcode, const char *fmt, + + int nfsmount (const char *spec, const char *node, int *flags, + char **orig_opts, char **opt_args, int *version, int running_bg); ++int nfs4mount (const char *spec, const char *node, int *flags, ++ char **orig_opts, char **opt_args, int running_bg); + + /* exit status - bits below are ORed */ + #define EX_USAGE 1 /* incorrect invocation or permission */ +Index: util-linux-ng-2.12r+git20070330/mount/umount.c +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/umount.c ++++ util-linux-ng-2.12r+git20070330/mount/umount.c +@@ -88,6 +88,9 @@ int verbose = 0; + /* True if ruid != euid. */ + int suid = 0; + ++/* Needed by nfs4mount.c */ ++int sloppy = 0; ++ + /* + * check_special_umountprog() + * If there is a special umount program for this type, exec it. +Index: util-linux-ng-2.12r+git20070330/mount/Makefile.am +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/Makefile.am ++++ util-linux-ng-2.12r+git20070330/mount/Makefile.am +@@ -17,7 +17,7 @@ MNTHDRS = fstab.h linux_fs.h mount_mnten + mount_SOURCES = mount.c fstab.c sundries.c xmalloc.c realpath.c mount_mntent.c \ + get_label_uuid.c mount_by_label.c mount_blkid.c mount_guess_fstype.c \ + getusername.c \ +- nfsmount.c nfsmount_xdr.c nfsmount_clnt.c \ ++ nfsmount.c nfsmount_xdr.c nfsmount_clnt.c nfs4mount.c \ + lomount.c \ + $(MNTHDRS) + diff --git a/util-linux-2.12-mount_guessfstype.diff b/util-linux-2.12-mount_guessfstype.diff deleted file mode 100644 index 2dbf0d7..0000000 --- a/util-linux-2.12-mount_guessfstype.diff +++ /dev/null @@ -1,183 +0,0 @@ ---- util-linux-2.12q/configure -+++ util-linux-2.12q/configure -@@ -190,6 +190,7 @@ - - # - # H9. For raw.c: do we have ? -+# H10. For guessfstype of CD-Extra, do we have ? - # - if ./testincl "linux/raw.h"; then - echo "HAVE_RAW_H=yes" >> make_include -@@ -552,6 +553,12 @@ - echo "HAVE_XGETTEXT=no" >> make_include - fi - -+# -+# H10. For guessfstype of CD-Extra, do we have -+# -+if ./testincl "linux/cdrom.h"; then -+ echo "#define HAVE_cdrom_h" >> defines.h -+fi - - # - # 8. For err.c: do we have __progname? ---- util-linux-2.12q/mount/mount_guess_fstype.c -+++ util-linux-2.12q/mount/mount_guess_fstype.c -@@ -26,6 +26,9 @@ - * 2001-10-26 Tim Launchbury - * added sysv magic. - * -+ * 2003-11-21 Mads Martin Joergensen -+ * added guessfstype support for CD-Extra -+ * - * aeb - many changes. - * - */ -@@ -37,11 +40,16 @@ - #include - #include - #include -+#include - #include "linux_fs.h" - #include "mount_blkid.h" - #include "mount_guess_fstype.h" - #include "sundries.h" /* for xstrdup */ - #include "nls.h" -+#include "../defines.h" -+#ifdef HAVE_cdrom_h -+#include -+#endif - - #define ETC_FILESYSTEMS "/etc/filesystems" - #define PROC_FILESYSTEMS "/proc/filesystems" -@@ -249,7 +257,51 @@ - return 0; - - /* do seeks and reads in disk order, otherwise a very short -- partition may cause a failure because of read error */ -+ partition may cause a failure because of read error -+ Rearranged a tiny bit to check ext2/3 before vfat. We still -+ have to make sure it's not iso9660 first, or otherwise we -+ might bail out wrongly due to an io-error */ -+ -+ if (!type) { -+ /* block 0 */ -+ if (lseek(fd, 0, SEEK_SET) != 0 -+ || read(fd, (char *) &xsb, sizeof(xsb)) != sizeof(xsb)) -+ goto try_iso9660; -+ } -+ -+ if (!type) { -+ /* block 1 */ -+ if (lseek(fd, 1024, SEEK_SET) != 1024 || -+ read(fd, (char *) &sb, sizeof(sb)) != sizeof(sb)) -+ goto io_error; -+ -+ /* ext2 has magic in little-endian on disk, so "swapped" is -+ superfluous; however, there have existed strange byteswapped -+ PPC ext2 systems */ -+ if (ext2magic(sb.e2s) == EXT2_SUPER_MAGIC || -+ ext2magic(sb.e2s) == EXT2_PRE_02B_MAGIC || -+ ext2magic(sb.e2s) == swapped(EXT2_SUPER_MAGIC)) { -+ type = "ext2"; -+ -+ /* maybe even ext3? */ -+ if ((assemble4le(sb.e2s.s_feature_compat) -+ & EXT3_FEATURE_COMPAT_HAS_JOURNAL) && -+ assemble4le(sb.e2s.s_journal_inum) != 0) -+ type = "ext3"; /* "ext3,ext2" */ -+ } -+ -+ else if (minixmagic(sb.ms) == MINIX_SUPER_MAGIC || -+ minixmagic(sb.ms) == MINIX_SUPER_MAGIC2 || -+ minixmagic(sb.ms) == MINIX2_SUPER_MAGIC || -+ minixmagic(sb.ms) == MINIX2_SUPER_MAGIC2) -+ type = "minix"; -+ -+ else if (extmagic(sb.es) == EXT_SUPER_MAGIC) -+ type = "ext"; -+ -+ else if (vxfsmagic(sb.vs) == VXFS_SUPER_MAGIC) -+ type = "vxfs"; -+ } - - if (!type) { - /* block 0 */ -@@ -307,40 +359,6 @@ - type = "sysv"; - } - -- if (!type) { -- /* block 1 */ -- if (lseek(fd, 1024, SEEK_SET) != 1024 || -- read(fd, (char *) &sb, sizeof(sb)) != sizeof(sb)) -- goto io_error; -- -- /* ext2 has magic in little-endian on disk, so "swapped" is -- superfluous; however, there have existed strange byteswapped -- PPC ext2 systems */ -- if (ext2magic(sb.e2s) == EXT2_SUPER_MAGIC || -- ext2magic(sb.e2s) == EXT2_PRE_02B_MAGIC || -- ext2magic(sb.e2s) == swapped(EXT2_SUPER_MAGIC)) { -- type = "ext2"; -- -- /* maybe even ext3? */ -- if ((assemble4le(sb.e2s.s_feature_compat) -- & EXT3_FEATURE_COMPAT_HAS_JOURNAL) && -- assemble4le(sb.e2s.s_journal_inum) != 0) -- type = "ext3"; /* "ext3,ext2" */ -- } -- -- else if (minixmagic(sb.ms) == MINIX_SUPER_MAGIC || -- minixmagic(sb.ms) == MINIX_SUPER_MAGIC2 || -- minixmagic(sb.ms) == swapped(MINIX_SUPER_MAGIC2) || -- minixmagic(sb.ms) == MINIX2_SUPER_MAGIC || -- minixmagic(sb.ms) == MINIX2_SUPER_MAGIC2) -- type = "minix"; -- -- else if (extmagic(sb.es) == EXT_SUPER_MAGIC) -- type = "ext"; -- -- else if (vxfsmagic(sb.vs) == VXFS_SUPER_MAGIC) -- type = "vxfs"; -- } - - if (!type) { - /* block 1 */ -@@ -416,8 +434,34 @@ - /* block 32 */ - try_iso9660: - if (lseek(fd, 0x8000, SEEK_SET) != 0x8000 -- || read(fd, (char *) &isosb, sizeof(isosb)) != sizeof(isosb)) -- goto io_error; -+ || read(fd, (char *) &isosb, sizeof(isosb)) != sizeof(isosb)) { -+#ifdef HAVE_cdrom_h -+ /* Try and see if we have an iso9660 data track later on */ -+ char toc_header[2]; -+ struct cdrom_tocentry *toc[CDROM_LEADOUT + 1]; -+ int i, offset; -+ -+ if (ioctl(fd, CDROMREADTOCHDR, &toc_header)) -+ goto io_error; -+ for (i = toc_header[0]; i <= toc_header[1]; i++) { -+ toc[i] = malloc(sizeof(struct cdrom_tocentry)); -+ memset(toc[i],0,sizeof(struct cdrom_tocentry)); -+ toc[i]->cdte_track = i; -+ toc[i]->cdte_format = CDROM_LBA; -+ if(ioctl(fd,CDROMREADTOCENTRY,toc[i])) -+ goto io_error; -+ if((toc[i]->cdte_ctrl & CDROM_DATA_TRACK)) { -+ offset = 2048 * (toc[i]->cdte_addr.lba + 16); -+ if(lseek(fd, offset, SEEK_SET) != offset) -+ goto io_error; -+ if(read(fd,(char *) &isosb,sizeof(isosb))==-1) -+ goto io_error; -+ } -+ } -+#else -+ goto io_error; -+#endif -+ } - - if (strncmp(isosb.hs.id, HS_STANDARD_ID, sizeof(isosb.hs.id)) == 0) { - /* "CDROM" */ diff --git a/util-linux-2.12-mountfallback.patch b/util-linux-2.12-mount_mountfallback.patch similarity index 73% rename from util-linux-2.12-mountfallback.patch rename to util-linux-2.12-mount_mountfallback.patch index 5ffd6c7..23a04f1 100644 --- a/util-linux-2.12-mountfallback.patch +++ b/util-linux-2.12-mount_mountfallback.patch @@ -1,6 +1,8 @@ ---- util-linux-2.12q/mount/nfsmount.c -+++ util-linux-2.12q/mount/nfsmount.c -@@ -169,8 +169,20 @@ +Index: util-linux-ng-2.12r+2.13pre7/mount/nfsmount.c +=================================================================== +--- util-linux-ng-2.12r+2.13pre7.orig/mount/nfsmount.c ++++ util-linux-ng-2.12r+2.13pre7/mount/nfsmount.c +@@ -167,8 +167,20 @@ get_mountport(struct sockaddr_in *server } if (!p.pm_vers) p.pm_vers = MOUNTVERS; @@ -22,7 +24,7 @@ #if 0 if (!p.pm_port) { p.pm_port = pmap_getport(server_addr, p.pm_prog, p.pm_vers, -@@ -584,7 +596,8 @@ +@@ -582,7 +594,8 @@ retry_udp: pm_mnt = get_mountport(&mount_server_addr, mountprog, mountvers, diff --git a/util-linux-2.12-nfs-tcp.diff b/util-linux-2.12-mount_nfs_tcp.patch similarity index 66% rename from util-linux-2.12-nfs-tcp.diff rename to util-linux-2.12-mount_nfs_tcp.patch index 06ff169..69943e1 100644 --- a/util-linux-2.12-nfs-tcp.diff +++ b/util-linux-2.12-mount_nfs_tcp.patch @@ -1,6 +1,8 @@ ---- util-linux-2.12q/mount/nfs.5 -+++ util-linux-2.12q/mount/nfs.5 -@@ -199,11 +199,11 @@ +Index: util-linux-ng-2.12r+2.13pre7/mount/nfs.5 +=================================================================== +--- util-linux-ng-2.12r+2.13pre7.orig/mount/nfs.5 ++++ util-linux-ng-2.12r+2.13pre7/mount/nfs.5 +@@ -199,11 +199,11 @@ writing to common filesystem on the serv .TP 1.5i .I tcp Mount the NFS filesystem using the TCP protocol instead of the @@ -15,7 +17,7 @@ .TP 1.5i .I noacl Assume no extended access control mechanisms like POSIX ACLs are used -@@ -227,8 +227,5 @@ +@@ -227,8 +227,5 @@ interrupted. The posix, and nocto options are parsed by mount but currently are silently ignored. .P @@ -24,9 +26,11 @@ -.P The umount command should notify the server when an NFS filesystem is unmounted. ---- util-linux-2.12q/mount/nfsmount.c -+++ util-linux-2.12q/mount/nfsmount.c -@@ -319,7 +319,7 @@ +Index: util-linux-ng-2.12r+2.13pre7/mount/nfsmount.c +=================================================================== +--- util-linux-ng-2.12r+2.13pre7.orig/mount/nfsmount.c ++++ util-linux-ng-2.12r+2.13pre7/mount/nfsmount.c +@@ -317,7 +317,7 @@ int nfsmount(const char *spec, const cha noacl = 0; noac = 0; retry = 10000; /* 10000 minutes ~ 1 week */ @@ -35,7 +39,7 @@ mountprog = MOUNTPROG; mountvers = 0; -@@ -439,6 +439,8 @@ +@@ -437,6 +437,8 @@ int nfsmount(const char *spec, const cha } } } @@ -44,7 +48,7 @@ proto = (tcp) ? IPPROTO_TCP : IPPROTO_UDP; data.flags = (soft ? NFS_MOUNT_SOFT : 0) -@@ -742,7 +744,13 @@ +@@ -740,7 +742,13 @@ int nfsmount(const char *spec, const cha * '0' for port (service unavailable), we then exit, * notifying the user, rather than hanging up mount. */ diff --git a/util-linux-2.12-multipleraw.diff b/util-linux-2.12-multipleraw.diff deleted file mode 100644 index 9e38775..0000000 --- a/util-linux-2.12-multipleraw.diff +++ /dev/null @@ -1,65 +0,0 @@ ---- disk-utils/raw.c -+++ disk-utils/raw.c -@@ -100,7 +100,7 @@ - } - - /* -- * It's a bind or a single query. Either way we need a raw device. -+ * It's a bind or a single query. - */ - - if (optind >= argc) -@@ -108,27 +108,38 @@ - raw_name = argv[optind++]; - - err = stat(raw_name, &statbuf); -- if (err) { -+ if (err && do_query) { - fprintf (stderr, "Cannot locate raw device '%s' (%s)\n", - raw_name, strerror(errno)); - exit(2); - } - -- if (!S_ISCHR(statbuf.st_mode)) { -- fprintf (stderr, "raw device '%s' is not a character dev\n", -- raw_name); -- exit(2); -- } -- if (major(statbuf.st_rdev) != RAW_MAJOR) { -- fprintf (stderr, "Device '%s' is not a raw dev\n", -- raw_name); -- exit(2); -- } -- -- raw_minor = minor(statbuf.st_rdev); -+ if (!err) { -+ if (!S_ISCHR(statbuf.st_mode)) { -+ fprintf (stderr, "raw device '%s' is not a character dev\n", -+ raw_name); -+ exit(2); -+ } -+ if (major(statbuf.st_rdev) != RAW_MAJOR) { -+ fprintf (stderr, "Device '%s' is not a raw dev\n", -+ raw_name); -+ exit(2); -+ } - -- if (do_query) -- return query(raw_minor, 0); -+ raw_minor = minor(statbuf.st_rdev); -+ if (do_query) -+ return query(raw_minor, 0); -+ } else { -+ char *p; -+ p = strrchr(raw_name, '/'); -+ if (p) { -+ p = strpbrk(p, "0123456789"); -+ if (p) -+ raw_minor = atoi(p); -+ } -+ if (!p) -+ raw_minor = -1; -+ } - - /* - * It's not a query, so we still have some parsing to do. Have diff --git a/util-linux-2.12-suse-compatibility.diff b/util-linux-2.12-suse-compatibility.diff deleted file mode 100644 index 0da6c54..0000000 --- a/util-linux-2.12-suse-compatibility.diff +++ /dev/null @@ -1,149 +0,0 @@ ---- util-linux-2.12q/mount/lomount.c -+++ util-linux-2.12q/mount/lomount.c -@@ -52,6 +52,24 @@ - extern void show_all_loops(void); - extern int read_options_from_fstab(char *, char **); - -+int passphrase_timeout=0; -+struct sigaction alrmact; -+ -+static void -+alrmhandler() { -+ /* let the SIGINT handler do the work: */ -+ kill(getpid(),SIGINT); -+ usleep(1000000); -+ kill(getpid(),SIGTERM); -+ usleep(1000000); -+ /* stubborn... */ -+ exit(0); -+} -+ -+ -+ -+ -+ - #if !defined(LOOP_PASSWORD_MIN_LENGTH) - # define LOOP_PASSWORD_MIN_LENGTH 20 - #endif -@@ -460,6 +478,15 @@ - int i, ask2; - - if(!passFDnumber) { -+ -+ if(passphrase_timeout) { -+ alrmact.sa_handler = &alrmhandler; -+ memset(&alrmact.sa_mask, 0, sizeof(alrmact.sa_mask)); -+ alrmact.sa_flags = 0; -+ sigaction(SIGALRM, &alrmact, NULL); -+ alarm(passphrase_timeout); -+ } -+ - p = getpass(_("Password: ")); - ask2 = passAskTwice ? 1 : 0; - } else { -@@ -493,6 +520,15 @@ - s = malloc(i + 1); - if(!s) goto nomem; - strcpy(s, p); -+ -+ if(passphrase_timeout) { -+ alrmact.sa_handler = &alrmhandler; -+ memset(&alrmact.sa_mask, 0, sizeof(alrmact.sa_mask)); -+ alrmact.sa_flags = 0; -+ sigaction(SIGALRM, &alrmact, NULL); -+ alarm(passphrase_timeout); -+ } -+ - p = getpass(_("Retype password: ")); - if(!p) goto nomem; - if(strcmp(s, p)) goto compareErr; -@@ -524,6 +560,15 @@ - strcpy(s, p); - memset(p, 0, i); - if(ask2) { -+ -+ if(passphrase_timeout) { -+ alrmact.sa_handler = &alrmhandler; -+ memset(&alrmact.sa_mask, 0, sizeof(alrmact.sa_mask)); -+ alrmact.sa_flags = 0; -+ sigaction(SIGALRM, &alrmact, NULL); -+ alarm(passphrase_timeout); -+ } -+ - p = getpass(_("Retype password: ")); - if(!p) goto nomem; - if(strcmp(s, p)) { -@@ -738,7 +783,7 @@ - struct loop_info64 loopinfo; - int fd, ffd, mode, i; - char *pass, *apiName = NULL; -- void (*hashFunc)(unsigned char *, int, unsigned char *, int); -+ void (*hashFunc)(unsigned char *, int, unsigned char *, int) = NULL; - unsigned char multiKeyBits[65][32]; - int minPassLen = LOOP_PASSWORD_MIN_LENGTH; - int run_mkfs_command = 0; -@@ -762,8 +807,23 @@ - - memset (&loopinfo, 0, sizeof (loopinfo)); - xstrncpy (loopinfo.lo_file_name, file, LO_NAME_SIZE); -- if (loopEncryptionType) -+ if (loopEncryptionType) { -+ if (strcasecmp(loopEncryptionType,"twofish")==0 -+ && !passHashFuncName) { -+ loopinfo.lo_encrypt_type = 3; /*LO_CRYPT_FISH*/ -+ loopinfo.lo_encrypt_key_size = 20; -+ passHashFuncName = strdup("rmd160"); -+ fprintf(stderr,"Switching to old S.u.S.E. loop_fish2 compatibility mode.\n"); -+ } else if (strcasecmp(loopEncryptionType,"twofishSL92")==0 -+ && !passHashFuncName) { -+ loopinfo.lo_encrypt_type = 3; /*LO_CRYPT_FISH*/ -+ loopinfo.lo_encrypt_key_size = 32; -+ passHashFuncName = strdup("sha512"); -+ fprintf(stderr,"Switching to SuSE 9.2 loop_fish2 compatibility mode.\n"); -+ } else { - loopinfo.lo_encrypt_type = loop_crypt_type (loopEncryptionType, &loopinfo.lo_encrypt_key_size, &apiName); -+ } -+ } - if (loopOffsetBytes) - loopinfo.lo_offset = mystrtoull(loopOffsetBytes, 1); - if (loopSizeBytes) -@@ -995,7 +1055,7 @@ - %s loop_device # give info\n\ - %s -a # give info of all loops\n\ - %s -d loop_device # delete\n\ --options: -o offset -s sizelimit -p passwdfd -S pseed -H phash\n\ -+options: -o offset -s sizelimit -p passwdfd -S pseed -H phash -t timeout\n\ - -I loinit -T -K gpgkey -G gpghome -C itercountk -v -r\n"), - progname, progname, progname, progname, progname); - exit(1); -@@ -1139,7 +1199,7 @@ - - delete = 0; - progname = argv[0]; -- while ((c = getopt(argc,argv,"aC:de:FG:H:I:K:o:p:rs:S:Tv")) != -1) { -+ while ((c = getopt(argc,argv,"aC:de:FG:H:I:K:o:p:rs:S:t:Tv")) != -1) { - switch (c) { - case 'a': /* show status of all loops */ - option_a = 1; -@@ -1183,6 +1243,9 @@ - case 'S': /* optional seed for passphrase */ - passSeedString = optarg; - break; -+ case 't': -+ passphrase_timeout = atoi(optarg); -+ break; - case 'T': /* ask passphrase _twice_ */ - passAskTwice = "T"; - break; ---- util-linux-2.12q/mount/losetup.8 -+++ util-linux-2.12q/mount/losetup.8 -@@ -128,6 +128,9 @@ - password before hashing. Using different seeds for different partitions - makes dictionary attacks slower but does not prevent them if user supplied - password is guessable. Seed is not used in multi-key mode. -+.IP "\fB\-t \fItimeout\fP" -+make the password prompt time out after \fItimeout\fP seconds have -+passed by. - .IP "\fB\-T\fP" - Asks password twice. - .IP "\fB\-v\fP" diff --git a/util-linux-2.12a-mountbylabel-dm.patch b/util-linux-2.12a-mount_mountbylabel-dm.patch similarity index 76% rename from util-linux-2.12a-mountbylabel-dm.patch rename to util-linux-2.12a-mount_mountbylabel-dm.patch index 2969097..c39636d 100644 --- a/util-linux-2.12a-mountbylabel-dm.patch +++ b/util-linux-2.12a-mount_mountbylabel-dm.patch @@ -1,6 +1,8 @@ ---- util-linux-2.12a/mount/mount_by_label.c.old 2004-08-11 22:25:06.000000000 +0100 -+++ util-linux-2.12a/mount/mount_by_label.c 2004-08-11 22:25:21.000000000 +0100 -@@ -17,6 +17,8 @@ +Index: util-linux-ng-2.12r+2.13pre7/mount/mount_by_label.c +=================================================================== +--- util-linux-ng-2.12r+2.13pre7.orig/mount/mount_by_label.c ++++ util-linux-ng-2.12r+2.13pre7/mount/mount_by_label.c +@@ -18,6 +18,8 @@ * - Added JFS v2 format support * 2002-07-26 Luciano Chavez * - Added EVMS support @@ -9,15 +11,15 @@ */ #include -@@ -38,6 +40,7 @@ +@@ -39,6 +41,7 @@ #define VG_DIR "/proc/lvm/VGs" #define EVMS_VOLUME_NAME_SIZE 127 #define PROC_EVMS_VOLUMES "/proc/evms/volumes" +#define DEVICEMAPPERDIR "/dev/mapper" - static struct uuidCache_s { - struct uuidCache_s *next; -@@ -101,6 +104,34 @@ + extern char *progname; + +@@ -104,6 +107,34 @@ uuidcache_init_lvm(void) { closedir(vg_dir); } @@ -52,7 +54,7 @@ static int uuidcache_init_evms(void) { FILE *procvol; -@@ -250,6 +281,8 @@ +@@ -256,6 +287,8 @@ uuidcache_init(void) { fclose(procpt); uuidcache_init_lvm(); diff --git a/util-linux-2.12a-mountpointwithcolon.diff b/util-linux-2.12a-mount_mountpointwithcolon.patch similarity index 59% rename from util-linux-2.12a-mountpointwithcolon.diff rename to util-linux-2.12a-mount_mountpointwithcolon.patch index d3aca72..aecc7d7 100644 --- a/util-linux-2.12a-mountpointwithcolon.diff +++ b/util-linux-2.12a-mount_mountpointwithcolon.patch @@ -1,6 +1,8 @@ ---- util-linux-2.12q/mount/mount.c -+++ util-linux-2.12q/mount/mount.c -@@ -1178,11 +1178,15 @@ +Index: util-linux-ng-2.12r+git20070330/mount/mount.c +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/mount.c ++++ util-linux-ng-2.12r+git20070330/mount/mount.c +@@ -1207,11 +1207,15 @@ mount_one (const char *spec, const char if (types == NULL && !mounttype && !is_existing_file(spec)) { if (strchr (spec, ':') != NULL) { @@ -17,5 +19,5 @@ + } + } } else if(!strncmp(spec, "//", 2)) { - types = "smbfs"; + types = "cifs"; if (verbose) diff --git a/util-linux-2.12a-mount_procswapcheck.patch b/util-linux-2.12a-mount_procswapcheck.patch new file mode 100644 index 0000000..43f0e9d --- /dev/null +++ b/util-linux-2.12a-mount_procswapcheck.patch @@ -0,0 +1,31 @@ +Index: util-linux-ng-2.12r+git20070330/mount/swapon.c +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/swapon.c ++++ util-linux-ng-2.12r+git20070330/mount/swapon.c +@@ -138,6 +138,7 @@ static int + is_in_proc_swaps(const char *fname) { + int i; + char canonical[PATH_MAX + 2]; ++ struct stat stfname, stswapFile; + + if (!myrealpath(fname, canonical, PATH_MAX + 1)) { + fprintf(stderr, _("%s: cannot canonicalize %s: %s\n"), +@@ -146,9 +147,15 @@ is_in_proc_swaps(const char *fname) { + *(canonical + (PATH_MAX + 1)) = '\0'; + } + +- for (i = 0; i < numSwaps; i++) +- if (swapFiles[i] && !strcmp(canonical, swapFiles[i])) +- return 1; ++ for (i = 0; i < numSwaps; i++) { ++ if(S_ISBLK(stfname.st_mode)) { ++ stat(swapFiles[i], &stswapFile); ++ if(S_ISBLK(stswapFile.st_mode)) ++ if(stfname.st_rdev == stswapFile.st_rdev) ++ return 1; ++ } else if (swapFiles[i] && !strcmp(canonical, swapFiles[i])) ++ return 1; ++ } + return 0; + } + diff --git a/util-linux-2.12a-procswapscheck.diff b/util-linux-2.12a-procswapscheck.diff deleted file mode 100644 index 208c7fd..0000000 --- a/util-linux-2.12a-procswapscheck.diff +++ /dev/null @@ -1,24 +0,0 @@ ---- util-linux-2.12q/mount/swapon.c -+++ util-linux-2.12q/mount/swapon.c -@@ -160,10 +160,19 @@ - static int - is_in_proc_swaps(const char *fname) { - int i; -+ struct stat stfname, stswapFile; - -- for (i = 0; i < numSwaps; i++) -- if (swapFiles[i] && !strcmp(fname, swapFiles[i])) -+ stat(fname, &stfname); -+ -+ for (i = 0; i < numSwaps; i++) { -+ if(S_ISBLK(stfname.st_mode)) { -+ stat(swapFiles[i], &stswapFile); -+ if(S_ISBLK(stswapFile.st_mode)) -+ if(stfname.st_rdev == stswapFile.st_rdev) -+ return 1; -+ } else if (swapFiles[i] && !strcmp(fname, swapFiles[i])) - return 1; -+ } - return 0; - } - diff --git a/util-linux-2.12h-mtablock.diff b/util-linux-2.12h-mtablock.diff deleted file mode 100644 index b23560c..0000000 --- a/util-linux-2.12h-mtablock.diff +++ /dev/null @@ -1,152 +0,0 @@ -Index: util-linux-2.12r/mount/fstab.c -=================================================================== ---- util-linux-2.12r.orig/mount/fstab.c -+++ util-linux-2.12r/mount/fstab.c -@@ -395,6 +395,7 @@ getfsvolspec (const char *label) { - - /* Flag for already existing lock file. */ - static int we_created_lockfile = 0; -+static int lockfile_fd = -1; - - /* Flag to indicate that signals have been set up. */ - static int signals_have_been_setup = 0; -@@ -416,6 +417,8 @@ setlkw_timeout (int sig) { - void - unlock_mtab (void) { - if (we_created_lockfile) { -+ close(lockfile_fd); -+ lockfile_fd = -1; - unlink (MOUNTED_LOCK); - we_created_lockfile = 0; - } -@@ -443,7 +446,7 @@ unlock_mtab (void) { - - void - lock_mtab (void) { -- int tries = 3; -+ int tries = 100000, i; - char linktargetfile[MOUNTLOCK_LINKTARGET_LTH]; - - at_die = unlock_mtab; -@@ -469,45 +472,48 @@ lock_mtab (void) { - - sprintf(linktargetfile, MOUNTLOCK_LINKTARGET, getpid ()); - -+ i = open (linktargetfile, O_WRONLY|O_CREAT, 0); -+ if (i < 0) { -+ int errsv = errno; -+ /* linktargetfile does not exist (as a file) -+ and we cannot create it. Read-only filesystem? -+ Too many files open in the system? -+ Filesystem full? */ -+ die (EX_FILEIO, _("can't create lock file %s: %s " -+ "(use -n flag to override)"), -+ linktargetfile, strerror (errsv)); -+ } -+ close(i); -+ - /* Repeat until it was us who made the link */ - while (!we_created_lockfile) { - struct flock flock; -- int errsv, fd, i, j; -- -- i = open (linktargetfile, O_WRONLY|O_CREAT, 0); -- if (i < 0) { -- int errsv = errno; -- /* linktargetfile does not exist (as a file) -- and we cannot create it. Read-only filesystem? -- Too many files open in the system? -- Filesystem full? */ -- die (EX_FILEIO, _("can't create lock file %s: %s " -- "(use -n flag to override)"), -- linktargetfile, strerror (errsv)); -- } -- close(i); -+ int errsv, j; - - j = link(linktargetfile, MOUNTED_LOCK); - errsv = errno; - -- (void) unlink(linktargetfile); -- - if (j == 0) - we_created_lockfile = 1; - - if (j < 0 && errsv != EEXIST) { -+ (void) unlink(linktargetfile); - die (EX_FILEIO, _("can't link lock file %s: %s " - "(use -n flag to override)"), - MOUNTED_LOCK, strerror (errsv)); - } - -- fd = open (MOUNTED_LOCK, O_WRONLY); -+ lockfile_fd = open (MOUNTED_LOCK, O_WRONLY); - -- if (fd < 0) { -+ if (lockfile_fd < 0) { - int errsv = errno; - /* Strange... Maybe the file was just deleted? */ -- if (errno == ENOENT && tries-- > 0) -+ if (errno == ENOENT && tries-- > 0) { -+ if (tries % 200 == 0) -+ usleep(30); - continue; -+ } -+ (void) unlink(linktargetfile); - die (EX_FILEIO, _("can't open lock file %s: %s " - "(use -n flag to override)"), - MOUNTED_LOCK, strerror (errsv)); -@@ -520,7 +526,7 @@ lock_mtab (void) { - - if (j == 0) { - /* We made the link. Now claim the lock. */ -- if (fcntl (fd, F_SETLK, &flock) == -1) { -+ if (fcntl (lockfile_fd, F_SETLK, &flock) == -1) { - if (verbose) { - int errsv = errno; - printf(_("Can't lock lock file %s: %s\n"), -@@ -528,13 +534,15 @@ lock_mtab (void) { - } - /* proceed anyway */ - } -+ (void) unlink(linktargetfile); - } else { - static int tries = 0; - - /* Someone else made the link. Wait. */ - alarm(LOCK_TIMEOUT); -- if (fcntl (fd, F_SETLKW, &flock) == -1) { -+ if (fcntl (lockfile_fd, F_SETLKW, &flock) == -1) { - int errsv = errno; -+ (void) unlink(linktargetfile); - die (EX_FILEIO, _("can't lock lock file %s: %s"), - MOUNTED_LOCK, (errno == EINTR) ? - _("timed out") : strerror (errsv)); -@@ -542,16 +550,18 @@ lock_mtab (void) { - alarm(0); - /* Limit the number of iterations - maybe there - still is some old /etc/mtab~ */ -- if (tries++ > 3) { -- if (tries > 5) -- die (EX_FILEIO, _("Cannot create link %s\n" -- "Perhaps there is a stale lock file?\n"), -- MOUNTED_LOCK); -- sleep(1); -- } -+ ++tries; -+ if (tries % 200 == 0) -+ usleep(30); -+ if (tries > 100000) { -+ (void) unlink(linktargetfile); -+ close(lockfile_fd); -+ die (EX_FILEIO, _("Cannot create link %s\n" -+ "Perhaps there is a stale lock file?\n"), -+ MOUNTED_LOCK); -+ } -+ close(lockfile_fd); - } -- -- close(fd); - } - } - diff --git a/util-linux-2.12h-short-passwords.diff b/util-linux-2.12h-short-passwords.diff deleted file mode 100644 index ee917b1..0000000 --- a/util-linux-2.12h-short-passwords.diff +++ /dev/null @@ -1,55 +0,0 @@ ---- util-linux-2.12q/mount/lomount.c -+++ util-linux-2.12q/mount/lomount.c -@@ -73,6 +73,7 @@ - #if !defined(LOOP_PASSWORD_MIN_LENGTH) - # define LOOP_PASSWORD_MIN_LENGTH 20 - #endif -+#define SUSE_PASSWORD_MIN_LENGTH 8 - - char *passFDnumber = (char *)0; - char *passAskTwice = (char *)0; -@@ -459,7 +460,7 @@ - multiKeyPass[0] = 0; - break; - } -- if(strlen(multiKeyPass[x]) < LOOP_PASSWORD_MIN_LENGTH) break; -+ if(strlen(multiKeyPass[x]) < SUSE_PASSWORD_MIN_LENGTH) break; - x++; - } - if(x == 65) -@@ -498,7 +499,7 @@ - while(x < 65) { - multiKeyPass[x] = get_FD_pass(i); - if(!multiKeyPass[x]) goto nomem; -- if(strlen(multiKeyPass[x]) < LOOP_PASSWORD_MIN_LENGTH) break; -+ if(strlen(multiKeyPass[x]) < SUSE_PASSWORD_MIN_LENGTH) break; - x++; - } - if(x == 65) { -@@ -579,7 +580,7 @@ - memset(p, 0, i); - } - if(i < warnLen) { -- fprintf(stderr, _("WARNING - Please use longer password (%d or more characters)\n"), LOOP_PASSWORD_MIN_LENGTH); -+ fprintf(stderr, _("WARNING - Please use longer password (%d or more characters)\n"), SUSE_PASSWORD_MIN_LENGTH); - } - strcat(s, seed); - return(s); -@@ -785,7 +786,7 @@ - char *pass, *apiName = NULL; - void (*hashFunc)(unsigned char *, int, unsigned char *, int) = NULL; - unsigned char multiKeyBits[65][32]; -- int minPassLen = LOOP_PASSWORD_MIN_LENGTH; -+ int minPassLen = SUSE_PASSWORD_MIN_LENGTH; - int run_mkfs_command = 0; - - loopFileName = (char *)file; -@@ -900,7 +901,7 @@ - break; /* out of switch(loopinfo.lo_encrypt_type) */ - } - } -- pass = sGetPass (minPassLen, LOOP_PASSWORD_MIN_LENGTH); -+ pass = sGetPass (minPassLen, SUSE_PASSWORD_MIN_LENGTH); - if(!pass) goto close_fd_ffd_return1; - i = strlen(pass); - if(hashFunc == unhashed1_key_setup) { diff --git a/util-linux-2.12i-x86_64intel.diff b/util-linux-2.12i-x86_64intel.diff deleted file mode 100644 index ac7f2f1..0000000 --- a/util-linux-2.12i-x86_64intel.diff +++ /dev/null @@ -1,22 +0,0 @@ ---- util-linux-2.12q/MCONFIG -+++ util-linux-2.12q/MCONFIG -@@ -17,7 +17,7 @@ - # Select for CPU i386 if the binaries must be able to run on an intel 386 - # (by default i486 code is generated, see below) - CPU=$(shell uname -m) --ARCH=$(shell echo $(CPU) | sed 's/i.86/intel/;s/arm.*/arm/') -+ARCH=$(shell echo $(CPU) | sed 's/i.86/intel/;s/arm.*/arm/;s/x86_64/intel/') - - # If HAVE_PAM is set to "yes", then login, chfn, chsh, and newgrp - # will use PAM for authentication. Additionally, passwd will not be -@@ -137,6 +137,10 @@ - else - CPUTAIL=486 - endif -+ ifeq "$(CPU)" "x86_64" -+ CPUHEAD=-mcpu= -+ CPUTAIL=nocona -+ endif - CPUOPT= $(CPUHEAD)$(CPUTAIL) - OPT= -pipe -O2 $(CPUOPT) -fomit-frame-pointer - else diff --git a/util-linux-2.12q-mount--move.diff b/util-linux-2.12q-mount_--move.patch similarity index 82% rename from util-linux-2.12q-mount--move.diff rename to util-linux-2.12q-mount_--move.patch index 9060495..0b926d3 100644 --- a/util-linux-2.12q-mount--move.diff +++ b/util-linux-2.12q-mount_--move.patch @@ -1,6 +1,8 @@ ---- mount/mount.c +Index: mount/mount.c +=================================================================== +--- mount/mount.c.orig +++ mount/mount.c -@@ -665,6 +665,25 @@ +@@ -760,6 +760,25 @@ update_mtab_entry(const char *spec, cons else { mntFILE *mfp; @@ -26,4 +28,3 @@ lock_mtab(); mfp = my_setmntent(MOUNTED, "a+"); if (mfp == NULL || mfp->mntent_fp == NULL) { - diff --git a/util-linux-2.12q-mount_strict_aliasing.patch b/util-linux-2.12q-mount_strict_aliasing.patch new file mode 100644 index 0000000..fe53e6d --- /dev/null +++ b/util-linux-2.12q-mount_strict_aliasing.patch @@ -0,0 +1,28 @@ +Index: util-linux-ng-2.12r+git20070330/mount/Makefile.am +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/Makefile.am ++++ util-linux-ng-2.12r+git20070330/mount/Makefile.am +@@ -17,11 +17,11 @@ MNTHDRS = fstab.h linux_fs.h mount_mnten + mount_SOURCES = mount.c fstab.c sundries.c xmalloc.c realpath.c mount_mntent.c \ + get_label_uuid.c mount_by_label.c mount_blkid.c mount_guess_fstype.c \ + getusername.c \ +- nfsmount.c nfsmount_xdr.c nfsmount_clnt.c nfs4mount.c \ ++ nfsmount.c nfsmount_clnt.c nfs4mount.c \ + lomount.c \ + $(MNTHDRS) + +-mount_LDADD = $(top_srcdir)/lib/libenv.a $(top_srcdir)/lib/libsetproctitle.a ++mount_LDADD = $(top_srcdir)/lib/libenv.a $(top_srcdir)/lib/libsetproctitle.a libnfsmount_xdr.a + + umount_SOURCES = umount.c fstab.c sundries.c xmalloc.c realpath.c mount_mntent.c \ + getusername.c get_label_uuid.c mount_by_label.c mount_blkid.c \ +@@ -60,6 +60,9 @@ swapargs.h: + clean-local: + rm -f swapargs.h + ++noinst_LIBRARIES = libnfsmount_xdr.a ++libnfsmount_xdr_a_SOURCES = nfsmount_xdr.c ++libnfsmount_xdr_a_CFLAGS = -fno-strict-aliasing + + install-exec-hook: + chmod 4755 $(DESTDIR)$(bindir)/mount diff --git a/util-linux-2.12q-umount2-not-static.patch b/util-linux-2.12q-mount_umount2_not_static.patch similarity index 62% rename from util-linux-2.12q-umount2-not-static.patch rename to util-linux-2.12q-mount_umount2_not_static.patch index e07c3d1..6dead01 100644 --- a/util-linux-2.12q-umount2-not-static.patch +++ b/util-linux-2.12q-mount_umount2_not_static.patch @@ -1,6 +1,8 @@ ---- mount/umount.c +Index: mount/umount.c +=================================================================== +--- mount/umount.c.orig +++ mount/umount.c -@@ -40,7 +40,7 @@ +@@ -38,7 +38,7 @@ #include #ifdef __NR_umount2 diff --git a/util-linux-2.12q-nfsv4.patch b/util-linux-2.12q-nfsv4.patch deleted file mode 100644 index d33aaaf..0000000 --- a/util-linux-2.12q-nfsv4.patch +++ /dev/null @@ -1,628 +0,0 @@ ---- util-linux-2.12q/mount/Makefile -+++ util-linux-2.12q/mount/Makefile -@@ -29,7 +29,7 @@ - - MAYBE = pivot_root swapoff - --NFS_OBJS = nfsmount.o nfsmount_xdr.o nfsmount_clnt.o -+NFS_OBJS = nfsmount.o nfsmount_xdr.o nfsmount_clnt.o nfs4mount.o - GEN_FILES = nfsmount.h nfsmount_xdr.c nfsmount_clnt.c - - all: $(PROGS) ---- util-linux-2.12q/mount/mount.c -+++ util-linux-2.12q/mount/mount.c -@@ -847,8 +847,23 @@ - "without support for the type `nfs'")); - #endif - } -+#ifdef HAVE_NFS -+ /* -+ * NFSv4 support -+ */ -+ if (!fake && types && streq (types, "nfs4")) { -+ mnt_err = nfs4mount(spec, node, &flags, &extra_opts, &mount_opts, bg); -+ if (mnt_err) -+ return mnt_err; -+ goto nosigblock; -+#else -+ die (EX_SOFTWARE, _("mount: this version was compiled " -+ "without support for the type `nfs4'")); -+#endif -+ } - - block_signals (SIG_BLOCK); -+nosigblock: - - if (!fake) { - mnt5_res = guess_fstype_and_mount (spec, node, &types, flags & ~MS_NOSYS, ---- util-linux-2.12q/mount/nfs4mount.c -+++ util-linux-2.12q/mount/nfs4mount.c -@@ -0,0 +1,460 @@ -+/* -+ * nfs4mount.c -- Linux NFS mount -+ * Copyright (C) 2002 Trond Myklebust -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 2, or (at your option) -+ * any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * Note: this file based on the original nfsmount.c -+ */ -+ -+#include "../defines.h" /* for HAVE_rpcsvc_nfs_prot_h and HAVE_inet_aton */ -+ -+#include -+#include -+#undef __FD_CLR -+#undef __FD_SET -+#undef __FD_ISSET -+#undef __FD_ZERO -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#ifdef HAVE_rpcsvc_nfs_prot_h -+#include -+#else -+#include -+#define nfsstat nfs_stat -+#endif -+ -+#include "sundries.h" -+ -+#include "mount_constants.h" -+#include "nfs4_mount.h" -+ -+#include "nls.h" -+ -+#ifndef NFS_PORT -+#define NFS_PORT 2049 -+#endif -+ -+extern int clnt_ping(struct sockaddr_in *, const u_long, const u_long, const u_int); -+extern void rpc_strerror(void); -+ -+struct { -+ char *flavour; -+ int fnum; -+} flav_map[] = { -+ { "krb5", RPC_AUTH_GSS_KRB5 }, -+ { "krb5i", RPC_AUTH_GSS_KRB5I }, -+ { "krb5p", RPC_AUTH_GSS_KRB5P }, -+ { "lipkey", RPC_AUTH_GSS_LKEY }, -+ { "lipkey-i", RPC_AUTH_GSS_LKEYI }, -+ { "lipkey-p", RPC_AUTH_GSS_LKEYP }, -+ { "spkm3", RPC_AUTH_GSS_SPKM }, -+ { "spkm3i", RPC_AUTH_GSS_SPKMI }, -+ { "spkm3p", RPC_AUTH_GSS_SPKMP }, -+ { "unix", AUTH_UNIX }, -+ { "sys", AUTH_SYS }, -+ { "null", AUTH_NULL }, -+ { "none", AUTH_NONE }, -+}; -+ -+#define FMAPSIZE (sizeof(flav_map)/sizeof(flav_map[0])) -+#define MAX_USER_FLAVOUR 16 -+ -+static int parse_sec(char *sec, int *pseudoflavour) -+{ -+ int i, num_flavour = 0; -+ -+ for (sec = strtok(sec, ":"); sec; sec = strtok(NULL, ":")) { -+ if (num_flavour >= MAX_USER_FLAVOUR) { -+ fprintf(stderr, -+ _("mount: maximum number of security flavors " -+ "exceeded\n")); -+ return 0; -+ } -+ for (i = 0; i < FMAPSIZE; i++) { -+ if (strcmp(sec, flav_map[i].flavour) == 0) { -+ pseudoflavour[num_flavour++] = flav_map[i].fnum; -+ break; -+ } -+ } -+ if (i == FMAPSIZE) { -+ fprintf(stderr, -+ _("mount: unknown security type %s\n"), sec); -+ return 0; -+ } -+ } -+ if (!num_flavour) -+ fprintf(stderr, -+ _("mount: no security flavors passed to sec= option\n")); -+ return num_flavour; -+} -+ -+static int parse_devname(char *hostdir, char **hostname, char **dirname) -+{ -+ char *s; -+ -+ if (!(s = strchr(hostdir, ':'))) { -+ fprintf(stderr, -+ _("mount: " -+ "directory to mount not in host:dir format\n")); -+ return -1; -+ } -+ *hostname = hostdir; -+ *dirname = s + 1; -+ *s = '\0'; -+ /* Ignore all but first hostname in replicated mounts -+ until they can be fully supported. (mack@sgi.com) */ -+ if ((s = strchr(hostdir, ','))) { -+ *s = '\0'; -+ fprintf(stderr, -+ _("mount: warning: " -+ "multiple hostnames not supported\n")); -+ } -+ return 0; -+} -+ -+static int fill_ipv4_sockaddr(const char *hostname, struct sockaddr_in *addr) -+{ -+ struct hostent *hp; -+ addr->sin_family = AF_INET; -+ -+ if (inet_aton(hostname, &addr->sin_addr)) -+ return 0; -+ if ((hp = gethostbyname(hostname)) == NULL) { -+ fprintf(stderr, _("mount: can't get address for %s\n"), -+ hostname); -+ return -1; -+ } -+ if (hp->h_length > sizeof(struct in_addr)) { -+ fprintf(stderr, -+ _("mount: got bad hp->h_length\n")); -+ hp->h_length = sizeof(struct in_addr); -+ } -+ memcpy(&addr->sin_addr, hp->h_addr, hp->h_length); -+ return 0; -+} -+ -+static int get_my_ipv4addr(char *ip_addr, int len) -+{ -+ char myname[1024]; -+ struct sockaddr_in myaddr; -+ -+ if (gethostname(myname, sizeof(myname))) { -+ fprintf(stderr, _("mount: can't determine client address\n")); -+ return -1; -+ } -+ if (fill_ipv4_sockaddr(myname, &myaddr)) -+ return -1; -+ snprintf(ip_addr, len, "%s", inet_ntoa(myaddr.sin_addr)); -+ ip_addr[len-1] = '\0'; -+ return 0; -+} -+ -+/* Convert RPC errors into strings */ -+void rpc_strerror(void) -+{ -+ int cf_stat = rpc_createerr.cf_stat; -+ int cf_errno = rpc_createerr.cf_error.re_errno; -+ char *ptr, *estr = clnt_sperrno(cf_stat); -+ -+ if (estr) { -+ if ((ptr = index(estr, ':'))) -+ estr = ++ptr; -+ -+ fprintf(stderr, "RPC Error: %d (%s )\n", cf_stat, estr); -+ if (cf_stat == RPC_SYSTEMERROR) -+ fprintf(stderr, "System Error: %d (%s)\n", cf_errno, strerror(cf_errno)); -+ } -+} -+ -+int -+clnt_ping(struct sockaddr_in *saddr, const u_long prog, const u_long vers, -+ const u_int prot) -+{ -+ static const struct timeval TIMEOUT = { 20, 0 }; -+ static const struct timeval RETRY_TIMEOUT = { 3, 0 }; -+ CLIENT *clnt=NULL; -+ int sock, stat; -+ static char clnt_res; -+ -+ rpc_createerr.cf_stat = stat = 0; -+ sock = RPC_ANYSOCK; -+ switch(prot) { -+ case IPPROTO_UDP: -+ clnt = clntudp_bufcreate(saddr, prog, vers, -+ RETRY_TIMEOUT, &sock, -+ RPCSMALLMSGSIZE, RPCSMALLMSGSIZE); -+ break; -+ case IPPROTO_TCP: -+ clnt = clnttcp_create(saddr, prog, vers, &sock, -+ RPCSMALLMSGSIZE, RPCSMALLMSGSIZE); -+ break; -+ default: -+ goto out_bad; -+ } -+ if (!clnt) -+ goto out_bad; -+ memset(&clnt_res, 0, sizeof(clnt_res)); -+ stat = clnt_call(clnt, NULLPROC, -+ (xdrproc_t)xdr_void, (caddr_t)NULL, -+ (xdrproc_t)xdr_void, (caddr_t)&clnt_res, -+ TIMEOUT); -+ clnt_destroy(clnt); -+ close(sock); -+ if (stat != RPC_PROGVERSMISMATCH) -+ return 1; -+ -+ out_bad: -+ return 0; -+} -+ -+ -+int nfs4mount(const char *spec, const char *node, int *flags, -+ char **extra_opts, char **mount_opts, -+ int running_bg) -+{ -+ static struct nfs4_mount_data data; -+ static char hostdir[1024]; -+ static char ip_addr[16] = "127.0.0.1"; -+ static struct sockaddr_in server_addr; -+ static int pseudoflavour[MAX_USER_FLAVOUR]; -+ int num_flavour = 0; -+ -+ char *hostname, *dirname, *old_opts; -+ char new_opts[1024]; -+ char *opt, *opteq; -+ char *s; -+ int val; -+ int bg, soft, intr; -+ int nocto, noac; -+ int retry; -+ int retval; -+ -+ retval = EX_FAIL; -+ if (strlen(spec) >= sizeof(hostdir)) { -+ fprintf(stderr, _("mount: " -+ "excessively long host:dir argument\n")); -+ goto fail; -+ } -+ strcpy(hostdir, spec); -+ if (parse_devname(hostdir, &hostname, &dirname)) -+ goto fail; -+ -+ if (fill_ipv4_sockaddr(hostname, &server_addr)) -+ goto fail; -+ if (get_my_ipv4addr(ip_addr, sizeof(ip_addr))) -+ goto fail; -+ -+ /* add IP address to mtab options for use when unmounting */ -+ s = inet_ntoa(server_addr.sin_addr); -+ old_opts = *extra_opts; -+ if (!old_opts) -+ old_opts = ""; -+ if (strlen(old_opts) + strlen(s) + 10 >= sizeof(new_opts)) { -+ fprintf(stderr, _("mount: " -+ "excessively long option argument\n")); -+ goto fail; -+ } -+ snprintf(new_opts, sizeof(new_opts), "%s%saddr=%s", -+ old_opts, *old_opts ? "," : "", s); -+ *extra_opts = xstrdup(new_opts); -+ -+ /* Set default options. -+ * rsize/wsize and timeo are left 0 in order to -+ * let the kernel decide. -+ */ -+ memset(&data, 0, sizeof(data)); -+ data.retrans = 3; -+ data.acregmin = 3; -+ data.acregmax = 60; -+ data.acdirmin = 30; -+ data.acdirmax = 60; -+ data.proto = IPPROTO_TCP; -+ -+ bg = 0; -+ soft = 0; -+ intr = NFS4_MOUNT_INTR; -+ nocto = 0; -+ noac = 0; -+ retry = 10000; /* 10000 minutes ~ 1 week */ -+ -+ /* -+ * NFSv4 specifies that the default port should be 2049 -+ */ -+ server_addr.sin_port = htons(NFS_PORT); -+ -+ /* parse options */ -+ -+ for (opt = strtok(old_opts, ","); opt; opt = strtok(NULL, ",")) { -+ if ((opteq = strchr(opt, '='))) { -+ val = atoi(opteq + 1); -+ *opteq = '\0'; -+ if (!strcmp(opt, "rsize")) -+ data.rsize = val; -+ else if (!strcmp(opt, "wsize")) -+ data.wsize = val; -+ else if (!strcmp(opt, "timeo")) -+ data.timeo = val; -+ else if (!strcmp(opt, "retrans")) -+ data.retrans = val; -+ else if (!strcmp(opt, "acregmin")) -+ data.acregmin = val; -+ else if (!strcmp(opt, "acregmax")) -+ data.acregmax = val; -+ else if (!strcmp(opt, "acdirmin")) -+ data.acdirmin = val; -+ else if (!strcmp(opt, "acdirmax")) -+ data.acdirmax = val; -+ else if (!strcmp(opt, "actimeo")) { -+ data.acregmin = val; -+ data.acregmax = val; -+ data.acdirmin = val; -+ data.acdirmax = val; -+ } -+ else if (!strcmp(opt, "retry")) -+ retry = val; -+ else if (!strcmp(opt, "port")) -+ server_addr.sin_port = htons(val); -+ else if (!strcmp(opt, "proto")) { -+ if (!strncmp(opteq+1, "tcp", 3)) -+ data.proto = IPPROTO_TCP; -+ else if (!strncmp(opteq+1, "udp", 3)) -+ data.proto = IPPROTO_UDP; -+ else -+ printf(_("Warning: Unrecognized proto= option.\n")); -+ } else if (!strcmp(opt, "clientaddr")) { -+ if (strlen(opteq+1) >= sizeof(ip_addr)) -+ printf(_("Invalid client address %s"), -+ opteq+1); -+ strncpy(ip_addr,opteq+1, sizeof(ip_addr)); -+ ip_addr[sizeof(ip_addr)-1] = '\0'; -+ } else if (!strcmp(opt, "sec")) { -+ num_flavour = parse_sec(opteq+1, pseudoflavour); -+ if (!num_flavour) -+ goto fail; -+ } else if (!strcmp(opt, "addr")) { -+ /* ignore */; -+ } else { -+ printf(_("unknown nfs mount parameter: " -+ "%s=%d\n"), opt, val); -+ goto fail; -+ } -+ } else { -+ val = 1; -+ if (!strncmp(opt, "no", 2)) { -+ val = 0; -+ opt += 2; -+ } -+ if (!strcmp(opt, "bg")) -+ bg = val; -+ else if (!strcmp(opt, "fg")) -+ bg = !val; -+ else if (!strcmp(opt, "soft")) -+ soft = val; -+ else if (!strcmp(opt, "hard")) -+ soft = !val; -+ else if (!strcmp(opt, "intr")) -+ intr = val; -+ else if (!strcmp(opt, "cto")) -+ nocto = !val; -+ else if (!strcmp(opt, "ac")) -+ noac = !val; -+ else { -+ if (!sloppy) { -+ printf(_("unknown nfs mount option: " -+ "%s%s\n"), val ? "" : "no", opt); -+ goto fail; -+ } -+ } -+ } -+ } -+ -+ data.flags = (soft ? NFS4_MOUNT_SOFT : 0) -+ | (intr ? NFS4_MOUNT_INTR : 0) -+ | (nocto ? NFS4_MOUNT_NOCTO : 0) -+ | (noac ? NFS4_MOUNT_NOAC : 0); -+ -+ if (num_flavour == 0) -+ pseudoflavour[num_flavour++] = AUTH_UNIX; -+ data.auth_flavourlen = num_flavour; -+ data.auth_flavours = pseudoflavour; -+ -+ data.client_addr.data = ip_addr; -+ data.client_addr.len = strlen(ip_addr); -+ -+ data.mnt_path.data = dirname; -+ data.mnt_path.len = strlen(dirname); -+ -+ data.hostname.data = hostname; -+ data.hostname.len = strlen(hostname); -+ data.host_addr = (struct sockaddr *)&server_addr; -+ data.host_addrlen = sizeof(server_addr); -+ -+#ifdef NFS_MOUNT_DEBUG -+ printf("rsize = %d, wsize = %d, timeo = %d, retrans = %d\n", -+ data.rsize, data.wsize, data.timeo, data.retrans); -+ printf("acreg (min, max) = (%d, %d), acdir (min, max) = (%d, %d)\n", -+ data.acregmin, data.acregmax, data.acdirmin, data.acdirmax); -+ printf("port = %d, bg = %d, retry = %d, flags = %.8x\n", -+ ntohs(server_addr.sin_port), bg, retry, data.flags); -+ printf("soft = %d, intr = %d, nocto = %d, noac = %d\n", -+ (data.flags & NFS4_MOUNT_SOFT) != 0, -+ (data.flags & NFS4_MOUNT_INTR) != 0, -+ (data.flags & NFS4_MOUNT_NOCTO) != 0, -+ (data.flags & NFS4_MOUNT_NOAC) != 0); -+ -+ if (num_flavour > 0) { -+ int pf_cnt, i; -+ -+ printf("sec = "); -+ for (pf_cnt = 0; pf_cnt < num_flavour; pf_cnt++) { -+ for (i = 0; i < FMAPSIZE; i++) { -+ if (flav_map[i].fnum == pseudoflavour[pf_cnt]) { -+ printf("%s", flav_map[i].flavour); -+ break; -+ } -+ } -+ printf("%s", (pf_cnt < num_flavour-1) ? ":" : "\n"); -+ } -+ } -+ printf("proto = %s\n", (data.proto == IPPROTO_TCP) ? "tcp" : "udp"); -+#endif -+ -+ data.version = NFS4_MOUNT_VERSION; -+ -+ clnt_ping(&server_addr, NFS_PROGRAM, 4, data.proto); -+ if (rpc_createerr.cf_stat) { -+ fprintf(stderr, "mount to NFS server '%s' failed.\n", data.hostname.data); -+ goto fail; -+ } -+ -+ *mount_opts = (char *) &data; -+ /* clean up */ -+ return 0; -+ -+fail: -+ if (verbose) { -+ rpc_strerror(); -+ } -+ return retval; -+} ---- util-linux-2.12q/mount/nfs4_mount.h -+++ util-linux-2.12q/mount/nfs4_mount.h -@@ -0,0 +1,82 @@ -+#ifndef _LINUX_NFS4_MOUNT_H -+#define _LINUX_NFS4_MOUNT_H -+ -+/* -+ * linux/include/linux/nfs4_mount.h -+ * -+ * Copyright (C) 2002 Trond Myklebust -+ * -+ * structure passed from user-space to kernel-space during an nfsv4 mount -+ */ -+ -+/* -+ * WARNING! Do not delete or change the order of these fields. If -+ * a new field is required then add it to the end. The version field -+ * tracks which fields are present. This will ensure some measure of -+ * mount-to-kernel version compatibility. Some of these aren't used yet -+ * but here they are anyway. -+ */ -+#define NFS4_MOUNT_VERSION 1 -+ -+struct nfs_string { -+ unsigned int len; -+ const char* data; -+}; -+ -+struct nfs4_mount_data { -+ int version; /* 1 */ -+ int flags; /* 1 */ -+ int rsize; /* 1 */ -+ int wsize; /* 1 */ -+ int timeo; /* 1 */ -+ int retrans; /* 1 */ -+ int acregmin; /* 1 */ -+ int acregmax; /* 1 */ -+ int acdirmin; /* 1 */ -+ int acdirmax; /* 1 */ -+ -+ /* see the definition of 'struct clientaddr4' in RFC3010 */ -+ struct nfs_string client_addr; /* 1 */ -+ -+ /* Mount path */ -+ struct nfs_string mnt_path; /* 1 */ -+ -+ /* Server details */ -+ struct nfs_string hostname; /* 1 */ -+ /* Server IP address */ -+ unsigned int host_addrlen; /* 1 */ -+ struct sockaddr* host_addr; /* 1 */ -+ -+ /* Transport protocol to use */ -+ int proto; /* 1 */ -+ -+ /* Pseudo-flavours to use for authentication. See RFC2623 */ -+ int auth_flavourlen; /* 1 */ -+ int *auth_flavours; /* 1 */ -+}; -+ -+/* bits in the flags field */ -+/* Note: the fields that correspond to existing NFSv2/v3 mount options -+ * should mirror the values from include/linux/nfs_mount.h -+ */ -+ -+#define NFS4_MOUNT_SOFT 0x0001 /* 1 */ -+#define NFS4_MOUNT_INTR 0x0002 /* 1 */ -+#define NFS4_MOUNT_NOCTO 0x0010 /* 1 */ -+#define NFS4_MOUNT_NOAC 0x0020 /* 1 */ -+#define NFS4_MOUNT_STRICTLOCK 0x1000 /* 1 */ -+#define NFS4_MOUNT_FLAGMASK 0xFFFF -+ -+/* pseudoflavors: */ -+ -+#define RPC_AUTH_GSS_KRB5 390003 -+#define RPC_AUTH_GSS_KRB5I 390004 -+#define RPC_AUTH_GSS_KRB5P 390005 -+#define RPC_AUTH_GSS_LKEY 390006 -+#define RPC_AUTH_GSS_LKEYI 390007 -+#define RPC_AUTH_GSS_LKEYP 390008 -+#define RPC_AUTH_GSS_SPKM 390009 -+#define RPC_AUTH_GSS_SPKMI 390010 -+#define RPC_AUTH_GSS_SPKMP 390011 -+ -+#endif ---- util-linux-2.12q/mount/nfs_mount4.h -+++ util-linux-2.12q/mount/nfs_mount4.h -@@ -8,7 +8,9 @@ - * so it is easiest to ignore the kernel altogether (at compile time). - */ - --#define NFS_MOUNT_VERSION 4 -+#define NFS_MOUNT_VERSION 6 -+#define NFS_MAX_CONTEXT_LEN 256 -+ - - struct nfs2_fh { - char data[32]; -@@ -36,6 +38,9 @@ - int namlen; /* 2 */ - unsigned int bsize; /* 3 */ - struct nfs3_fh root; /* 4 */ -+ int pseudoflavor; /* 5 */ -+ char context[NFS_MAX_CONTEXT_LEN + 1]; /* 6 */ -+ - }; - - /* bits in the flags field */ -@@ -52,3 +57,19 @@ - #define NFS_MOUNT_NONLM 0x0200 /* 3 */ - #define NFS_MOUNT_BROKEN_SUID 0x0400 /* 4 */ - #define NFS_MOUNT_NOACL 0x0800 /* 4 */ -+#define NFS_MOUNT_SECFLAVOUR 0x2000 /* 5 */ -+ -+/* security pseudoflavors */ -+ -+#ifndef AUTH_GSS_KRB5 -+#define AUTH_GSS_KRB5 390003 -+#define AUTH_GSS_KRB5I 390004 -+#define AUTH_GSS_KRB5P 390005 -+#define AUTH_GSS_LKEY 390006 -+#define AUTH_GSS_LKEYI 390007 -+#define AUTH_GSS_LKEYP 390008 -+#define AUTH_GSS_SPKM 390009 -+#define AUTH_GSS_SPKMI 390010 -+#define AUTH_GSS_SPKMP 390011 -+#endif -+ diff --git a/util-linux-2.12q-null.diff b/util-linux-2.12q-null.diff deleted file mode 100644 index d9eb82e..0000000 --- a/util-linux-2.12q-null.diff +++ /dev/null @@ -1,14 +0,0 @@ ---- util-linux-2.12q/misc-utils/script.c -+++ util-linux-2.12q/misc-utils/script.c -@@ -325,9 +325,9 @@ - shname = shell; - - if (cflg) -- execl(shell, shname, "-c", cflg, 0); -+ execl(shell, shname, "-c", cflg, NULL); - else -- execl(shell, shname, "-i", 0); -+ execl(shell, shname, "-i", NULL); - - perror(shell); - fail(); diff --git a/util-linux-2.12q-strict-aliasing.diff b/util-linux-2.12q-strict-aliasing.diff deleted file mode 100644 index 94bd8f0..0000000 --- a/util-linux-2.12q-strict-aliasing.diff +++ /dev/null @@ -1,11 +0,0 @@ ---- util-linux-2.12q/mount/Makefile -+++ util-linux-2.12q/mount/Makefile -@@ -110,7 +110,7 @@ - $(COMPILE) $(RPC_CFLAGS) nfsmount_clnt.c - - nfsmount_xdr.o: nfsmount_xdr.c -- $(COMPILE) $(RPC_CFLAGS) nfsmount_xdr.c -+ $(COMPILE) -fno-strict-aliasing $(RPC_CFLAGS) nfsmount_xdr.c - - ifeq "$(HAVE_GOOD_RPC)" "yes" - nfsmount.h: nfsmount.x diff --git a/util-linux-2.12q-ionice.diff b/util-linux-2.12q-sys_utils_ionice.patch similarity index 84% rename from util-linux-2.12q-ionice.diff rename to util-linux-2.12q-sys_utils_ionice.patch index e52f2ce..c098a72 100644 --- a/util-linux-2.12q-ionice.diff +++ b/util-linux-2.12q-sys_utils_ionice.patch @@ -1,33 +1,7 @@ ---- util-linux-2.12q/sys-utils/Makefile -+++ util-linux-2.12q/sys-utils/Makefile -@@ -8,7 +8,7 @@ - - # Where to put man pages? - --MAN1= arch.1 flock.1 readprofile.1 -+MAN1= arch.1 flock.1 readprofile.1 ionice.1 - - MAN8= ctrlaltdel.8 cytune.8 dmesg.8 \ - ipcrm.8 ipcs.8 renice.8 \ -@@ -19,7 +19,7 @@ - - BIN= arch dmesg - --USRBIN= cytune flock ipcrm ipcs renice setsid -+USRBIN= cytune flock ipcrm ipcs renice setsid ionice - - USRSBIN= readprofile tunelp - -@@ -71,6 +71,7 @@ - ctrlaltdel: ctrlaltdel.o $(LIB)/my_reboot.o - cytune.o: cytune.c cyclades.h - cytune: cytune.o -+ionice: ionice.o - ipcrm: ipcrm.o - ipcs: ipcs.o - rdev: rdev.o ---- util-linux-2.12q/sys-utils/ionice.1 -+++ util-linux-2.12q/sys-utils/ionice.1 +Index: util-linux-ng-2.12r+2.13pre7/sys-utils/ionice.1 +=================================================================== +--- /dev/null ++++ util-linux-ng-2.12r+2.13pre7/sys-utils/ionice.1 @@ -0,0 +1,71 @@ +.TH ionice "1" "August 2005" ionice +.SH NAME @@ -100,8 +74,10 @@ + +.SH AUTHORS +Jens Axboe ---- util-linux-2.12q/sys-utils/ionice.c -+++ util-linux-2.12q/sys-utils/ionice.c +Index: util-linux-ng-2.12r+2.13pre7/sys-utils/ionice.c +=================================================================== +--- /dev/null ++++ util-linux-ng-2.12r+2.13pre7/sys-utils/ionice.c @@ -0,0 +1,144 @@ +/* + * ionice: set or get process io scheduling class and priority @@ -247,3 +223,27 @@ + + return 0; +} +Index: util-linux-ng-2.12r+2.13pre7/sys-utils/Makefile.am +=================================================================== +--- util-linux-ng-2.12r+2.13pre7.orig/sys-utils/Makefile.am ++++ util-linux-ng-2.12r+2.13pre7/sys-utils/Makefile.am +@@ -2,17 +2,17 @@ + + bin_PROGRAMS = dmesg + +-usrbinexec_PROGRAMS = cytune flock ipcrm ipcs renice setsid ++usrbinexec_PROGRAMS = cytune flock ionice ipcrm ipcs renice setsid + + cytune_SOURCES = cytune.c cyclades.h + + sbin_PROGRAMS = ctrlaltdel + + usrsbinexec_PROGRAMS = readprofile tunelp + + tunelp_SOURCES = tunelp.c lp.h + +-man_MANS = flock.1 readprofile.1 \ ++man_MANS = flock.1 ionice.1 readprofile.1 \ + ctrlaltdel.8 cytune.8 dmesg.8 ipcrm.8 ipcs.8 renice.8 \ + setsid.8 tunelp.8 + diff --git a/util-linux-2.12r-mkfs_open_exclusive.patch b/util-linux-2.12r-disk_utils_mkfs_open_exclusive.patch similarity index 61% rename from util-linux-2.12r-mkfs_open_exclusive.patch rename to util-linux-2.12r-disk_utils_mkfs_open_exclusive.patch index f94d3b2..260392e 100644 --- a/util-linux-2.12r-mkfs_open_exclusive.patch +++ b/util-linux-2.12r-disk_utils_mkfs_open_exclusive.patch @@ -1,8 +1,8 @@ -Index: util-linux-2.12r/disk-utils/mkswap.c +Index: util-linux-ng-2.12r+git20070330/disk-utils/mkswap.c =================================================================== ---- util-linux-2.12r.orig/disk-utils/mkswap.c -+++ util-linux-2.12r/disk-utils/mkswap.c -@@ -645,7 +645,7 @@ main(int argc, char ** argv) { +--- util-linux-ng-2.12r+git20070330.orig/disk-utils/mkswap.c ++++ util-linux-ng-2.12r+git20070330/disk-utils/mkswap.c +@@ -660,7 +660,7 @@ main(int argc, char ** argv) { usage(); } @@ -11,10 +11,10 @@ Index: util-linux-2.12r/disk-utils/mkswap.c if (DEV < 0 || fstat(DEV, &statbuf) < 0) { perror(device_name); exit(1); -Index: util-linux-2.12r/disk-utils/mkfs.minix.c +Index: util-linux-ng-2.12r+git20070330/disk-utils/mkfs.minix.c =================================================================== ---- util-linux-2.12r.orig/disk-utils/mkfs.minix.c -+++ util-linux-2.12r/disk-utils/mkfs.minix.c +--- util-linux-ng-2.12r+git20070330.orig/disk-utils/mkfs.minix.c ++++ util-linux-ng-2.12r+git20070330/disk-utils/mkfs.minix.c @@ -699,7 +699,7 @@ main(int argc, char ** argv) { tmp += dirsize; *(short *)tmp = 2; @@ -24,10 +24,10 @@ Index: util-linux-2.12r/disk-utils/mkfs.minix.c if (DEV<0) die(_("unable to open %s")); if (fstat(DEV,&statbuf)<0) -Index: util-linux-2.12r/disk-utils/mkfs.bfs.c +Index: util-linux-ng-2.12r+git20070330/disk-utils/mkfs.bfs.c =================================================================== ---- util-linux-2.12r.orig/disk-utils/mkfs.bfs.c -+++ util-linux-2.12r/disk-utils/mkfs.bfs.c +--- util-linux-ng-2.12r+git20070330.orig/disk-utils/mkfs.bfs.c ++++ util-linux-ng-2.12r+git20070330/disk-utils/mkfs.bfs.c @@ -170,7 +170,7 @@ main(int argc, char *argv[]) { if (!S_ISBLK(statbuf.st_mode)) fatal(_("%s is not a block special device"), device); diff --git a/util-linux-2.12r-mkswap_fix.patch b/util-linux-2.12r-disk_utils_mkswap_fix.patch similarity index 58% rename from util-linux-2.12r-mkswap_fix.patch rename to util-linux-2.12r-disk_utils_mkswap_fix.patch index 58d50a0..058dd2c 100644 --- a/util-linux-2.12r-mkswap_fix.patch +++ b/util-linux-2.12r-disk_utils_mkswap_fix.patch @@ -1,8 +1,10 @@ -Index: util-linux-2.12r/disk-utils/mkswap.c +default swap to V1 in any case [#205956] + +Index: util-linux-ng-2.12r+git20070330/disk-utils/mkswap.c =================================================================== ---- util-linux-2.12r.orig/disk-utils/mkswap.c 2004-12-21 09:21:24.000000000 -0800 -+++ util-linux-2.12r/disk-utils/mkswap.c 2006-10-23 17:51:24.636063632 -0700 -@@ -602,9 +602,7 @@ +--- util-linux-ng-2.12r+git20070330.orig/disk-utils/mkswap.c ++++ util-linux-ng-2.12r+git20070330/disk-utils/mkswap.c +@@ -617,9 +617,7 @@ main(int argc, char ** argv) { version = 1; else /* use version 1 as default, if possible */ diff --git a/util-linux-2.12r-external-prog-on-guess.diff b/util-linux-2.12r-external-prog-on-guess.diff deleted file mode 100644 index 662da55..0000000 --- a/util-linux-2.12r-external-prog-on-guess.diff +++ /dev/null @@ -1,133 +0,0 @@ -From: Jeff Mahoney -Subject: [PATCH] mount: needs to handle special mountprog even on guessed file systems. - - If the user doesn't specify -t mount.fstype will never be called. - - This patch fixes that. - - Update: Fixes a bug where the mount would get added to mtab twice. - --- - - mount.c | 47 +++++++++++++++++++++++++++++++++++++++++------ - mount_guess_fstype.c | 3 +-- - 2 files changed, 42 insertions(+), 8 deletions(-) - -diff -rup util-linux-2.12r/mount/mount.c util-linux-2.12r.updated/mount/mount.c ---- util-linux-2.12r/mount/mount.c 2006-05-17 17:35:37.000000000 -0400 -+++ util-linux-2.12r.updated/mount/mount.c 2006-05-17 17:35:17.000000000 -0400 -@@ -451,6 +451,10 @@ create_mtab (void) { - unlock_mtab(); - } - -+static int check_special_mountprog(const char *spec, const char *node, -+ const char *type, int flags, -+ char *extra_opts, int *status); -+ - /* count successful mount system calls */ - static int mountcount = 0; - -@@ -462,12 +466,30 @@ static int mountcount = 0; - static int - do_mount_syscall (struct mountargs *args) { - int flags = args->flags; -- int ret; - - if ((flags & MS_MGC_MSK) == 0) - flags |= MS_MGC_VAL; - -- ret = mount (args->spec, args->node, args->type, flags, args->data); -+ return mount (args->spec, args->node, args->type, flags, args->data); -+} -+ -+/* -+ * do_mount() -+ * Mount a single file system, possibly invoking an external handler to -+ * do so. Keep track of successes. -+ * returns: 0: OK, -1: error in errno -+ */ -+static int -+do_mount (struct mountargs *args) { -+ int ret; -+ if (check_special_mountprog(args->spec, args->node, args->type, -+ args->flags, args->data, &ret) == 0) -+ ret = do_mount_syscall(args); -+ else if (ret == 0) { /* set by the call */ -+ mountcount++; -+ ret = 1; -+ } -+ - if (ret == 0) - mountcount++; - return ret; -@@ -507,10 +529,11 @@ guess_fstype_and_mount(const char *spec, - char *p; - - while((p = index(t,',')) != NULL) { -+ int ret; - *p = 0; - args.type = *types = t; -- if(do_mount_syscall (&args) == 0) -- return 0; -+ if((ret = do_mount (&args)) >= 0) -+ return ret; - t = p+1; - } - /* do last type below */ -@@ -519,10 +542,10 @@ guess_fstype_and_mount(const char *spec, - - if (*types || (flags & MS_REMOUNT)) { - args.type = *types; -- return do_mount_syscall (&args); -+ return do_mount (&args); - } - -- return procfsloop(do_mount_syscall, &args, types); -+ return procfsloop(do_mount, &args, types); - } - - /* -@@ -895,8 +918,16 @@ retry_nfs: - nosigblock: - - if (!fake) { -+ int skip_mtab = 0; - mnt5_res = guess_fstype_and_mount (spec, node, &types, flags & ~MS_NOSYS, - mount_opts); -+ /* External program was executed to mount the file system, skip updating -+ * mtab. */ -+ if (mnt5_res == 1) { -+ skip_mtab = 1; -+ mnt5_res = 0; -+ res = 0; -+ } - if(!mnt5_res && LoopMountAutomaticChmod && (getuid() == 0)) { - /* - * If loop was set up using random keys and new file system -@@ -907,8 +938,12 @@ nosigblock: - error (_("Error: encrypted file system chmod() failed")); - } - } -+ -+ if (skip_mtab) -+ goto out; - } - -+ - if (fake || mnt5_res == 0) { - /* Mount succeeded, report this (if verbose) and write mtab entry. */ - if (loop) -diff -rup util-linux-2.12r/mount/mount_guess_fstype.c util-linux-2.12r.updated/mount/mount_guess_fstype.c ---- util-linux-2.12r/mount/mount_guess_fstype.c 2006-05-17 17:35:37.000000000 -0400 -+++ util-linux-2.12r.updated/mount/mount_guess_fstype.c 2006-05-17 17:19:44.000000000 -0400 -@@ -695,9 +695,8 @@ procfsloop(int (*mount_fn)(struct mounta - printf(_("Trying %s\n"), fsname); - fflush(stdout); - } -- if ((*mount_fn) (args) == 0) { -+ if ((ret = (*mount_fn) (args)) >= 0) { - *types = fsname; -- ret = 0; - break; - } else if (errno != EINVAL && - is_in_procfs(fsname) == 1) { diff --git a/util-linux-2.12r-fdiskcyl.patch b/util-linux-2.12r-fdisk_cyl.patch similarity index 71% rename from util-linux-2.12r-fdiskcyl.patch rename to util-linux-2.12r-fdisk_cyl.patch index 70a0a1b..d2bbe5e 100644 --- a/util-linux-2.12r-fdiskcyl.patch +++ b/util-linux-2.12r-fdisk_cyl.patch @@ -1,6 +1,8 @@ ---- util-linux-2.12r/fdisk/fdisk.c.old 2006-05-11 19:20:15.000000000 -0400 -+++ util-linux-2.12r/fdisk/fdisk.c 2006-05-11 19:33:44.000000000 -0400 -@@ -1916,6 +1916,16 @@ +Index: util-linux-ng-2.12r+2.13pre7/fdisk/fdisk.c +=================================================================== +--- util-linux-ng-2.12r+2.13pre7.orig/fdisk/fdisk.c ++++ util-linux-ng-2.12r+2.13pre7/fdisk/fdisk.c +@@ -1918,6 +1918,16 @@ verify(void) { total_number_of_sectors - total); } @@ -17,7 +19,7 @@ static void add_partition(int n, int sys) { char mesg[256]; /* 48 does not suffice in Japanese */ -@@ -1951,8 +1961,10 @@ +@@ -1953,8 +1963,10 @@ add_partition(int n, int sys) { limit = get_start_sect(q) + get_nr_sects(q) - 1; } if (display_in_cyl_units) @@ -29,4 +31,3 @@ snprintf(mesg, sizeof(mesg), _("First %s"), str_units(SINGULAR)); do { - diff --git a/util-linux-2.12r-fdiskwrap.patch b/util-linux-2.12r-fdisk_fdiskwrap.patch similarity index 75% rename from util-linux-2.12r-fdiskwrap.patch rename to util-linux-2.12r-fdisk_fdiskwrap.patch index 56bf598..5a1400a 100644 --- a/util-linux-2.12r-fdiskwrap.patch +++ b/util-linux-2.12r-fdisk_fdiskwrap.patch @@ -1,6 +1,8 @@ ---- util-linux-2.12r/fdisk/fdisk.c -+++ util-linux-2.12r/fdisk/fdisk.c -@@ -61,7 +61,7 @@ +Index: util-linux-ng-2.12r+2.13pre7/fdisk/fdisk.c +=================================================================== +--- util-linux-ng-2.12r+2.13pre7.orig/fdisk/fdisk.c ++++ util-linux-ng-2.12r+2.13pre7/fdisk/fdisk.c +@@ -63,7 +63,7 @@ static void delete_partition(int i); /* A valid partition table sector ends in 0x55 0xaa */ static unsigned int @@ -9,7 +11,7 @@ return ((unsigned int) b[510]) + (((unsigned int) b[511]) << 8); } -@@ -71,7 +71,7 @@ +@@ -73,7 +73,7 @@ valid_part_table_flag(unsigned char *b) } static void @@ -18,7 +20,7 @@ b[510] = 0x55; b[511] = 0xaa; } -@@ -98,17 +98,17 @@ +@@ -100,17 +100,17 @@ set_start_sect(struct partition *p, unsi store4_little_endian(p->start4, start_sect); } @@ -39,7 +41,7 @@ get_nr_sects(struct partition *p) { return read4_little_endian(p->size4); } -@@ -120,7 +120,7 @@ +@@ -122,7 +122,7 @@ static int type_open = O_RDWR; * Raw disk label. For DOS-type partition tables the MBR, * with descriptions of the primary partitions. */ @@ -48,7 +50,7 @@ /* * per partition table entry data -@@ -134,8 +134,8 @@ +@@ -136,8 +136,8 @@ struct pte { struct partition *part_table; /* points into sectorbuffer */ struct partition *ext_pointer; /* points into sectorbuffer */ char changed; /* boolean */ @@ -59,7 +61,7 @@ } ptes[MAXIMUM_PARTS]; char *disk_device, /* must be specified */ -@@ -154,15 +154,14 @@ +@@ -156,15 +156,14 @@ unsigned int user_cylinders, user_heads, unsigned int pt_heads, pt_sectors; unsigned int kern_heads, kern_sectors; @@ -78,16 +80,14 @@ unsigned long long total_number_of_sectors; -@@ -240,21 +239,21 @@ +@@ -242,21 +241,21 @@ void fatal(enum failure why) { } static void -seek_sector(int fd, unsigned int secno) { -- long long offset = (long long) secno * sector_size; -- if (ext2_llseek(fd, offset, SEEK_SET) == (long long) -1) +seek_sector(int fd, unsigned long long secno) { -+ off_t offset = (off_t) secno * sector_size; -+ if (lseek(fd, offset, SEEK_SET) == (off_t) -1) + off_t offset = (off_t) secno * sector_size; + if (lseek(fd, offset, SEEK_SET) == (off_t) -1) fatal(unable_to_seek); } @@ -105,7 +105,7 @@ seek_sector(fd, secno); if (write(fd, buf, sector_size) != sector_size) fatal(unable_to_write); -@@ -262,11 +261,11 @@ +@@ -264,11 +263,11 @@ write_sector(int fd, unsigned int secno, /* Allocate a buffer and read a partition table sector */ static void @@ -119,7 +119,7 @@ if (!pe->sectorbuffer) fatal(out_of_memory); read_sector(fd, offset, pe->sectorbuffer); -@@ -274,7 +273,7 @@ +@@ -276,7 +275,7 @@ read_pte(int fd, int pno, unsigned int o pe->part_table = pe->ext_pointer = NULL; } @@ -128,7 +128,7 @@ get_partition_start(struct pte *pe) { return pe->offset + get_start_sect(pe->part_table); } -@@ -547,10 +546,10 @@ +@@ -549,10 +548,10 @@ clear_partition(struct partition *p) { } static void @@ -142,7 +142,7 @@ if (doext) { p = ptes[i].ext_pointer; -@@ -1546,7 +1545,7 @@ +@@ -1548,7 +1547,7 @@ list_disk_geometry(void) { else printf(_("\nDisk %s: %ld.%ld GB, %lld bytes\n"), disk_device, megabytes/1000, (megabytes/100)%10, bytes); @@ -151,7 +151,7 @@ heads, sectors, cylinders); if (units_per_sector == 1) printf(_(", total %llu sectors"), -@@ -1778,20 +1777,21 @@ +@@ -1780,20 +1779,21 @@ x_list_table(int extend) { struct partition *p; int i; @@ -176,7 +176,7 @@ if (p->sys_ind) check_consistency(p, i); } -@@ -1799,7 +1799,7 @@ +@@ -1801,7 +1801,7 @@ x_list_table(int extend) { } static void @@ -185,7 +185,7 @@ int i; struct pte *pe = &ptes[0]; struct partition *p; -@@ -1832,7 +1832,7 @@ +@@ -1834,7 +1834,7 @@ check(int n, unsigned int h, unsigned in n, h + 1, heads); if (real_s >= sectors) fprintf(stderr, _("Partition %d: sector %d greater than " @@ -194,7 +194,7 @@ if (real_c >= cylinders) fprintf(stderr, _("Partitions %d: cylinder %d greater than " "maximum %d\n"), n, real_c + 1, cylinders); -@@ -1845,8 +1845,8 @@ +@@ -1847,8 +1847,8 @@ check(int n, unsigned int h, unsigned in static void verify(void) { int i, j; @@ -205,7 +205,7 @@ struct partition *p; if (warn_geometry()) -@@ -1890,7 +1890,7 @@ +@@ -1892,7 +1892,7 @@ verify(void) { if (extended_offset) { struct pte *pex = &ptes[ext_index]; @@ -214,7 +214,7 @@ get_nr_sects(pex->part_table) - 1; for (i = 4; i < partitions; i++) { -@@ -1909,8 +1909,8 @@ +@@ -1911,8 +1911,8 @@ verify(void) { } if (total > total_number_of_sectors) @@ -225,7 +225,7 @@ else if (total < total_number_of_sectors) printf(_("%lld unallocated sectors\n"), total_number_of_sectors - total); -@@ -1923,7 +1923,7 @@ +@@ -1925,7 +1925,7 @@ add_partition(int n, int sys) { struct partition *p = ptes[n].part_table; struct partition *q = ptes[ext_index].part_table; long long llimit; @@ -234,7 +234,7 @@ first[partitions], last[partitions]; if (p && p->sys_ind) { -@@ -1969,7 +1969,7 @@ +@@ -1971,7 +1971,7 @@ add_partition(int n, int sys) { if (start > limit) break; if (start >= temp+units_per_sector && read) { @@ -243,7 +243,7 @@ temp = start; read = 0; } -@@ -2228,14 +2228,14 @@ +@@ -2230,14 +2230,14 @@ reread_partition_table(int leave) { #define MAX_PER_LINE 16 static void @@ -260,9 +260,11 @@ if (l == MAX_PER_LINE - 1) { printf("\n"); l = -1; ---- util-linux-2.12r/fdisk/fdisk.h -+++ util-linux-2.12r/fdisk/fdisk.h -@@ -84,8 +84,8 @@ +Index: util-linux-ng-2.12r+2.13pre7/fdisk/fdisk.h +=================================================================== +--- util-linux-ng-2.12r+2.13pre7.orig/fdisk/fdisk.h ++++ util-linux-ng-2.12r+2.13pre7/fdisk/fdisk.h +@@ -81,8 +81,8 @@ extern unsigned int read_int(unsigned in #define SINGULAR 1 extern char *const str_units(int); @@ -273,9 +275,11 @@ extern int osf_label; ---- util-linux-2.12r/fdisk/fdiskaixlabel.h -+++ util-linux-2.12r/fdisk/fdiskaixlabel.h -@@ -19,9 +19,10 @@ +Index: util-linux-ng-2.12r+2.13pre7/fdisk/fdiskaixlabel.h +=================================================================== +--- util-linux-ng-2.12r+2.13pre7.orig/fdisk/fdiskaixlabel.h ++++ util-linux-ng-2.12r+2.13pre7/fdisk/fdiskaixlabel.h +@@ -19,9 +19,10 @@ typedef struct { /* fdisk.c */ #define aixlabel ((aix_partition *)MBRbuffer) @@ -288,10 +292,12 @@ extern int show_begin; extern int aix_label; extern char *partition_type(unsigned char type); ---- util-linux-2.12r/fdisk/fdiskmaclabel.h -+++ util-linux-2.12r/fdisk/fdiskmaclabel.h -@@ -25,9 +25,10 @@ - +Index: util-linux-ng-2.12r+2.13pre7/fdisk/fdiskmaclabel.h +=================================================================== +--- util-linux-ng-2.12r+2.13pre7.orig/fdisk/fdiskmaclabel.h ++++ util-linux-ng-2.12r+2.13pre7/fdisk/fdiskmaclabel.h +@@ -25,9 +25,10 @@ typedef struct { + /* fdisk.c */ #define maclabel ((mac_partition *)MBRbuffer) -extern char MBRbuffer[MAX_SECTOR_SIZE]; @@ -303,9 +309,11 @@ extern int show_begin; extern int mac_label; extern char *partition_type(unsigned char type); ---- util-linux-2.12r/fdisk/fdisksgilabel.c -+++ util-linux-2.12r/fdisk/fdisksgilabel.c -@@ -197,7 +197,7 @@ +Index: util-linux-ng-2.12r+2.13pre7/fdisk/fdisksgilabel.c +=================================================================== +--- util-linux-ng-2.12r+2.13pre7.orig/fdisk/fdisksgilabel.c ++++ util-linux-ng-2.12r+2.13pre7/fdisk/fdisksgilabel.c +@@ -197,7 +197,7 @@ sgi_list_table(int xtra) { w = strlen(disk_device); if (xtra) { @@ -314,7 +322,7 @@ "%d cylinders, %d physical cylinders\n" "%d extra sects/cyl, interleave %d:1\n" "%s\n" -@@ -211,7 +211,7 @@ +@@ -211,7 +211,7 @@ sgi_list_table(int xtra) { sector_size); } else { printf(_("\nDisk %s (SGI disk label): " @@ -323,9 +331,11 @@ "Units = %s of %d * %d bytes\n\n"), disk_device, heads, sectors, cylinders, str_units(PLURAL), units_per_sector, ---- util-linux-2.12r/fdisk/fdisksgilabel.h -+++ util-linux-2.12r/fdisk/fdisksgilabel.h -@@ -103,8 +103,9 @@ +Index: util-linux-ng-2.12r+2.13pre7/fdisk/fdisksgilabel.h +=================================================================== +--- util-linux-ng-2.12r+2.13pre7.orig/fdisk/fdisksgilabel.h ++++ util-linux-ng-2.12r+2.13pre7/fdisk/fdisksgilabel.h +@@ -103,8 +103,9 @@ typedef struct { /* fdisk.c */ #define sgilabel ((sgi_partition *)MBRbuffer) #define sgiparam (sgilabel->devparam) @@ -337,9 +347,11 @@ extern int show_begin; extern int sgi_label; extern char *partition_type(unsigned char type); ---- util-linux-2.12r/fdisk/fdisksunlabel.c -+++ util-linux-2.12r/fdisk/fdisksunlabel.c -@@ -349,7 +349,7 @@ +Index: util-linux-ng-2.12r+2.13pre7/fdisk/fdisksunlabel.c +=================================================================== +--- util-linux-ng-2.12r+2.13pre7.orig/fdisk/fdisksunlabel.c ++++ util-linux-ng-2.12r+2.13pre7/fdisk/fdisksunlabel.c +@@ -348,7 +348,7 @@ void create_sunlabel(void) } snprintf(sunlabel->info, sizeof(sunlabel->info), @@ -348,7 +360,7 @@ p ? p->vendor : "", (p && *p->vendor) ? " " : "", p ? p->model : (floppy ? _("3,5\" floppy") : _("Linux custom")), -@@ -656,7 +656,7 @@ +@@ -655,7 +655,7 @@ sun_list_table(int xtra) { w = strlen(disk_device); if (xtra) printf( @@ -357,7 +369,7 @@ "%d cylinders, %d alternate cylinders, %d physical cylinders\n" "%d extra sects/cyl, interleave %d:1\n" "%s\n" -@@ -670,7 +670,7 @@ +@@ -669,7 +669,7 @@ sun_list_table(int xtra) { str_units(PLURAL), units_per_sector); else printf( @@ -366,9 +378,11 @@ "Units = %s of %d * 512 bytes\n\n"), disk_device, heads, sectors, cylinders, str_units(PLURAL), units_per_sector); ---- util-linux-2.12r/fdisk/fdisksunlabel.h -+++ util-linux-2.12r/fdisk/fdisksunlabel.h -@@ -37,8 +37,9 @@ +Index: util-linux-ng-2.12r+2.13pre7/fdisk/fdisksunlabel.h +=================================================================== +--- util-linux-ng-2.12r+2.13pre7.orig/fdisk/fdisksunlabel.h ++++ util-linux-ng-2.12r+2.13pre7/fdisk/fdisksunlabel.h +@@ -37,8 +37,9 @@ typedef struct { : (__u32)(x)) /* fdisk.c */ diff --git a/util-linux-2.12r-fdisk_llseek.patch b/util-linux-2.12r-fdisk_llseek.patch deleted file mode 100644 index 786a385..0000000 --- a/util-linux-2.12r-fdisk_llseek.patch +++ /dev/null @@ -1,234 +0,0 @@ ---- fdisk/Makefile -+++ fdisk/Makefile -@@ -39,7 +39,7 @@ - endif - endif - --cfdisk: cfdisk.o llseek.o disksize.o i386_sys_types.o $(LIB)/xstrncpy.o -+cfdisk: cfdisk.o disksize.o i386_sys_types.o $(LIB)/xstrncpy.o - ifeq "$(HAVE_SLANG)" "yes" - $(CC) $(LDFLAGS) $^ -o $@ $(LIBSLANG) - else -@@ -55,7 +55,7 @@ - rm -f activate - ln -s sfdisk activate - --fdisk: fdisk.o llseek.o disksize.o fdiskbsdlabel.o fdisksgilabel.o fdisksunlabel.o \ -+fdisk: fdisk.o disksize.o fdiskbsdlabel.o fdisksgilabel.o fdisksunlabel.o \ - fdiskmaclabel.o fdiskaixlabel.o i386_sys_types.o partname.o - fdisk.o: fdisk.c fdisk.h - fdiskbsdlabel.o: fdiskbsdlabel.c fdisk.h fdiskbsdlabel.h ---- fdisk/cfdisk.c -+++ fdisk/cfdisk.c -@@ -84,9 +84,6 @@ - #include "xstrncpy.h" - #include "common.h" - --extern long long ext2_llseek(unsigned int fd, long long offset, -- unsigned int origin); -- - #define VERSION UTIL_LINUX_VERSION - - #define DEFAULT_DEVICE "/dev/hda" -@@ -552,7 +549,7 @@ - - static void - read_sector(char *buffer, long long sect_num) { -- if (ext2_llseek(fd, sect_num*SECTOR_SIZE, SEEK_SET) < 0) -+ if (lseek(fd, sect_num*SECTOR_SIZE, SEEK_SET) < 0) - fatal(_("Cannot seek on disk drive"), 2); - if (read(fd, buffer, SECTOR_SIZE) != SECTOR_SIZE) - fatal(_("Cannot read disk drive"), 2); -@@ -560,7 +557,7 @@ - - static void - write_sector(char *buffer, long long sect_num) { -- if (ext2_llseek(fd, sect_num*SECTOR_SIZE, SEEK_SET) < 0) -+ if (lseek(fd, sect_num*SECTOR_SIZE, SEEK_SET) < 0) - fatal(_("Cannot seek on disk drive"), 2); - if (write(fd, buffer, SECTOR_SIZE) != SECTOR_SIZE) - fatal(_("Cannot write disk drive"), 2); -@@ -587,7 +584,7 @@ - long long offset; - - offset = (p_info[i].first_sector + p_info[i].offset) * SECTOR_SIZE; -- if (ext2_llseek(fd, offset, SEEK_SET) == offset -+ if (lseek(fd, offset, SEEK_SET) == offset - && read(fd, §or, sizeof(sector)) == sizeof(sector)) { - dos_copy_to_info(p_info[i].ostype, OSTYPESZ, - sector+DOS_OSTYPE_OFFSET, DOS_OSTYPE_SZ); -@@ -672,7 +669,7 @@ - - offset = (p_info[i].first_sector + p_info[i].offset) * SECTOR_SIZE - + 1024; -- if (ext2_llseek(fd, offset, SEEK_SET) == offset -+ if (lseek(fd, offset, SEEK_SET) == offset - && read(fd, &e2fsb, sizeof(e2fsb)) == sizeof(e2fsb) - && e2fsb.s_magic[0] + (e2fsb.s_magic[1]<<8) == EXT2_SUPER_MAGIC) { - label = e2fsb.s_volume_name; -@@ -688,7 +685,7 @@ - } - - offset = (p_info[i].first_sector + p_info[i].offset) * SECTOR_SIZE + 0; -- if (ext2_llseek(fd, offset, SEEK_SET) == offset -+ if (lseek(fd, offset, SEEK_SET) == offset - && read(fd, &xfsb, sizeof(xfsb)) == sizeof(xfsb) - && !strncmp(xfsb.s_magic, XFS_SUPER_MAGIC, 4)) { - label = xfsb.s_fname; -@@ -702,7 +699,7 @@ - /* jfs? */ - offset = (p_info[i].first_sector + p_info[i].offset) * SECTOR_SIZE - + JFS_SUPER1_OFF; -- if (ext2_llseek(fd, offset, SEEK_SET) == offset -+ if (lseek(fd, offset, SEEK_SET) == offset - && read(fd, &jfsb, sizeof(jfsb)) == sizeof(jfsb) - && !strncmp(jfsb.s_magic, JFS_MAGIC, strlen(JFS_MAGIC))) { - label = jfsb.s_label; -@@ -716,7 +713,7 @@ - /* reiserfs? */ - offset = (p_info[i].first_sector + p_info[i].offset) * SECTOR_SIZE - + REISERFS_DISK_OFFSET_IN_BYTES; -- if (ext2_llseek(fd, offset, SEEK_SET) == offset -+ if (lseek(fd, offset, SEEK_SET) == offset - && read(fd, &reiserfsb, sizeof(reiserfsb)) == sizeof(reiserfsb) - && has_reiserfs_magic_string(&reiserfsb, &reiserfs_is_3_6)) { - if (reiserfs_is_3_6) { ---- fdisk/fdiskbsdlabel.c -+++ fdisk/fdiskbsdlabel.c -@@ -566,7 +566,7 @@ - sector = get_start_sect(xbsd_part); - #endif - -- if (ext2_llseek (fd, (long long) sector * SECTOR_SIZE, SEEK_SET) == -1) -+ if (lseek (fd, (long long) sector * SECTOR_SIZE, SEEK_SET) == -1) - fatal (unable_to_seek); - if (BSD_BBSIZE != write (fd, disklabelbuffer, BSD_BBSIZE)) - fatal (unable_to_write); -@@ -735,7 +735,7 @@ - sector = 0; - #endif - -- if (ext2_llseek (fd, (long long) sector * SECTOR_SIZE, SEEK_SET) == -1) -+ if (lseek (fd, (long long) sector * SECTOR_SIZE, SEEK_SET) == -1) - fatal (unable_to_seek); - if (BSD_BBSIZE != read (fd, disklabelbuffer, BSD_BBSIZE)) - fatal (unable_to_read); -@@ -781,12 +781,12 @@ - - #if defined (__alpha__) && BSD_LABELSECTOR == 0 - alpha_bootblock_checksum (disklabelbuffer); -- if (ext2_llseek (fd, (long long) 0, SEEK_SET) == -1) -+ if (lseek (fd, (long long) 0, SEEK_SET) == -1) - fatal (unable_to_seek); - if (BSD_BBSIZE != write (fd, disklabelbuffer, BSD_BBSIZE)) - fatal (unable_to_write); - #else -- if (ext2_llseek (fd, (long long) sector * SECTOR_SIZE + BSD_LABELOFFSET, -+ if (lseek (fd, (long long) sector * SECTOR_SIZE + BSD_LABELOFFSET, - SEEK_SET) == -1) - fatal (unable_to_seek); - if (sizeof (struct xbsd_disklabel) != write (fd, d, sizeof (struct xbsd_disklabel))) ---- fdisk/fdisksgilabel.c -+++ fdisk/fdisksgilabel.c -@@ -379,7 +379,7 @@ - */ - sgiinfo *info = fill_sgiinfo(); - int infostartblock = SSWAP32(sgilabel->directory[0].vol_file_start); -- if (ext2_llseek(fd, (long long)infostartblock* -+ if (lseek(fd, (long long)infostartblock* - SECTOR_SIZE, SEEK_SET) < 0) - fatal(unable_to_seek); - if (write(fd, info, SECTOR_SIZE) != SECTOR_SIZE) ---- fdisk/llseek.c -+++ fdisk/llseek.c -@@ -13,31 +13,12 @@ - extern long long ext2_llseek (unsigned int, long long, unsigned int); - - #ifdef __linux__ -- --#ifdef HAVE_LLSEEK --#include -- --#else /* HAVE_LLSEEK */ -- --#if defined(__alpha__) || defined(__ia64__) || defined(__s390x__) -- --#define my_llseek lseek -- --#else --#include /* for __NR__llseek */ -- --static int _llseek (unsigned int, unsigned long, -- unsigned long, long long *, unsigned int); -- --#ifdef __NR__llseek -- --static _syscall5(int,_llseek,unsigned int,fd,unsigned long,offset_high, -- unsigned long, offset_low,long long *,result, -- unsigned int, origin) -- --#else -+# if defined(__alpha__) || defined(__ia64__) || defined(__s390x__) -+# define my_llseek lseek -+# else - - /* no __NR__llseek on compilation machine - might give it explicitly */ -+# ifndef __NR__llseek - static int _llseek (unsigned int fd, unsigned long oh, - unsigned long ol, long long *result, - unsigned int origin) { -@@ -45,10 +26,10 @@ - return -1; - } - --#endif -+# endif /* __NR__llseek */ - - static long long my_llseek (unsigned int fd, long long offset, -- unsigned int origin) -+ unsigned int origin) - { - long long result; - int retval; ---- fdisk/sfdisk.c -+++ fdisk/sfdisk.c -@@ -164,36 +164,16 @@ - /* - * sseek: seek to specified sector - return 0 on failure - * -- * For >4GB disks lseek needs a > 32bit arg, and we have to use llseek. -- * On the other hand, a 32 bit sector number is OK until 2TB. -- * The routines _llseek and sseek below are the only ones that -- * know about the loff_t type. -- * - * Note: we use 512-byte sectors here, irrespective of the hardware ss. - */ --#undef use_lseek --#if defined (__alpha__) || defined (__ia64__) || defined (__x86_64__) || defined (__s390x__) --#define use_lseek --#endif -- --#ifndef use_lseek --static __attribute__used --_syscall5(int, _llseek, unsigned int, fd, ulong, hi, ulong, lo, -- loff_t *, res, unsigned int, wh); --#endif -- - static int - sseek(char *dev, unsigned int fd, unsigned long s) { -- loff_t in, out; -- in = ((loff_t) s << 9); -+ off_t in, out; -+ in = ((off_t) s << 9); - out = 1; - --#ifndef use_lseek -- if (_llseek (fd, in>>32, in & 0xffffffff, &out, SEEK_SET) != 0) { --#else - if ((out = lseek(fd, in, SEEK_SET)) != in) { --#endif -- perror("llseek"); -+ perror("lseek"); - error(_("seek error on %s - cannot seek to %lu\n"), dev, s); - return 0; - } diff --git a/util-linux-2.12r-fdisk_remove_bogus_warnings.patch b/util-linux-2.12r-fdisk_remove_bogus_warnings.patch index ed08fe1..634cad7 100644 --- a/util-linux-2.12r-fdisk_remove_bogus_warnings.patch +++ b/util-linux-2.12r-fdisk_remove_bogus_warnings.patch @@ -1,8 +1,8 @@ -Index: util-linux-2.12r/fdisk/fdisk.c +Index: util-linux-ng-2.12r+2.13pre7/fdisk/fdisk.c =================================================================== ---- util-linux-2.12r.orig/fdisk/fdisk.c -+++ util-linux-2.12r/fdisk/fdisk.c -@@ -1496,6 +1496,7 @@ static void check_consistency(struct par +--- util-linux-ng-2.12r+2.13pre7.orig/fdisk/fdisk.c ++++ util-linux-ng-2.12r+2.13pre7/fdisk/fdisk.c +@@ -1498,6 +1498,7 @@ static void check_consistency(struct par /* compute logical ending (c, h, s) */ long2chs(get_start_sect(p) + get_nr_sects(p) - 1, &lec, &leh, &les); @@ -10,7 +10,7 @@ Index: util-linux-2.12r/fdisk/fdisk.c /* Same physical / logical beginning? */ if (cylinders <= 1024 && (pbc != lbc || pbh != lbh || pbs != lbs)) { printf(_("Partition %d has different physical/logical " -@@ -1512,7 +1513,6 @@ static void check_consistency(struct par +@@ -1514,7 +1515,6 @@ static void check_consistency(struct par printf(_("logical=(%d, %d, %d)\n"),lec, leh, les); } diff --git a/util-linux-2.12r-losetup_password.patch b/util-linux-2.12r-losetup_password.patch deleted file mode 100644 index 2eea2b4..0000000 --- a/util-linux-2.12r-losetup_password.patch +++ /dev/null @@ -1,247 +0,0 @@ -Index: util-linux-2.12r/mount/lomount.c -=================================================================== ---- util-linux-2.12r.orig/mount/lomount.c -+++ util-linux-2.12r/mount/lomount.c -@@ -46,24 +46,24 @@ - #include "rmd160.h" - #include "aes.h" - -+#define LO_PASS_OK EXIT_SUCCESS -+#define LO_PASS_ERR EXIT_FAILURE -+#define LO_PASS_EMPTY 5 -+#define LO_PASS_SHORT 6 -+ - extern int verbose; - extern char *xstrdup (const char *s); /* not: #include "sundries.h" */ - extern void error (const char *fmt, ...); /* idem */ - extern void show_all_loops(void); - extern int read_options_from_fstab(char *, char **); - -+volatile int timeout=0; - int passphrase_timeout=0; - struct sigaction alrmact; - - static void - alrmhandler() { -- /* let the SIGINT handler do the work: */ -- kill(getpid(),SIGINT); -- usleep(1000000); -- kill(getpid(),SIGTERM); -- usleep(1000000); -- /* stubborn... */ -- exit(0); -+ timeout = 1; - } - - -@@ -473,11 +473,14 @@ static char *do_GPG_pipe(char *pass) - return multiKeyPass[0]; - } - --static char *sGetPass(int minLen, int warnLen) -+static int sGetPass(char **pass, int minLen, int warnLen) - { - char *p, *s, *seed; - int i, ask2; - -+ *pass = NULL; -+ timeout = 0; -+ - if(!passFDnumber) { - - if(passphrase_timeout) { -@@ -489,6 +492,9 @@ static char *sGetPass(int minLen, int wa - } - - p = getpass(_("Password: ")); -+ alarm(0); -+ if (timeout) -+ return LO_PASS_EMPTY; - ask2 = passAskTwice ? 1 : 0; - } else { - i = atoi(passFDnumber); -@@ -504,11 +510,13 @@ static char *sGetPass(int minLen, int wa - } - if(x == 65) { - multiKeyMode = 65; -- return multiKeyPass[0]; -+ *pass = multiKeyPass[0]; -+ return LO_PASS_OK; - } - if(x == 64) { - multiKeyMode = 64; -- return multiKeyPass[0]; -+ *pass = multiKeyPass[0]; -+ return LO_PASS_OK; - } - p = multiKeyPass[0]; - } -@@ -531,6 +539,9 @@ static char *sGetPass(int minLen, int wa - } - - p = getpass(_("Retype password: ")); -+ alarm(0); -+ if (timeout) -+ return LO_PASS_EMPTY; - if(!p) goto nomem; - if(strcmp(s, p)) goto compareErr; - memset(s, 0, i); -@@ -538,17 +549,25 @@ static char *sGetPass(int minLen, int wa - ask2 = 0; - } - p = do_GPG_pipe(p); -- if(!p) return(NULL); -+ if(!p) -+ return LO_PASS_ERR; - if(!p[0]) { - fprintf(stderr, _("Error: gpg key file decryption failed\n")); -- return(NULL); -+ return LO_PASS_ERR; -+ } -+ if(multiKeyMode) { -+ *pass = p; -+ return LO_PASS_OK; - } -- if(multiKeyMode) return(p); - } - i = strlen(p); -+ if(i == 0) { -+ fprintf(stderr, _("Error: Empty password\n")); -+ return LO_PASS_EMPTY; -+ } - if(i < minLen) { - fprintf(stderr, _("Error: Password must be at least %d characters.\n"), minLen); -- return(NULL); -+ return LO_PASS_SHORT; - } - seed = passSeedString; - if(!seed) seed = ""; -@@ -556,7 +575,7 @@ static char *sGetPass(int minLen, int wa - if(!s) { - nomem: - fprintf(stderr, _("Error: Unable to allocate memory\n")); -- return(NULL); -+ return LO_PASS_ERR; - } - strcpy(s, p); - memset(p, 0, i); -@@ -571,11 +590,14 @@ static char *sGetPass(int minLen, int wa - } - - p = getpass(_("Retype password: ")); -+ alarm(0); -+ if (timeout) -+ return LO_PASS_EMPTY; - if(!p) goto nomem; - if(strcmp(s, p)) { - compareErr: - fprintf(stderr, _("Error: Passwords are not identical\n")); -- return(NULL); -+ return LO_PASS_ERR; - } - memset(p, 0, i); - } -@@ -583,7 +605,8 @@ static char *sGetPass(int minLen, int wa - fprintf(stderr, _("WARNING - Please use longer password (%d or more characters)\n"), SUSE_PASSWORD_MIN_LENGTH); - } - strcat(s, seed); -- return(s); -+ *pass = s; -+ return LO_PASS_OK; - } - - /* this is for compatibility with historic loop-AES version */ -@@ -788,6 +811,7 @@ set_loop(const char *device, const char - unsigned char multiKeyBits[65][32]; - int minPassLen = SUSE_PASSWORD_MIN_LENGTH; - int run_mkfs_command = 0; -+ int ret; - - loopFileName = (char *)file; - multiKeyMode = 0; -@@ -802,6 +826,7 @@ set_loop(const char *device, const char - } - if ((fd = open(device, mode)) < 0) { - perror (device); -+ ret = 1; - goto close_ffd_return1; - } - *loopro = (mode == O_RDONLY); -@@ -848,8 +873,8 @@ set_loop(const char *device, const char - loopinfo.lo_encrypt_key_size = 0; - break; - case LO_CRYPT_XOR: -- pass = sGetPass (1, 0); -- if(!pass) goto close_fd_ffd_return1; -+ ret = sGetPass (&pass, 1, 0); -+ if(ret) goto close_fd_ffd_return1; - xstrncpy (loopinfo.lo_encrypt_key, pass, LO_KEY_SIZE); - loopinfo.lo_encrypt_key_size = strlen(loopinfo.lo_encrypt_key); - break; -@@ -886,6 +911,7 @@ set_loop(const char *device, const char - /* This is not compatible with gpgkey= mount option */ - if(rd_wr_retry(atoi(passFDnumber), (char *)&loopinfo.lo_encrypt_key[0], LO_KEY_SIZE, 0) < 1) { - fprintf(stderr, _("Error: couldn't read binary key\n")); -+ ret = 1; - goto close_fd_ffd_return1; - } - break; /* out of switch(loopinfo.lo_encrypt_type) */ -@@ -894,6 +920,7 @@ set_loop(const char *device, const char - /* WARNING! DO NOT USE RANDOM HASH TYPE ON PARTITION WITH EXISTING */ - /* IMPORTANT DATA ON IT. RANDOM HASH TYPE WILL DESTROY YOUR DATA. */ - if(loop_create_random_keys((char*)file, *loopro, &multiKeyBits[0][0])) { -+ ret = 1; - goto close_fd_ffd_return1; - } - memcpy(&loopinfo.lo_encrypt_key[0], &multiKeyBits[0][0], sizeof(loopinfo.lo_encrypt_key)); -@@ -901,8 +928,8 @@ set_loop(const char *device, const char - break; /* out of switch(loopinfo.lo_encrypt_type) */ - } - } -- pass = sGetPass (minPassLen, SUSE_PASSWORD_MIN_LENGTH); -- if(!pass) goto close_fd_ffd_return1; -+ ret = sGetPass (&pass, minPassLen, SUSE_PASSWORD_MIN_LENGTH); -+ if(ret) goto close_fd_ffd_return1; - i = strlen(pass); - if(hashFunc == unhashed1_key_setup) { - /* this is for compatibility with historic loop-AES version */ -@@ -966,6 +993,7 @@ set_loop(const char *device, const char - break; - default: - fprintf (stderr, _("Error: don't know how to get key for encryption system %d\n"), loopinfo.lo_encrypt_type); -+ ret = 1; - goto close_fd_ffd_return1; - } - -@@ -985,7 +1013,7 @@ close_fd_ffd_return1: - close (fd); - close_ffd_return1: - close (ffd); -- return 1; -+ return ret; - } - - /* type 18 == LO_CRYPT_CRYPTOAPI */ -@@ -995,6 +1023,7 @@ close_ffd_return1: - fprintf(stderr, _("ioctl: LOOP_SET_STATUS: %s, requested cipher or key length (%d bits) not supported by kernel\n"), strerror(errno), loopinfo.lo_encrypt_key_size << 3); - loop_clr_fd_out: - (void) ioctl (fd, LOOP_CLR_FD, 0); -+ ret = 1; - goto keyclean_close_fd_ffd_return1; - } - } -Index: util-linux-2.12r/mount/losetup.8 -=================================================================== ---- util-linux-2.12r.orig/mount/losetup.8 -+++ util-linux-2.12r/mount/losetup.8 -@@ -143,6 +143,10 @@ displays the status of a loop device, it - is not configured and 2 if an error occurred which prevented - .B losetup - from determining the status of the device. -+When using encryption -+.B losetup -+returns 5 if the passphrase is empty or a timeout occurred and 6 if -+the passphrase is too short. - - .SH FILES - .nf diff --git a/util-linux-2.12r-cal_formatting.patch b/util-linux-2.12r-misc_utils_cal_formatting.patch similarity index 100% rename from util-linux-2.12r-cal_formatting.patch rename to util-linux-2.12r-misc_utils_cal_formatting.patch diff --git a/util-linux-2.12r-mount-doubleslashessourceprefix-cifs.diff b/util-linux-2.12r-mount-doubleslashessourceprefix-cifs.diff deleted file mode 100644 index 9b57882..0000000 --- a/util-linux-2.12r-mount-doubleslashessourceprefix-cifs.diff +++ /dev/null @@ -1,58 +0,0 @@ -Author: Lars Mueller -Subject: Use cifs instead of smbfs by default if the source starts with //; minor mount man pages changes (mention cifs and point to mount.cifs man page) -Bugzilla: na -submitted upstream: yes -accepeted upstream: no - -Index: util-linux-2.12r/mount/mount.8 -=================================================================== ---- util-linux-2.12r.orig/mount/mount.8 -+++ util-linux-2.12r/mount/mount.8 -@@ -367,6 +367,7 @@ currently supported include: - .IR adfs , - .IR affs , - .IR autofs , -+.IR cifs , - .IR coda , - .IR coherent , - .IR cramfs , -@@ -420,8 +421,8 @@ For most types all the - program has to do is issue a simple - .IR mount (2) - system call, and no detailed knowledge of the filesystem type is required. --For a few types however (like nfs, smbfs, ncpfs) ad hoc code is --necessary. The nfs ad hoc code is built in, but smbfs and ncpfs -+For a few types however (like nfs, cifs, smbfs, ncpfs) ad hoc code is -+necessary. The nfs ad hoc code is built in, but cifs, smbfs, and ncpfs - have a separate mount program. In order to make it possible to - treat all types in a uniform way, mount will execute the program - .I /sbin/mount.TYPE -@@ -733,6 +734,11 @@ These options are accepted but ignored. - (However, quota utilities may react to such strings in - .IR /etc/fstab .) - -+.SH "Mount options for cifs" -+See the options section of the -+.BR mount.cifs (8) -+man page (cifs-mount package must be installed). -+ - .SH "Mount options for coherent" - None. - -Index: util-linux-2.12r/mount/mount.c -=================================================================== ---- util-linux-2.12r.orig/mount/mount.c -+++ util-linux-2.12r/mount/mount.c -@@ -1178,10 +1178,10 @@ mount_one (const char *spec, const char - "I'll assume nfs because of " - "the colon\n")); - } else if(!strncmp(spec, "//", 2)) { -- types = "smbfs"; -+ types = "cifs"; - if (verbose) - printf(_("mount: no type was given - " -- "I'll assume smbfs because of " -+ "I'll assume cifs because of " - "the // prefix\n")); - } - } diff --git a/util-linux-2.12r-mount-by-uuid.patch b/util-linux-2.12r-mount_by_uuid.patch similarity index 58% rename from util-linux-2.12r-mount-by-uuid.patch rename to util-linux-2.12r-mount_by_uuid.patch index 982b9b6..f3775eb 100644 --- a/util-linux-2.12r-mount-by-uuid.patch +++ b/util-linux-2.12r-mount_by_uuid.patch @@ -1,7 +1,8 @@ -diff -pur util-linux-2.12r/mount.orig/fstab.c util-linux-2.12r/mount/fstab.c ---- util-linux-2.12r/mount.orig/fstab.c 2004-12-21 20:09:24.000000000 +0100 -+++ util-linux-2.12r/mount/fstab.c 2005-11-10 08:53:42.000000000 +0100 -@@ -296,7 +296,7 @@ has_uuid(const char *device, const char +Index: util-linux-ng-2.12r+git20070330/mount/fstab.c +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/fstab.c ++++ util-linux-ng-2.12r+git20070330/mount/fstab.c +@@ -295,7 +295,7 @@ has_uuid(const char *device, const char const char *devuuid; int ret; @@ -10,10 +11,10 @@ diff -pur util-linux-2.12r/mount.orig/fstab.c util-linux-2.12r/mount/fstab.c ret = !strcmp(uuid, devuuid); /* free(devuuid); */ return ret; -Only in util-linux-2.12r/mount: fstab.c~ -diff -pur util-linux-2.12r/mount.orig/mount_blkid.c util-linux-2.12r/mount/mount_blkid.c ---- util-linux-2.12r/mount.orig/mount_blkid.c 2004-12-22 10:54:41.000000000 +0100 -+++ util-linux-2.12r/mount/mount_blkid.c 2005-11-10 08:55:00.000000000 +0100 +Index: util-linux-ng-2.12r+git20070330/mount/mount_blkid.c +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/mount_blkid.c ++++ util-linux-ng-2.12r+git20070330/mount/mount_blkid.c @@ -16,6 +16,11 @@ mount_blkid_put_cache(void) { } @@ -38,10 +39,10 @@ diff -pur util-linux-2.12r/mount.orig/mount_blkid.c util-linux-2.12r/mount/mount mount_get_volume_label_by_spec(const char *spec) { return xstrdup(get_volume_label_by_spec(spec)); } -Only in util-linux-2.12r/mount: mount_blkid.c~ -diff -pur util-linux-2.12r/mount.orig/mount_blkid.h util-linux-2.12r/mount/mount_blkid.h ---- util-linux-2.12r/mount.orig/mount_blkid.h 2004-04-13 22:00:02.000000000 +0200 -+++ util-linux-2.12r/mount/mount_blkid.h 2005-11-10 08:55:21.000000000 +0100 +Index: util-linux-ng-2.12r+git20070330/mount/mount_blkid.h +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/mount_blkid.h ++++ util-linux-ng-2.12r+git20070330/mount/mount_blkid.h @@ -7,6 +7,7 @@ extern void mount_blkid_get_cache(void); extern void mount_blkid_put_cache(void); extern const char *mount_get_devname_by_uuid(const char *uuid); @@ -50,4 +51,3 @@ diff -pur util-linux-2.12r/mount.orig/mount_blkid.h util-linux-2.12r/mount/mount extern const char *mount_get_volume_label_by_spec(const char *spec); extern const char *mount_get_devname(const char *spec); extern const char *mount_get_devname_for_mounting(const char *spec); -Only in util-linux-2.12r/mount: mount_blkid.h~ diff --git a/util-linux-2.12r-mount.8-xfs-update.patch b/util-linux-2.12r-mount_mount.8_xfs_update.patch similarity index 72% rename from util-linux-2.12r-mount.8-xfs-update.patch rename to util-linux-2.12r-mount_mount.8_xfs_update.patch index 0519712..612ce76 100644 --- a/util-linux-2.12r-mount.8-xfs-update.patch +++ b/util-linux-2.12r-mount_mount.8_xfs_update.patch @@ -1,6 +1,8 @@ ---- mount/mount.8 +Index: mount/mount.8 +=================================================================== +--- mount/mount.8.orig +++ mount/mount.8 -@@ -1781,6 +1781,12 @@ +@@ -1841,6 +1841,12 @@ system call. .TP .B dmapi " / " xdsm Enable the DMAPI (Data Management API) event callouts. diff --git a/util-linux-2.12r-mount-mtab-update.patch b/util-linux-2.12r-mount_mtab_update.patch similarity index 76% rename from util-linux-2.12r-mount-mtab-update.patch rename to util-linux-2.12r-mount_mtab_update.patch index c620b11..410e510 100644 --- a/util-linux-2.12r-mount-mtab-update.patch +++ b/util-linux-2.12r-mount_mtab_update.patch @@ -1,6 +1,8 @@ ---- mount/mount.c +Index: mount/mount.c +=================================================================== +--- mount/mount.c.orig +++ mount/mount.c -@@ -805,6 +805,7 @@ +@@ -842,6 +842,7 @@ try_mount_one (const char *spec0, const int mnt5_res = 0; /* only for gcc */ int mnt_err; int flags; @@ -8,7 +10,7 @@ char *extra_opts; /* written in mtab */ char *mount_opts; /* actually used on system call */ const char *opts, *spec, *node, *types; -@@ -913,13 +914,17 @@ +@@ -942,13 +943,17 @@ retry_nfs: if (loop) opt_loopdev = loopdev; diff --git a/util-linux-2.12r-nfs_remount_options.patch b/util-linux-2.12r-mount_nfs_remount_options.patch similarity index 59% rename from util-linux-2.12r-nfs_remount_options.patch rename to util-linux-2.12r-mount_nfs_remount_options.patch index 04fd6b6..a700af5 100644 --- a/util-linux-2.12r-nfs_remount_options.patch +++ b/util-linux-2.12r-mount_nfs_remount_options.patch @@ -1,8 +1,10 @@ -Index: util-linux-2.12r/mount/nfsmount.c +do not append addr option with each nfs remount [#130625] + +Index: util-linux-ng-2.12r+2.13pre7/mount/nfsmount.c =================================================================== ---- util-linux-2.12r.orig/mount/nfsmount.c -+++ util-linux-2.12r/mount/nfsmount.c -@@ -305,8 +305,11 @@ int nfsmount(const char *spec, const cha +--- util-linux-ng-2.12r+2.13pre7.orig/mount/nfsmount.c ++++ util-linux-ng-2.12r+2.13pre7/mount/nfsmount.c +@@ -303,8 +303,11 @@ int nfsmount(const char *spec, const cha "excessively long option argument\n")); goto fail; } diff --git a/util-linux-2.12r-mount_racy_loop.patch b/util-linux-2.12r-mount_racy_loop.patch index cba877a..3e33e1c 100644 --- a/util-linux-2.12r-mount_racy_loop.patch +++ b/util-linux-2.12r-mount_racy_loop.patch @@ -1,31 +1,30 @@ -Index: util-linux-2.12r/mount/lomount.c +Index: util-linux-ng-2.12r+git20070330/mount/lomount.c =================================================================== ---- util-linux-2.12r.orig/mount/lomount.c -+++ util-linux-2.12r/mount/lomount.c -@@ -1005,7 +1005,17 @@ set_loop(const char *device, const char +--- util-linux-ng-2.12r+git20070330.orig/mount/lomount.c ++++ util-linux-ng-2.12r+git20070330/mount/lomount.c +@@ -341,8 +341,15 @@ set_loop(const char *device, const char } if (ioctl(fd, LOOP_SET_FD, ffd) < 0) { - perror("ioctl: LOOP_SET_FD"); -+ switch (errno) { -+ case EBUSY: -+ ret = 2; -+ if (verbose) -+ perror("ioctl: LOOP_SET_FD"); -+ break; -+ default: -+ ret = 1; -+ perror("ioctl: LOOP_SET_FD"); -+ break; -+ } - keyclean_close_fd_ffd_return1: - memset(loopinfo.lo_encrypt_key, 0, sizeof(loopinfo.lo_encrypt_key)); - memset(&multiKeyBits[0][0], 0, sizeof(multiKeyBits)); -Index: util-linux-2.12r/mount/mount.c +- return 1; ++ switch (errno) { ++ case EBUSY: ++ if (verbose) ++ perror("ioctl: LOOP_SET_FD"); ++ return 2; ++ default: ++ perror("ioctl: LOOP_SET_FD"); ++ return 1; ++ } + } + close (ffd); + +Index: util-linux-ng-2.12r+git20070330/mount/mount.c =================================================================== ---- util-linux-2.12r.orig/mount/mount.c -+++ util-linux-2.12r/mount/mount.c -@@ -653,18 +653,32 @@ loop_check(const char **spec, const char +--- util-linux-ng-2.12r+git20070330.orig/mount/mount.c ++++ util-linux-ng-2.12r+git20070330/mount/mount.c +@@ -712,20 +712,33 @@ loop_check(const char **spec, const char printf(_("mount: skipping the setup of a loop device\n")); } else { int loopro = (*flags & MS_RDONLY); @@ -37,7 +36,9 @@ Index: util-linux-2.12r/mount/mount.c - return EX_SYSERR; /* no more loop devices */ - if (verbose) - printf(_("mount: going to use the loop device %s\n"), *loopdev); -- if (set_loop (*loopdev, *loopfile, &loopro, type, AutoChmodPtr)) { +- offset = opt_offset ? strtoull(opt_offset, NULL, 0) : 0; +- if (set_loop(*loopdev, *loopfile, offset, +- opt_encryption, pfd, &loopro)) { + do { + if (!*loopdev || !**loopdev) + *loopdev = find_unused_loop_device(); @@ -47,22 +48,23 @@ Index: util-linux-2.12r/mount/mount.c - printf(_("mount: failed setting up loop device\n")); - return EX_FAIL; - } -+ printf(_("mount: going to use the loop device %s\n"), *loopdev); -+ if (res = set_loop (*loopdev, *loopfile, &loopro, type, AutoChmodPtr)) { -+ switch(res) { -+ case 2: -+ /* loop dev has been grabbed by some other process, -+ try again */ -+ if (verbose) -+ printf("mount: stolen loop=%s ...trying again\n", *loopdev); -+ *loopdev = NULL; -+ continue; -+ default: -+ if (verbose) -+ printf(_("mount: failed setting up loop device\n")); -+ return EX_FAIL; -+ } -+ } ++ printf(_("mount: going to use the loop device %s\n"), *loopdev); ++ if (res = set_loop (*loopdev, *loopfile, offset, ++ opt_encryption, pfd, &loopro)) { ++ switch(res) { ++ case 2: ++ /* loop dev has been grabbed by some other process, ++ try again */ ++ if (verbose) ++ printf("mount: stolen loop=%s ...trying again\n", *loopdev); ++ *loopdev = NULL; ++ continue; ++ default: ++ if (verbose) ++ printf(_("mount: failed setting up loop device\n")); ++ return EX_FAIL; ++ } ++ } + } while (!*loopdev); + if (verbose > 1) diff --git a/util-linux-2.12r-rpcsec-gss.patch b/util-linux-2.12r-mount_rpcsec_gss.patch similarity index 88% rename from util-linux-2.12r-rpcsec-gss.patch rename to util-linux-2.12r-mount_rpcsec_gss.patch index cdff5f4..a5d8138 100644 --- a/util-linux-2.12r-rpcsec-gss.patch +++ b/util-linux-2.12r-mount_rpcsec_gss.patch @@ -1,6 +1,8 @@ ---- mount/nfsmount.c.orig 2006-03-17 19:42:33.000000000 +1100 -+++ mount/nfsmount.c 2006-03-17 19:56:55.000000000 +1100 -@@ -119,8 +119,10 @@ find_kernel_nfs_mount_version(void) { +Index: mount/nfsmount.c +=================================================================== +--- mount/nfsmount.c.orig ++++ mount/nfsmount.c +@@ -117,8 +117,10 @@ find_kernel_nfs_mount_version(void) { nfs_mount_version = 4; /* since 2.2.18pre9 */ else if (kernel_version < MAKE_VERSION(2,3,99)) nfs_mount_version = 3; @@ -12,7 +14,7 @@ } if (nfs_mount_version > NFS_MOUNT_VERSION) nfs_mount_version = NFS_MOUNT_VERSION; -@@ -320,7 +322,6 @@ int nfsmount(const char *spec, const cha +@@ -318,7 +320,6 @@ int nfsmount(const char *spec, const cha #if NFS_MOUNT_VERSION >= 2 data.namlen = NAME_MAX; #endif @@ -20,7 +22,7 @@ bg = 0; soft = 0; intr = 0; -@@ -402,6 +403,38 @@ int nfsmount(const char *spec, const cha +@@ -400,6 +401,38 @@ int nfsmount(const char *spec, const cha printf(_("Warning: Option namlen is not supported.\n")); } else if (!strcmp(opt, "addr")) { /* ignore */; @@ -59,7 +61,7 @@ } else { printf(_("unknown nfs mount parameter: " "%s=%d\n"), opt, val); -@@ -474,6 +507,11 @@ retry_udp: +@@ -472,6 +505,11 @@ retry_udp: data.flags |= (noacl ? NFS_MOUNT_NOACL : 0); } #endif @@ -71,7 +73,7 @@ if (nfsvers > MAX_NFSPROT) { fprintf(stderr, "NFSv%d not supported!\n", nfsvers); return 0; -@@ -510,6 +548,9 @@ retry_udp: +@@ -508,6 +546,9 @@ retry_udp: printf("tcp = %d\n", (data.flags & NFS_MOUNT_TCP) != 0); #endif @@ -81,7 +83,7 @@ #endif data.version = nfs_mount_version; -@@ -717,6 +758,30 @@ retry_udp: +@@ -715,6 +756,30 @@ retry_udp: nfs_strerror(status.nfsv3.fhs_status)); goto fail; } diff --git a/util-linux-2.12r-sec-manpage.patch b/util-linux-2.12r-mount_sec_manpage.patch similarity index 88% rename from util-linux-2.12r-sec-manpage.patch rename to util-linux-2.12r-mount_sec_manpage.patch index 0621cd6..c0c5611 100644 --- a/util-linux-2.12r-sec-manpage.patch +++ b/util-linux-2.12r-mount_sec_manpage.patch @@ -7,11 +7,11 @@ Acked-by: okir@suse.de mount/nfs.5 | 24 ++++++++++++++++++++---- 1 files changed, 20 insertions(+), 4 deletions(-) -Index: util-linux-2.12r/mount/nfs.5 +Index: util-linux-ng-2.12r+2.13pre7/mount/nfs.5 =================================================================== ---- util-linux-2.12r.orig/mount/nfs.5 -+++ util-linux-2.12r/mount/nfs.5 -@@ -128,7 +128,7 @@ mount daemon program number. +--- util-linux-ng-2.12r+2.13pre7.orig/mount/nfs.5 ++++ util-linux-ng-2.12r+2.13pre7/mount/nfs.5 +@@ -165,7 +165,7 @@ mount daemon program number. Use an alternate RPC version number to contact the mount daemon on the remote host. This option is useful for hosts that can run multiple NFS servers. @@ -20,7 +20,7 @@ Index: util-linux-2.12r/mount/nfs.5 .TP 1.5i .I nfsprog=n Use an alternate RPC program number to contact the -@@ -193,9 +193,25 @@ Suppress the retrieval of new attributes +@@ -230,9 +230,25 @@ Suppress the retrieval of new attributes .TP 1.5i .I noac Disable all forms of attribute caching entirely. This extracts a diff --git a/util-linux-2.12r-mount_swapon_swsuspend_resume.patch b/util-linux-2.12r-mount_swapon_swsuspend_resume.patch index 32ebc77..7f44b78 100644 --- a/util-linux-2.12r-mount_swapon_swsuspend_resume.patch +++ b/util-linux-2.12r-mount_swapon_swsuspend_resume.patch @@ -1,8 +1,9 @@ ## 30swsusp-resume.dpatch by Jeff Bailey -diff -urNad --exclude=CVS --exclude=.svn ./mount/get_label_uuid.c /tmp/dpep-work.5ak7Cm/util-linux/mount/get_label_uuid.c ---- ./mount/get_label_uuid.c 2004-12-22 08:44:32.000000000 -0700 -+++ /tmp/dpep-work.5ak7Cm/util-linux/mount/get_label_uuid.c 2005-12-06 11:54:33.000000000 -0700 -@@ -93,7 +93,25 @@ +Index: util-linux-ng-2.12r+git20070330/mount/get_label_uuid.c +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/get_label_uuid.c ++++ util-linux-ng-2.12r+git20070330/mount/get_label_uuid.c +@@ -93,7 +93,25 @@ is_v1_swap_partition(int fd, char **labe } return 0; } @@ -29,7 +30,7 @@ diff -urNad --exclude=CVS --exclude=.svn ./mount/get_label_uuid.c /tmp/dpep-work /* * Get both label and uuid. -@@ -126,6 +143,8 @@ +@@ -126,6 +144,8 @@ get_label_uuid(const char *device, char if (is_v1_swap_partition(fd, label, uuid)) goto done; @@ -38,10 +39,21 @@ diff -urNad --exclude=CVS --exclude=.svn ./mount/get_label_uuid.c /tmp/dpep-work if (lseek(fd, 1024, SEEK_SET) == 1024 && read(fd, (char *) &e2sb, sizeof(e2sb)) == sizeof(e2sb) -diff -urNad --exclude=CVS --exclude=.svn ./mount/swapon.c /tmp/dpep-work.5ak7Cm/util-linux/mount/swapon.c ---- ./mount/swapon.c 2004-12-22 08:44:32.000000000 -0700 -+++ /tmp/dpep-work.5ak7Cm/util-linux/mount/swapon.c 2005-12-06 11:54:33.000000000 -0700 -@@ -22,6 +25,7 @@ +Index: util-linux-ng-2.12r+git20070330/mount/swapon.c +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/swapon.c ++++ util-linux-ng-2.12r+git20070330/mount/swapon.c +@@ -10,7 +10,9 @@ + #include + #include + #include ++#include + #include ++#include + #include "xmalloc.h" + #include "swap_constants.h" + #include "swapargs.h" +@@ -23,6 +25,7 @@ #define _PATH_FSTAB "/etc/fstab" #define PROC_SWAPS "/proc/swaps" @@ -49,7 +61,7 @@ diff -urNad --exclude=CVS --exclude=.svn ./mount/swapon.c /tmp/dpep-work.5ak7Cm/ #define SWAPON_NEEDS_TWO_ARGS -@@ -164,6 +168,85 @@ +@@ -179,6 +182,85 @@ display_summary(void) return 0 ; } @@ -62,7 +74,7 @@ diff -urNad --exclude=CVS --exclude=.svn ./mount/swapon.c /tmp/dpep-work.5ak7Cm/ +static int +swap_is_swsuspend(const char *device) { + const char *type = blkid_get_tag_value(blkid, "TYPE", device); -+ ++ + if (type && strcmp(type, "swsuspend")==0) + return 0; + return 1; @@ -72,7 +84,7 @@ diff -urNad --exclude=CVS --exclude=.svn ./mount/swapon.c /tmp/dpep-work.5ak7Cm/ +swap_is_swsuspend(const char *device) { + int fd, re = 1, n = getpagesize() - 10; + char buf[10]; -+ ++ + fd = open(device, O_RDONLY); + if (fd < 0) + return -1; @@ -94,27 +106,27 @@ diff -urNad --exclude=CVS --exclude=.svn ./mount/swapon.c /tmp/dpep-work.5ak7Cm/ +swap_reinitialize(const char *device) { + const char *label = mount_get_volume_label_by_spec(device); + pid_t pid; -+ ++ + switch((pid=fork())) { + case -1: /* fork error */ + fprintf(stderr, _("%s: cannot fork: %s\n"), + progname, strerror(errno)); + return -1; -+ ++ + case 0: /* child */ + if (label && *label) + execl(PATH_MKSWAP, PATH_MKSWAP, "-L", label, device, NULL); + else + execl(PATH_MKSWAP, PATH_MKSWAP, device, NULL); + exit(1); /* error */ -+ ++ + default: /* parent */ + { + int status; + int ret; + + do { -+ if ((ret = waitpid(pid, &status, 0)) < 0 ++ if ((ret = waitpid(pid, &status, 0)) < 0 + && errno == EINTR) + continue; + else if (ret < 0) { @@ -131,26 +143,26 @@ diff -urNad --exclude=CVS --exclude=.svn ./mount/swapon.c /tmp/dpep-work.5ak7Cm/ + } + return -1; /* error */ +} -+ ++ static int do_swapon(const char *orig_special, int prio) { int status; -@@ -187,6 +269,18 @@ +@@ -202,6 +284,18 @@ do_swapon(const char *orig_special, int return -1; } -+ /* We have to reinitialize swap with old (=useless) software suspend -+ * data. The problem is that if we don't do it, then we get data ++ /* We have to reinitialize swap with old (=useless) software suspend ++ * data. The problem is that if we don't do it, then we get data + * corruption the next time with suspended on. + */ + if (swap_is_swsuspend(special)==0) { + fprintf(stdout, _("%s: %s: software suspend data detected. " -+ "Reinitializing the swap.\n"), ++ "Reinitializing the swap.\n"), + progname, special); + if (swap_reinitialize(special) < 0) + return -1; + } -+ ++ /* people generally dislike this warning - now it is printed only when `verbose' is set */ if (verbose) { diff --git a/util-linux-2.12r-umount_nosysfs.patch b/util-linux-2.12r-mount_umount_nosysfs.patch similarity index 53% rename from util-linux-2.12r-umount_nosysfs.patch rename to util-linux-2.12r-mount_umount_nosysfs.patch index f8d5ea6..97cc882 100644 --- a/util-linux-2.12r-umount_nosysfs.patch +++ b/util-linux-2.12r-mount_umount_nosysfs.patch @@ -1,6 +1,10 @@ ---- mount/umount.c +Added sysfs to list of filesystems not to unmount with umount -a [#190385] + +Index: mount/umount.c +=================================================================== +--- mount/umount.c.orig +++ mount/umount.c -@@ -724,7 +724,7 @@ +@@ -721,7 +721,7 @@ main (int argc, char *argv[]) { if (all) { /* nodev stuff: sysfs, usbfs, oprofilefs, ... */ if (types == NULL) diff --git a/util-linux-2.12r-nonfsmountfallback.diff b/util-linux-2.12r-nonfsmountfallback.diff deleted file mode 100644 index 97a7460..0000000 --- a/util-linux-2.12r-nonfsmountfallback.diff +++ /dev/null @@ -1,31 +0,0 @@ ---- util-linux-2.12r/mount/mount.c -+++ util-linux-2.12r/mount/mount.c -@@ -927,17 +927,6 @@ - - block_signals (SIG_UNBLOCK); - --#ifdef HAVE_NFS -- if (mnt_err && types && streq (types, "nfs")) { -- if (nfs_mount_version == 4 && mnt_err != EBUSY && mnt_err != ENOENT) { -- if (verbose) -- printf(_("mount: failed with nfs mount version 4, trying 3..\n")); -- nfs_mount_version = 3; -- goto retry_nfs; -- } -- } --#endif -- - /* Mount failed, complain, but don't die. */ - - if (types == 0) { ---- util-linux-2.12r/mount/nfsmount.c -+++ util-linux-2.12r/mount/nfsmount.c -@@ -76,7 +76,7 @@ - - #define MAKE_VERSION(p,q,r) (65536*(p) + 256*(q) + (r)) - --#define MAX_NFSPROT ((nfs_mount_version >= 4) ? 3 : 2) -+#define MAX_NFSPROT 3 - - static int - linux_version_code(void) { diff --git a/util-linux-2.12r-pagesize.patch b/util-linux-2.12r-pagesize.patch deleted file mode 100644 index e7a6968..0000000 --- a/util-linux-2.12r-pagesize.patch +++ /dev/null @@ -1,12 +0,0 @@ ---- mount/swapon.c -+++ mount/swapon.c -@@ -50,6 +50,9 @@ - - #define QUIET 1 - -+#undef PAGE_SIZE -+#define PAGE_SIZE sysconf(_SC_PAGESIZE) -+ - int all = 0; - int verbose = 0; - int priority = -1; /* non-prioritized swap by default */ diff --git a/util-linux-2.12r-partx.patch b/util-linux-2.12r-partx.patch deleted file mode 100644 index bde9c4a..0000000 --- a/util-linux-2.12r-partx.patch +++ /dev/null @@ -1,118 +0,0 @@ -Index: util-linux-2.12r/Makefile -=================================================================== ---- util-linux-2.12r.orig/Makefile -+++ util-linux-2.12r/Makefile -@@ -18,7 +18,8 @@ SUBDIRS=po \ - fdisk \ - hwclock \ - sys-utils \ -- text-utils -+ text-utils \ -+ partx - - .PHONEY: all install clean now - all: defines.h -@@ -43,7 +44,7 @@ install: - - clean: - -rm -f *.o *~ omake conftest conftest.c core -- @for subdir in $(SUBDIRS) partx; do \ -+ @for subdir in $(SUBDIRS); do \ - (cd $$subdir && $(MAKE) $@) || exit 1; \ - done - -Index: util-linux-2.12r/partx/partx.c -=================================================================== ---- util-linux-2.12r.orig/partx/partx.c -+++ util-linux-2.12r/partx/partx.c -@@ -38,6 +38,8 @@ - #include - #include - #include /* HDIO_GETGEO */ -+/* workaround for __user in header file */ -+#define __user - #include - #define BLKGETSIZE _IO(0x12,96) /* return device size */ - -@@ -333,29 +335,13 @@ xmalloc (size_t size) { - /* - * sseek: seek to specified sector - */ --#if !defined (__alpha__) && !defined (__ia64__) && !defined (__s390x__) && !defined(__x86_64__) --#define NEED__llseek --#endif -- --#ifdef NEED__llseek --#include /* _syscall */ --static --_syscall5(int, _llseek, uint, fd, ulong, hi, ulong, lo, -- long long *, res, uint, wh); --#endif -- - static int - sseek(int fd, unsigned int secnr) { - long long in, out; - in = ((long long) secnr << 9); - out = 1; - --#ifdef NEED__llseek -- if (_llseek (fd, in>>32, in & 0xffffffff, &out, SEEK_SET) != 0 -- || out != in) --#else - if ((out = lseek(fd, in, SEEK_SET)) != in) --#endif - { - fprintf(stderr, "llseek error\n"); - return -1; -Index: util-linux-2.12r/partx/addpart.c -=================================================================== ---- util-linux-2.12r.orig/partx/addpart.c -+++ util-linux-2.12r/partx/addpart.c -@@ -3,6 +3,8 @@ - #include - #include - #include -+/* workaround for __user in header file */ -+#define __user - #include - - int -Index: util-linux-2.12r/partx/delpart.c -=================================================================== ---- util-linux-2.12r.orig/partx/delpart.c -+++ util-linux-2.12r/partx/delpart.c -@@ -3,6 +3,8 @@ - #include - #include - #include -+/* workaround for __user in header file */ -+#define __user - #include - - int -Index: util-linux-2.12r/partx/Makefile -=================================================================== ---- util-linux-2.12r.orig/partx/Makefile -+++ util-linux-2.12r/partx/Makefile -@@ -1,7 +1,12 @@ -+include ../MCONFIG -+ - OBJ = bsd.o dos.o partx.o solaris.o unixware.o gpt.o crc32.o - CFLAGS += -Wall -+SBIN= -+ -+SBIN:=$(SBIN) partx - --all: addpart delpart partx -+all: addpart delpart $(SBIN) - - partx: $(OBJ) - -@@ -13,3 +18,7 @@ clean: - rm -f $(OBJ) addpart.o delpart.o addpart delpart partx *~ - - $(OBJ): partx.h -+ -+install: all -+ $(INSTALLDIR) $(SBINDIR) -+ $(INSTALLBIN) $(SBIN) $(SBINDIR) diff --git a/util-linux-2.12r-partx_gpt_warning.patch b/util-linux-2.12r-partx_gpt_warning.patch deleted file mode 100644 index eff2e26..0000000 --- a/util-linux-2.12r-partx_gpt_warning.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: util-linux-2.12r/partx/gpt.h -=================================================================== ---- util-linux-2.12r.orig/partx/gpt.h -+++ util-linux-2.12r/partx/gpt.h -@@ -36,7 +36,7 @@ - #define MSDOS_MBR_SIGNATURE 0xaa55 - #define GPT_BLOCK_SIZE 512 - --#define GPT_HEADER_SIGNATURE 0x5452415020494645 -+#define GPT_HEADER_SIGNATURE 0x5452415020494645LL - #define GPT_HEADER_REVISION_V1_02 0x00010200 - #define GPT_HEADER_REVISION_V1_00 0x00010000 - #define GPT_HEADER_REVISION_V0_99 0x00009900 diff --git a/util-linux-2.12r-rawfixes.patch b/util-linux-2.12r-rawfixes.patch deleted file mode 100644 index 14ba34b..0000000 --- a/util-linux-2.12r-rawfixes.patch +++ /dev/null @@ -1,19 +0,0 @@ ---- util-linux-2.12a/disk-utils/raw.c.=K0000=.orig -+++ util-linux-2.12a/disk-utils/raw.c -@@ -31,6 +31,7 @@ - #endif - #define DEVFS_RAWCTLDEV "/dev/raw/rawctl" - -+#define RAW_NR_MINORS 4096 - - char * progname; - int do_query = 0; -@@ -94,7 +95,7 @@ int main(int argc, char *argv[]) - if (do_query_all) { - if (optind < argc) - usage(1); -- for (i=1; i<255; i++) -+ for (i = 1; i < RAW_NR_MINORS; i++) - query(i, 1); - exit(0); - } diff --git a/util-linux-2.12r-readprofile-mapfile.patch b/util-linux-2.12r-sys_utils_readprofile_mapfile.patch similarity index 100% rename from util-linux-2.12r-readprofile-mapfile.patch rename to util-linux-2.12r-sys_utils_readprofile_mapfile.patch diff --git a/util-linux-2.12r.diff b/util-linux-2.12r.diff deleted file mode 100644 index 901db7f..0000000 --- a/util-linux-2.12r.diff +++ /dev/null @@ -1,86 +0,0 @@ ---- util-linux-2.12q/configure -+++ util-linux-2.12q/configure -@@ -59,7 +59,7 @@ - - CC=${CC-cc} - CFLAGS=${CFLAGS-"-O2"} --LDFLAGS=${LDFLAGS-"-s"} -+LDFLAGS=${LDFLAGS-""} - echo CC=$CC >> make_include - echo CFLAGS=$CFLAGS >> make_include - echo LDFLAGS=$LDFLAGS >> make_include ---- util-linux-2.12q/MCONFIG -+++ util-linux-2.12q/MCONFIG -@@ -22,7 +22,7 @@ - # If HAVE_PAM is set to "yes", then login, chfn, chsh, and newgrp - # will use PAM for authentication. Additionally, passwd will not be - # installed as it is not PAM aware. --HAVE_PAM=no -+HAVE_PAM=yes - - # If HAVE_SELINUX is set to "yes", the login will make sure the user is - # logged into an appropriate security context -@@ -35,7 +35,7 @@ - - # If HAVE_PASSWD is set to "yes", then passwd will not be built or - # installed from the login-utils subdirectory. --HAVE_PASSWD=no -+HAVE_PASSWD=yes - - # If you use chfn and chsh from this package, REQUIRE_PASSWORD will require - # non-root users to enter the account password before updating /etc/passwd. -@@ -59,7 +59,7 @@ - # not be built or installed from the login-utils subdirectory. (The - # shutdown and init from the SysVinit package do not depend on the last, - # mesg, and wall from that package.) --HAVE_SYSVINIT_UTILS=yes -+HAVE_SYSVINIT_UTILS=no - - # If HAVE_WRITE is set to "yes", then write will not be built or - # installed from the misc-utils subdirectory. -@@ -77,7 +77,7 @@ - # user's tty to "tty" [The login in util-linux does this correctly, and - # xterm will do it correctly if X is compiled with USE_TTY_GROUP set - # properly.] --USE_TTY_GROUP=yes -+USE_TTY_GROUP=no - - # If HAVE_KILL is set to "yes", then kill will not be built or - # installed from the misc-utils subdirectory. -@@ -141,7 +141,7 @@ - OPT= -pipe -O2 $(CPUOPT) -fomit-frame-pointer - else - ifeq "$(ARCH)" "arm" -- OPT= -pipe -O2 -fsigned-char -fomit-frame-pointer -+ OPT= -pipe -O2 -fomit-frame-pointer - else - OPT= -O2 -fomit-frame-pointer - endif -@@ -220,7 +220,7 @@ - INSTALLBIN= $(INSTALL) -m $(BINMODE) - INSTALLMAN= $(INSTALL) -m $(MANMODE) - INSTALLDAT= $(INSTALL) -m $(DATMODE) --INSTALLSUID= $(INSTALL) -m $(SUIDMODE) -o root -+INSTALLSUID= $(INSTALL) -m $(SUIDMODE) - - ifeq "$(DISABLE_NLS)" "yes" - NLSFLAGS = -DDISABLE_NLS ---- util-linux-2.12q/mount/filesystems -+++ util-linux-2.12q/mount/filesystems -@@ -0,0 +1,5 @@ -+vfat -+hfs -+minix -+reiserfs -+* ---- util-linux-2.12q/mount/linux_fs.h -+++ util-linux-2.12q/mount/linux_fs.h -@@ -19,7 +19,7 @@ - #define MINIX2_SUPER_MAGIC2 0x2478 /* minix v2, 30 char names */ - struct minix_super_block { - u_char s_dummy[16]; -- u_char s_magic[2]; -+ short s_magic[2]; - }; - #define minixmagic(s) assemble2le(s.s_magic) - diff --git a/util-linux-2.12r.tar.bz2 b/util-linux-2.12r.tar.bz2 deleted file mode 100644 index dd91c63..0000000 --- a/util-linux-2.12r.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:b8e499b338ce9fbd1fb315194b26540ec823c0afc46c9e145ac7a3e38ad57e6b -size 1370907 diff --git a/util-linux-2.13-build_fix_intel_check.patch b/util-linux-2.13-build_fix_intel_check.patch new file mode 100644 index 0000000..8e1c118 --- /dev/null +++ b/util-linux-2.13-build_fix_intel_check.patch @@ -0,0 +1,13 @@ +Index: util-linux-ng-2.12r+git20070330/configure.ac +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/configure.ac ++++ util-linux-ng-2.12r+git20070330/configure.ac +@@ -170,7 +170,7 @@ AC_TRY_COMPILE([ + + + case "$host" in +- i?86-*) intel=true ;; ++ i?86-* | x86_64*) intel=true ;; + m68*) m68k=true ;; + sparc*) sparc=true ;; + esac diff --git a/util-linux-2.13-build_gnu_source.patch b/util-linux-2.13-build_gnu_source.patch new file mode 100644 index 0000000..03174c6 --- /dev/null +++ b/util-linux-2.13-build_gnu_source.patch @@ -0,0 +1,12 @@ +Index: util-linux-ng-2.12r+git20070330/configure.ac +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/configure.ac ++++ util-linux-ng-2.12r+git20070330/configure.ac +@@ -10,6 +10,7 @@ AC_CONFIG_SRCDIR(mount/mount.c) + + AC_PREFIX_DEFAULT(/) + ++AC_GNU_SOURCE + AC_PROG_CC_STDC + AC_PROG_RANLIB + AC_PROG_LIBTOOL diff --git a/util-linux-2.13-misc_utils_add_man_scriptreplay.patch b/util-linux-2.13-misc_utils_add_man_scriptreplay.patch new file mode 100644 index 0000000..ba22200 --- /dev/null +++ b/util-linux-2.13-misc_utils_add_man_scriptreplay.patch @@ -0,0 +1,13 @@ +Index: util-linux-ng-2.12r+git20070330/misc-utils/Makefile.am +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/misc-utils/Makefile.am ++++ util-linux-ng-2.12r+git20070330/misc-utils/Makefile.am +@@ -24,7 +24,7 @@ scriptreplay: scriptreplay.pl + CLEANFILES = chkdupexe scriptreplay + + man_MANS = cal.1 chkdupexe.1 ddate.1 logger.1 look.1 mcookie.1 \ +- namei.1 script.1 whereis.1 hostid.1 ++ namei.1 script.1 whereis.1 hostid.1 scriptreplay.1 + + if HAVE_NCURSES + cal_LDADD = -lncurses diff --git a/util-linux-2.13-mount_nfs_timeo.patch b/util-linux-2.13-mount_nfs_timeo.patch new file mode 100644 index 0000000..53b2141 --- /dev/null +++ b/util-linux-2.13-mount_nfs_timeo.patch @@ -0,0 +1,13 @@ +Index: util-linux-ng-2.12r+2.13pre7/mount/nfsmount.c +=================================================================== +--- util-linux-ng-2.12r+2.13pre7.orig/mount/nfsmount.c ++++ util-linux-ng-2.12r+2.13pre7/mount/nfsmount.c +@@ -487,7 +487,7 @@ retry_udp: + + /* Adjust options if none specified */ + if (!data.timeo) +- data.timeo = tcp ? 70 : 7; ++ data.timeo = tcp ? 600 : 7; + + #ifdef NFS_MOUNT_DEBUG + printf("rsize = %d, wsize = %d, timeo = %d, retrans = %d\n", diff --git a/util-linux-2.13-sys_utils_arch.patch b/util-linux-2.13-sys_utils_arch.patch new file mode 100644 index 0000000..4b63ad0 --- /dev/null +++ b/util-linux-2.13-sys_utils_arch.patch @@ -0,0 +1,105 @@ +Index: util-linux-ng-2.12r+git20070330/sys-utils/Makefile.am +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/sys-utils/Makefile.am ++++ util-linux-ng-2.12r+git20070330/sys-utils/Makefile.am +@@ -1,9 +1,11 @@ + include $(top_srcdir)/config/include-Makefile.am + +-bin_PROGRAMS = dmesg ++bin_PROGRAMS = arch dmesg + + usrbinexec_PROGRAMS = cytune flock ionice ipcrm ipcs renice setsid + ++arch_SOURCES = arch.c ++ + cytune_SOURCES = cytune.c cyclades.h + + sbin_PROGRAMS = ctrlaltdel +@@ -12,7 +14,7 @@ usrsbinexec_PROGRAMS = readprofile tunel + + tunelp_SOURCES = tunelp.c lp.h + +-man_MANS = flock.1 ionice.1 readprofile.1 \ ++man_MANS = arch.1 flock.1 ionice.1 readprofile.1 \ + ctrlaltdel.8 cytune.8 dmesg.8 ipcrm.8 ipcs.8 renice.8 \ + setsid.8 tunelp.8 + +Index: util-linux-ng-2.12r+git20070330/sys-utils/arch.1 +=================================================================== +--- /dev/null ++++ util-linux-ng-2.12r+git20070330/sys-utils/arch.1 +@@ -0,0 +1,34 @@ ++.\" arch.1 -- ++.\" Copyright 1993 Rickard E. Faith (faith@cs.unc.edu) ++.\" Public domain: may be freely distributed. ++.TH ARCH 1 "4 July 1997" "Linux 2.0" "Linux Programmer's Manual" ++.SH NAME ++arch \- print machine architecture ++.SH SYNOPSIS ++.B arch ++.SH DESCRIPTION ++.B arch ++is equivalent to ++.BR "uname -m" . ++ ++On current Linux systems, ++.B arch ++prints things such as "i386", "i486", "i586", "alpha", "sparc", ++"arm", "m68k", "mips", "ppc". ++.SH SEE ALSO ++.BR uname (1), ++.BR uname (2) ++.\" ++.\" Details: ++.\" arch prints the machine part of the system_utsname struct ++.\" This struct is defined in version.c, and this field is ++.\" initialized with UTS_MACHINE, which is defined as $ARCH ++.\" in the main Makefile. ++.\" That gives the possibilities ++.\" alpha arm i386 m68k mips ppc sparc sparc64 ++.\" ++.\" If Makefile is not edited, ARCH is guessed by ++.\" ARCH := $(shell uname -m | sed -e s/i.86/i386/ -e s/sun4u/sparc64/) ++.\" Then how come we get these i586 values? ++.\" Well, the routine check_bugs() does system_utsname.machine[1] = '0' + x86; ++.\" (called in init/main.c, defined in ./include/asm-i386/bugs.h) +Index: util-linux-ng-2.12r+git20070330/sys-utils/arch.c +=================================================================== +--- /dev/null ++++ util-linux-ng-2.12r+git20070330/sys-utils/arch.c +@@ -0,0 +1,35 @@ ++/* arch -- print machine architecture information ++ * Created: Mon Dec 20 12:27:15 1993 by faith@cs.unc.edu ++ * Revised: Mon Dec 20 12:29:23 1993 by faith@cs.unc.edu ++ * Copyright 1993 Rickard E. Faith (faith@cs.unc.edu) ++ ++ * This program is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by the ++ * Free Software Foundation; either version 2, or (at your option) any ++ * later version. ++ ++ * This program is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ ++ * You should have received a copy of the GNU General Public License along ++ * with this program; if not, write to the Free Software Foundation, Inc., ++ * 675 Mass Ave, Cambridge, MA 02139, USA. */ ++ ++#include ++#include ++ ++int main (void) ++{ ++ struct utsname utsbuf; ++ ++ if (uname( &utsbuf )) { ++ perror( "arch" ); ++ return 1; ++ } ++ ++ printf( "%s\n", utsbuf.machine ); ++ ++ return 0; ++} diff --git a/util-linux-2.13-tests_missing_include.patch b/util-linux-2.13-tests_missing_include.patch new file mode 100644 index 0000000..ed9c233 --- /dev/null +++ b/util-linux-2.13-tests_missing_include.patch @@ -0,0 +1,12 @@ +Index: util-linux-ng-2.12r+git20070330/tests/helpers/mnt_test_sysinfo.c +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/tests/helpers/mnt_test_sysinfo.c ++++ util-linux-ng-2.12r+git20070330/tests/helpers/mnt_test_sysinfo.c +@@ -1,6 +1,7 @@ + + #include + #include ++#include + #include + + #include diff --git a/util-linux-wall.dif b/util-linux-login_utils_wall.patch similarity index 88% rename from util-linux-wall.dif rename to util-linux-login_utils_wall.patch index 43faf7b..619ed13 100644 --- a/util-linux-wall.dif +++ b/util-linux-login_utils_wall.patch @@ -1,3 +1,5 @@ +remove unwanted newline (#12181) + --- util-linux-2.12q/login-utils/wall.c +++ util-linux-2.12q/login-utils/wall.c @@ -217,8 +217,6 @@ diff --git a/util-linux-libvolume_id-support.patch b/util-linux-mount_libvolume_id_support.patch similarity index 57% rename from util-linux-libvolume_id-support.patch rename to util-linux-mount_libvolume_id_support.patch index adca26a..3e168ad 100644 --- a/util-linux-libvolume_id-support.patch +++ b/util-linux-mount_libvolume_id_support.patch @@ -1,127 +1,16 @@ ---- MCONFIG -+++ MCONFIG -@@ -138,8 +138,8 @@ - CPUTAIL=486 - endif - ifeq "$(CPU)" "x86_64" -- CPUHEAD=-mcpu= -- CPUTAIL=nocona -+ CPUHEAD=-mtune= -+ CPUTAIL=k8 - endif - CPUOPT= $(CPUHEAD)$(CPUTAIL) - OPT= -pipe -O2 $(CPUOPT) -fomit-frame-pointer -@@ -151,7 +151,7 @@ - endif - endif - --WARNFLAGS = -Wall -Wmissing-prototypes -Wstrict-prototypes -+WARNFLAGS = -Wall -Wmissing-prototypes -Wstrict-prototypes -g - - LIB=../lib - ---- configure -+++ configure -@@ -754,3 +754,23 @@ - echo "You don't have blkid" - fi - rm -f conftest conftest.c -+ -+# -+# 16. For mount, do we have libvolume_id? -+# -+echo ' -+#include -+#include -+int main(){ exit(0); volume_id_close(NULL); } -+' > conftest.c -+LIBS="-lvolume_id" -+eval $compile -+LIBS= -+if test -s conftest; then -+ echo "HAVE_VOLID=yes" >> make_include -+ echo "You have libvolume_id" -+else -+ echo "HAVE_VOLID=no" >> make_include -+ echo "You don't have libvolume_id" -+fi -+rm -f conftest conftest.c ---- mount/Makefile -+++ mount/Makefile -@@ -1,7 +1,7 @@ - include ../make_include - include ../MCONFIG - --DEFINES = -DHAVE_NFS $(BLKID_DEFINE) -+DEFINES = -DHAVE_NFS $(BLKID_DEFINE) $(VOLID_DEFINE) - - RPCSVCDIR = rpcsvc - RPC_CFLAGS = -Wno-unused -@@ -25,6 +25,11 @@ - BLKID_LIB = -lblkid -luuid - endif - -+ifeq "$(HAVE_VOLID)" "yes" -+VOLID_DEFINE = -DHAVE_VOLID -+VOLID_LIB = -lvolume_id -+endif -+ - PROGS = $(SUID_PROGS) $(NOSUID_PROGS) - - MAYBE = pivot_root swapoff -@@ -48,23 +53,25 @@ - - mount: mount.o fstab.o sundries.o xmalloc.o realpath.o mntent.o version.o \ - get_label_uuid.o mount_by_label.o mount_blkid.o mount_guess_fstype.o \ -+ mount_udev.o \ - getusername.o $(LIB)/setproctitle.o $(LIB)/env.o $(NFS_OBJS) lomount.o \ - loumount.o loop.o sha512.o rmd160.o aes.o $(LIB)/xstrncpy.o -- $(LINK) $^ -o $@ $(BLKID_LIB) -+ $(LINK) $^ -o $@ $(BLKID_LIB) $(VOLID_LIB) - - umount: umount.o fstab.o sundries.o xmalloc.o realpath.o mntent.o \ - getusername.o get_label_uuid.o mount_by_label.o mount_blkid.o \ -- version.o $(LIB)/env.o loumount.o -- $(LINK) $^ -o $@ $(BLKID_LIB) -+ mount_udev.o version.o $(LIB)/env.o loumount.o -+ $(LINK) $^ -o $@ $(BLKID_LIB) $(VOLID_LIB) - - guessfstype: guessfstype.o mount_guess_fstype.o sundries.o realpath.o \ - fstab.o mntent.o get_label_uuid.o mount_blkid.o mount_by_label.o \ -- xmalloc.o -- $(LINK) $^ -o $@ -+ mount_udev.o xmalloc.o -+ $(LINK) $^ -o $@ $(VOLID_LIB) - - swapon: swapon.o version.o xmalloc.o \ -- get_label_uuid.o mount_by_label.o mount_blkid.o loop.o sha512.o $(LIB)/xstrncpy.o -- $(LINK) $^ -o $@ $(BLKID_LIB) -+ get_label_uuid.o mount_by_label.o mount_blkid.o mount_udev.o \ -+ loop.o sha512.o $(LIB)/xstrncpy.o -+ $(LINK) $^ -o $@ $(BLKID_LIB) $(VOLID_LIB) - - main_losetup.o: lomount.c - $(COMPILE) -DMAIN lomount.c -o $@ -@@ -142,7 +149,7 @@ - - clean: - rm -f a.out core *~ *.o swapargs.h $(PROGS) $(MAYBE) -- rm -f nfs_mountversion.h -+ rm -f nfs_mountversion.h nfsmount_clnt.c nfsmount.h nfsmount_xdr.c - - clobber distclean realclean: clean - rm -f $(GEN_FILES) ---- mount/fstab.c -+++ mount/fstab.c -@@ -305,6 +305,7 @@ - /* Find the entry (SPEC,FILE) in fstab */ +Index: util-linux-ng-2.12r+git20070330/mount/fstab.c +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/fstab.c ++++ util-linux-ng-2.12r+git20070330/mount/fstab.c +@@ -305,6 +305,7 @@ has_uuid(const char *device, const char struct mntentchn * getfsspecfile (const char *spec, const char *file) { -+ char *nspec; struct mntentchn *mc, *mc0; ++ char *nspec; mc0 = fstab_head(); -@@ -316,11 +317,12 @@ + +@@ -315,11 +316,12 @@ getfsspecfile (const char *spec, const c return mc; /* second attempt: names found after symlink resolution */ @@ -135,7 +24,7 @@ return mc; /* third attempt: names found after LABEL= or UUID= resolution */ -@@ -357,11 +359,21 @@ +@@ -356,11 +358,21 @@ getfsfile (const char *file) { struct mntentchn * getfsspec (const char *spec) { struct mntentchn *mc, *mc0; @@ -159,18 +48,20 @@ return NULL; } ---- mount/mount.c -+++ mount/mount.c -@@ -1667,7 +1667,7 @@ - use only for testing purposes - - the guessing is not reliable at all */ - { -- char *fstype; -+ const char *fstype; - fstype = do_guess_fstype(optarg); - printf("%s\n", fstype ? fstype : "unknown"); - exit(fstype ? 0 : EX_FAIL); -@@ -1738,6 +1738,8 @@ +@@ -723,6 +735,8 @@ char *progname; + + const char *mount_get_volume_label_by_spec(const char *spec) { return NULL; } + const char *mount_get_devname_by_uuid(const char *uuid) { return NULL; } ++const char *mount_get_devname_by_label(const char *label) { return NULL; } ++const char *mount_get_volume_uuid_by_spec(const char *spec) { return NULL; } + struct my_mntent *my_getmntent (mntFILE *mfp) { return NULL; } + mntFILE *my_setmntent (const char *file, char *mode) { return NULL; } + void my_endmntent (mntFILE *mfp) { } +Index: util-linux-ng-2.12r+git20070330/mount/mount.c +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/mount.c ++++ util-linux-ng-2.12r+git20070330/mount/mount.c +@@ -1746,6 +1746,8 @@ main(int argc, char *argv[]) { if (mc == NULL) mc = getfsspec (spec); if (mc == NULL) @@ -179,44 +70,54 @@ die (EX_USAGE, _("mount: cannot find %s in %s"), spec, _PATH_FSTAB); ---- mount/mount_blkid.c -+++ mount/mount_blkid.c +Index: util-linux-ng-2.12r+git20070330/mount/mount_blkid.c +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/mount_blkid.c ++++ util-linux-ng-2.12r+git20070330/mount/mount_blkid.c @@ -1,6 +1,7 @@ #include #include "mount_blkid.h" -+#ifndef HAVE_VOLID - #ifdef HAVE_BLKID ++#ifndef HAVE_LIBVOLUME_ID + #ifdef HAVE_LIBBLKID blkid_cache blkid; -@@ -119,3 +120,4 @@ +@@ -118,4 +119,5 @@ mount_get_devname_for_mounting(const cha + } - #endif -+#endif ---- mount/mount_blkid.h -+++ mount/mount_blkid.h -@@ -11,3 +11,5 @@ +-#endif ++#endif /* HAVE_LIBBLKID */ ++#endif /* HAVE_LIBVOLUME_ID */ +Index: util-linux-ng-2.12r+git20070330/mount/mount_blkid.h +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/mount_blkid.h ++++ util-linux-ng-2.12r+git20070330/mount/mount_blkid.h +@@ -11,3 +11,5 @@ extern const char *mount_get_volume_uuid extern const char *mount_get_volume_label_by_spec(const char *spec); extern const char *mount_get_devname(const char *spec); extern const char *mount_get_devname_for_mounting(const char *spec); + +extern const char *volume_id_get_tag(const char *spec, const char *token); ---- mount/mount_by_label.c -+++ mount/mount_by_label.c +Index: util-linux-ng-2.12r+git20070330/mount/mount_by_label.c +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/mount_by_label.c ++++ util-linux-ng-2.12r+git20070330/mount/mount_by_label.c @@ -1,4 +1,4 @@ --#ifndef HAVE_BLKID -+#if (!defined HAVE_BLKID) && (!defined HAVE_VOLID) +-#ifndef HAVE_LIBBLKID ++#if (!defined HAVE_BLKID) && (!defined HAVE_LIBVOLUME_ID) /* * mount_by_label.c - aeb * ---- mount/mount_guess_fstype.c -+++ mount/mount_guess_fstype.c -@@ -54,9 +54,23 @@ +Index: util-linux-ng-2.12r+git20070330/mount/mount_guess_fstype.c +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/mount_guess_fstype.c ++++ util-linux-ng-2.12r+git20070330/mount/mount_guess_fstype.c +@@ -46,15 +46,29 @@ #define ETC_FILESYSTEMS "/etc/filesystems" #define PROC_FILESYSTEMS "/proc/filesystems" -+#ifdef HAVE_VOLID ++#ifdef HAVE_LIBVOLUME_ID + +static int +known_fstype(const char *fstype) { @@ -230,32 +131,29 @@ +} + +#else - #ifdef HAVE_BLKID + #ifdef HAVE_LIBBLKID -char * +const char * do_guess_fstype(const char *device) { return blkid_get_tag_value(blkid, "TYPE", device); -@@ -208,7 +222,7 @@ - return (sum == p[511]); } --char * -+const char * - do_guess_fstype(const char *device) { - int fd; - char *type = NULL; -@@ -536,7 +550,7 @@ +-static int ++const static int + known_fstype(const char *fstype) + { + return blkid_known_fstype(fstype); +@@ -492,6 +506,7 @@ io_error: } #endif -- +#endif + static struct tried { struct tried *next; - char *type; -@@ -578,9 +592,9 @@ +@@ -534,9 +549,9 @@ free_tested(void) { tried = NULL; } @@ -267,8 +165,10 @@ if (verbose) { printf (_("mount: you didn't specify a filesystem type for %s\n"), spec); ---- /dev/null 2006-06-02 17:12:45.000000000 +0200 -+++ mount/mount_udev.c 2006-06-12 11:14:42.285154088 +0200 +Index: util-linux-ng-2.12r+git20070330/mount/mount_udev.c +=================================================================== +--- /dev/null ++++ util-linux-ng-2.12r+git20070330/mount/mount_udev.c @@ -0,0 +1,237 @@ +#include +#include @@ -282,7 +182,7 @@ + +#include "mount_blkid.h" + -+#ifdef HAVE_VOLID ++#ifdef HAVE_LIBVOLUME_ID + +extern int verbose; + @@ -507,8 +407,10 @@ +} + +#endif ---- mount/mount_guess_fstype.h -+++ mount/mount_guess_fstype.h +Index: util-linux-ng-2.12r+git20070330/mount/mount_guess_fstype.h +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/mount_guess_fstype.h ++++ util-linux-ng-2.12r+git20070330/mount/mount_guess_fstype.h @@ -8,8 +8,8 @@ struct mountargs { extern int verbose; @@ -520,4 +422,62 @@ int procfsloop(int (*mount_fn)(struct mountargs *), struct mountargs *args, const char **type); int is_in_procfs(const char *fstype); - +Index: util-linux-ng-2.12r+git20070330/configure.ac +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/configure.ac ++++ util-linux-ng-2.12r+git20070330/configure.ac +@@ -57,8 +57,10 @@ AC_CHECK_LIB(termcap, tgetnum) + AM_CONDITIONAL(HAVE_TERMCAP, test x$ac_cv_lib_termcap_tgetnum = xyes) + + AC_CHECK_LIB(blkid, blkid_known_fstype) +-AM_CONDITIONAL(HAVE_BLKID, test x$ac_cv_lib_blkid_blkid_known_fstype = xyes) ++AC_CHECK_LIB(volume_id, volume_id_open_node) + ++AM_CONDITIONAL(HAVE_BLKID, test x$ac_cv_lib_blkid_blkid_known_fstype = xyes) ++AM_CONDITIONAL(HAVE_VOLUME_ID, test x$ac_cv_lib_volume_id_volume_id_open_node = xyes) + + AM_GNU_GETTEXT_VERSION([0.14.1]) + AM_GNU_GETTEXT([external]) +Index: util-linux-ng-2.12r+git20070330/mount/Makefile.am +=================================================================== +--- util-linux-ng-2.12r+git20070330.orig/mount/Makefile.am ++++ util-linux-ng-2.12r+git20070330/mount/Makefile.am +@@ -16,7 +16,7 @@ MNTHDRS = fstab.h linux_fs.h mount_mnten + + mount_SOURCES = mount.c fstab.c sundries.c xmalloc.c realpath.c mount_mntent.c \ + get_label_uuid.c mount_by_label.c mount_blkid.c mount_guess_fstype.c \ +- getusername.c \ ++ mount_udev.c getusername.c \ + nfsmount.c nfsmount_clnt.c nfs4mount.c \ + lomount.c \ + $(MNTHDRS) +@@ -24,14 +24,14 @@ mount_SOURCES = mount.c fstab.c sundries + mount_LDADD = $(top_srcdir)/lib/libenv.a $(top_srcdir)/lib/libsetproctitle.a libnfsmount_xdr.a + + umount_SOURCES = umount.c fstab.c sundries.c xmalloc.c realpath.c mount_mntent.c \ +- getusername.c get_label_uuid.c mount_by_label.c mount_blkid.c \ ++ getusername.c get_label_uuid.c mount_by_label.c mount_blkid.c mount_udev.c \ + lomount.c \ + $(MNTHDRS) + + umount_LDADD = $(top_srcdir)/lib/libenv.a + + swapon_SOURCES = swapon.c xmalloc.c \ +- get_label_uuid.c mount_by_label.c mount_blkid.c \ ++ get_label_uuid.c mount_by_label.c mount_blkid.c mount_udev.c \ + swap_constants.h realpath.c + + losetup_SOURCES = lomount.c loop.h lomount.h +@@ -43,6 +43,12 @@ umount_LDADD += -lblkid -luuid + swapon_LDADD = -lblkid -luuid + endif + ++if HAVE_VOLUME_ID ++mount_LDADD += -lvolume_id ++umount_LDADD += -lvolume_id ++swapon_LDADD = -lvolume_id ++endif ++ + if HAVE_PIVOT_ROOT + sbin_PROGRAMS += pivot_root + man_MANS += pivot_root.8 diff --git a/mount.8-acl.diff b/util-linux-mount_mount.8-acl.patch similarity index 100% rename from mount.8-acl.diff rename to util-linux-mount_mount.8-acl.patch diff --git a/util-linux-nfs.8.diff b/util-linux-mount_nfs.8.patch similarity index 100% rename from util-linux-nfs.8.diff rename to util-linux-mount_nfs.8.patch diff --git a/util-linux-opt-hotplug.diff b/util-linux-mount_opt_hotplug.patch similarity index 73% rename from util-linux-opt-hotplug.diff rename to util-linux-mount_opt_hotplug.patch index ee5ed40..d979289 100644 --- a/util-linux-opt-hotplug.diff +++ b/util-linux-mount_opt_hotplug.patch @@ -3,10 +3,10 @@ mount/mount_constants.h | 3 +++ 3 files changed, 23 insertions(+), 2 deletions(-) -Index: util-linux-2.12r/mount/mount.8 +Index: util-linux-ng-2.12r+git20070330/mount/mount.8 =================================================================== ---- util-linux-2.12r.orig/mount/mount.8 -+++ util-linux-2.12r/mount/mount.8 +--- util-linux-ng-2.12r+git20070330.orig/mount/mount.8 ++++ util-linux-ng-2.12r+git20070330/mount/mount.8 @@ -572,6 +572,10 @@ This option implies the options (unless overridden by subsequent options, as in the option line .BR group,dev,suid ). @@ -18,7 +18,7 @@ Index: util-linux-2.12r/mount/mount.8 .B mand Allow mandatory locks on this filesystem. See .BR fcntl (2). -@@ -599,6 +603,9 @@ Do not allow direct execution of any bin +@@ -602,6 +606,9 @@ Do not allow direct execution of any bin (Until recently it was possible to run binaries anyway using a command like /lib/ld*.so /mnt/binary. This trick fails since Linux 2.4.25 / 2.6.0.) .TP @@ -28,11 +28,11 @@ Index: util-linux-2.12r/mount/mount.8 .B nomand Do not allow mandatory locks on this filesystem. .TP -Index: util-linux-2.12r/mount/mount.c +Index: util-linux-ng-2.12r+git20070330/mount/mount.c =================================================================== ---- util-linux-2.12r.orig/mount/mount.c -+++ util-linux-2.12r/mount/mount.c -@@ -162,9 +162,14 @@ static const struct opt_map opt_map[] = +--- util-linux-ng-2.12r+git20070330.orig/mount/mount.c ++++ util-linux-ng-2.12r+git20070330/mount/mount.c +@@ -174,9 +174,14 @@ static const struct opt_map opt_map[] = { "diratime", 0, 1, MS_NODIRATIME }, /* Update dir access times */ { "nodiratime", 0, 0, MS_NODIRATIME },/* Do not update dir access times */ #endif @@ -44,10 +44,10 @@ Index: util-linux-2.12r/mount/mount.c +static int option_hotplug; /* can not invent our own MS_FLAGS */ + - static const char *opt_loopdev, *opt_vfstype, + static const char *opt_loopdev, *opt_vfstype, *opt_offset, *opt_encryption, *opt_speed, *opt_comment; -@@ -265,6 +270,10 @@ parse_opt(const char *opt, int *mask, ch +@@ -269,6 +274,10 @@ parse_opt(const char *opt, int *mask, ch for (om = opt_map; om->opt != NULL; om++) if (streq (opt, om->opt)) { @@ -58,7 +58,7 @@ Index: util-linux-2.12r/mount/mount.c if (om->inv) *mask &= ~om->mask; else -@@ -958,9 +967,11 @@ nosigblock: +@@ -985,9 +994,11 @@ retry_nfs: else if (stat (node, &statbuf)) error (_("mount: mount point %s is a symbolic link to nowhere"), node); @@ -72,10 +72,10 @@ Index: util-linux-2.12r/mount/mount.c errno = mnt_err; perror("mount"); } -Index: util-linux-2.12r/mount/mount_constants.h +Index: util-linux-ng-2.12r+git20070330/mount/mount_constants.h =================================================================== ---- util-linux-2.12r.orig/mount/mount_constants.h -+++ util-linux-2.12r/mount/mount_constants.h +--- util-linux-ng-2.12r+git20070330.orig/mount/mount_constants.h ++++ util-linux-ng-2.12r+git20070330/mount/mount_constants.h @@ -57,6 +57,9 @@ if we have a stack or plain mount - moun #ifndef MS_VERBOSE #define MS_VERBOSE 0x8000 /* 32768 */ diff --git a/util-linux-warn-nfsudp.diff b/util-linux-mount_warn_nfsudp.patch similarity index 89% rename from util-linux-warn-nfsudp.diff rename to util-linux-mount_warn_nfsudp.patch index 3841c8c..215a283 100644 --- a/util-linux-warn-nfsudp.diff +++ b/util-linux-mount_warn_nfsudp.patch @@ -1,8 +1,8 @@ -Index: util-linux-2.12/mount/nfs.5 -================================================================================ ---- util-linux-2.12q/mount/nfs.5 -+++ util-linux-2.12q/mount/nfs.5 -@@ -201,9 +201,13 @@ +Index: util-linux-ng-2.12r+2.13pre7/mount/nfs.5 +=================================================================== +--- util-linux-ng-2.12r+2.13pre7.orig/mount/nfs.5 ++++ util-linux-ng-2.12r+2.13pre7/mount/nfs.5 +@@ -238,9 +238,13 @@ writing to common filesystem on the serv Mount the NFS filesystem using the TCP protocol instead of the UDP protocol. This is the default, but in case it fails (many NFS servers only support UDP) it will fallback and try UDP. @@ -16,7 +16,7 @@ Index: util-linux-2.12/mount/nfs.5 .TP 1.5i .I noacl Assume no extended access control mechanisms like POSIX ACLs are used -@@ -217,6 +221,83 @@ +@@ -411,6 +415,83 @@ writing to common filesystem on the serv All of the non-value options have corresponding nooption forms. For example, nointr means don't allow file operations to be interrupted. @@ -100,9 +100,11 @@ Index: util-linux-2.12/mount/nfs.5 .SH FILES .I /etc/fstab .SH "SEE ALSO" ---- util-linux-2.12q/mount/nfsmount.c -+++ util-linux-2.12q/mount/nfsmount.c -@@ -737,8 +737,12 @@ +Index: util-linux-ng-2.12r+2.13pre7/mount/nfsmount.c +=================================================================== +--- util-linux-ng-2.12r+2.13pre7.orig/mount/nfsmount.c ++++ util-linux-ng-2.12r+2.13pre7/mount/nfsmount.c +@@ -735,8 +735,12 @@ retry_udp: goto fail; } fsock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); diff --git a/util-linux-nfs-timeo.diff b/util-linux-nfs-timeo.diff deleted file mode 100644 index 2f41dec..0000000 --- a/util-linux-nfs-timeo.diff +++ /dev/null @@ -1,11 +0,0 @@ ---- util-linux-2.12q/mount/nfsmount.c -+++ util-linux-2.12q/mount/nfsmount.c -@@ -489,7 +489,7 @@ - - /* Adjust options if none specified */ - if (!data.timeo) -- data.timeo = tcp ? 70 : 7; -+ data.timeo = tcp ? 600 : 7; - - #ifdef NFS_MOUNT_DEBUG - printf("rsize = %d, wsize = %d, timeo = %d, retrans = %d\n", diff --git a/util-linux-ng-2.12r+git20070330.tar.bz2 b/util-linux-ng-2.12r+git20070330.tar.bz2 new file mode 100644 index 0000000..a4e861a --- /dev/null +++ b/util-linux-ng-2.12r+git20070330.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d072434a058eb2c3545194f13dc1914efc59c52b5f4d3e6f2a509ee52452778b +size 1518908 diff --git a/util-linux-nodiratime.diff b/util-linux-nodiratime.diff deleted file mode 100644 index 798b02d..0000000 --- a/util-linux-nodiratime.diff +++ /dev/null @@ -1,14 +0,0 @@ -Index: util-linux-2.12/mount/mount.8 -=================================================================== ---- util-linux-2.12.orig/mount/mount.8 -+++ util-linux-2.12/mount/mount.8 -@@ -572,6 +572,9 @@ until the network has been enabled on th - Do not update inode access times on this file system (e.g, for faster - access on the news spool to speed up news servers). - .TP -+.B nodiratime -+Do not update directory inode access times on this filesystem. -+.TP - .B noauto - Can only be mounted explicitly (i.e., the - .B \-a diff --git a/util-linux.changes b/util-linux.changes index ea863de..36d12d4 100644 --- a/util-linux.changes +++ b/util-linux.changes @@ -1,3 +1,46 @@ +------------------------------------------------------------------- +Tue Apr 10 17:25:34 CEST 2007 - mkoenig@suse.de + +- update to version git20070330 of new forked development tree +- removed Suse crypto patches for losetup [FATE#302001] +- removed binaries: + /bin/guessfstype + /sbin/sln + /usr/bin/setfdprm +- removed obsolete patches: + * guessfstype2.patch + * loop-AES-v3.0a-util-linux-2.12p.diff + * mount-nfs-nonreserved + * stupid-programmer.diff + * util-linux-nodiratime.diff + * util-linux-2.12-multipleraw.diff + * util-linux-2.12-enablereplaybuild.diff + * util-linux-2.12-mount_guessfstype.diff + * util-linux-2.12h-mtablock.diff + * util-linux-2.12i-x86_64intel.diff + * util-linux-2.12q-null.diff + * util-linux-2.12r.diff + * util-linux-2.12r-fdisk_llseek.patch + * util-linux-2.12r-mount-doubleslashessourceprefix-cifs.diff + * util-linux-2.12r-mount_external_prog_on_guess.patch + * util-linux-2.12r-nonfsmountfallback.diff + * util-linux-2.12r-pagesize.patch + * util-linux-2.12r-partx_enable.patch + * util-linux-2.12r-partx_gpt_warning.patch +- add patches: + * util-linux-2.13-misc_utils_add_man_scriptreplay.patch + install man page for scriptreplay + * util-linux-2.13-tests_missing_include.patch + fix missing header in tests/mnt_test_sysinfo.c + * util-linux-2.13-sys_utils_arch.patch + keep /bin/arch + * util-linux-2.13-build_gnu_source.patch + build with _GNU_SOURCE + * util-linux-2.13-build_fix_intel_check.patch + detect also x86_64 as INTEL architecture +- rename patches to identify them clearly by subsystem +- schedutils now part of util-linux itself + ------------------------------------------------------------------- Wed Apr 4 12:55:40 CEST 2007 - mkoenig@suse.de diff --git a/util-linux.spec b/util-linux.spec index b9dd15f..fbc5ba7 100644 --- a/util-linux.spec +++ b/util-linux.spec @@ -1,5 +1,5 @@ # -# spec file for package util-linux (Version 2.12r) +# spec file for package util-linux (Version 2.12r+git20070330) # # Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine @@ -11,7 +11,7 @@ # norootforbuild Name: util-linux -BuildRequires: libvolume_id-devel ncurses-devel pam-devel zlib-devel +BuildRequires: gettext-devel libvolume_id-devel ncurses-devel pam-devel zlib-devel URL: http://kernel.org/pub/linux/utils/util-linux Provides: util rawio raw base schedutils Supplements: filesystem(minix) @@ -20,15 +20,15 @@ PreReq: %install_info_prereq permissions License: BSD License and BSD-like, GNU General Public License (GPL) Group: System/Base Autoreqprov: on -Version: 2.12r -Release: 87 +Version: 2.12r+git20070330 +Release: 1 Summary: A collection of basic system utilities -Source: ftp://ftp.kernel.org/pub/linux/utils/util-linux/%name-%version.tar.bz2 +Source: ftp://ftp.kernel.org/pub/linux/utils/util-linux/%name-ng-%version.tar.bz2 Source2: nologin.c Source3: nologin.8 Source4: raw.init Source5: etc.raw -Source8: guessfstype.8 +Source6: etc_filesystems %define time_ver 1.7 %define which_ver 2.13 %define adjtimex_ver 1.20 @@ -38,9 +38,6 @@ Source11: klogconsole.tar.bz2 Source12: which-%{which_ver}.tar.gz Source13: time-%{time_ver}.tar.gz Source15: cryptoloop.txt -Source16: schedutils-1.4.0.tar.bz2 -Source20: README.loop-AES-v2.2d -Source21: README.loop-AES-v2.2d.SuSE Source22: setctsid.c Source23: setctsid.8 Source24: sm-notify-20060111.tar.bz2 @@ -50,70 +47,100 @@ Source27: renice.8 Source28: mkzimage_cmdline.8 Source29: mkzimage_cmdline.c Source30: README.largedisk -Patch: util-linux-%version.diff -Patch2: loop-AES-v3.0a-util-linux-2.12p.diff -Patch3: util-linux-2.12-multipleraw.diff -Patch7: util-linux-2.12-hostid.diff -Patch8: util-linux-wall.dif -Patch10: util-linux-2.12-mount_guessfstype.diff -Patch11: guessfstype2.patch -Patch15: util-linux-nfs.8.diff -Patch23: util-linux-2.12h-mtablock.diff -Patch25: util-linux-2.11u-nfs-mount_acl.diff -Patch26: mount.8-acl.diff -Patch27: klogconsole-quiet.patch -Patch32: klogconsole.diff -Patch40: time-1.7.dif -Patch43: util-linux-2.11z-hwclock_geteuid.diff -Patch44: adjtimex-1.20-nosyscall.diff -Patch45: mount-nfs-nonreserved -Patch46: util-linux-2.12-nfs-tcp.diff -Patch51: util-linux-2.12-suse-compatibility.diff -Patch52: util-linux-2.12-enablereplaybuild.diff -Patch58: util-linux-2.12a-procswapscheck.diff -Patch61: util-linux-2.12-mountfallback.patch -Patch62: util-linux-2.12a-mountpointwithcolon.diff -Patch64: util-linux-2.12i-x86_64intel.diff -Patch70: util-linux-2.12h-short-passwords.diff -Patch71: util-linux-2.12q-null.diff -Patch72: stupid-programmer.diff -Patch74: util-linux-nfs-timeo.diff -Patch75: util-linux-2.12q-nfsv4.patch -Patch76: util-linux-warn-nfsudp.diff -Patch77: util-linux-2.12q-ionice.diff -Patch78: util-linux-2.11q-fs_mac.diff -Patch79: util-linux-opt-hotplug.diff -Patch81: util-linux-2.12a-mountbylabel-dm.patch -Patch83: util-linux-2.12q-mount--move.diff -Patch84: util-linux-nodiratime.diff -Patch85: util-linux-2.12q-strict-aliasing.diff -Patch86: util-linux-2.12r-mount-by-uuid.patch -Patch88: util-linux-2.12q-umount2-not-static.patch -Patch90: util-linux-2.12r-nonfsmountfallback.diff -Patch91: util-linux-2.12r-mount-mtab-update.patch -Patch92: util-linux-2.12r-mount-doubleslashessourceprefix-cifs.diff -Patch93: util-linux-2.12r-fdiskwrap.patch -Patch94: util-linux-2.12r-rawfixes.patch -Patch95: util-linux-2.12r-rpcsec-gss.patch -Patch96: util-linux-2.12r-external-prog-on-guess.diff -Patch97: util-linux-2.12r-sec-manpage.patch -Patch98: util-linux-2.12r-mount.8-xfs-update.patch -Patch99: util-linux-libvolume_id-support.patch -Patch100: util-linux-2.12r-umount_nosysfs.patch -Patch101: util-linux-2.12r-fdisk_llseek.patch -Patch102: util-linux-2.12r-pagesize.patch -Patch103: util-linux-2.12r-fdiskcyl.patch -Patch104: util-linux-2.12r-readprofile-mapfile.patch -Patch105: util-linux-2.12r-cal_formatting.patch -Patch106: util-linux-2.12r-partx.patch -Patch107: util-linux-2.12r-mkswap_fix.patch -Patch108: util-linux-2.12r-nfs_remount_options.patch -Patch109: util-linux-2.12r-losetup_password.patch -Patch110: util-linux-2.12r-mkfs_open_exclusive.patch -Patch111: util-linux-2.12r-fdisk_remove_bogus_warnings.patch -Patch112: util-linux-2.12r-mount_racy_loop.patch -Patch113: util-linux-2.12r-partx_gpt_warning.patch -Patch114: util-linux-2.12r-mount_swapon_swsuspend_resume.patch +## +## util-linux +## +# add hostid +Patch1: util-linux-2.12-misc_utils_hostid.patch +# 27181 (suse12181) - wall adds newlines +Patch2: util-linux-login_utils_wall.patch +# 31815 (suse16815) - Fixed nfs.5 to tell nfsver defaults to 3 +Patch3: util-linux-mount_nfs.8.patch +# 33183 (suse18183) - NFS ACCESS patch, [no]acl nfs mount option +Patch4: util-linux-2.11u-mount_nfs_mount_acl.patch +Patch5: util-linux-mount_mount.8-acl.patch +# geteuid instead of getuid in hwclock to enable making hwclock suid root. +Patch6: util-linux-2.11z-hwclock_geteuid.patch +# 48018 (suse33018) - mount -t nfs must default to tcp in sles9 +Patch7: util-linux-2.12-mount_nfs_tcp.patch +# 54436 (suse39436) - boot.swap "failed" activating swap on LVM +Patch8: util-linux-2.12a-mount_procswapcheck.patch +# 56735 (suse41735) - NFS can't mount some exports +Patch9: util-linux-2.12-mount_mountfallback.patch +# 57097 (suse42097) - mount doesn't allow to mount files that have colons in their path +Patch10: util-linux-2.12a-mount_mountpointwithcolon.patch +# 76198 - Default retransmit timeout is too small on NFS over TCP +Patch11: util-linux-2.13-mount_nfs_timeo.patch +# Basic NFSv4 support +Patch12: util-linux-2.12-mount_base_nfsv4.patch +# 80263 - UDP data corruption due to incorrect IP fragment reassembly +Patch13: util-linux-mount_warn_nfsudp.patch +# add ionice +Patch14: util-linux-2.12q-sys_utils_ionice.patch +# 104081 - make fdisk detect MAC-fs +Patch15: util-linux-2.11q-fdisk_fs_mac.patch +# 104405 - mount -a doesn't work with hotpluggable devices +Patch16: util-linux-mount_opt_hotplug.patch +Patch17: util-linux-2.12a-mount_mountbylabel-dm.patch +# 115129 - mount --move doesn't work as expected +Patch18: util-linux-2.12q-mount_--move.patch +Patch19: util-linux-2.12q-mount_strict_aliasing.patch +Patch20: util-linux-2.12r-mount_by_uuid.patch +Patch21: util-linux-2.12q-mount_umount2_not_static.patch +# 148409 - df, mount, /proc/mounts show root mounted twice +# TODO: Needs fix, because of 231599 +Patch22: util-linux-2.12r-mount_mtab_update.patch +# 153657 - fdisk is not able to manage huge disks +Patch23: util-linux-2.12r-fdisk_fdiskwrap.patch +# 158401 - cthon06: NFSv3 client does not support RPCSEC_GSS +Patch24: util-linux-2.12r-mount_rpcsec_gss.patch +# 176582 - If the user doesn't specify -t mount.fstype will never be called +#TODO: check alternative upstream fix +#Patch96: util-linux-2.12r-mount_external_prog_on_guess.patch +# 159368 - NFSv4: krb5p; nfs(5) manpage +Patch25: util-linux-2.12r-mount_sec_manpage.patch +# 158955 - document xfs dmapi mount options better +Patch26: util-linux-2.12r-mount_mount.8_xfs_update.patch +# use libvolume_id for fs guessing +Patch27: util-linux-mount_libvolume_id_support.patch +# 190385 - Added sysfs to list of filesystems not to unmount with umount -a +Patch28: util-linux-2.12r-mount_umount_nosysfs.patch +# 160822 - fix for 153657 +Patch29: util-linux-2.12r-fdisk_cyl.patch +# 179122 - Fix readprofile one ppc64 +Patch30: util-linux-2.12r-sys_utils_readprofile_mapfile.patch +# 203469 +Patch31: util-linux-2.12r-misc_utils_cal_formatting.patch +# 205956 - default swap to V1 in any case +Patch32: util-linux-2.12r-disk_utils_mkswap_fix.patch +# 130625 - do not append addr option with each nfs remount +Patch33: util-linux-2.12r-mount_nfs_remount_options.patch +# 238687 - let mkfs tools open block devices with O_EXCL +Patch34: util-linux-2.12r-disk_utils_mkfs_open_exclusive.patch +# 241372 - remove legacy warnings from fdisk +Patch35: util-linux-2.12r-fdisk_remove_bogus_warnings.patch +# 242750 - mount: fix race condition when using -o loop +Patch36: util-linux-2.12r-mount_racy_loop.patch +Patch37: util-linux-2.13-misc_utils_add_man_scriptreplay.patch +# 254437 - swapon should automatically reset the suspend signature +Patch38: util-linux-2.12r-mount_swapon_swsuspend_resume.patch +Patch39: util-linux-2.13-tests_missing_include.patch +Patch40: util-linux-2.13-sys_utils_arch.patch +Patch41: util-linux-2.13-build_gnu_source.patch +Patch42: util-linux-2.13-build_fix_intel_check.patch +## +## adjtimex +## +Patch50: adjtimex-1.20-nosyscall.diff +## +## klogconsole +## +Patch55: klogconsole-quiet.patch +Patch56: klogconsole.diff +## +## time +## +Patch60: time-1.7.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: %insserv_prereq %fillup_prereq /bin/sed @@ -129,78 +156,62 @@ Authors: Adrian Bunk %prep -%setup -q -a 9 -b 10 -b 11 -b 12 -b 13 -b 16 -b 24 -%patch -p1 +%setup -q -a 9 -b 10 -b 11 -b 12 -b 13 -b 24 -n %name-ng-%version +%patch1 -p1 %patch2 -p1 -%patch3 -p0 +%patch3 -p1 +%patch4 -p1 +%patch5 -p0 +%patch6 %patch7 -p1 %patch8 -p1 +%patch9 -p1 %patch10 -p1 %patch11 -p1 -%patch43 -cd adjtimex-* -%patch44 -p1 -cd - +%patch12 -p1 +%patch13 -p1 +%patch14 -p1 %patch15 -p1 +%patch16 -p1 +%patch17 -p1 +%patch18 +%patch19 -p1 +%patch20 -p1 +%patch21 +%patch22 %patch23 -p1 +%patch24 %patch25 -p1 -%patch26 -p0 -%patch46 -p1 -%patch51 -p1 -%patch52 -p0 -%patch58 -p1 -%patch61 -p1 -%patch62 -p1 -%patch64 -p1 -%patch70 -p1 -%patch71 -p1 -%patch72 -%patch74 -p1 -%patch75 -p1 -%patch76 -p1 -%patch77 -p1 -%patch78 -p1 -%patch79 -p1 -%patch81 -p1 -%patch83 -%patch84 -p1 -%patch85 -p1 -%patch86 -p1 -%patch88 -%patch90 -p1 -%patch91 -%patch92 -p1 -%patch93 -p1 -%patch94 -p1 -%patch95 -%patch96 -p1 -%patch97 -p1 -%patch98 -%patch99 -p0 -%patch100 -%patch101 -%patch102 -%patch103 -p1 -%patch104 -p1 -%patch105 -%patch106 -p1 -%patch107 -p1 -%patch108 -p1 -%patch109 -p1 -%patch110 -p1 -%patch111 -p1 -%patch112 -p1 -%patch113 -p1 -%patch114 -p1 +%patch26 +%patch27 -p1 +%patch28 +%patch29 -p1 +%patch30 -p1 +%patch31 +%patch32 -p1 +%patch33 -p1 +%patch34 -p1 +%patch35 -p1 +%patch36 -p1 +%patch37 -p1 +%patch38 -p1 +%patch39 -p1 +%patch40 -p1 +%patch41 -p1 +%patch42 -p1 +# +cd adjtimex-* +%patch50 -p1 +cd - # setctsid cp %{S:22} %{S:23} . -# nologin and guessfstype -cp %{S:2} %{S:3} %{S:8} %{S:15} %{S:20} %{S:21} %{S:26} %{S:30} . +# nologin +cp %{S:2} %{S:3} %{S:15} %{S:26} %{S:30} . cd ../klogconsole -%patch27 -p1 -b .quiet -%patch32 -p1 +%patch55 -p1 -b .quiet +%patch56 -p1 cd ../time-* -%patch40 +%patch60 %build # adjtimex build @@ -241,20 +252,30 @@ cd .. cd sm-notify* make CFLAGS="$RPM_OPT_FLAGS" cd .. -# schedutils build -cd schedutils-* -make CFLAGS="$RPM_OPT_FLAGS" popd # setctsid build rm -f setctsid -make setctsid OPT="$RPM_OPT_FLAGS" +make setctsid CFLAGS="$RPM_OPT_FLAGS" +# # util-linux itself +# %ifarch s390 s390x -export CFLAGS=-DCONFIG_SMP +CFLAGS=-DCONFIG_SMP %endif -export CFLAGS -./configure -make OPT="$RPM_OPT_FLAGS" +#autoreconf -fi +./autogen.sh +./configure --mandir=%{_mandir} \ + --datadir=%{_datadir} \ + --enable-elvtune \ + --enable-mesg \ + --enable-partx \ + --enable-raw \ + --enable-rdev \ + --enable-script \ + --enable-write \ + --disable-use-tty-group \ + CFLAGS="$CFLAGS $RPM_OPT_FLAGS" +make gcc $RPM_OPT_FLAGS -o nologin nologin.c gcc $RPM_OPT_FLAGS -o mkzimage_cmdline %{S:29} @@ -304,27 +325,19 @@ mkdir -p $RPM_BUILD_ROOT/var/lib/nfs/sm.bak chmod 700 $RPM_BUILD_ROOT/var/lib/nfs/sm.bak touch $RPM_BUILD_ROOT/var/lib/nfs/state chmod 644 $RPM_BUILD_ROOT/var/lib/nfs/state -cd .. -# schedutils install -cd schedutils-* -make PREFIX=$RPM_BUILD_ROOT/usr \ - DOCDIR=$RPM_BUILD_ROOT%_docdir/schedutils \ - MANDIR=$RPM_BUILD_ROOT%_mandir install installdoc popd +# # util-linux install +# make DESTDIR=$RPM_BUILD_ROOT install mv $RPM_BUILD_ROOT/usr/bin/logger $RPM_BUILD_ROOT/bin/logger -install -m 644 mount/filesystems $RPM_BUILD_ROOT/etc/filesystems +install -m 644 %{SOURCE6} $RPM_BUILD_ROOT/etc/filesystems install -m 755 nologin $RPM_BUILD_ROOT/sbin %ifnarch ppc ppc64 install -m 755 mkzimage_cmdline $RPM_BUILD_ROOT/usr/bin install -m 644 %{S:28} $RPM_BUILD_ROOT%{_mandir}/man8 %endif -install -m 755 mount/guessfstype $RPM_BUILD_ROOT/bin install -m 644 nologin.8 $RPM_BUILD_ROOT%{_mandir}/man8 -install -m 755 disk-utils/raw $RPM_BUILD_ROOT/usr/sbin -install -m 644 disk-utils/raw.8 $RPM_BUILD_ROOT%{_mandir}/man8 -install -m 644 guessfstype.8 $RPM_BUILD_ROOT%{_mandir}/man8 # setctsid install install -m 755 setctsid $RPM_BUILD_ROOT/usr/sbin install -m 444 setctsid.8 $RPM_BUILD_ROOT%{_mandir}/man8/ @@ -336,15 +349,9 @@ install -m 644 $RPM_SOURCE_DIR/etc.raw $RPM_BUILD_ROOT/etc/raw install -m 755 $RPM_SOURCE_DIR/raw.init $RPM_BUILD_ROOT/etc/init.d/raw ln -sf ../../etc/init.d/raw $RPM_BUILD_ROOT/usr/sbin/rcraw # Stupid hack so we don't have a tcsh dependency -chmod 644 $RPM_BUILD_ROOT/usr/share/misc/getopt/* +#chmod 644 $RPM_BUILD_ROOT/usr/share/misc/getopt/* # Following files we don't want to package, so remove them -rm -f $RPM_BUILD_ROOT/bin/kill -rm -f $RPM_BUILD_ROOT/sbin/guessfstype # in /bin -rm -f $RPM_BUILD_ROOT/usr/bin/last -rm -f $RPM_BUILD_ROOT/usr/bin/raw rm -f $RPM_BUILD_ROOT/usr/bin/pg -rm -f $RPM_BUILD_ROOT/usr/share/man/man1/kill.1* -rm -f $RPM_BUILD_ROOT/usr/share/man/man1/last.1* rm -f $RPM_BUILD_ROOT/usr/share/man/man1/pg.1* %ifarch s390 s390x rm -f $RPM_BUILD_ROOT/etc/fdprm @@ -352,26 +359,14 @@ rm -f $RPM_BUILD_ROOT/usr/bin/cytune rm -f $RPM_BUILD_ROOT/usr/bin/fdformat rm -f $RPM_BUILD_ROOT/sbin/hwclock rm -f $RPM_BUILD_ROOT/usr/sbin/klogconsole -rm -f $RPM_BUILD_ROOT/usr/bin/setfdprm rm -f $RPM_BUILD_ROOT/usr/bin/setterm rm -f $RPM_BUILD_ROOT/usr/sbin/tunelp rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/cytune.8* rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/fdformat.8* rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/hwclock.8* rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/klogconsole.8* -rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/setfdprm.8* rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/tunelp.8* %endif -%ifnarch %ix86 x86_64 -rm -f $RPM_BUILD_ROOT/usr/sbin/ramsize -rm -f $RPM_BUILD_ROOT/usr/sbin/rdev -rm -f $RPM_BUILD_ROOT/usr/sbin/rootflags -rm -f $RPM_BUILD_ROOT/usr/sbin/vidmode -rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/ramsize.8* -rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/rdev.8* -rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/rootflags.8* -rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/vidmode.8* -%endif %ifarch ia64 sparc rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/cfdisk.8* rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/sfdisk.8* @@ -413,17 +408,16 @@ fi %files # Common files for all archs %defattr(-,root,root) -%doc HISTORY INSTALL +%doc INSTALL %doc login-utils/README.getty %doc login-utils/README.modems-with-agetty %doc login-utils/README.poeigl %doc misc-utils/README.cal %doc misc-utils/README.namei -%doc misc-utils/README1.namei +%doc misc-utils/README.namei2 %doc mount/README.mount %doc hwclock/README.hwclock %doc text-utils/README.col -%doc README.loop-AES-v2.2d README.loop-AES-v2.2d.SuSE %doc README.largedisk %config %attr(744,root,root) /etc/init.d/raw %attr(755,root,root) /etc/init.d/nfsboot @@ -431,7 +425,6 @@ fi /usr/sbin/rcraw /bin/arch /bin/dmesg -/bin/guessfstype /bin/more /bin/mount /bin/umount @@ -449,9 +442,8 @@ fi /sbin/mkfs.cramfs /sbin/mkswap /sbin/nologin -/sbin/partx /sbin/pivot_root -/sbin/sln +/sbin/raw /sbin/sm-notify /sbin/swapoff /sbin/swapon @@ -491,18 +483,19 @@ fi /usr/bin/taskset /usr/bin/time /usr/bin/which +/usr/sbin/addpart +/usr/sbin/delpart /usr/sbin/freeramdisk +/usr/sbin/partx /usr/sbin/setctsid %verify(not mode) %attr(0755,root,tty) /usr/bin/wall /usr/bin/whereis /usr/sbin/adjtimex %verify(not mode) %attr(0755,root,tty) /usr/bin/write -%dir %{_defaultdocdir}/schedutils %dir %{_defaultdocdir}/time %dir %{_defaultdocdir}/which /var/lib/nfs %ghost /var/lib/nfs/state -%{_defaultdocdir}/schedutils/* %{_defaultdocdir}/time/* %{_defaultdocdir}/which/* %{_infodir}/ipc.info.gz @@ -535,6 +528,7 @@ fi %{_mandir}/man1/scriptreplay.1.gz %{_mandir}/man1/rev.1.gz %{_mandir}/man1/script.1.gz +%{_mandir}/man1/setterm.1.gz %{_mandir}/man1/tailf.1.gz %{_mandir}/man1/taskset.1.gz %{_mandir}/man1/ul.1.gz @@ -544,9 +538,10 @@ fi %{_mandir}/man1/which.1.gz %{_mandir}/man5/fstab.5.gz %{_mandir}/man5/nfs.5.gz +%{_mandir}/man8/addpart.8.gz %{_mandir}/man8/agetty.8.gz %{_mandir}/man8/blockdev.8.gz -%{_mandir}/man1/setterm.1.gz +%{_mandir}/man8/delpart.8.gz %{_mandir}/man8/elvtune.8* %{_mandir}/man8/ctrlaltdel.8.gz %{_mandir}/man8/adjtimex.8.gz @@ -565,26 +560,24 @@ fi %ifnarch ppc ppc64 %{_mandir}/man8/mkzimage_cmdline.8.gz %endif +%{_mandir}/man8/partx.8.gz %{_mandir}/man8/pivot_root.8.gz %{_mandir}/man8/raw.8.gz %{_mandir}/man8/renice.8.gz %{_mandir}/man8/setsid.8.gz -%{_mandir}/man8/sln.8.gz %{_mandir}/man8/sm-notify.8.gz %{_mandir}/man8/swapoff.8.gz %{_mandir}/man8/swapon.8.gz %{_mandir}/man8/umount.8.gz -%{_mandir}/man8/guessfstype.8.gz %{_mandir}/man8/setctsid.8.gz -/usr/sbin/raw /usr/sbin/flushb /usr/sbin/readprofile -%dir /usr/share/misc/getopt -%attr (755,root,root) /usr/share/misc/getopt/getopt-parse.bash -%attr (755,root,root) /usr/share/misc/getopt/getopt-parse.tcsh -%attr (755,root,root) /usr/share/misc/getopt/getopt-test.bash -%attr (755,root,root) /usr/share/misc/getopt/getopt-test.tcsh -/usr/share/locale/*/LC_MESSAGES/util-linux.mo +%dir /usr/share/getopt +%attr (755,root,root) /usr/share/getopt/getopt-parse.bash +%attr (755,root,root) /usr/share/getopt/getopt-parse.tcsh +%attr (755,root,root) /usr/share/getopt/getopt-test.bash +%attr (755,root,root) /usr/share/getopt/getopt-test.tcsh +/usr/share/locale/*/LC_MESSAGES/util-linux-ng.mo %ifnarch ia64 %doc fdisk/README.fdisk /sbin/fdisk @@ -608,23 +601,61 @@ fi %{_mandir}/man8/vidmode.8.gz %endif %ifnarch s390 s390x -%config(noreplace) /etc/fdprm +#%config(noreplace) /etc/fdprm /usr/bin/cytune /usr/bin/fdformat /sbin/hwclock /usr/sbin/klogconsole -/usr/bin/setfdprm /usr/bin/setterm /usr/sbin/tunelp %{_mandir}/man8/cytune.8.gz %{_mandir}/man8/fdformat.8.gz %{_mandir}/man8/hwclock.8.gz %{_mandir}/man8/klogconsole.8.gz -%{_mandir}/man8/setfdprm.8.gz %{_mandir}/man8/tunelp.8.gz %endif %changelog +* Tue Apr 10 2007 - mkoenig@suse.de +- update to version git20070330 of new forked development tree +- removed Suse crypto patches for losetup [FATE#302001] +- removed binaries: + /bin/guessfstype + /sbin/sln + /usr/bin/setfdprm +- removed obsolete patches: + * guessfstype2.patch + * loop-AES-v3.0a-util-linux-2.12p.diff + * mount-nfs-nonreserved + * stupid-programmer.diff + * util-linux-nodiratime.diff + * util-linux-2.12-multipleraw.diff + * util-linux-2.12-enablereplaybuild.diff + * util-linux-2.12-mount_guessfstype.diff + * util-linux-2.12h-mtablock.diff + * util-linux-2.12i-x86_64intel.diff + * util-linux-2.12q-null.diff + * util-linux-2.12r.diff + * util-linux-2.12r-fdisk_llseek.patch + * util-linux-2.12r-mount-doubleslashessourceprefix-cifs.diff + * util-linux-2.12r-mount_external_prog_on_guess.patch + * util-linux-2.12r-nonfsmountfallback.diff + * util-linux-2.12r-pagesize.patch + * util-linux-2.12r-partx_enable.patch + * util-linux-2.12r-partx_gpt_warning.patch +- add patches: + * util-linux-2.13-misc_utils_add_man_scriptreplay.patch + install man page for scriptreplay + * util-linux-2.13-tests_missing_include.patch + fix missing header in tests/mnt_test_sysinfo.c + * util-linux-2.13-sys_utils_arch.patch + keep /bin/arch + * util-linux-2.13-build_gnu_source.patch + build with _GNU_SOURCE + * util-linux-2.13-build_fix_intel_check.patch + detect also x86_64 as INTEL architecture +- rename patches to identify them clearly by subsystem +- schedutils now part of util-linux itself * Wed Apr 04 2007 - mkoenig@suse.de - add Supplements line [FATE#301966] * Mon Mar 26 2007 - rguenther@suse.de