From: Clemens Gruber <clemens.gruber@pqgruber.com>
To: ptxdist@pengutronix.de
Cc: Clemens Gruber <clemens.gruber@pqgruber.com>
Subject: [ptxdist] [PATCH 02/22] cryptsetup: version bump 1.7.5 -> 2.0.0
Date: Tue, 16 Jan 2018 16:50:20 +0100 [thread overview]
Message-ID: <20180116155040.10061-2-clemens.gruber@pqgruber.com> (raw)
In-Reply-To: <20180116155040.10061-1-clemens.gruber@pqgruber.com>
Now includes support for dm-integrity via new integritysetup tool.
---
rules/cryptsetup.in | 10 +++++++++-
rules/cryptsetup.make | 28 +++++++++++++++++++---------
2 files changed, 28 insertions(+), 10 deletions(-)
diff --git a/rules/cryptsetup.in b/rules/cryptsetup.in
index 2cd898058..67ce41beb 100644
--- a/rules/cryptsetup.in
+++ b/rules/cryptsetup.in
@@ -1,6 +1,7 @@
## SECTION=disk_and_file
menuconfig CRYPTSETUP
+ select JSON_C
select LVM2
select LIBUUID
select LIBPOPT
@@ -11,7 +12,10 @@ menuconfig CRYPTSETUP
prompt "cryptsetup "
help
Cryptsetup is a utility used to conveniently setup disk encryption
- based on DMCrypt kernel module.
+ based on the dm-crypt kernel module.
+ It also includes veritysetup, used to setup dm-verity block integrity
+ checking of read-only targets, as well as integritysetup to setup
+ dm-integrity block integrity checking of read-write targets.
if CRYPTSETUP
@@ -42,6 +46,10 @@ config CRYPTSETUP_CRYPTSETUP
bool
prompt "install cryptsetup"
+config CRYPTSETUP_INTEGRITYSETUP
+ bool
+ prompt "install integritysetup"
+
config CRYPTSETUP_VERITYSETUP
bool
prompt "install veritysetup"
diff --git a/rules/cryptsetup.make b/rules/cryptsetup.make
index 9975e72f3..bb865aa9a 100644
--- a/rules/cryptsetup.make
+++ b/rules/cryptsetup.make
@@ -16,11 +16,11 @@ PACKAGES-$(PTXCONF_CRYPTSETUP) += cryptsetup
#
# Paths and names
#
-CRYPTSETUP_VERSION := 1.7.5
-CRYPTSETUP_MD5 := dde798a883b06a2903379dcd593480e1
+CRYPTSETUP_VERSION := 2.0.0
+CRYPTSETUP_MD5 := 0f44b7535b2cdabbf0c4adf523fbceeb
CRYPTSETUP := cryptsetup-$(CRYPTSETUP_VERSION)
CRYPTSETUP_SUFFIX := tar.gz
-CRYPTSETUP_URL := https://www.kernel.org/pub/linux/utils/cryptsetup/v1.7//$(CRYPTSETUP).$(CRYPTSETUP_SUFFIX)
+CRYPTSETUP_URL := https://www.kernel.org/pub/linux/utils/cryptsetup/v$(basename $(CRYPTSETUP_VERSION))/$(CRYPTSETUP).$(CRYPTSETUP_SUFFIX)
CRYPTSETUP_SOURCE := $(SRCDIR)/$(CRYPTSETUP).$(CRYPTSETUP_SUFFIX)
CRYPTSETUP_DIR := $(BUILDDIR)/$(CRYPTSETUP)
CRYPTSETUP_LICENSE := GPL-2.0+
@@ -35,20 +35,27 @@ CRYPTSETUP_LICENSE := GPL-2.0+
CRYPTSETUP_CONF_TOOL := autoconf
CRYPTSETUP_CONF_OPT := \
$(CROSS_AUTOCONF_USR) \
+ --enable-keyring \
$(GLOBAL_LARGE_FILE_OPTION) \
--disable-nls \
--disable-rpath \
+ --disable-fips \
--disable-pwquality \
--disable-static-cryptsetup \
- --enable-veritysetup \
- --enable-cryptsetup-reencrypt \
+ --$(call ptx/endis, PTXCONF_CRYPTSETUP_CRYPTSETUP)-cryptsetup \
+ --$(call ptx/endis, PTXCONF_CRYPTSETUP_VERITYSETUP)-veritysetup \
+ --$(call ptx/endis, PTXCONF_CRYPTSETUP_CRYPTSETUP)-cryptsetup-reencrypt \
+ --$(call ptx/endis, PTXCONF_CRYPTSETUP_INTEGRITYSETUP)-integritysetup \
--disable-selinux \
--enable-udev \
--$(call ptx/endis, PTXCONF_CRYPTSETUP_CRYPT_BACKEND_KERNEL)-kernel_crypto \
--$(call ptx/endis, PTXCONF_CRYPTSETUP_CRYPT_BACKEND_GCRYPT)-gcrypt-pbkdf2 \
+ --enable-internal-argon2 \
+ --disable-libargon2 \
--enable-dev-random \
--disable-python \
- --with-crypto_backend=$(PTXCONF_CRYPTSETUP_CRYPT_BACKEND)
+ --with-crypto_backend=$(PTXCONF_CRYPTSETUP_CRYPT_BACKEND) \
+ --with-luks2-lock-path=/run/cryptsetup
# ----------------------------------------------------------------------------
# Target-Install
@@ -65,12 +72,15 @@ $(STATEDIR)/cryptsetup.targetinstall:
@$(call install_lib, cryptsetup, 0, 0, 0644, libcryptsetup)
-ifdef PTXCONF_CRYPTSETUP_VERITYSETUP
- @$(call install_copy, cryptsetup, 0, 0, 0755, -, /usr/sbin/veritysetup)
-endif
ifdef PTXCONF_CRYPTSETUP_CRYPTSETUP
@$(call install_copy, cryptsetup, 0, 0, 0755, -, /usr/sbin/cryptsetup)
endif
+ifdef PTXCONF_CRYPTSETUP_INTEGRITYSETUP
+ @$(call install_copy, cryptsetup, 0, 0, 0755, -, /usr/sbin/integritysetup)
+endif
+ifdef PTXCONF_CRYPTSETUP_VERITYSETUP
+ @$(call install_copy, cryptsetup, 0, 0, 0755, -, /usr/sbin/veritysetup)
+endif
@$(call install_finish, cryptsetup)
--
2.15.1
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
next prev parent reply other threads:[~2018-01-16 15:51 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-16 15:50 [ptxdist] [PATCH 01/22] coreutils: version bump 8.27 -> 8.29 Clemens Gruber
2018-01-16 15:50 ` Clemens Gruber [this message]
2018-01-16 15:50 ` [ptxdist] [PATCH 03/22] dbus: version bump 1.10.24 -> 1.12.2 Clemens Gruber
2018-01-24 14:40 ` Michael Olbrich
2018-01-16 15:50 ` [ptxdist] [PATCH 04/22] dbus: add upstream patches for OOM conditions Clemens Gruber
2018-01-16 15:50 ` [ptxdist] [PATCH 05/22] e2fsprogs: version bump 1.43.6 -> 1.43.8 Clemens Gruber
2018-01-16 15:50 ` [ptxdist] [PATCH 06/22] expat: version bump 2.2.4 -> 2.2.5 Clemens Gruber
2018-01-16 15:50 ` [ptxdist] [PATCH 07/22] file: version bump 5.30 -> 5.32 Clemens Gruber
2018-01-16 15:50 ` [ptxdist] [PATCH 08/22] host-meson: version bump 0.43.0 -> 0.44.0 Clemens Gruber
2018-01-16 15:50 ` [ptxdist] [PATCH 09/22] iproute2: version bump 4.13 -> 4.14.1 Clemens Gruber
2018-01-16 15:50 ` [ptxdist] [PATCH 10/22] json-c: version bump 0.12.1 -> 0.13 Clemens Gruber
2018-01-16 15:50 ` [ptxdist] [PATCH 11/22] kexec-tools: version bump 2.0.14 -> 2.0.16 Clemens Gruber
2018-01-16 15:50 ` [ptxdist] [PATCH 12/22] libsodium: version bump 1.0.11 -> 1.0.16 Clemens Gruber
2018-01-16 15:50 ` [ptxdist] [PATCH 13/22] lvm2: version bump 2.02.66 -> 2.02.177 Clemens Gruber
2018-01-16 15:50 ` [ptxdist] [PATCH 14/22] mpg123: version bump 1.25.6 -> 1.25.8 Clemens Gruber
2018-01-16 15:50 ` [ptxdist] [PATCH 15/22] nano: version bump 2.8.4 -> 2.9.2 Clemens Gruber
2018-01-16 15:50 ` [ptxdist] [PATCH 16/22] ninja: version bump 1.7.2 -> 1.8.2 Clemens Gruber
2018-01-16 15:50 ` [ptxdist] [PATCH 17/22] nginx: update pkg-config patches from buildroot Clemens Gruber
2018-01-16 15:50 ` [ptxdist] [PATCH 18/22] protobuf: version bump 3.3.2 -> 3.5.1 Clemens Gruber
2018-01-25 14:38 ` Michael Olbrich
2018-01-25 15:04 ` Clemens Gruber
2018-01-25 15:24 ` Clemens Gruber
2018-01-16 15:50 ` [ptxdist] [PATCH 19/22] strace: version bump 4.18 -> 4.20 Clemens Gruber
2018-01-16 15:50 ` [ptxdist] [PATCH 20/22] trace-cmd: version bump 2.6.1 -> 2.6.2 Clemens Gruber
2018-01-16 15:50 ` [ptxdist] [PATCH 21/22] u-boot-tools: version bump 2017.07 -> 2018.01 Clemens Gruber
2018-01-16 15:50 ` [ptxdist] [PATCH 22/22] util-linux-ng: version bump 2.30.2 -> 2.31.1 Clemens Gruber
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180116155040.10061-2-clemens.gruber@pqgruber.com \
--to=clemens.gruber@pqgruber.com \
--cc=ptxdist@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox