Update to cryptsetup 2.4.3.

- Resolves: #2022309 #2023316 #2032782
2022-01-21 13:10:21 +01:00 · 2022-01-21 13:10:21 +01:00 · bb6448c07d
commit bb6448c07d
parent b88e2aab8a
8 changed files with 37 additions and 122 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-/cryptsetup-2.4.1.tar.xz
+/cryptsetup-2.4.3.tar.xz
--- a/cryptsetup-2.4.1.tar.sign
+++ b/cryptsetup-2.4.1.tar.sign
@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQIzBAABCAAdFiEEKikYJD/eRmSNBob52bBXe9k+mPwFAmFBwN8ACgkQ2bBXe9k+
-mPwndA//ZFMeCgbtSnTJugvZhmIBFHCHofq9yBiCDYyL8qEMw0m3BQLqSSaPt6Bd
-l1xm4ypuy9Rjen5hKbyRJtSko6tbbArCf+OsJfyy2Yr/r5cvnd0eLNwdIdUPKf/l
-3hgRPXBiCHdm63mSWsxM5tUr128Cyj0W4mkn5OmjKPblCd4qgnhNLawn7x7JYoWc
-JS6olNYS6c0M7GBuZ7icKCTtGfO1lKYCIBiCfkuNChJTQbvZ7JiqX/OprHYdBqn1
-WXgrrBrBjO8Ai2w9/uCOAWyPOhy1J8pewuHNX2Hh1LNXEu5z+47QexUpwhweq21/
-QzOITbgb0yZPdQXceAGqmZYa0BPfdo08MakTjaYGrO8rGR0XwgEvtpD5L2eMsVle
-hhg96f4E3f5/7yrtmsL2hbj2v8enhN39ycvn7u/LsfUyoRciCTNwxV/jHU9/laR5
-tDRLUGE3TiiNtTiMk4MucGRHNrae2d6exIpXhhFHN3nD2flOTFqb6KaQRtbdNmPt
-YCMMg4+ZoNzl+YLQYcbkYj4uGGrVosEoAmRl8ROfzPSwHM8mJdUhqGouylTRaQGt
-82SaEdlFO2VthoJUZBy05uCHKthXhwiRplp27MMbCOXOjv3rbnqxyQoMDNb4VQQy
-7CHF50XrEBLpdnyKFNbKFPKyZToBcBLBaPTnm5lf5eTyJ7whkXI=
-=dXjt
-----END PGP SIGNATURE-----
--- a/cryptsetup-2.4.2-Check-if-DM-create-device-failed-in-an-early-phase.patch
+++ b/cryptsetup-2.4.2-Check-if-DM-create-device-failed-in-an-early-phase.patch
@ -1,48 +0,0 @@
-From 10b1d6493e3be04953ac9f65d2b2d992ab87bdde Mon Sep 17 00:00:00 2001
-From: Milan Broz <gmazyland@gmail.com>
-Date: Tue, 21 Sep 2021 15:54:07 +0200
-Subject: [PATCH 2/7] Check if DM create device failed in an early phase.
-
-This happens when concurrent creation of DM devices meets
-in the very early state (no device node exists but creation fails).
-
-Return -ENODEV here instead of -EINVAL.
-
-(Should "fix" random verity concurrent test failure.)
---
- lib/libdevmapper.c | 11 ++++-------
- 1 file changed, 4 insertions(+), 7 deletions(-)
-
-diff --git a/lib/libdevmapper.c b/lib/libdevmapper.c
-index 09fd9588..1594f877 100644
--- a/lib/libdevmapper.c
-+++ b/lib/libdevmapper.c
-@@ -1346,12 +1346,6 @@ err:
- 	return r;
- }
- 
-static bool dm_device_exists(struct crypt_device *cd, const char *name)
-{
-	int r = dm_status_device(cd, name);
-	return (r >= 0 || r == -EEXIST);
-}
-
- static int _dm_create_device(struct crypt_device *cd, const char *name, const char *type,
- 			     struct crypt_dm_active_device *dmd)
- {
-@@ -1402,8 +1396,11 @@ static int _dm_create_device(struct crypt_device *cd, const char *name, const ch
- 		goto out;
- 
- 	if (!dm_task_run(dmt)) {
-		if (dm_device_exists(cd, name))
-+		r = dm_status_device(cd, name);;
-+		if (r >= 0)
- 			r = -EEXIST;
-+		if (r != -EEXIST && r != -ENODEV)
-+			r = -EINVAL;
- 		goto out;
- 	}
- 
-- 
-2.27.0
-
--- a/cryptsetup-2.4.2-Do-not-try-to-set-compiler-optimization-flag-if-wipe.patch
+++ b/cryptsetup-2.4.2-Do-not-try-to-set-compiler-optimization-flag-if-wipe.patch
@ -1,53 +0,0 @@
-From a76310b53fbb117e620f2c37350b68dd267f1088 Mon Sep 17 00:00:00 2001
-From: Milan Broz <gmazyland@gmail.com>
-Date: Mon, 20 Sep 2021 17:42:20 +0200
-Subject: [PATCH 1/7] Do not try to set compiler optimization flag if wipe is
- implemented in libc.
-
-If zeroing memory is implemented through libc call (like memset_bzero),
-compiler should never remove such call. It is not needed to set O0
-optimization flag explicitly.
-
-Various checkers like annocheck causes problems with these flags,
-just remove it where it makes no sense.
-
-(Moreover, we use the same pattern without compiler magic
-in crypt_backend_memzero() already.)
---
- lib/crypto_backend/argon2/core.c | 10 ++++++++--
- 1 file changed, 8 insertions(+), 2 deletions(-)
-
-diff --git a/lib/crypto_backend/argon2/core.c b/lib/crypto_backend/argon2/core.c
-index b204ba98..db9a7741 100644
--- a/lib/crypto_backend/argon2/core.c
-+++ b/lib/crypto_backend/argon2/core.c
-@@ -120,18 +120,24 @@ void free_memory(const argon2_context *context, uint8_t *memory,
-     }
- }
- 
-void NOT_OPTIMIZED secure_wipe_memory(void *v, size_t n) {
- #if defined(_MSC_VER) && VC_GE_2005(_MSC_VER)
-+void secure_wipe_memory(void *v, size_t n) {
-     SecureZeroMemory(v, n);
-+}
- #elif defined memset_s
-+void secure_wipe_memory(void *v, size_t n) {
-     memset_s(v, n, 0, n);
-+}
- #elif defined(HAVE_EXPLICIT_BZERO)
-+void secure_wipe_memory(void *v, size_t n) {
-     explicit_bzero(v, n);
-+}
- #else
-+void NOT_OPTIMIZED secure_wipe_memory(void *v, size_t n) {
-     static void *(*const volatile memset_sec)(void *, int, size_t) = &memset;
-     memset_sec(v, 0, n);
-#endif
- }
-+#endif
- 
- /* Memory clear flag defaults to true. */
- int FLAG_clear_internal_memory = 1;
-- 
-2.27.0
-
--- a/cryptsetup-2.4.3.tar.sign
+++ b/cryptsetup-2.4.3.tar.sign
@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCAAdFiEEKikYJD/eRmSNBob52bBXe9k+mPwFAmHf9akACgkQ2bBXe9k+
+mPz0zw//cqAJh3wE0zxtfb+2al4cH2oTtPR+/VnnW8s5z9hyBztNZo8ChOXEQqEQ
+3l+S0qvJSkCmQT2RNEAdyqMjolU3NKKYi+iZwKUfcYPAABnc0/df9p1l4ykKYmuZ
+6EiQCCZITrFkiRl0jVsZ/U92FAU+EdI7dXPVr+H8Ai6eA4HW3NIrZlsUUMdsmkCE
+6eqSX3WX1WVpFkv3453JSNG5/byHP4iPEnXdy00+n5qDoWrOEqDL6MDFaljBS2gq
+XKIeDfKTe3tQAelPEnIc/Is5Tus2uMkxn+bW9KPviS3tOSW5iDVUNL2DBVdMcuxV
+e26mEud9BYyKvajj3wP2TR/BD+ctmwnYSLrfs8aMzE109YI2NuxHD6sWI9d2jrtx
+2fMDV20AKGvvt2q4RkIqAkML7S1RQUVdma33I/iBojFu4bXleLBUcwi1vT+G1NMX
+rz+bVo5zKa7bfTjjX/T8ATL302Lhpr3yReAR6m2KqX3xbxinwG3BV88fyZjJEFft
+zW2JYT3gntkp7GqrxMWjZYNc8AAcpRcabXqb/7NcCBPmS33Kk+/eQiBGEQCw85g7
+MQk7oLKFKT31yJ0TipJExWLOpaWR592wBMl/vx3jAyJjWR1IxajzKD60ZNJHavsn
+5PCPtLxXGdbyyagI45Jm1Pa6Me0vcXzYSHnYdPy5tprOfJgzMT4=
+=yURq
+-----END PGP SIGNATURE-----
--- a/cryptsetup-2.5.0-Fix-typo-in-repair-prompt.patch
+++ b/cryptsetup-2.5.0-Fix-typo-in-repair-prompt.patch
@ -0,0 +1,12 @@
+diff -rupN cryptsetup-2.4.3.old/src/cryptsetup.c cryptsetup-2.4.3/src/cryptsetup.c
+--- cryptsetup-2.4.3.old/src/cryptsetup.c	2022-01-21 13:14:56.864817351 +0100
+++ cryptsetup-2.4.3/src/cryptsetup.c	2022-01-21 13:15:15.579947027 +0100
+@@ -1188,7 +1188,7 @@ static int reencrypt_metadata_repair(str
+ 		       _("Operation aborted.\n")))
+ 		return -EINVAL;
+ 
+-	r = tools_get_key(_("Enter passphrase to protect and uppgrade reencryption metadata: "),
+	r = tools_get_key(_("Enter passphrase to protect and upgrade reencryption metadata: "),
+ 			  &password, &passwordLen, ARG_UINT64(OPT_KEYFILE_OFFSET_ID),
+ 			  ARG_UINT32(OPT_KEYFILE_SIZE_ID), ARG_STR(OPT_KEY_FILE_ID), ARG_UINT32(OPT_TIMEOUT_ID),
+ 			  _verify_passphrase(0), 0, cd);
--- a/cryptsetup.spec
+++ b/cryptsetup.spec
@ -1,6 +1,6 @@
 Summary: Utility for setting up encrypted disks
 Name: cryptsetup
-Version: 2.4.1
+Version: 2.4.3
 Release: 1%{?dist}
 License: GPLv2+ and LGPLv2+
 URL: https://gitlab.com/cryptsetup/cryptsetup
@ -14,8 +14,7 @@ Requires: libpwquality >= 1.2.0
 %global upstream_version %{version}
 Source0: https://www.kernel.org/pub/linux/utils/cryptsetup/v2.4/cryptsetup-%{upstream_version}.tar.xz
 # Following patch has to applied last
-Patch0000: %{name}-2.4.2-Do-not-try-to-set-compiler-optimization-flag-if-wipe.patch
-Patch0001: %{name}-2.4.2-Check-if-DM-create-device-failed-in-an-early-phase.patch
+Patch0000: %{name}-2.5.0-Fix-typo-in-repair-prompt.patch
 Patch9999: %{name}-add-system-library-paths.patch

 %description
@ -113,6 +112,11 @@ rm -rf %{buildroot}%{_libdir}/*.la
 %ghost %attr(700, -, -) %dir /run/cryptsetup

 %changelog
+* Fri Jan 21 2022 Ondrej Kozina <okozina@redhat.com> - 2.4.3-1
+- Update to cryptsetup 2.4.3.
+- patch: Fix typo in repair command prompt.
+  Resolves: #2022309 #2023316 #2032782
+
 * Wed Sep 29 2021 Ondrej Kozina <okozina@redhat.com> - 2.4.1-1
 - Update to cryptsetup 2.4.1.
  Resolves: #2005035 #2005877
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (cryptsetup-2.4.1.tar.xz) = 17fc73c180e41acbd4ebeddebaf54f8baeef09fce7f154aa9c55936a58bda7adcc7b1bb257336c22295d7b5af426fc8dfd0e4e644e4a52098bcb8a2adb562ca7
+SHA512 (cryptsetup-2.4.3.tar.xz) = 2d52498497be37a837126d9cdc9b6331236eccf857c3482fe3347eb88fccc3cd0fd3d8b4490569603e18cfaa462431ae194bce0328f3eafa8bfe3e02e135a26e