Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 1 | SUMMARY = "Manage plain dm-crypt and LUKS encrypted volumes" |
| 2 | DESCRIPTION = "Cryptsetup is used to conveniently setup dm-crypt managed \ |
| 3 | device-mapper mappings. These include plain dm-crypt volumes and \ |
| 4 | LUKS volumes. The difference is that LUKS uses a metadata header \ |
| 5 | and can hence offer more features than plain dm-crypt. On the other \ |
| 6 | hand, the header is visible and vulnerable to damage." |
| 7 | HOMEPAGE = "https://gitlab.com/cryptsetup/cryptsetup" |
| 8 | SECTION = "console" |
| 9 | LICENSE = "GPL-2.0-with-OpenSSL-exception" |
| 10 | LIC_FILES_CHKSUM = "file://COPYING;md5=32107dd283b1dfeb66c9b3e6be312326" |
| 11 | |
| 12 | DEPENDS = " \ |
| 13 | json-c \ |
| 14 | libdevmapper \ |
| 15 | popt \ |
Andrew Geissler | 32b1199 | 2021-03-31 13:37:05 -0500 | [diff] [blame] | 16 | util-linux-libuuid \ |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 17 | " |
| 18 | |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 19 | SRC_URI = "${KERNELORG_MIRROR}/linux/utils/${BPN}/v${@d.getVar('PV').split('.')[0]}.${@d.getVar('PV').split('.')[1]}/${BP}.tar.xz" |
Andrew Geissler | 6972109 | 2021-07-23 12:57:00 -0400 | [diff] [blame] | 20 | SRC_URI[md5sum] = "504d1ab22cbc4d1a59a8d8c7ee5ed3bf" |
| 21 | SRC_URI[sha256sum] = "b296b7a21ea576c2b180611ccb19d06aec8dddaedf7c704b0c6a81210c25635f" |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 22 | |
| 23 | inherit autotools gettext pkgconfig |
| 24 | |
| 25 | # Use openssl because libgcrypt drops root privileges |
| 26 | # if libgcrypt is linked with libcap support |
| 27 | PACKAGECONFIG ??= " \ |
| 28 | keyring \ |
| 29 | cryptsetup \ |
| 30 | veritysetup \ |
| 31 | cryptsetup-reencrypt \ |
| 32 | integritysetup \ |
| 33 | ${@bb.utils.filter('DISTRO_FEATURES', 'selinux', d)} \ |
| 34 | kernel_crypto \ |
| 35 | internal-argon2 \ |
| 36 | blkid \ |
| 37 | luks-adjust-xts-keysize \ |
| 38 | openssl \ |
| 39 | " |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 40 | PACKAGECONFIG:append:class-target = " \ |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 41 | udev \ |
| 42 | " |
| 43 | |
| 44 | PACKAGECONFIG[keyring] = "--enable-keyring,--disable-keyring" |
| 45 | PACKAGECONFIG[fips] = "--enable-fips,--disable-fips" |
| 46 | PACKAGECONFIG[pwquality] = "--enable-pwquality,--disable-pwquality,libpwquality" |
| 47 | PACKAGECONFIG[passwdqc] = "--enable-passwdqc,--disable-passwdqc,passwdqc" |
| 48 | PACKAGECONFIG[cryptsetup] = "--enable-cryptsetup,--disable-cryptsetup" |
| 49 | PACKAGECONFIG[veritysetup] = "--enable-veritysetup,--disable-veritysetup" |
| 50 | PACKAGECONFIG[cryptsetup-reencrypt] = "--enable-cryptsetup-reencrypt,--disable-cryptsetup-reencrypt" |
| 51 | PACKAGECONFIG[integritysetup] = "--enable-integritysetup,--disable-integritysetup" |
| 52 | PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux" |
William A. Kennington III | 49e9566 | 2021-09-15 16:19:36 -0700 | [diff] [blame] | 53 | PACKAGECONFIG[udev] = "--enable-udev,--disable-udev,,udev lvm2-udevrules" |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 54 | PACKAGECONFIG[kernel_crypto] = "--enable-kernel_crypto,--disable-kernel_crypto" |
| 55 | # gcrypt-pkbdf2 requries --with-crypto_backend=gcrypt or the flag isn't |
| 56 | # recognized. |
| 57 | PACKAGECONFIG[gcrypt-pbkdf2] = "--enable-gcrypt-pbkdf2" |
| 58 | PACKAGECONFIG[internal-argon2] = "--enable-internal-argon2,--disable-internal-argon2" |
| 59 | PACKAGECONFIG[internal-sse-argon2] = "--enable-internal-sse-argon2,--disable-internal-sse-argon2" |
| 60 | PACKAGECONFIG[blkid] = "--enable-blkid,--disable-blkid,util-linux" |
| 61 | PACKAGECONFIG[dev-random] = "--enable-dev-random,--disable-dev-random" |
| 62 | PACKAGECONFIG[luks-adjust-xts-keysize] = "--enable-luks-adjust-xts-keysize,--disable-luks-adjust-xts-keysize" |
| 63 | PACKAGECONFIG[openssl] = "--with-crypto_backend=openssl,,openssl" |
| 64 | PACKAGECONFIG[gcrypt] = "--with-crypto_backend=gcrypt,,libgcrypt" |
| 65 | PACKAGECONFIG[nss] = "--with-crypto_backend=nss,,nss" |
| 66 | PACKAGECONFIG[kernel] = "--with-crypto_backend=kernel" |
| 67 | PACKAGECONFIG[nettle] = "--with-crypto_backend=nettle,,nettle" |
| 68 | PACKAGECONFIG[luks2] = "--with-default-luks-format=LUKS2,--with-default-luks-format=LUKS1" |
| 69 | |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 70 | EXTRA_OECONF = "--enable-static" |
| 71 | # Building without largefile is not supported by upstream |
| 72 | EXTRA_OECONF += "--enable-largefile" |
| 73 | # Requires a static popt library |
| 74 | EXTRA_OECONF += "--disable-static-cryptsetup" |
| 75 | # There's no recipe for libargon2 yet |
| 76 | EXTRA_OECONF += "--disable-libargon2" |
| 77 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 78 | FILES:${PN} += "${@bb.utils.contains('DISTRO_FEATURES','systemd','${exec_prefix}/lib/tmpfiles.d/cryptsetup.conf', '', d)}" |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 79 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 80 | RDEPENDS:${PN} = " \ |
Andrew Geissler | 6972109 | 2021-07-23 12:57:00 -0400 | [diff] [blame] | 81 | libdevmapper \ |
| 82 | " |
| 83 | |
Patrick Williams | 213cb26 | 2021-08-07 19:21:33 -0500 | [diff] [blame] | 84 | RRECOMMENDS:${PN}:class-target = " \ |
Andrew Geissler | 6972109 | 2021-07-23 12:57:00 -0400 | [diff] [blame] | 85 | kernel-module-aes-generic \ |
| 86 | kernel-module-dm-crypt \ |
| 87 | kernel-module-md5 \ |
| 88 | kernel-module-cbc \ |
| 89 | kernel-module-sha256-generic \ |
| 90 | kernel-module-xts \ |
| 91 | " |
| 92 | |
Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 93 | BBCLASSEXTEND = "native nativesdk" |