blob: 806a05e8f2d1358514a039462a58d6ff16902283 [file] [log] [blame]
Andrew Geissler82c905d2020-04-13 13:39:40 -05001SUMMARY = "Manage plain dm-crypt and LUKS encrypted volumes"
2DESCRIPTION = "Cryptsetup is used to conveniently setup dm-crypt managed \
3device-mapper mappings. These include plain dm-crypt volumes and \
4LUKS volumes. The difference is that LUKS uses a metadata header \
5and can hence offer more features than plain dm-crypt. On the other \
6hand, the header is visible and vulnerable to damage."
7HOMEPAGE = "https://gitlab.com/cryptsetup/cryptsetup"
8SECTION = "console"
9LICENSE = "GPL-2.0-with-OpenSSL-exception"
10LIC_FILES_CHKSUM = "file://COPYING;md5=32107dd283b1dfeb66c9b3e6be312326"
11
12DEPENDS = " \
13 json-c \
14 libdevmapper \
15 popt \
Andrew Geissler32b11992021-03-31 13:37:05 -050016 util-linux-libuuid \
Andrew Geissler82c905d2020-04-13 13:39:40 -050017"
18
Andrew Geissler82c905d2020-04-13 13:39:40 -050019SRC_URI = "${KERNELORG_MIRROR}/linux/utils/${BPN}/v${@d.getVar('PV').split('.')[0]}.${@d.getVar('PV').split('.')[1]}/${BP}.tar.xz"
Andrew Geissler69721092021-07-23 12:57:00 -040020SRC_URI[md5sum] = "504d1ab22cbc4d1a59a8d8c7ee5ed3bf"
21SRC_URI[sha256sum] = "b296b7a21ea576c2b180611ccb19d06aec8dddaedf7c704b0c6a81210c25635f"
Andrew Geissler82c905d2020-04-13 13:39:40 -050022
23inherit autotools gettext pkgconfig
24
25# Use openssl because libgcrypt drops root privileges
26# if libgcrypt is linked with libcap support
27PACKAGECONFIG ??= " \
28 keyring \
29 cryptsetup \
30 veritysetup \
31 cryptsetup-reencrypt \
32 integritysetup \
33 ${@bb.utils.filter('DISTRO_FEATURES', 'selinux', d)} \
34 kernel_crypto \
35 internal-argon2 \
36 blkid \
37 luks-adjust-xts-keysize \
38 openssl \
39"
Patrick Williams213cb262021-08-07 19:21:33 -050040PACKAGECONFIG:append:class-target = " \
Andrew Geissler82c905d2020-04-13 13:39:40 -050041 udev \
42"
43
44PACKAGECONFIG[keyring] = "--enable-keyring,--disable-keyring"
45PACKAGECONFIG[fips] = "--enable-fips,--disable-fips"
46PACKAGECONFIG[pwquality] = "--enable-pwquality,--disable-pwquality,libpwquality"
47PACKAGECONFIG[passwdqc] = "--enable-passwdqc,--disable-passwdqc,passwdqc"
48PACKAGECONFIG[cryptsetup] = "--enable-cryptsetup,--disable-cryptsetup"
49PACKAGECONFIG[veritysetup] = "--enable-veritysetup,--disable-veritysetup"
50PACKAGECONFIG[cryptsetup-reencrypt] = "--enable-cryptsetup-reencrypt,--disable-cryptsetup-reencrypt"
51PACKAGECONFIG[integritysetup] = "--enable-integritysetup,--disable-integritysetup"
52PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux"
William A. Kennington III49e95662021-09-15 16:19:36 -070053PACKAGECONFIG[udev] = "--enable-udev,--disable-udev,,udev lvm2-udevrules"
Andrew Geissler82c905d2020-04-13 13:39:40 -050054PACKAGECONFIG[kernel_crypto] = "--enable-kernel_crypto,--disable-kernel_crypto"
55# gcrypt-pkbdf2 requries --with-crypto_backend=gcrypt or the flag isn't
56# recognized.
57PACKAGECONFIG[gcrypt-pbkdf2] = "--enable-gcrypt-pbkdf2"
58PACKAGECONFIG[internal-argon2] = "--enable-internal-argon2,--disable-internal-argon2"
59PACKAGECONFIG[internal-sse-argon2] = "--enable-internal-sse-argon2,--disable-internal-sse-argon2"
60PACKAGECONFIG[blkid] = "--enable-blkid,--disable-blkid,util-linux"
61PACKAGECONFIG[dev-random] = "--enable-dev-random,--disable-dev-random"
62PACKAGECONFIG[luks-adjust-xts-keysize] = "--enable-luks-adjust-xts-keysize,--disable-luks-adjust-xts-keysize"
63PACKAGECONFIG[openssl] = "--with-crypto_backend=openssl,,openssl"
64PACKAGECONFIG[gcrypt] = "--with-crypto_backend=gcrypt,,libgcrypt"
65PACKAGECONFIG[nss] = "--with-crypto_backend=nss,,nss"
66PACKAGECONFIG[kernel] = "--with-crypto_backend=kernel"
67PACKAGECONFIG[nettle] = "--with-crypto_backend=nettle,,nettle"
68PACKAGECONFIG[luks2] = "--with-default-luks-format=LUKS2,--with-default-luks-format=LUKS1"
69
Andrew Geissler82c905d2020-04-13 13:39:40 -050070EXTRA_OECONF = "--enable-static"
71# Building without largefile is not supported by upstream
72EXTRA_OECONF += "--enable-largefile"
73# Requires a static popt library
74EXTRA_OECONF += "--disable-static-cryptsetup"
75# There's no recipe for libargon2 yet
76EXTRA_OECONF += "--disable-libargon2"
77
Patrick Williams213cb262021-08-07 19:21:33 -050078FILES:${PN} += "${@bb.utils.contains('DISTRO_FEATURES','systemd','${exec_prefix}/lib/tmpfiles.d/cryptsetup.conf', '', d)}"
Andrew Geissler82c905d2020-04-13 13:39:40 -050079
Patrick Williams213cb262021-08-07 19:21:33 -050080RDEPENDS:${PN} = " \
Andrew Geissler69721092021-07-23 12:57:00 -040081 libdevmapper \
82"
83
Patrick Williams213cb262021-08-07 19:21:33 -050084RRECOMMENDS:${PN}:class-target = " \
Andrew Geissler69721092021-07-23 12:57:00 -040085 kernel-module-aes-generic \
86 kernel-module-dm-crypt \
87 kernel-module-md5 \
88 kernel-module-cbc \
89 kernel-module-sha256-generic \
90 kernel-module-xts \
91"
92
Andrew Geissler82c905d2020-04-13 13:39:40 -050093BBCLASSEXTEND = "native nativesdk"