| Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 1 | SUMMARY = "Manage plain dm-crypt and LUKS encrypted volumes" |
| 2 | DESCRIPTION = "Cryptsetup is used to conveniently setup dm-crypt managed \ |
| 3 | device-mapper mappings. These include plain dm-crypt volumes and \ |
| 4 | LUKS volumes. The difference is that LUKS uses a metadata header \ |
| 5 | and can hence offer more features than plain dm-crypt. On the other \ |
| 6 | hand, the header is visible and vulnerable to damage." |
| 7 | HOMEPAGE = "https://gitlab.com/cryptsetup/cryptsetup" |
| 8 | SECTION = "console" |
| 9 | LICENSE = "GPL-2.0-with-OpenSSL-exception" |
| 10 | LIC_FILES_CHKSUM = "file://COPYING;md5=32107dd283b1dfeb66c9b3e6be312326" |
| 11 | |
| Brad Bishop | 15ae250 | 2019-06-18 21:44:24 -0400 | [diff] [blame] | 12 | DEPENDS = " \ |
| 13 | json-c \ |
| 14 | libdevmapper \ |
| 15 | popt \ |
| 16 | util-linux \ |
| 17 | " |
| Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 18 | |
| Brad Bishop | 0f291cc | 2019-09-01 15:16:57 -0400 | [diff] [blame^] | 19 | RDEPENDS_${PN} = " \ |
| 20 | libdevmapper \ |
| 21 | " |
| 22 | |
| Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 23 | SRC_URI = "${KERNELORG_MIRROR}/linux/utils/${BPN}/v${@d.getVar('PV').split('.')[0]}.${@d.getVar('PV').split('.')[1]}/${BP}.tar.xz" |
| Brad Bishop | 665fd02 | 2019-08-26 01:32:28 -0400 | [diff] [blame] | 24 | SRC_URI[md5sum] = "f7818082056e5bc0be12e4c7fc20345a" |
| 25 | SRC_URI[sha256sum] = "9d8f8cac2836a1623c075b5cba96032271dc81a28b2aa27fbd8331e831416bb1" |
| Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 26 | |
| 27 | inherit autotools gettext pkgconfig |
| 28 | |
| 29 | # Use openssl because libgcrypt drops root privileges |
| 30 | # if libgcrypt is linked with libcap support |
| Brad Bishop | 15ae250 | 2019-06-18 21:44:24 -0400 | [diff] [blame] | 31 | PACKAGECONFIG ??= " \ |
| 32 | keyring \ |
| 33 | cryptsetup \ |
| 34 | veritysetup \ |
| 35 | cryptsetup-reencrypt \ |
| 36 | integritysetup \ |
| 37 | ${@bb.utils.filter('DISTRO_FEATURES', 'selinux', d)} \ |
| Brad Bishop | 15ae250 | 2019-06-18 21:44:24 -0400 | [diff] [blame] | 38 | kernel_crypto \ |
| 39 | internal-argon2 \ |
| 40 | blkid \ |
| 41 | luks-adjust-xts-keysize \ |
| 42 | openssl \ |
| 43 | " |
| Brad Bishop | 26bdd44 | 2019-08-16 17:08:17 -0400 | [diff] [blame] | 44 | PACKAGECONFIG_append_class-target = " \ |
| 45 | udev \ |
| 46 | " |
| Brad Bishop | 15ae250 | 2019-06-18 21:44:24 -0400 | [diff] [blame] | 47 | |
| 48 | PACKAGECONFIG[keyring] = "--enable-keyring,--disable-keyring" |
| 49 | PACKAGECONFIG[fips] = "--enable-fips,--disable-fips" |
| 50 | PACKAGECONFIG[pwquality] = "--enable-pwquality,--disable-pwquality,libpwquality" |
| 51 | PACKAGECONFIG[passwdqc] = "--enable-passwdqc,--disable-passwdqc,passwdqc" |
| 52 | PACKAGECONFIG[cryptsetup] = "--enable-cryptsetup,--disable-cryptsetup" |
| 53 | PACKAGECONFIG[veritysetup] = "--enable-veritysetup,--disable-veritysetup" |
| 54 | PACKAGECONFIG[cryptsetup-reencrypt] = "--enable-cryptsetup-reencrypt,--disable-cryptsetup-reencrypt" |
| 55 | PACKAGECONFIG[integritysetup] = "--enable-integritysetup,--disable-integritysetup" |
| 56 | PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux" |
| Brad Bishop | 26bdd44 | 2019-08-16 17:08:17 -0400 | [diff] [blame] | 57 | PACKAGECONFIG[udev] = "--enable-udev,--disable-udev,,udev" |
| Brad Bishop | 15ae250 | 2019-06-18 21:44:24 -0400 | [diff] [blame] | 58 | PACKAGECONFIG[kernel_crypto] = "--enable-kernel_crypto,--disable-kernel_crypto" |
| 59 | # gcrypt-pkbdf2 requries --with-crypto_backend=gcrypt or the flag isn't |
| 60 | # recognized. |
| 61 | PACKAGECONFIG[gcrypt-pbkdf2] = "--enable-gcrypt-pbkdf2" |
| 62 | PACKAGECONFIG[internal-argon2] = "--enable-internal-argon2,--disable-internal-argon2" |
| 63 | PACKAGECONFIG[internal-sse-argon2] = "--enable-internal-sse-argon2,--disable-internal-sse-argon2" |
| 64 | PACKAGECONFIG[blkid] = "--enable-blkid,--disable-blkid,util-linux" |
| 65 | PACKAGECONFIG[dev-random] = "--enable-dev-random,--disable-dev-random" |
| 66 | PACKAGECONFIG[luks-adjust-xts-keysize] = "--enable-luks-adjust-xts-keysize,--disable-luks-adjust-xts-keysize" |
| Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 67 | PACKAGECONFIG[openssl] = "--with-crypto_backend=openssl,,openssl" |
| 68 | PACKAGECONFIG[gcrypt] = "--with-crypto_backend=gcrypt,,libgcrypt" |
| Brad Bishop | 15ae250 | 2019-06-18 21:44:24 -0400 | [diff] [blame] | 69 | PACKAGECONFIG[nss] = "--with-crypto_backend=nss,,nss" |
| 70 | PACKAGECONFIG[kernel] = "--with-crypto_backend=kernel" |
| 71 | PACKAGECONFIG[nettle] = "--with-crypto_backend=nettle,,nettle" |
| Brad Bishop | 26bdd44 | 2019-08-16 17:08:17 -0400 | [diff] [blame] | 72 | PACKAGECONFIG[luks2] = "--with-default-luks-format=LUKS2,--with-default-luks-format=LUKS1" |
| Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 73 | |
| 74 | RRECOMMENDS_${PN} = "kernel-module-aes-generic \ |
| 75 | kernel-module-dm-crypt \ |
| 76 | kernel-module-md5 \ |
| 77 | kernel-module-cbc \ |
| 78 | kernel-module-sha256-generic \ |
| 79 | kernel-module-xts \ |
| 80 | " |
| 81 | |
| 82 | EXTRA_OECONF = "--enable-static" |
| Brad Bishop | 15ae250 | 2019-06-18 21:44:24 -0400 | [diff] [blame] | 83 | # Building without largefile is not supported by upstream |
| 84 | EXTRA_OECONF += "--enable-largefile" |
| 85 | # Requires a static popt library |
| 86 | EXTRA_OECONF += "--disable-static-cryptsetup" |
| 87 | # There's no recipe for libargon2 yet |
| 88 | EXTRA_OECONF += "--disable-libargon2" |
| Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame] | 89 | |
| 90 | FILES_${PN} += "${@bb.utils.contains('DISTRO_FEATURES','systemd','${exec_prefix}/lib/tmpfiles.d/cryptsetup.conf', '', d)}" |
| 91 | |
| 92 | BBCLASSEXTEND = "native nativesdk" |