about summary refs log tree commit diff
diff options
context:
space:
mode:
authorAndreas Rammhold <andreas@rammhold.de>2019-03-06 16:55:26 +0100
committerGitHub <noreply@github.com>2019-03-06 16:55:26 +0100
commit219b247e5b2eb60f01087b7d2d82ae60706e0254 (patch)
treec5fde96c0a819fdcde2b16ac74e350d1d1c24ca9
parent2c05b5ee20158ac7c112959e7403ade46980cbb4 (diff)
parent839a37fdd24d66b04fc8bd634ffab17598ec485c (diff)
downloadnixlib-219b247e5b2eb60f01087b7d2d82ae60706e0254.tar
nixlib-219b247e5b2eb60f01087b7d2d82ae60706e0254.tar.gz
nixlib-219b247e5b2eb60f01087b7d2d82ae60706e0254.tar.bz2
nixlib-219b247e5b2eb60f01087b7d2d82ae60706e0254.tar.lz
nixlib-219b247e5b2eb60f01087b7d2d82ae60706e0254.tar.xz
nixlib-219b247e5b2eb60f01087b7d2d82ae60706e0254.tar.zst
nixlib-219b247e5b2eb60f01087b7d2d82ae60706e0254.zip
Merge pull request #56607 from andir/cryptsetup-2.1
cryptsetup: 2.0.6 -> 2.1.0
Diffstat
-rw-r--r--nixos/tests/installer.nix70
-rw-r--r--pkgs/os-specific/linux/cryptsetup/default.nix6
2 files changed, 42 insertions, 34 deletions
diff --git a/nixos/tests/installer.nix b/nixos/tests/installer.nix
index 2553a0d116ae..5e363f5d09e9 100644
--- a/nixos/tests/installer.nix
+++ b/nixos/tests/installer.nix
@@ -273,6 +273,37 @@ let
       };
     };
 
+    makeLuksRootTest = name: luksFormatOpts: makeInstallerTest "luksroot-format2"
+      { createPartitions = ''
+          $machine->succeed(
+            "flock /dev/vda parted --script /dev/vda -- mklabel msdos"
+            . " mkpart primary ext2 1M 50MB" # /boot
+            . " mkpart primary linux-swap 50M 1024M"
+            . " mkpart primary 1024M -1s", # LUKS
+            "udevadm settle",
+            "mkswap /dev/vda2 -L swap",
+            "swapon -L swap",
+            "modprobe dm_mod dm_crypt",
+            "echo -n supersecret | cryptsetup luksFormat ${luksFormatOpts} -q /dev/vda3 -",
+            "echo -n supersecret | cryptsetup luksOpen --key-file - /dev/vda3 cryptroot",
+            "mkfs.ext3 -L nixos /dev/mapper/cryptroot",
+            "mount LABEL=nixos /mnt",
+            "mkfs.ext3 -L boot /dev/vda1",
+            "mkdir -p /mnt/boot",
+            "mount LABEL=boot /mnt/boot",
+          );
+        '';
+        extraConfig = ''
+          boot.kernelParams = lib.mkAfter [ "console=tty0" ];
+        '';
+        enableOCR = true;
+        preBootCommands = ''
+          $machine->start;
+          $machine->waitForText(qr/Passphrase for/);
+          $machine->sendChars("supersecret\n");
+        '';
+      };
+
 
 in {
 
@@ -446,37 +477,14 @@ in {
         '';
     };
 
-  # Boot off an encrypted root partition
-  luksroot = makeInstallerTest "luksroot"
-    { createPartitions = ''
-        $machine->succeed(
-          "flock /dev/vda parted --script /dev/vda -- mklabel msdos"
-          . " mkpart primary ext2 1M 50MB" # /boot
-          . " mkpart primary linux-swap 50M 1024M"
-          . " mkpart primary 1024M -1s", # LUKS
-          "udevadm settle",
-          "mkswap /dev/vda2 -L swap",
-          "swapon -L swap",
-          "modprobe dm_mod dm_crypt",
-          "echo -n supersecret | cryptsetup luksFormat -q /dev/vda3 -",
-          "echo -n supersecret | cryptsetup luksOpen --key-file - /dev/vda3 cryptroot",
-          "mkfs.ext3 -L nixos /dev/mapper/cryptroot",
-          "mount LABEL=nixos /mnt",
-          "mkfs.ext3 -L boot /dev/vda1",
-          "mkdir -p /mnt/boot",
-          "mount LABEL=boot /mnt/boot",
-        );
-      '';
-      extraConfig = ''
-        boot.kernelParams = lib.mkAfter [ "console=tty0" ];
-      '';
-      enableOCR = true;
-      preBootCommands = ''
-        $machine->start;
-        $machine->waitForText(qr/Passphrase for/);
-        $machine->sendChars("supersecret\n");
-      '';
-    };
+  # Boot off an encrypted root partition with the default LUKS header format
+  luksroot = makeLuksRootTest "luksroot-format1" "";
+
+  # Boot off an encrypted root partition with LUKS1 format
+  luksroot-format1 = makeLuksRootTest "luksroot-format1" "--type=LUKS1";
+
+  # Boot off an encrypted root partition with LUKS2 format
+  luksroot-format2 = makeLuksRootTest "luksroot-format2" "--type=LUKS2";
 
   # Test whether opening encrypted filesystem with keyfile
   # Checks for regression of missing cryptsetup, when no luks device without
diff --git a/pkgs/os-specific/linux/cryptsetup/default.nix b/pkgs/os-specific/linux/cryptsetup/default.nix
index f4c83a58823c..fac62597013c 100644
--- a/pkgs/os-specific/linux/cryptsetup/default.nix
+++ b/pkgs/os-specific/linux/cryptsetup/default.nix
@@ -5,13 +5,13 @@
 assert enablePython -> python2 != null;
 
 stdenv.mkDerivation rec {
-  name = "cryptsetup-2.0.6";
+  name = "cryptsetup-2.1.0";
 
   outputs = [ "out" "dev" "man" ];
 
   src = fetchurl {
-    url = "mirror://kernel/linux/utils/cryptsetup/v2.0/${name}.tar.xz";
-    sha256 = "0c1x125s7p4ps13spsqrcsd9dclz01vsrchmypq9msp7y3hgllbw";
+    url = "mirror://kernel/linux/utils/cryptsetup/v2.1/${name}.tar.xz";
+    sha256 = "15y8n547garz0x5kqv09gscdsrz0c0y1y6c5cp8pccwg3xsb5vm3";
   };
 
   # Disable 4 test cases that fail in a sandbox
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-31 20:03:23 +0000