[dm-crypt] [ANNOUNCE] cryptsetup 1.7.2
gmazyland at gmail.com
Sat Jun 4 14:28:01 CEST 2016
The stable cryptsetup 1.7.2 release is available at
Please note that release packages are located on kernel.org
Feedback and bug reports are welcomed.
Cryptsetup 1.7.2 Release Notes
Changes since version 1.7.1
* Update LUKS documentation format.
Clarify fixed sector size and keyslots alignment.
* Support activation options for error handling modes in Linux kernel
--ignore-corruption - dm-verity just logs detected corruption
--restart-on-corruption - dm-verity restarts the kernel if corruption is detected
If the options above are not specified, default behavior for dm-verity remains.
Default is that I/O operation fails with I/O error if corrupted block is detected.
--ignore-zero-blocks - Instructs dm-verity to not verify blocks that are expected
to contain zeroes and always return zeroes directly instead.
NOTE that these options could have security or functional impacts,
do not use them without assessing the risks!
* Fix help text for cipher benchmark specification (mention --cipher option).
* Fix off-by-one error in maximum keyfile size.
Allow keyfiles up to compiled-in default and not that value minus one.
* Support resume of interrupted decryption in cryptsetup-reencrypt utility.
To resume decryption, LUKS device UUID (--uuid) option must be used.
* Do not use direct-io for LUKS header with unaligned keyslots.
Such headers were used only by the first cryptsetup-luks-1.0.0 release (2005).
* Fix device block size detection to properly work on particular file-based
containers over underlying devices with 4k sectors.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: OpenPGP digital signature
More information about the dm-crypt