-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
0366fb6
commit a53802e
Showing
495 changed files
with
55,703 additions
and
25,765 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,61 @@ | ||
.pc/ | ||
po/*gmo | ||
*~ | ||
Makefile | ||
Makefile.in | ||
Makefile.in.in | ||
*.lo | ||
*.la | ||
*.o | ||
*.so | ||
*.8 | ||
**/*.dirstamp | ||
.deps/ | ||
.libs/ | ||
src/cryptsetup | ||
src/veritysetup | ||
ABOUT-NLS | ||
aclocal.m4 | ||
autom4te.cache/ | ||
compile | ||
config.guess | ||
config.h | ||
config.h.in | ||
config.log | ||
config.rpath | ||
config.status | ||
config.sub | ||
configure | ||
cryptsetup | ||
cryptsetup-reencrypt | ||
cryptsetup-ssh | ||
depcomp | ||
install-sh | ||
integritysetup | ||
lib/libcryptsetup.pc | ||
libtool | ||
ltmain.sh | ||
m4/ | ||
missing | ||
po/Makevars.template | ||
po/POTFILES | ||
po/Rules-quot | ||
po/*.header | ||
po/*.sed | ||
po/*.sin | ||
po/stamp-po | ||
scripts/cryptsetup.conf | ||
stamp-h1 | ||
veritysetup | ||
tests/valglog.* | ||
*/*.dirstamp | ||
*-debug-luks2-backup* | ||
tests/api-test | ||
tests/api-test-2 | ||
tests/differ | ||
tests/luks1-images | ||
tests/tcrypt-images | ||
tests/unit-utils-io | ||
tests/vectors-test | ||
tests/test-symbols-list.h | ||
tests/all-symbols-test | ||
tests/fuzz/LUKS2.pb* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,46 +1,23 @@ | ||
default: | ||
before_script: | ||
- sudo apt-get -y update --fix-missing | ||
- > | ||
sudo apt-get -y install -y -qq git gcc make | ||
autoconf automake autopoint pkg-config libtool libtool-bin gettext | ||
libssl-dev libdevmapper-dev libpopt-dev uuid-dev libsepol1-dev | ||
libjson-c-dev libssh-dev libblkid-dev tar libargon2-0-dev | ||
libpwquality-dev sharutils dmsetup jq xxd expect keyutils | ||
netcat passwd openssh-client sshpass | ||
- sudo apt-get -y build-dep cryptsetup | ||
- sudo -E git clean -xdf | ||
- ./autogen.sh | ||
- ./configure --enable-libargon2 | ||
|
||
stages: | ||
- test | ||
|
||
# Merge request: Build and run only non-root tests | ||
test-mergerq-job: | ||
stage: test | ||
interruptible: true | ||
rules: | ||
- if: $CI_PROJECT_PATH != "cryptsetup/cryptsetup" | ||
when: never | ||
- if: $CI_PIPELINE_SOURCE == "merge_request_event" | ||
script: | ||
- make -j | ||
- make -j -C tests check-programs | ||
- make check | ||
.dump_kernel_log: | ||
after_script: | ||
- sudo dmesg > /mnt/artifacts/dmesg.log | ||
- sudo journalctl > /mnt/artifacts/journalctl.log | ||
- '[ "$(ls -A /var/coredumps)" ] && exit 1 || true' | ||
|
||
# For main branch commit, run all tests as root | ||
test-main-commit-job: | ||
stage: test | ||
interruptible: true | ||
variables: | ||
RUN_SSH_PLUGIN_TEST: "1" | ||
rules: | ||
- if: $CI_PROJECT_PATH != "cryptsetup/cryptsetup" | ||
when: never | ||
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH | ||
script: | ||
- make -j | ||
- make -j -C tests check-programs | ||
- sudo -E make check | ||
- sudo -E make clean | ||
include: | ||
- local: .gitlab/ci/debian.yml | ||
- local: .gitlab/ci/fedora.yml | ||
- local: .gitlab/ci/rhel.yml | ||
- local: .gitlab/ci/centos.yml | ||
- local: .gitlab/ci/annocheck.yml | ||
- local: .gitlab/ci/csmock.yml | ||
- local: .gitlab/ci/gitlab-shared-docker.yml | ||
- local: .gitlab/ci/compilation-various-disables.yml | ||
- local: .gitlab/ci/compilation-gcc.gitlab-ci.yml | ||
- local: .gitlab/ci/compilation-clang.gitlab-ci.yml | ||
- local: .gitlab/ci/alpinelinux.yml | ||
- local: .gitlab/ci/ubuntu-32bit.yml | ||
- local: .gitlab/ci/cifuzz.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
.alpinelinux-dependencies: | ||
after_script: | ||
- sudo dmesg > /mnt/artifacts/dmesg.log | ||
- sudo cp /var/log/messages /mnt/artifacts/ | ||
- '[ "$(ls -A /var/coredumps)" ] && exit 1 || true' | ||
before_script: | ||
- > | ||
sudo apk add | ||
lvm2-dev openssl1.1-compat-dev popt-dev util-linux-dev json-c-dev | ||
argon2-dev device-mapper which sharutils gettext gettext-dev automake | ||
autoconf libtool build-base keyutils tar jq expect git asciidoctor | ||
- ./autogen.sh | ||
- ./configure --prefix=/usr --libdir=/lib --sbindir=/sbin --disable-static --enable-libargon2 --with-crypto_backend=openssl --disable-external-tokens --disable-ssh-token --enable-asciidoc | ||
|
||
test-main-commit-job-alpinelinux: | ||
extends: | ||
- .alpinelinux-dependencies | ||
tags: | ||
- libvirt | ||
- alpinelinux | ||
stage: test | ||
interruptible: true | ||
variables: | ||
RUN_SSH_PLUGIN_TEST: "0" | ||
rules: | ||
- if: $RUN_SYSTEMD_PLUGIN_TEST != null | ||
when: never | ||
- if: $CI_PROJECT_PATH != "cryptsetup/cryptsetup" | ||
when: never | ||
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ /v2\..\.x$/ | ||
script: | ||
- make -j | ||
- make -j -C tests check-programs | ||
- sudo -E make check | ||
|
||
test-mergerq-job-alpinelinux: | ||
extends: | ||
- .alpinelinux-dependencies | ||
tags: | ||
- libvirt | ||
- alpinelinux | ||
stage: test | ||
interruptible: true | ||
variables: | ||
RUN_SSH_PLUGIN_TEST: "0" | ||
rules: | ||
- if: $RUN_SYSTEMD_PLUGIN_TEST != null | ||
when: never | ||
- if: $CI_PROJECT_PATH != "cryptsetup/cryptsetup" | ||
when: never | ||
- if: $CI_PIPELINE_SOURCE == "merge_request_event" | ||
script: | ||
- make -j | ||
- make -j -C tests check-programs | ||
- sudo -E make check |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
test-main-commit-job-annocheck: | ||
extends: | ||
- .dump_kernel_log | ||
tags: | ||
- libvirt | ||
- rhel9-annocheck | ||
stage: test | ||
interruptible: true | ||
allow_failure: true | ||
variables: | ||
RUN_SSH_PLUGIN_TEST: "1" | ||
rules: | ||
- if: $CI_PROJECT_PATH != "cryptsetup/cryptsetup" | ||
when: never | ||
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ /v2\..\.x$/ | ||
script: | ||
- /opt/build-rpm-script.sh > /dev/null 2>&1 | ||
- annocheck /var/lib/mock/rhel-9.0.0-candidate-x86_64/result/*.rpm --profile=el9 | ||
- annocheck /var/lib/mock/rhel-9.0.0-candidate-x86_64/result/*.rpm --profile=el8 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,59 @@ | ||
.centos-openssl-backend: | ||
extends: | ||
- .dump_kernel_log | ||
before_script: | ||
- > | ||
sudo dnf -y -q install | ||
autoconf automake device-mapper-devel gcc gettext-devel json-c-devel | ||
libblkid-devel libpwquality-devel libselinux-devel libssh-devel libtool | ||
libuuid-devel make popt-devel libsepol-devel nc openssh-clients passwd | ||
pkgconfig sharutils sshpass tar uuid-devel vim-common device-mapper | ||
expect gettext git jq keyutils openssl-devel openssl gem | ||
- sudo gem install asciidoctor | ||
- sudo -E git clean -xdf | ||
- ./autogen.sh | ||
- ./configure --enable-fips --enable-pwquality --with-crypto_backend=openssl --enable-asciidoc | ||
|
||
# non-FIPS jobs | ||
|
||
test-main-commit-centos-stream9: | ||
extends: | ||
- .centos-openssl-backend | ||
tags: | ||
- libvirt | ||
- centos-stream9 | ||
stage: test | ||
interruptible: true | ||
variables: | ||
RUN_SSH_PLUGIN_TEST: "1" | ||
rules: | ||
- if: $RUN_SYSTEMD_PLUGIN_TEST != null | ||
when: never | ||
- if: $CI_PROJECT_PATH != "cryptsetup/cryptsetup" | ||
when: never | ||
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ /v2\..\.x$/ | ||
script: | ||
- make -j | ||
- make -j -C tests check-programs | ||
- sudo -E make check | ||
|
||
test-mergerq-centos-stream9: | ||
extends: | ||
- .centos-openssl-backend | ||
tags: | ||
- libvirt | ||
- centos-stream9 | ||
stage: test | ||
interruptible: true | ||
variables: | ||
RUN_SSH_PLUGIN_TEST: "1" | ||
rules: | ||
- if: $RUN_SYSTEMD_PLUGIN_TEST != null | ||
when: never | ||
- if: $CI_PROJECT_PATH != "cryptsetup/cryptsetup" | ||
when: never | ||
- if: $CI_PIPELINE_SOURCE == "merge_request_event" | ||
script: | ||
- make -j | ||
- make -j -C tests check-programs | ||
- sudo -E make check |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
#!/bin/bash | ||
|
||
set -ex | ||
|
||
PACKAGES=( | ||
git make autoconf automake autopoint pkg-config libtool libtool-bin | ||
gettext libssl-dev libdevmapper-dev libpopt-dev uuid-dev libsepol-dev | ||
libjson-c-dev libssh-dev libblkid-dev tar libargon2-0-dev libpwquality-dev | ||
sharutils dmsetup jq xxd expect keyutils netcat passwd openssh-client sshpass | ||
asciidoctor | ||
) | ||
|
||
COMPILER="${COMPILER:?}" | ||
COMPILER_VERSION="${COMPILER_VERSION:?}" | ||
|
||
grep -E '^deb' /etc/apt/sources.list > /etc/apt/sources.list~ | ||
sed -Ei 's/^deb /deb-src /' /etc/apt/sources.list~ | ||
cat /etc/apt/sources.list~ >> /etc/apt/sources.list | ||
|
||
apt-get -y update --fix-missing | ||
DEBIAN_FRONTEND=noninteractive apt-get -yq install software-properties-common wget lsb-release | ||
RELEASE="$(lsb_release -cs)" | ||
|
||
if [[ $COMPILER == "gcc" ]]; then | ||
# Latest gcc stack deb packages provided by | ||
# https://launchpad.net/~ubuntu-toolchain-r/+archive/ubuntu/test | ||
add-apt-repository -y ppa:ubuntu-toolchain-r/test | ||
PACKAGES+=(gcc-$COMPILER_VERSION) | ||
elif [[ $COMPILER == "clang" ]]; then | ||
wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add - | ||
add-apt-repository "deb http://apt.llvm.org/${RELEASE}/ llvm-toolchain-${RELEASE}-${COMPILER_VERSION} main" | ||
|
||
# scan-build | ||
PACKAGES+=(clang-tools-$COMPILER_VERSION clang-$COMPILER_VERSION lldb-$COMPILER_VERSION lld-$COMPILER_VERSION clangd-$COMPILER_VERSION) | ||
PACKAGES+=(perl) | ||
else | ||
exit 1 | ||
fi | ||
|
||
apt-get -y update --fix-missing | ||
DEBIAN_FRONTEND=noninteractive apt-get -yq install "${PACKAGES[@]}" | ||
apt-get -y build-dep cryptsetup | ||
|
||
echo "====================== VERSIONS ===================" | ||
if [[ $COMPILER == "clang" ]]; then | ||
echo "Using scan-build${COMPILER_VERSION:+-$COMPILER_VERSION}" | ||
fi | ||
|
||
${COMPILER}-$COMPILER_VERSION -v | ||
echo "====================== END VERSIONS ===================" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
cifuzz: | ||
variables: | ||
OSS_FUZZ_PROJECT_NAME: cryptsetup | ||
CFL_PLATFORM: gitlab | ||
CIFUZZ_DEBUG: "True" | ||
FUZZ_SECONDS: 300 # 5 minutes per fuzzer | ||
ARCHITECTURE: "x86_64" | ||
DRY_RUN: "False" | ||
LOW_DISK_SPACE: "True" | ||
BAD_BUILD_CHECK: "True" | ||
LANGUAGE: "c" | ||
DOCKER_HOST: "tcp://docker:2375" | ||
DOCKER_IN_DOCKER: "true" | ||
DOCKER_DRIVER: overlay2 | ||
DOCKER_TLS_CERTDIR: "" | ||
image: | ||
name: gcr.io/oss-fuzz-base/cifuzz-base | ||
entrypoint: [""] | ||
services: | ||
- docker:dind | ||
|
||
stage: test | ||
parallel: | ||
matrix: | ||
- SANITIZER: [address, undefined, memory] | ||
rules: | ||
# Default code change. | ||
# - if: $CI_PIPELINE_SOURCE == "merge_request_event" | ||
# variables: | ||
# MODE: "code-change" | ||
- if: $CI_PROJECT_PATH != "cryptsetup/cryptsetup" | ||
when: never | ||
- if: $BUILD_AND_RUN_FUZZERS != null | ||
before_script: | ||
# Get gitlab's container id. | ||
- export CFL_CONTAINER_ID=`cut -c9- < /proc/1/cpuset` | ||
script: | ||
# Will build and run the fuzzers. | ||
# We use a hack to override CI_JOB_ID, because otherwise a bad path is used | ||
# in GitLab CI environment | ||
- CI_JOB_ID="$CI_PROJECT_NAMESPACE/$CI_PROJECT_TITLE" python3 "/opt/oss-fuzz/infra/cifuzz/cifuzz_combined_entrypoint.py" | ||
artifacts: | ||
# Upload artifacts when a crash makes the job fail. | ||
when: always | ||
paths: | ||
- artifacts/ |
Oops, something went wrong.