Reworked various locking/settling safeguards (rebase against 53e3552a)

ChangeLog

@@ -1,5 +1,11 @@
 ChangeLog for cryptmount (http://cryptmount.sourceforge.net)
 
+01Oct22	- Improved udev settling schedule and filesystem syncs
+	Added partial support for compiling against libgcrypt-1.7
+
+25Sep22	- Improved waiting schedule for inter-process status locks
+	Improved stability of tests against legacy cryptsetup
+
 11Sep22	- Revised installation instructions and top-level README
 
 03Sep22	- *** cryptmount-6.0 released

INSTALL.md

@@ -32,7 +32,8 @@ packages to be available, and should be driven by the "configure" script.
 
 If the configure script is missing, for example if working with a clone of
 cryptmount's [GitHub repository](https://github.com/rwpenney/cryptmount),
-then you may need to set up autoconf (version 2.61 or later), and run
+then you may need to set up [autoconf](https://www.gnu.org/software/autoconf/)
+(version 2.61 or later), and run
 
     aclocal; autoconf; automake -a -c -i
 

Makefile.am

@@ -24,7 +24,7 @@ endif
 localedir=$(datadir)/locale
 AM_CPPFLAGS += -DLOCALEDIR=\"$(localedir)\"
 EXTRA_DIST = config.rpath mkinstalldirs cmtab.example \
-	INSTALL.md README.md  README.sshfs RELNOTES cryptmount.spec \
+	INSTALL.md README.md README.sshfs RELNOTES cryptmount.spec \
 	debian/changelog debian/control \
 	debian/copyright debian/docs \
 	debian/rules debian/cryptmount.lintian-overrides \
@@ -89,6 +89,8 @@ cmtest:	CFLAGS = -Wall -g -DTESTING -DCM_SRCDIR=\"${abs_srcdir}\"
 cmtest:	${bin_PROGRAMS}
 	${MAKE} -C testing autokeys mudslinger
 
+test:	cmtest
+	cd testing && sudo ./mudslinger
 
 .PHONY:	depend
 depend:

README.md

@@ -18,14 +18,20 @@ or raw disk partitions.
 ## Installation
 
 To build cryptmount from source, please follow the instructions in
-the file 'INSTALL.md' in the same directory as this file.
+the [INSTALL.md](https://github.com/rwpenney/cryptmount/blob/master/INSTALL.md)
+file in the top directory of the source package.
 
-cryptmount has been tested (using the ["mudslinger"](testing/mudslinger.in) script
-on a variety of GNU/Linux platforms including:
-Debian 11.0, Ubuntu 20.04, CentOS 7.6, ArchLinux etc.
+cryptmount has been tested on a wide variety of GNU/Linux platforms including:
+[ArchLinux](https://aur.archlinux.org/packages/cryptmount),
+CentOS, [Debian](https://packages.debian.org/stable/cryptmount), Fedora,
+[Gentoo](https://packages.gentoo.org/packages/sys-fs/cryptmount),
+[Mageia](https://madb.mageia.org/package/show/source/1/application/0/release/cauldron/name/cryptmount),
+[Ubuntu](https://packages.ubuntu.com/jammy/cryptmount) etc.
 
 For the most recent source-bundles of cryptmount, please see
-[Sourceforge](http://www.sourceforge.net/projects/cryptmount).
+[Sourceforge](http://www.sourceforge.net/projects/cryptmount),
+or find the latest developer versions
+on [GitHub](https://github.com/rwpenney/cryptmount).
 
 An encrypted filing system must initially be created by the superuser.
 A basic setup can be created interactively by running the `cryptmount-setup`
@@ -34,8 +40,8 @@ use the [LUKS](https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup)
 encryption format by default.
 
 More elaborate situations can be handled by manual editing of the
-filesystem definition, typically in `/etc/cryptmount/cmtab`
-or `/usr/local/etc/cryptmount/cmtab`. For example, an entry of the form:
+filesystem definition, typically in `/etc/cryptmount/cmtab`.
+For example, an entry of the form:
 ```
     crypt {
         dev=/home/crypt.fs dir=/mnt/crypt

RELNOTES

@@ -1,6 +1,6 @@
 		    Release notes for cryptmount-6.0
 
-			RW Penney, September 2022
+			RW Penney, October 2022
 
 Introduction
 ============
@@ -26,6 +26,18 @@ control over the configuration and mounting of encrypted filesystems,
 especially within system start-up scripts.
 
 
+Summary of new features in cryptmount-6.1
+=========================================
+
+This (beta) release is still under development
+
+It has been tested on the following systems:
+
+  * Debian GNU/Linux 11.4 ("bullseye") (amd64)
+
+  * Fedora 36 (x86_64)
+
+
 Summary of new features in cryptmount-6.0
 =========================================
 

armour-gcry.c

@@ -84,7 +84,9 @@ static struct kmgcry_mode {
     { "ocb",      GCRY_CIPHER_MODE_OCB },
     { "ofb",      GCRY_CIPHER_MODE_OFB },
     { "poly1305", GCRY_CIPHER_MODE_POLY1305 },
+#if GCRYPT_VERSION_NUMBER >= 0x010800
     { "xts",      GCRY_CIPHER_MODE_XTS },
+#endif
     { NULL, GCRY_CIPHER_MODE_NONE }
 };
 
@@ -221,8 +223,10 @@ static int kmgcry_test_getalgos()
             GCRY_CIPHER_CAST5, GCRY_CIPHER_MODE_CFB, GCRY_MD_RMD160 },
         { "Camellia-128-cfb8",  "sha256",
             GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CFB8, GCRY_MD_SHA256 },
+#if GCRYPT_VERSION_NUMBER >= 0x010800
         { "ChaCha20-xts",  "blake2b_512",
             GCRY_CIPHER_CHACHA20, GCRY_CIPHER_MODE_XTS, GCRY_MD_BLAKE2B_512 },
+#endif
         { "DES-ofb",  "md5",
             GCRY_CIPHER_DES, GCRY_CIPHER_MODE_OFB, GCRY_MD_MD5 },
         { "twofish",    "sha1",
@@ -432,7 +436,11 @@ static int kmgcry_bind(bound_tgtdefn_t *bound, FILE *fp_key)
         }
 
         if (keyinfo->cipheralg == NULL) {
+#if GCRYPT_VERSION_NUMBER >= 0x010800
             keyinfo->cipheralg = cm_strdup("aes256-xts");
+#else
+            keyinfo->cipheralg = cm_strdup("aes256-cbc");
+#endif
         }
     }
 

armour.c

@@ -400,6 +400,15 @@ int cm_put_key(bound_tgtdefn_t *boundtgt, const km_pw_context_t *pw_ctxt,
 
     eflag = boundtgt->keymgr->put_key(boundtgt, pw_ctxt, key, keylen, fp_key);
 
+    if (fp_key != NULL) {
+      int fd = fileno(fp_key);
+#if HAVE_SYNCFS
+      syncfs(fd);
+#else
+      fsync(fd);
+#endif
+    }
+
     return eflag;
 }
 
@@ -794,17 +803,19 @@ static const char *cm_lock_filename = "_cryptmount_lock_";
 int cm_mutex_lock(void)
     /** Try to acquire lock on configuration directory (via symlink marker) */
 {   char *fname=NULL, ident[64];
-    int tries=10, eflag=ERR_BADMUTEX;
+    int eflag=ERR_BADMUTEX;
 #if HAVE_NANOSLEEP
-    int ticks;
+    int delay_ms;
+    unsigned dither = ((size_t)&fname % 250) + 1;
     struct timespec delay;
 #endif
+    const unsigned MAX_ATTEMPTS = 10;
 
     (void)cm_path(&fname, CM_SYSRUN_PFX, cm_lock_filename);
     snprintf(ident, sizeof(ident), "%u-%u",
              (unsigned)getpid(), (unsigned)getuid());
 
-    while (tries-->0) {
+    for (unsigned attempt=0; attempt<MAX_ATTEMPTS; ++attempt) {
         errno = 0;
         if (symlink(ident, fname) == 0) {
             /* Lock acquired */
@@ -813,9 +824,10 @@ int cm_mutex_lock(void)
             if (errno == EEXIST) {
                 /* Try again later */
 #if HAVE_NANOSLEEP
-                ticks = (53 * tries + 97 * (long)&tries) % 11;
-                delay.tv_sec = (ticks / 10);
-                delay.tv_nsec = (ticks % 10) * 1000L * 1000L * 1000L;
+                delay_ms = 53 + attempt * (dither + attempt * 19);
+                dither = (dither * 213) % 251;
+                delay.tv_sec = (delay_ms / 1000);
+                delay.tv_nsec = (delay_ms % 1000) * 1000L * 1000L;
                 nanosleep(&delay, NULL);
 #else
                 sleep(1);

config.h.in

@@ -95,6 +95,9 @@
 /* Define to 1 if you have the `strncpy' function. */
 #undef HAVE_STRNCPY
 
+/* Define to 1 if you have the `syncfs' function. */
+#undef HAVE_SYNCFS
+
 /* Define to 1 if you have the `syslog' function. */
 #undef HAVE_SYSLOG
 

configure.ac

@@ -3,7 +3,7 @@ dnl (C)Copyright 2005-2022, RW Penney
 
 dnl run 'aclocal; autoconf; automake -a -c -i; ./configure; make'
 
-AC_INIT(cryptmount, 6.0, [email protected])
+AC_INIT(cryptmount, 6.1-beta, [email protected])
 AC_PREREQ(2.59)
 
 test "$sysconfdir" = '${prefix}/etc' && sysconfdir=/etc
@@ -38,7 +38,7 @@ AC_HEADER_STDC
 AC_CHECK_HEADERS([errno.h getopt.h mntent.h \
                   linux/fs.h linux/loop.h sys/sysmacros.h])
 
-AC_CHECK_FUNCS([ioctl memset mknod open strncpy syslog])
+AC_CHECK_FUNCS([ioctl memset mknod open strncpy syncfs syslog])
 AC_SEARCH_LIBS(log, m)
 
 AC_C_CONST

cryptmount.spec

@@ -4,7 +4,7 @@
 #
 Summary:	Let ordinary users mount an encrypted file system
 Name:		cryptmount
-Version: 	6.0
+Version: 	6.1-beta
 Release:	1%{?dist}
 License:	GPL
 URL:		http://cryptmount.sourceforge.net

dmutils.c

@@ -93,7 +93,7 @@ int devmap_path(char **buff, const char *ident)
 
 
 int devmap_create(const char *ident, uint64_t blk0, uint64_t blklen,
-                const char *tgttype, const char *params)
+                  const char *tgttype, const char *params)
     /* create new device-mapper target & associated device node: */
 {   struct dm_task *dmt=NULL;
     struct dm_info dmi;
@@ -249,13 +249,13 @@ int is_configured(const char *ident, struct dm_info *dminfo)
 int udev_settle()
     /*! Allow time for udev events to be processed */
 {   struct udev_queue_loc *udev_mode;
-    double totdelay = 0.0, inc;
+    double totdelay = 0.0;
     time_t starttime;
     struct stat sbuff;
 #if HAVE_NANOSLEEP
     struct timespec delay;
 #endif
-    int settling;
+    int inc_ms = 250, settling = 1;
     const double timeout = 10.0;
 #if HAVE_LIBUDEV
     struct udev *udev_ctx;
@@ -286,22 +286,17 @@ int udev_settle()
         ++udev_mode;
     }
 
-#if HAVE_NANOSLEEP
-    delay.tv_sec = 0.0;
-    delay.tv_nsec = 100e6;
-    inc = delay.tv_sec + delay.tv_nsec * 1e-9;
-#else
-    inc = 1.0;
-#endif
-
     /* Keep waiting until there are no more queued udev events: */
     do {
 #if HAVE_NANOSLEEP
+        delay.tv_sec = inc_ms / 1000;
+        delay.tv_nsec = (inc_ms % 1000) * 1000 * 1000;
         nanosleep(&delay, NULL);
 #else
-        sleep((unsigned)floor(inc + 0.5));
+        sleep((unsigned)ceil(inc_ms * 1e-3));
 #endif
-        totdelay += inc;
+        totdelay += inc_ms * 1e-3;
+        inc_ms += inc_ms / 3;
 
 #if HAVE_LIBUDEV
         settling = !udev_queue_get_queue_is_empty(udev_qu);
@@ -336,7 +331,7 @@ int udev_queue_size(const char *path)
 
     fp = fopen(path, "rb");
     if (fp == NULL) return 0;
-    if (fread((void*)&seqnum, sizeof(seqnum), (size_t)1, fp) != 1) return 0;
+    if (fread((void*)&seqnum, sizeof(seqnum), (size_t)1, fp) != 1) goto bail_out;
 
     for (;;) {
         skiplen = 0;
@@ -351,6 +346,8 @@ int udev_queue_size(const char *path)
             --nqueued;
         }
     }
+
+  bail_out:
     fclose(fp);
 
     return nqueued;

po/cryptmount.pot

@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: [email protected]\n"
-"POT-Creation-Date: 2022-09-17 09:43+0100\n"
+"POT-Creation-Date: 2022-10-01 12:52+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <[email protected]>\n"
@@ -17,7 +17,7 @@ msgstr ""
 "Content-Type: text/plain; charset=CHARSET\n"
 "Content-Transfer-Encoding: 8bit\n"
 
-#: armour.c:154 armour-builtin.c:300 armour-gcry.c:562 armour-gcry.c:718
+#: armour.c:154 armour-builtin.c:300 armour-gcry.c:570 armour-gcry.c:726
 #, c-format
 msgid "Key-extraction failed for \"%s\"\n"
 msgstr ""
@@ -42,52 +42,52 @@ msgstr ""
 msgid "Missing output keyfile for target \"%s\"\n"
 msgstr ""
 
-#: armour.c:780
+#: armour.c:789
 #, c-format
 msgid "Specification for target \"%s\" contains non-absolute pathname\n"
 msgstr ""
 
-#: armour-builtin.c:282 armour-gcry.c:544 armour-gcry.c:699
+#: armour-builtin.c:282 armour-gcry.c:552 armour-gcry.c:707
 #, c-format
 msgid "Password mismatch when extracting key\n"
 msgstr ""
 
-#: armour-builtin.c:398 armour-gcry.c:623 armour-gcry.c:777
+#: armour-builtin.c:398 armour-gcry.c:631 armour-gcry.c:785
 #, c-format
 msgid "Failed to create new key file\n"
 msgstr ""
 
-#: armour-gcry.c:175
+#: armour-gcry.c:177
 #, c-format
 msgid "Couldn't find libgcrypt cipher \"%s\"\n"
 msgstr ""
 
-#: armour-gcry.c:184
+#: armour-gcry.c:186
 #, c-format
 msgid "Couldn't find libgcrypt cipher mode \"%s\" - using fallback\n"
 msgstr ""
 
-#: armour-gcry.c:190
+#: armour-gcry.c:192
 #, c-format
 msgid "Couldn't find libgcrypt digest \"%s\"\n"
 msgstr ""
 
-#: armour-gcry.c:505
+#: armour-gcry.c:513
 #, c-format
 msgid "Bad keyfile format (libgcrypt)\n"
 msgstr ""
 
-#: armour-gcry.c:548
+#: armour-gcry.c:556
 #, c-format
 msgid "Checksum mismatch in keyfile (gcry, %x != %x)\n"
 msgstr ""
 
-#: armour-gcry.c:664
+#: armour-gcry.c:672
 #, c-format
 msgid "Bad keyfile format (openssl-compat)\n"
 msgstr ""
 
-#: armour-gcry.c:703
+#: armour-gcry.c:711
 #, c-format
 msgid "Checksum mismatch in keyfile (openssl-compat, ofs=%u,idx=%u)\n"
 msgstr ""