Issue project 52 u128 #2255
Closed
Issue project 52 u128 #2255
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…merge Develop 2.2.0 merge
Signed-off-by: mulhern <[email protected]>
…travis Now build against new branch
It's just too pedantic. Signed-off-by: mulhern <[email protected]>
…similar_names-lint Allow similar_names pedantic lint
Remove now unnecessary allow Signed-off-by: mulhern <[email protected]>
…fixme Bump patch version of error-chain to 2
Add additional information to DM error
This commit adds support for NBDE and TPM-based access of encrypted devices using clevis to bind, unbind, and unlock encrypted devices. It adds a parameter to the UnlockPool method to specify whether the keyring or clevis should be used to unlock a pool. It also adds two new methods on pools: Bind and Unbind. These methods allow users to associate encrypted pools with a Tang server or TPM. This commit contains a temporary workaround for cryptsetup's interface as it does not support reading keys from the kernel keyring. The key is currently read from the keyring into locked memory and exposed as a file for consumption via cryptsetup. This code will eventually be removed. Adding block devices to a pool bound to a TPM or Tang server will cause the new devices to also be bound to Tang or a TPM with the same parameters that were originally supplied. This means that adding block devices requires a network connection to the Tang server in the case of clevis binding to Tang or the presence of a TPM if the pool is bound to a TPM. Otherwise adding block devices will fail. If the network goes down and more storage needs to be added to a Tang-bound pool, the pool can be unbound from a Tang server temporarily until the network is back up and unlocked with the existing keyring implementation.
Clevis support in stratisd
Signed-off-by: mulhern <[email protected]>
…dbus Include revision r3 of FetchProperties interface in D-Bus conf
Signed-off-by: mulhern <[email protected]>
…auto-update Some more auto-update recommendations
Signed-off-by: mulhern <[email protected]>
…bump-version Bump version spec to 2.3.0
jbaublitz
force-pushed
the
issue-project-52-u128
branch
from
2e64c14 to
980e25c
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Supersedes #2108