pmb.config.cipher: set default to aes-xts-plain64 (MR 1958)

Replace aes-cbc-plain64 with the stronger cipher aes-xts-plain64. CONFIG_CRYPTO_XTS is necessary for this, so require it in "pmbootstrap kconfig check". Related: https://gitlab.com/cryptsetup/cryptsetup/-/wikis/FrequentlyAskedQuestions#5-security-aspects
2020-07-08 16:14:15 +02:00 · 2020-07-08 16:14:15 +02:00 · 05c013536d
parent ec71670f20
commit 05c013536d
6 changed files with 7 additions and 3 deletions
--- a/pmb/config/init.py
+++ b/pmb/config/init.py
@ -66,9 +66,7 @@ defaults = {
    "aports": "$WORK/cache_git/pmaports",
    "ccache_size": "5G",
    "is_default_channel": True,
-    # aes-xts-plain64 would be better, but this is not supported on LineageOS
-    # kernel configs
-    "cipher": "aes-cbc-plain64",
+    "cipher": "aes-xts-plain64",
    "config": os.path.expanduser("~") + "/.config/pmbootstrap.cfg",
    "device": "qemu-amd64",
    "extra_packages": "none",
@ -191,6 +189,7 @@ necessary_kconfig_options = {
            "ANDROID_PARANOID_NETWORK": False,
            "BLK_DEV_INITRD": True,
            "CGROUPS": True,
+            "CRYPTO_XTS": True,
            "DEVTMPFS": True,
            "DM_CRYPT": True,
            "EXT4_FS": True,
--- a/test/testdata/kconfig_check/bad-array-missing-some-options
+++ b/test/testdata/kconfig_check/bad-array-missing-some-options
@ -29,6 +29,7 @@ CONFIG_SYSVIPC=y
 CONFIG_VT=y
 CONFIG_UEVENT_HELPER=y
 CONFIG_LBDAF=y
+CONFIG_CRYPTO_XTS=y
 CONFIG_EXT4_FS=y
 CONFIG_SQUASHFS=y
 CONFIG_SQUASHFS_XZ=y
--- a/test/testdata/kconfig_check/bad-missing-required-option
+++ b/test/testdata/kconfig_check/bad-missing-required-option
@ -30,3 +30,4 @@ CONFIG_DM_CRYPT=y
 CONFIG_VT=y
 CONFIG_UEVENT_HELPER=y
 CONFIG_LBDAF=y
+CONFIG_CRYPTO_XTS=y
--- a/test/testdata/kconfig_check/bad-wrong-option-set
+++ b/test/testdata/kconfig_check/bad-wrong-option-set
@ -29,5 +29,6 @@ CONFIG_SYSVIPC=y
 CONFIG_VT=y
 CONFIG_UEVENT_HELPER=y
 CONFIG_LBDAF=y
+CONFIG_CRYPTO_XTS=y
 ### here's one wrong option set:
 ANDROID_PARANOID_NETWORK=y
--- a/test/testdata/kconfig_check/good
+++ b/test/testdata/kconfig_check/good
@ -29,6 +29,7 @@ CONFIG_SYSVIPC=y
 CONFIG_VT=y
 CONFIG_UEVENT_HELPER=y
 CONFIG_LBDAF=y
+CONFIG_CRYPTO_XTS=y
 ### here's one explicitely disabled:
 # ANDROID_PARANOID_NETWORK is not set
 ### here's one set to module:
--- a/test/testdata/kconfig_check/good-anbox
+++ b/test/testdata/kconfig_check/good-anbox
@ -29,6 +29,7 @@ CONFIG_SYSVIPC=y
 CONFIG_VT=y
 CONFIG_UEVENT_HELPER=y
 CONFIG_LBDAF=y
+CONFIG_CRYPTO_XTS=y
 CONFIG_EXT4_FS=y
 CONFIG_SQUASHFS=y
 CONFIG_SQUASHFS_XZ=y