diff --git a/SOURCES/cryptsetup-2.5.0-Remove-LUKS2-encryption-data-size-restriction.patch b/SOURCES/cryptsetup-2.5.0-Remove-LUKS2-encryption-data-size-restriction.patch
new file mode 100644
index 0000000..bf522bf
--- /dev/null
+++ b/SOURCES/cryptsetup-2.5.0-Remove-LUKS2-encryption-data-size-restriction.patch
@@ -0,0 +1,206 @@
+From 6bc1378ddb5bbcc6ba592177c996576b0b3505f9 Mon Sep 17 00:00:00 2001
+From: Ondrej Kozina <okozina@redhat.com>
+Date: Fri, 22 Oct 2021 13:06:48 +0200
+Subject: [PATCH] Remove LUKS2 encryption data size restriction.
+
+LUKS2 encryption with data shift required remaining
+data size (size remaining after substracting --reduce-data-size value)
+to be at least --reduce-data-size. This was wrong. Remaining
+data size restriction should be correctly at least single sector
+(whatever sector size is selected or auto-detected).
+---
+ lib/luks2/luks2_reencrypt.c | 31 ++++++++++++-----------
+ tests/api-test-2.c | 6 ++---
+ tests/luks2-reencryption-test | 46 +++++++++++++++++++++++++++++------
+ 3 files changed, 57 insertions(+), 26 deletions(-)
+
+diff --git a/lib/luks2/luks2_reencrypt.c b/lib/luks2/luks2_reencrypt.c
+index b45327ad..d0e0dc40 100644
+--- a/lib/luks2/luks2_reencrypt.c
++++ b/lib/luks2/luks2_reencrypt.c
+@@ -825,7 +825,7 @@ static int reencrypt_offset_backward_moved(struct luks2_hdr *hdr, json_object *j
+ linear_length += LUKS2_segment_size(hdr, sg, 0);
+
+ /* all active linear segments length */
+- if (linear_length) {
++ if (linear_length && segs > 1) {
+ if (linear_length < data_shift)
+ return -EINVAL;
+ tmp = linear_length - data_shift;
+@@ -1745,7 +1745,8 @@ static int reencrypt_set_encrypt_segments(struct crypt_device *cd, struct luks2_
+ int r;
+ uint64_t first_segment_offset, first_segment_length,
+ second_segment_offset, second_segment_length,
+- data_offset = LUKS2_get_data_offset(hdr) << SECTOR_SHIFT;
++ data_offset = LUKS2_get_data_offset(hdr) << SECTOR_SHIFT,
++ data_size = dev_size - data_shift;
+ json_object *jobj_segment_first = NULL, *jobj_segment_second = NULL, *jobj_segments;
+
+ if (dev_size < data_shift)
+@@ -1760,9 +1761,14 @@ static int reencrypt_set_encrypt_segments(struct crypt_device *cd, struct luks2_
+ * [future LUKS2 header (data shift size)][second data segment][gap (data shift size)][first data segment (data shift size)]
+ */
+ first_segment_offset = dev_size;
+- first_segment_length = data_shift;
+- second_segment_offset = data_shift;
+- second_segment_length = dev_size - 2 * data_shift;
++ if (data_size < data_shift) {
++ first_segment_length = data_size;
++ second_segment_length = second_segment_offset = 0;
++ } else {
++ first_segment_length = data_shift;
++ second_segment_offset = data_shift;
++ second_segment_length = data_size - data_shift;
++ }
+ } else if (data_shift) {
+ first_segment_offset = data_offset;
+ first_segment_length = dev_size;
+@@ -2163,17 +2169,10 @@ static int reencrypt_move_data(struct crypt_device *cd, int devfd, uint64_t data
+
+ log_dbg(cd, "Going to move data from head of data device.");
+
+- buffer_len = data_shift;
+- if (!buffer_len)
+- return -EINVAL;
+-
+ offset = json_segment_get_offset(LUKS2_get_segment_jobj(hdr, 0), 0);
+-
+- /* this is nonsense anyway */
+- if (buffer_len != json_segment_get_size(LUKS2_get_segment_jobj(hdr, 0), 0)) {
+- log_dbg(cd, "buffer_len %" PRIu64", segment size %" PRIu64, buffer_len, json_segment_get_size(LUKS2_get_segment_jobj(hdr, 0), 0));
++ buffer_len = json_segment_get_size(LUKS2_get_segment_jobj(hdr, 0), 0);
++ if (!buffer_len || buffer_len > data_shift)
+ return -EINVAL;
+- }
+
+ if (posix_memalign(&buffer, device_alignment(crypt_data_device(cd)), buffer_len))
+ return -ENOMEM;
+@@ -2447,7 +2446,7 @@ static int reencrypt_init(struct crypt_device *cd,
+ * encryption initialization (or mount)
+ */
+ if (move_first_segment) {
+- if (dev_size < 2 * (params->data_shift << SECTOR_SHIFT)) {
++ if (dev_size < (params->data_shift << SECTOR_SHIFT)) {
+ log_err(cd, _("Device %s is too small."), device_path(crypt_data_device(cd)));
+ return -EINVAL;
+ }
+@@ -3484,7 +3483,7 @@ int LUKS2_reencrypt_check_device_size(struct crypt_device *cd, struct luks2_hdr
+ check_size, check_size >> SECTOR_SHIFT, real_size, real_size >> SECTOR_SHIFT,
+ real_size - data_offset, (real_size - data_offset) >> SECTOR_SHIFT);
+
+- if (real_size < data_offset || (check_size && (real_size - data_offset) < check_size)) {
++ if (real_size < data_offset || (check_size && real_size < check_size)) {
+ log_err(cd, _("Device %s is too small."), device_path(crypt_data_device(cd)));
+ return -EINVAL;
+ }
+diff --git a/tests/api-test-2.c b/tests/api-test-2.c
+index a01a7a72..05ee8f94 100644
+--- a/tests/api-test-2.c
++++ b/tests/api-test-2.c
+@@ -4238,7 +4238,7 @@ static void Luks2Reencryption(void)
+
+ _cleanup_dmdevices();
+ OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
+- OK_(create_dmdevice_over_loop(L_DEVICE_OK, 12*1024*2+1));
++ OK_(create_dmdevice_over_loop(L_DEVICE_OK, 8*1024*2+1));
+
+ /* encryption with datashift and moved segment (data shift + 1 sector) */
+ OK_(crypt_init(&cd, DMDIR H_DEVICE));
+@@ -4258,11 +4258,11 @@ static void Luks2Reencryption(void)
+
+ _cleanup_dmdevices();
+ OK_(create_dmdevice_over_loop(H_DEVICE, r_header_size));
+- OK_(create_dmdevice_over_loop(L_DEVICE_OK, 12*1024*2));
++ OK_(create_dmdevice_over_loop(L_DEVICE_OK, 2*8200));
+
+ OK_(crypt_init(&cd, DMDIR H_DEVICE));
+
+- /* encryption with datashift and moved segment (data shift + data offset > device size) */
++ /* encryption with datashift and moved segment (data shift + data offset <= device size) */
+ memset(&rparams, 0, sizeof(rparams));
+ params2.sector_size = 512;
+ params2.data_device = DMDIR L_DEVICE_OK;
+diff --git a/tests/luks2-reencryption-test b/tests/luks2-reencryption-test
+index 8efb2707..bf711c15 100755
+--- a/tests/luks2-reencryption-test
++++ b/tests/luks2-reencryption-test
+@@ -152,14 +152,30 @@ function open_crypt() # $1 pwd, $2 hdr
+ fi
+ }
+
++function wipe_dev_head() # $1 dev, $2 length (in MiBs)
++{
++ dd if=/dev/zero of=$1 bs=1M count=$2 conv=notrunc >/dev/null 2>&1
++}
++
+ function wipe_dev() # $1 dev
+ {
+ if [ -b $1 ] ; then
+ blkdiscard --zeroout $1 2>/dev/null || dd if=/dev/zero of=$1 bs=1M conv=notrunc >/dev/null 2>&1
++ if [ $# -gt 2 ]; then
++ dd if=/dev/urandom of=$1 bs=1M seek=$2 conv=notrunc >/dev/null 2>&1
++ fi
+ else
+ local size=$(stat --printf="%s" $1)
+ truncate -s 0 $1
+- truncate -s $size $1
++ if [ $# -gt 2 ]; then
++ local diff=$((size-$2*1024*1024))
++ echo "size: $size, diff: $diff"
++ truncate -s $diff $1
++ # wipe_dev_head $1 $((diff/(1024*1024)))
++ dd if=/dev/urandom of=$1 bs=1M seek=$2 size=$((diff/(1024*1024))) conv=notrunc >/dev/null 2>&1
++ else
++ truncate -s $size $1
++ fi
+ fi
+ }
+
+@@ -214,15 +230,16 @@ function check_hash() # $1 pwd, $2 hash, $3 hdr
+ $CRYPTSETUP remove $DEV_NAME || fail
+ }
+
++function check_hash_dev_head() # $1 dev, $2 len, $3 hash
++{
++ local hash=$(dd if=$1 bs=512 count=$2 2>/dev/null | sha256sum | cut -d' ' -f1)
++ [ $hash != "$3" ] && fail "HASH differs (expected: $3) (result $hash)"
++}
++
+ function check_hash_head() # $1 pwd, $2 len, $3 hash, $4 hdr
+ {
+ open_crypt $1 $4
+- if [ -n "$4" ]; then
+- echo $1 | $CRYPTSETUP resize $DEV_NAME --size $2 --header $4 || fail
+- else
+- echo $1 | $CRYPTSETUP resize $DEV_NAME --size $2 || fail
+- fi
+- check_hash_dev /dev/mapper/$DEV_NAME $3
++ check_hash_dev_head /dev/mapper/$DEV_NAME $2 $3
+ $CRYPTSETUP remove $DEV_NAME || fail
+ }
+
+@@ -865,6 +882,21 @@ $CRYPTSETUP status $DEV_NAME >/dev/null 2>&1 || fail
+ $CRYPTSETUP close $DEV_NAME
+ echo $PWD1 | $CRYPTSETUP open $DEV --test-passphrase || fail
+
++# Small device encryption test
++preparebig 65
++# wipe only 1st MiB (final data size after encryption)
++wipe_dev $DEV 1
++check_hash_dev_head $DEV 2048 $HASH2
++echo $PWD1 | $CRYPTSETUP reencrypt $DEV --encrypt --reduce-device-size 64M -q $FAST_PBKDF_ARGON || fail
++check_hash_head $PWD1 2048 $HASH2
++
++wipe_dev_head $DEV 1
++check_hash_dev_head $DEV 2048 $HASH2
++echo $PWD1 | $CRYPTSETUP reencrypt $DEV --encrypt --reduce-device-size 64M --init-only -q $FAST_PBKDF_ARGON $DEV_NAME >/dev/null || fail
++check_hash_dev_head /dev/mapper/$DEV_NAME 2048 $HASH2
++echo $PWD1 | $CRYPTSETUP reencrypt $DEV -q || fail
++check_hash_dev_head /dev/mapper/$DEV_NAME 2048 $HASH2
++
+ echo "[3] Encryption with detached header"
+ preparebig 256
+ wipe_dev $DEV
+--
+2.38.1
+
diff --git a/SOURCES/cryptsetup-2.6.0-Code-cleanup.patch b/SOURCES/cryptsetup-2.6.0-Code-cleanup.patch
new file mode 100644
index 0000000..718abef
--- /dev/null
+++ b/SOURCES/cryptsetup-2.6.0-Code-cleanup.patch
@@ -0,0 +1,28 @@
+From 23903951505cd4ad9f3469e037278494c14a7791 Mon Sep 17 00:00:00 2001
+From: Ondrej Kozina <okozina@redhat.com>
+Date: Wed, 12 Oct 2022 12:05:00 +0200
+Subject: [PATCH 3/5] Code cleanup.
+
+Type cast is not needed here.
+---
+ lib/libdevmapper.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/lib/libdevmapper.c b/lib/libdevmapper.c
+index 7fcf843f..6a239e14 100644
+--- a/lib/libdevmapper.c
++++ b/lib/libdevmapper.c
+@@ -1992,9 +1992,7 @@ static int _dm_target_query_crypt(struct crypt_device *cd, uint32_t get_flags,
+
+ /* cipher */
+ if (get_flags & DM_ACTIVE_CRYPT_CIPHER) {
+- r = crypt_capi_to_cipher(CONST_CAST(char**)&cipher,
+- CONST_CAST(char**)&integrity,
+- rcipher, rintegrity);
++ r = crypt_capi_to_cipher(&cipher, &integrity, rcipher, rintegrity);
+ if (r < 0)
+ goto err;
+ }
+--
+2.38.1
+
diff --git a/SOURCES/cryptsetup-2.6.0-Copy-also-integrity-string-in-legacy-mode.patch b/SOURCES/cryptsetup-2.6.0-Copy-also-integrity-string-in-legacy-mode.patch
new file mode 100644
index 0000000..9a6bdcc
--- /dev/null
+++ b/SOURCES/cryptsetup-2.6.0-Copy-also-integrity-string-in-legacy-mode.patch
@@ -0,0 +1,34 @@
+From 19c15a652f878458493f0ac335110e2779f3cbe3 Mon Sep 17 00:00:00 2001
+From: Ondrej Kozina <okozina@redhat.com>
+Date: Wed, 12 Oct 2022 11:59:09 +0200
+Subject: [PATCH 4/5] Copy also integrity string in legacy mode.
+
+So that it handles integrity string same as it does
+with cipher string.
+---
+ lib/utils_crypt.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/lib/utils_crypt.c b/lib/utils_crypt.c
+index 4f4dbba8..93f846d7 100644
+--- a/lib/utils_crypt.c
++++ b/lib/utils_crypt.c
+@@ -284,7 +284,14 @@ int crypt_capi_to_cipher(char **org_c, char **org_i, const char *c_dm, const cha
+ if (strncmp(c_dm, "capi:", 4)) {
+ if (!(*org_c = strdup(c_dm)))
+ return -ENOMEM;
+- *org_i = NULL;
++ if (i_dm) {
++ if (!(*org_i = strdup(i_dm))) {
++ free(*org_c);
++ *org_c = NULL;
++ return -ENOMEM;
++ }
++ } else
++ *org_i = NULL;
+ return 0;
+ }
+
+--
+2.38.1
+
diff --git a/SOURCES/cryptsetup-2.6.0-Fix-cipher-convert-routines-naming-confusion.patch b/SOURCES/cryptsetup-2.6.0-Fix-cipher-convert-routines-naming-confusion.patch
new file mode 100644
index 0000000..27108bc
--- /dev/null
+++ b/SOURCES/cryptsetup-2.6.0-Fix-cipher-convert-routines-naming-confusion.patch
@@ -0,0 +1,53 @@
+From 3616da631f83a004a13a575a54df8123f0d65c29 Mon Sep 17 00:00:00 2001
+From: Ondrej Kozina <okozina@redhat.com>
+Date: Mon, 17 Oct 2022 15:18:42 +0200
+Subject: [PATCH 1/5] Fix cipher convert routines naming confusion.
+
+The function names were in fact swaped.
+---
+ lib/libdevmapper.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/lib/libdevmapper.c b/lib/libdevmapper.c
+index 6c2eab78..0e45a789 100644
+--- a/lib/libdevmapper.c
++++ b/lib/libdevmapper.c
+@@ -481,7 +481,7 @@ static size_t int_log10(uint64_t x)
+ #define CAPIL 144 /* should be enough to fit whole capi string */
+ #define CAPIS "143" /* for sscanf of crypto API string + 16 + \0 */
+
+-static int cipher_c2dm(const char *org_c, const char *org_i, unsigned tag_size,
++static int cipher_dm2c(const char *org_c, const char *org_i, unsigned tag_size,
+ char *c_dm, int c_dm_size,
+ char *i_dm, int i_dm_size)
+ {
+@@ -543,7 +543,7 @@ static int cipher_c2dm(const char *org_c, const char *org_i, unsigned tag_size,
+ return 0;
+ }
+
+-static int cipher_dm2c(char **org_c, char **org_i, const char *c_dm, const char *i_dm)
++static int cipher_c2dm(char **org_c, char **org_i, const char *c_dm, const char *i_dm)
+ {
+ char cipher[CLEN], mode[CLEN], iv[CLEN], auth[CLEN];
+ char tmp[CAPIL], dmcrypt_tmp[CAPIL*2], capi[CAPIL+1];
+@@ -629,7 +629,7 @@ static char *get_dm_crypt_params(const struct dm_target *tgt, uint32_t flags)
+ if (!tgt)
+ return NULL;
+
+- r = cipher_c2dm(tgt->u.crypt.cipher, tgt->u.crypt.integrity, tgt->u.crypt.tag_size,
++ r = cipher_dm2c(tgt->u.crypt.cipher, tgt->u.crypt.integrity, tgt->u.crypt.tag_size,
+ cipher_dm, sizeof(cipher_dm), integrity_dm, sizeof(integrity_dm));
+ if (r < 0)
+ return NULL;
+@@ -2066,7 +2066,7 @@ static int _dm_target_query_crypt(struct crypt_device *cd, uint32_t get_flags,
+
+ /* cipher */
+ if (get_flags & DM_ACTIVE_CRYPT_CIPHER) {
+- r = cipher_dm2c(CONST_CAST(char**)&cipher,
++ r = cipher_c2dm(CONST_CAST(char**)&cipher,
+ CONST_CAST(char**)&integrity,
+ rcipher, rintegrity);
+ if (r < 0)
+--
+2.38.1
+
diff --git a/SOURCES/cryptsetup-2.6.0-Fix-internal-crypt-segment-compare-routine.patch b/SOURCES/cryptsetup-2.6.0-Fix-internal-crypt-segment-compare-routine.patch
new file mode 100644
index 0000000..94b4bdc
--- /dev/null
+++ b/SOURCES/cryptsetup-2.6.0-Fix-internal-crypt-segment-compare-routine.patch
@@ -0,0 +1,130 @@
+From 3e4c69a01709d35322ffa17c5360608907a207d7 Mon Sep 17 00:00:00 2001
+From: Ondrej Kozina <okozina@redhat.com>
+Date: Tue, 11 Oct 2022 11:48:13 +0200
+Subject: [PATCH 5/5] Fix internal crypt segment compare routine.
+
+The function is supposed to check if manipulated
+active dm-crypt device matches the on-disk metadata.
+Unfortunately it did not take into account differences
+between normal cipher specification (aes-xts-plain64)
+and capi format specification (capi:xts(aes)-plain64).
+The internal query function always converted capi format
+in normal format and therefor failed if capi format was
+used in metadata.
+
+Fixes: #759.
+---
+ lib/setup.c | 36 ++++++++++++++++++++++++++----------
+ tests/api-test-2.c | 14 ++++++++++++--
+ 2 files changed, 38 insertions(+), 12 deletions(-)
+
+diff --git a/lib/setup.c b/lib/setup.c
+index 6d7411b5..809049b9 100644
+--- a/lib/setup.c
++++ b/lib/setup.c
+@@ -2458,6 +2458,9 @@ static int _compare_crypt_devices(struct crypt_device *cd,
+ const struct dm_target *src,
+ const struct dm_target *tgt)
+ {
++ char *src_cipher = NULL, *src_integrity = NULL;
++ int r = -EINVAL;
++
+ /* for crypt devices keys are mandatory */
+ if (!src->u.crypt.vk || !tgt->u.crypt.vk)
+ return -EINVAL;
+@@ -2465,21 +2468,30 @@ static int _compare_crypt_devices(struct crypt_device *cd,
+ /* CIPHER checks */
+ if (!src->u.crypt.cipher || !tgt->u.crypt.cipher)
+ return -EINVAL;
+- if (strcmp(src->u.crypt.cipher, tgt->u.crypt.cipher)) {
+- log_dbg(cd, "Cipher specs do not match.");
++
++ /*
++ * dm_query_target converts capi cipher specification to dm-crypt format.
++ * We need to do same for cipher specification requested in source
++ * device.
++ */
++ if (crypt_capi_to_cipher(&src_cipher, &src_integrity, src->u.crypt.cipher, src->u.crypt.integrity))
+ return -EINVAL;
++
++ if (strcmp(src_cipher, tgt->u.crypt.cipher)) {
++ log_dbg(cd, "Cipher specs do not match.");
++ goto out;
+ }
+
+ if (tgt->u.crypt.vk->keylength == 0 && crypt_is_cipher_null(tgt->u.crypt.cipher))
+ log_dbg(cd, "Existing device uses cipher null. Skipping key comparison.");
+ else if (_compare_volume_keys(src->u.crypt.vk, 0, tgt->u.crypt.vk, tgt->u.crypt.vk->key_description != NULL)) {
+ log_dbg(cd, "Keys in context and target device do not match.");
+- return -EINVAL;
++ goto out;
+ }
+
+- if (crypt_strcmp(src->u.crypt.integrity, tgt->u.crypt.integrity)) {
++ if (crypt_strcmp(src_integrity, tgt->u.crypt.integrity)) {
+ log_dbg(cd, "Integrity parameters do not match.");
+- return -EINVAL;
++ goto out;
+ }
+
+ if (src->u.crypt.offset != tgt->u.crypt.offset ||
+@@ -2487,15 +2499,19 @@ static int _compare_crypt_devices(struct crypt_device *cd,
+ src->u.crypt.iv_offset != tgt->u.crypt.iv_offset ||
+ src->u.crypt.tag_size != tgt->u.crypt.tag_size) {
+ log_dbg(cd, "Integer parameters do not match.");
+- return -EINVAL;
++ goto out;
+ }
+
+- if (device_is_identical(src->data_device, tgt->data_device) <= 0) {
++ if (device_is_identical(src->data_device, tgt->data_device) <= 0)
+ log_dbg(cd, "Data devices do not match.");
+- return -EINVAL;
+- }
++ else
++ r = 0;
+
+- return 0;
++out:
++ free(src_cipher);
++ free(src_integrity);
++
++ return r;
+ }
+
+ static int _compare_integrity_devices(struct crypt_device *cd,
+diff --git a/tests/api-test-2.c b/tests/api-test-2.c
+index 0534677a..34002d1a 100644
+--- a/tests/api-test-2.c
++++ b/tests/api-test-2.c
+@@ -1585,8 +1585,8 @@ static void ResizeDeviceLuks2(void)
+
+ const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
+ size_t key_size = strlen(mk_hex) / 2;
+- const char *cipher = "aes";
+- const char *cipher_mode = "cbc-essiv:sha256";
++ const char *cipher = "aes", *capi_cipher = "capi:cbc(aes)";
++ const char *cipher_mode = "cbc-essiv:sha256", *capi_cipher_mode = "essiv:sha256";
+ uint64_t r_payload_offset, r_header_size, r_size;
+
+ /* Cannot use Argon2 in FIPS */
+@@ -1728,6 +1728,16 @@ static void ResizeDeviceLuks2(void)
+ OK_(crypt_deactivate(cd, CDEVICE_1));
+ CRYPT_FREE(cd);
+
++ OK_(crypt_init(&cd, DMDIR L_DEVICE_OK));
++ OK_(crypt_set_pbkdf_type(cd, &pbkdf));
++ OK_(crypt_format(cd, CRYPT_LUKS2, capi_cipher, capi_cipher_mode, NULL, key, key_size, NULL));
++ OK_(crypt_activate_by_volume_key(cd, CDEVICE_1, key, key_size, 0));
++ OK_(crypt_resize(cd, CDEVICE_1, 8));
++ if (!t_device_size(DMDIR CDEVICE_1, &r_size))
++ EQ_(8, r_size >> SECTOR_SHIFT);
++ OK_(crypt_deactivate(cd, CDEVICE_1));
++ CRYPT_FREE(cd);
++
+ _cleanup_dmdevices();
+ }
+
+--
+2.38.1
+
diff --git a/SOURCES/cryptsetup-2.6.0-Move-cipher_dm2c-to-crypto-utilities.patch b/SOURCES/cryptsetup-2.6.0-Move-cipher_dm2c-to-crypto-utilities.patch
new file mode 100644
index 0000000..35909ee
--- /dev/null
+++ b/SOURCES/cryptsetup-2.6.0-Move-cipher_dm2c-to-crypto-utilities.patch
@@ -0,0 +1,250 @@
+From 9a9ddc7d22e14e14c9a6e97860cffada406adac3 Mon Sep 17 00:00:00 2001
+From: Ondrej Kozina <okozina@redhat.com>
+Date: Tue, 11 Oct 2022 10:50:17 +0200
+Subject: [PATCH 2/5] Move cipher_dm2c to crypto utilities.
+
+(Gets renamed to crypt_capi_to_cipher)
+---
+ lib/libdevmapper.c | 84 +++-------------------------------------------
+ lib/utils_crypt.c | 72 +++++++++++++++++++++++++++++++++++++++
+ lib/utils_crypt.h | 11 ++++--
+ 3 files changed, 85 insertions(+), 82 deletions(-)
+
+diff --git a/lib/libdevmapper.c b/lib/libdevmapper.c
+index 0e45a789..7fcf843f 100644
+--- a/lib/libdevmapper.c
++++ b/lib/libdevmapper.c
+@@ -476,27 +476,22 @@ static size_t int_log10(uint64_t x)
+ return r;
+ }
+
+-#define CLEN 64 /* 2*MAX_CIPHER_LEN */
+-#define CLENS "63" /* for sscanf length + '\0' */
+-#define CAPIL 144 /* should be enough to fit whole capi string */
+-#define CAPIS "143" /* for sscanf of crypto API string + 16 + \0 */
+-
+ static int cipher_dm2c(const char *org_c, const char *org_i, unsigned tag_size,
+ char *c_dm, int c_dm_size,
+ char *i_dm, int i_dm_size)
+ {
+ int c_size = 0, i_size = 0, i;
+- char cipher[CLEN], mode[CLEN], iv[CLEN+1], tmp[CLEN];
+- char capi[CAPIL];
++ char cipher[MAX_CAPI_ONE_LEN], mode[MAX_CAPI_ONE_LEN], iv[MAX_CAPI_ONE_LEN+1],
++ tmp[MAX_CAPI_ONE_LEN], capi[MAX_CAPI_LEN];
+
+ if (!c_dm || !c_dm_size || !i_dm || !i_dm_size)
+ return -EINVAL;
+
+- i = sscanf(org_c, "%" CLENS "[^-]-%" CLENS "s", cipher, tmp);
++ i = sscanf(org_c, "%" MAX_CAPI_ONE_LEN_STR "[^-]-%" MAX_CAPI_ONE_LEN_STR "s", cipher, tmp);
+ if (i != 2)
+ return -EINVAL;
+
+- i = sscanf(tmp, "%" CLENS "[^-]-%" CLENS "s", mode, iv);
++ i = sscanf(tmp, "%" MAX_CAPI_ONE_LEN_STR "[^-]-%" MAX_CAPI_ONE_LEN_STR "s", mode, iv);
+ if (i == 1) {
+ memset(iv, 0, sizeof(iv));
+ strncpy(iv, mode, sizeof(iv)-1);
+@@ -543,75 +538,6 @@ static int cipher_dm2c(const char *org_c, const char *org_i, unsigned tag_size,
+ return 0;
+ }
+
+-static int cipher_c2dm(char **org_c, char **org_i, const char *c_dm, const char *i_dm)
+-{
+- char cipher[CLEN], mode[CLEN], iv[CLEN], auth[CLEN];
+- char tmp[CAPIL], dmcrypt_tmp[CAPIL*2], capi[CAPIL+1];
+- size_t len;
+- int i;
+-
+- if (!c_dm)
+- return -EINVAL;
+-
+- /* legacy mode */
+- if (strncmp(c_dm, "capi:", 4)) {
+- if (!(*org_c = strdup(c_dm)))
+- return -ENOMEM;
+- *org_i = NULL;
+- return 0;
+- }
+-
+- /* modes with capi: prefix */
+- i = sscanf(c_dm, "capi:%" CAPIS "[^-]-%" CLENS "s", tmp, iv);
+- if (i != 2)
+- return -EINVAL;
+-
+- len = strlen(tmp);
+- if (len < 2)
+- return -EINVAL;
+-
+- if (tmp[len-1] == ')')
+- tmp[len-1] = '\0';
+-
+- if (sscanf(tmp, "rfc4309(%" CAPIS "s", capi) == 1) {
+- if (!(*org_i = strdup("aead")))
+- return -ENOMEM;
+- } else if (sscanf(tmp, "rfc7539(%" CAPIS "[^,],%" CLENS "s", capi, auth) == 2) {
+- if (!(*org_i = strdup(auth)))
+- return -ENOMEM;
+- } else if (sscanf(tmp, "authenc(%" CLENS "[^,],%" CAPIS "s", auth, capi) == 2) {
+- if (!(*org_i = strdup(auth)))
+- return -ENOMEM;
+- } else {
+- if (i_dm) {
+- if (!(*org_i = strdup(i_dm)))
+- return -ENOMEM;
+- } else
+- *org_i = NULL;
+- memset(capi, 0, sizeof(capi));
+- strncpy(capi, tmp, sizeof(capi)-1);
+- }
+-
+- i = sscanf(capi, "%" CLENS "[^(](%" CLENS "[^)])", mode, cipher);
+- if (i == 2)
+- i = snprintf(dmcrypt_tmp, sizeof(dmcrypt_tmp), "%s-%s-%s", cipher, mode, iv);
+- else
+- i = snprintf(dmcrypt_tmp, sizeof(dmcrypt_tmp), "%s-%s", capi, iv);
+- if (i < 0 || (size_t)i >= sizeof(dmcrypt_tmp)) {
+- free(*org_i);
+- *org_i = NULL;
+- return -EINVAL;
+- }
+-
+- if (!(*org_c = strdup(dmcrypt_tmp))) {
+- free(*org_i);
+- *org_i = NULL;
+- return -ENOMEM;
+- }
+-
+- return 0;
+-}
+-
+ static char *_uf(char *buf, size_t buf_size, const char *s, unsigned u)
+ {
+ size_t r = snprintf(buf, buf_size, " %s:%u", s, u);
+@@ -2066,7 +1992,7 @@ static int _dm_target_query_crypt(struct crypt_device *cd, uint32_t get_flags,
+
+ /* cipher */
+ if (get_flags & DM_ACTIVE_CRYPT_CIPHER) {
+- r = cipher_c2dm(CONST_CAST(char**)&cipher,
++ r = crypt_capi_to_cipher(CONST_CAST(char**)&cipher,
+ CONST_CAST(char**)&integrity,
+ rcipher, rintegrity);
+ if (r < 0)
+diff --git a/lib/utils_crypt.c b/lib/utils_crypt.c
+index 83d0a2c5..4f4dbba8 100644
+--- a/lib/utils_crypt.c
++++ b/lib/utils_crypt.c
+@@ -31,6 +31,8 @@
+ #include "libcryptsetup.h"
+ #include "utils_crypt.h"
+
++#define MAX_CAPI_LEN_STR "143" /* for sscanf of crypto API string + 16 + \0 */
++
+ int crypt_parse_name_and_mode(const char *s, char *cipher, int *key_nums,
+ char *cipher_mode)
+ {
+@@ -266,3 +268,73 @@ bool crypt_is_cipher_null(const char *cipher_spec)
+ return false;
+ return (strstr(cipher_spec, "cipher_null") || !strcmp(cipher_spec, "null"));
+ }
++
++int crypt_capi_to_cipher(char **org_c, char **org_i, const char *c_dm, const char *i_dm)
++{
++ char cipher[MAX_CAPI_ONE_LEN], mode[MAX_CAPI_ONE_LEN], iv[MAX_CAPI_ONE_LEN],
++ auth[MAX_CAPI_ONE_LEN], tmp[MAX_CAPI_LEN], dmcrypt_tmp[MAX_CAPI_LEN*2],
++ capi[MAX_CAPI_LEN+1];
++ size_t len;
++ int i;
++
++ if (!c_dm)
++ return -EINVAL;
++
++ /* legacy mode */
++ if (strncmp(c_dm, "capi:", 4)) {
++ if (!(*org_c = strdup(c_dm)))
++ return -ENOMEM;
++ *org_i = NULL;
++ return 0;
++ }
++
++ /* modes with capi: prefix */
++ i = sscanf(c_dm, "capi:%" MAX_CAPI_LEN_STR "[^-]-%" MAX_CAPI_ONE_LEN_STR "s", tmp, iv);
++ if (i != 2)
++ return -EINVAL;
++
++ len = strlen(tmp);
++ if (len < 2)
++ return -EINVAL;
++
++ if (tmp[len-1] == ')')
++ tmp[len-1] = '\0';
++
++ if (sscanf(tmp, "rfc4309(%" MAX_CAPI_LEN_STR "s", capi) == 1) {
++ if (!(*org_i = strdup("aead")))
++ return -ENOMEM;
++ } else if (sscanf(tmp, "rfc7539(%" MAX_CAPI_LEN_STR "[^,],%" MAX_CAPI_ONE_LEN_STR "s", capi, auth) == 2) {
++ if (!(*org_i = strdup(auth)))
++ return -ENOMEM;
++ } else if (sscanf(tmp, "authenc(%" MAX_CAPI_ONE_LEN_STR "[^,],%" MAX_CAPI_LEN_STR "s", auth, capi) == 2) {
++ if (!(*org_i = strdup(auth)))
++ return -ENOMEM;
++ } else {
++ if (i_dm) {
++ if (!(*org_i = strdup(i_dm)))
++ return -ENOMEM;
++ } else
++ *org_i = NULL;
++ memset(capi, 0, sizeof(capi));
++ strncpy(capi, tmp, sizeof(capi)-1);
++ }
++
++ i = sscanf(capi, "%" MAX_CAPI_ONE_LEN_STR "[^(](%" MAX_CAPI_ONE_LEN_STR "[^)])", mode, cipher);
++ if (i == 2)
++ i = snprintf(dmcrypt_tmp, sizeof(dmcrypt_tmp), "%s-%s-%s", cipher, mode, iv);
++ else
++ i = snprintf(dmcrypt_tmp, sizeof(dmcrypt_tmp), "%s-%s", capi, iv);
++ if (i < 0 || (size_t)i >= sizeof(dmcrypt_tmp)) {
++ free(*org_i);
++ *org_i = NULL;
++ return -EINVAL;
++ }
++
++ if (!(*org_c = strdup(dmcrypt_tmp))) {
++ free(*org_i);
++ *org_i = NULL;
++ return -ENOMEM;
++ }
++
++ return 0;
++}
+diff --git a/lib/utils_crypt.h b/lib/utils_crypt.h
+index 5922350a..a4a9b6ca 100644
+--- a/lib/utils_crypt.h
++++ b/lib/utils_crypt.h
+@@ -27,9 +27,12 @@
+ #include <stdbool.h>
+ #include <unistd.h>
+
+-#define MAX_CIPHER_LEN 32
+-#define MAX_CIPHER_LEN_STR "31"
+-#define MAX_KEYFILES 32
++#define MAX_CIPHER_LEN 32
++#define MAX_CIPHER_LEN_STR "31"
++#define MAX_KEYFILES 32
++#define MAX_CAPI_ONE_LEN 2 * MAX_CIPHER_LEN
++#define MAX_CAPI_ONE_LEN_STR "63" /* for sscanf length + '\0' */
++#define MAX_CAPI_LEN 144 /* should be enough to fit whole capi string */
+
+ int crypt_parse_name_and_mode(const char *s, char *cipher,
+ int *key_nums, char *cipher_mode);
+@@ -46,4 +49,6 @@ void crypt_log_hex(struct crypt_device *cd,
+
+ bool crypt_is_cipher_null(const char *cipher_spec);
+
++int crypt_capi_to_cipher(char **org_c, char **org_i, const char *c_dm, const char *i_dm);
++
+ #endif /* _UTILS_CRYPT_H */
+--
+2.38.1
+
diff --git a/SOURCES/cryptsetup-2.6.1-Abort-encryption-when-header-and-data-devices-are-sa.patch b/SOURCES/cryptsetup-2.6.1-Abort-encryption-when-header-and-data-devices-are-sa.patch
new file mode 100644
index 0000000..b8c056d
--- /dev/null
+++ b/SOURCES/cryptsetup-2.6.1-Abort-encryption-when-header-and-data-devices-are-sa.patch
@@ -0,0 +1,154 @@
+From c18dcfaa0b91eb48006232fbfadce9e6a9b4a790 Mon Sep 17 00:00:00 2001
+From: Ondrej Kozina <okozina@redhat.com>
+Date: Fri, 2 Dec 2022 15:39:36 +0100
+Subject: [PATCH 2/2] Abort encryption when header and data devices are same.
+
+If data device reduction is not requsted this led
+to data corruption since LUKS metadata was written
+over the data device.
+---
+ src/utils_reencrypt.c | 42 ++++++++++++++++++++++++++++++----
+ tests/luks2-reencryption-test | 16 +++++++++++++
+ tests/reencryption-compat-test | 20 +++++++++++++---
+ 3 files changed, 70 insertions(+), 8 deletions(-)
+
+diff --git a/src/utils_tools.c b/src/utils_tools.c
+--- a/src/utils_tools.c
++++ b/src/utils_tools.c
+@@ -624,3 +624,23 @@ int tools_reencrypt_progress(uint64_t si
+
+ return r;
+ }
++
++int reencrypt_is_header_detached(const char *header_device, const char *data_device)
++{
++ int r;
++ struct stat st;
++ struct crypt_device *cd;
++
++ if (!header_device)
++ return 0;
++
++ if (header_device && stat(header_device, &st) < 0 && errno == ENOENT)
++ return 1;
++
++ if ((r = crypt_init_data_device(&cd, header_device, data_device)))
++ return r;
++
++ r = crypt_get_metadata_device_name(cd) && crypt_get_device_name(cd) && strcmp(crypt_get_metadata_device_name(cd), crypt_get_device_name(cd));
++ crypt_free(cd);
++ return r;
++}
+diff --git a/src/cryptsetup.h b/src/cryptsetup.h
+--- a/src/cryptsetup.h
++++ b/src/cryptsetup.h
+@@ -103,6 +103,7 @@ void tools_clear_line(void);
+
+ int tools_wipe_progress(uint64_t size, uint64_t offset, void *usrptr);
+ int tools_reencrypt_progress(uint64_t size, uint64_t offset, void *usrptr);
++int reencrypt_is_header_detached(const char *header_device, const char *data_device);
+
+ int tools_read_mk(const char *file, char **key, int keysize);
+ int tools_write_mk(const char *file, const char *key, int keysize);
+diff --git a/src/cryptsetup.c b/src/cryptsetup.c
+--- a/src/cryptsetup.c
++++ b/src/cryptsetup.c
+@@ -2892,6 +2892,16 @@ static int action_encrypt_luks2(struct c
+ return -ENOTSUP;
+ }
+
++ if (!opt_data_shift) {
++ r = reencrypt_is_header_detached(opt_header_device, action_argv[0]);
++ if (r < 0)
++ return r;
++ if (!r) {
++ log_err(_("Encryption without detached header (--header) is not possible without data device size reduction (--reduce-device-size)."));
++ return -ENOTSUP;
++ }
++ }
++
+ if (!opt_header_device && opt_offset && opt_data_shift && (opt_offset > (imaxabs(opt_data_shift) / (2 * SECTOR_SIZE)))) {
+ log_err(_("Requested data offset must be less than or equal to half of --reduce-device-size parameter."));
+ return -EINVAL;
+diff --git a/src/cryptsetup_reencrypt.c b/src/cryptsetup_reencrypt.c
+--- a/src/cryptsetup_reencrypt.c
++++ b/src/cryptsetup_reencrypt.c
+@@ -1553,6 +1553,17 @@ static int run_reencrypt(const char *dev
+ goto out;
+ }
+
++ if (rc.reencrypt_mode == ENCRYPT) {
++ r = reencrypt_is_header_detached(opt_header_device, action_argv[0]);
++ if (r < 0)
++ goto out;
++ if (!r && !opt_reduce_size) {
++ log_err(_("Encryption without detached header (--header) is not possible without data device size reduction (--reduce-device-size)."));
++ r = -ENOTSUP;
++ goto out;
++ }
++ }
++
+ log_dbg("Running reencryption.");
+
+ if (!rc.in_progress) {
+diff --git a/tests/luks2-reencryption-test b/tests/luks2-reencryption-test
+index bab54353..a647a8c2 100755
+--- a/tests/luks2-reencryption-test
++++ b/tests/luks2-reencryption-test
+@@ -1080,6 +1080,15 @@ $CRYPTSETUP status $DEV_NAME >/dev/null 2>&1 || fail
+ $CRYPTSETUP close $DEV_NAME
+ echo $PWD1 | $CRYPTSETUP open --header $IMG_HDR $DEV --test-passphrase || fail
+
++# Encrypt without size reduction must not allow header device same as data device
++wipe_dev_head $DEV 1
++echo $PWD1 | $CRYPTSETUP reencrypt $DEV --type luks2 --encrypt --header $DEV -q $FAST_PBKDF_ARGON 2>/dev/null && fail
++$CRYPTSETUP isLUKS $DEV 2>/dev/null && fail
++
++dd if=/dev/zero of=$IMG bs=4k count=1 >/dev/null 2>&1
++echo $PWD1 | $CRYPTSETUP reencrypt $IMG --type luks2 --encrypt --header $IMG -q $FAST_PBKDF_ARGON 2>/dev/null && fail
++$CRYPTSETUP isLUKS $IMG 2>/dev/null && fail
++
+ echo "[4] Reencryption with detached header"
+ wipe $PWD1 $IMG_HDR
+ echo $PWD1 | $CRYPTSETUP reencrypt -c aes-cbc-essiv:sha256 -s 128 --header $IMG_HDR -q $FAST_PBKDF_ARGON $DEV || fail
+diff --git a/tests/reencryption-compat-test b/tests/reencryption-compat-test
+index f6a84137..453831d1 100755
+--- a/tests/reencryption-compat-test
++++ b/tests/reencryption-compat-test
+@@ -11,5 +11,6 @@ IMG=reenc-data
+ IMG_HDR=$IMG.hdr
+ ORIG_IMG=reenc-data-orig
++DEV_LINK="reenc-test-link"
+ KEY1=key1
+ PWD1="93R4P4pIqAH8"
+ PWD2="1cND4319812f"
+@@ -40,7 +41,7 @@ function remove_mapping()
+ [ -b /dev/mapper/$DEV_NAME2 ] && dmsetup remove --retry $DEV_NAME2
+ [ -b /dev/mapper/$DEV_NAME ] && dmsetup remove --retry $DEV_NAME
+ [ ! -z "$LOOPDEV1" ] && losetup -d $LOOPDEV1 >/dev/null 2>&1
+- rm -f $IMG $IMG_HDR $ORIG_IMG $KEY1 >/dev/null 2>&1
++ rm -f $IMG $IMG_HDR $ORIG_IMG $KEY1 $DEV_LINK >/dev/null 2>&1
+ umount $MNT_DIR > /dev/null 2>&1
+ rmdir $MNT_DIR > /dev/null 2>&1
+ LOOPDEV1=""
+@@ -265,10 +265,16 @@ $REENC $LOOPDEV1 -d $KEY1 $FAST_PBKDF -q
+ # FIXME echo $PWD1 | $REENC ...
+
+ echo "[4] Encryption of not yet encrypted device"
++# Encrypt without size reduction must not allow header device same as data device
++wipe_dev $LOOPDEV1
++echo $PWD1 | $REENC $LOOPDEV1 --type luks1 --new --header $LOOPDEV1 -q $FAST_PBKDF_ARGON 2>/dev/null && fail
++$CRYPTSETUP isLUKS $LOOPDEV1 2>/dev/null && fail
++echo $PWD1 | $REENC $IMG --type luks1 --new --header $IMG -q $FAST_PBKDF_ARGON 2>/dev/null && fail
++$CRYPTSETUP isLUKS $IMG 2>/dev/null && fail
++
+ # well, movin' zeroes :-)
+ OFFSET=2048
+ SIZE=$(blockdev --getsz $LOOPDEV1)
+-wipe_dev $LOOPDEV1
+ dmsetup create $DEV_NAME2 --table "0 $(($SIZE - $OFFSET)) linear $LOOPDEV1 0" || fail
+ check_hash_dev /dev/mapper/$DEV_NAME2 $HASH3
+ dmsetup remove --retry $DEV_NAME2 || fail
+--
+2.38.1
+
diff --git a/SPECS/cryptsetup.spec b/SPECS/cryptsetup.spec
index eb9fd98..1f790e7 100644
--- a/SPECS/cryptsetup.spec
+++ b/SPECS/cryptsetup.spec
@@ -5,7 +5,7 @@ Obsoletes: cryptsetup-python3
Summary: A utility for setting up encrypted disks
Name: cryptsetup
Version: 2.3.7
-Release: 2%{?dist}
+Release: 5%{?dist}
License: GPLv2+ and LGPLv2+
Group: Applications/System
URL: https://gitlab.com/cryptsetup/cryptsetup
@@ -28,6 +28,13 @@ Patch3: %{name}-2.4.2-Fix-bogus-memory-allocation-if-LUKS2-header-size-is-.patc
Patch4: %{name}-2.5.0-Fix-typo-in-repair-prompt.patch
Patch5: %{name}-2.5.0-Fix-test-passphrase-when-device-in-reencryption.patch
Patch6: %{name}-2.5.0-Add-more-tests-for-test-passphrase-parameter.patch
+Patch7: %{name}-2.5.0-Remove-LUKS2-encryption-data-size-restriction.patch
+Patch8: %{name}-2.6.0-Fix-cipher-convert-routines-naming-confusion.patch
+Patch9: %{name}-2.6.0-Move-cipher_dm2c-to-crypto-utilities.patch
+Patch10: %{name}-2.6.0-Code-cleanup.patch
+Patch11: %{name}-2.6.0-Copy-also-integrity-string-in-legacy-mode.patch
+Patch12: %{name}-2.6.0-Fix-internal-crypt-segment-compare-routine.patch
+Patch13: %{name}-2.6.1-Abort-encryption-when-header-and-data-devices-are-sa.patch
%description
The cryptsetup package contains a utility for setting up
@@ -35,7 +42,7 @@ disk encryption using dm-crypt kernel module.
%package devel
Group: Development/Libraries
-Requires: %{name} = %{version}-%{release}
+Requires: %{name}-libs%{?_isa} = %{version}-%{release}
Requires: pkgconfig
Summary: Headers and libraries for using encrypted file systems
Provides: cryptsetup-luks-devel = %{version}-%{release}
@@ -89,6 +96,13 @@ can be used for offline reencryption of disk in situ.
%patch4 -p1
%patch5 -p1
%patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
+%patch10 -p1
+%patch11 -p1
+%patch12 -p1
+%patch13 -p1
%patch0 -p1
chmod -x misc/dracut_90reencrypt/*
@@ -148,6 +162,19 @@ rm -rf %{buildroot}/%{_libdir}/*.la
%clean
%changelog
+* Tue Jan 10 2023 Daniel Zatovic <dzatovic@redhat.com> - 2.3.7-5
+- change cryptsetup-devel dependency from cryptsetup to cryptsetup-libs
+- Resolves: #2150254
+
+* Wed Dec 21 2022 Daniel Zatovic <dzatovic@redhat.com> - 2.3.7-4
+- patch: Remove LUKS2 encryption data size restriction.
+- patch: Abort encryption when header and data devices are same.
+- Resolves: #2150254
+
+* Fri Nov 4 2022 Daniel Zatovic <dzatovic@redhat.com> - 2.3.7-3
+- patch: Fix internal crypt segment compare routine
+- Resolves: #2110810
+
* Thu Feb 24 2022 Ondrej Kozina <okozina@redhat.com> - 2.3.7-2
- patch: Fix cryptsetup --test-passphrase when device in
reencryption