1INTEGRITYSETUP(8) Maintenance Commands INTEGRITYSETUP(8)
2
3
4
6 integritysetup - manage dm-integrity (block level integrity) volumes
7
9 integritysetup <options> <action> <action args>
10
12 Integritysetup is used to configure dm-integrity managed device-mapper
13 mappings.
14
15 Device-mapper integrity target provides read-write transparent
16 integrity checking of block devices. The dm-integrity target emulates
17 additional data integrity field per-sector. You can use this additional
18 field directly with integritysetup utility, or indirectly (for authen‐
19 ticated encryption) through cryptsetup.
20
21 Integritysetup supports these operations:
22
23 format <device>
24
25 Formats <device> (calculates space and dm-integrity superblock
26 and wipes the device).
27
28 <options> can be [--data-device, --batch-mode, --no-wipe,
29 --journal-size, --interleave-sectors, --tag-size, --integrity,
30 --integrity-key-size, --integrity-key-file, --sector-size,
31 --progress-frequency]
32
33
34 open <device> <name>
35 create <name> <device> (OBSOLETE syntax)
36
37 Open a mapping with <name> backed by device <device>.
38
39 <options> can be [--data-device, --batch-mode, --journal-water‐
40 mark, --journal-commit-time, --buffer-sectors, --integrity,
41 --integrity-key-size, --integrity-key-file, --integrity-no-jour‐
42 nal, --integrity-recalculate, --integrity-recovery-mode,
43 --allow-discards]
44
45
46 close <name>
47
48 Removes existing mapping <name>.
49
50 For backward compatibility, there is remove command alias for
51 the close command.
52
53 status <name>
54
55 Reports status for the active integrity mapping <name>.
56
57 dump <device>
58
59 Reports parameters from on-disk stored superblock.
60
61
63 --verbose, -v
64 Print more information on command execution.
65
66 --debug
67 Run in debug mode with full diagnostic logs. Debug output lines
68 are always prefixed by '#'.
69
70 --version
71 Show the program version.
72
73 --batch-mode
74 Do not ask for confirmation.
75
76 --progress-frequency <seconds>
77 Print separate line every <seconds> with wipe progress.
78
79 --no-wipe
80 Do not wipe the device after format. A device that is not ini‐
81 tially wiped will contain invalid checksums.
82
83 --journal-size, -j BYTES
84 Size of the journal.
85
86 --interleave-sectors SECTORS
87 The number of interleaved sectors.
88
89 --integrity-recalculate
90 Automatically recalculate integrity tags in kernel on activa‐
91 tion. The device can be used during automatic integrity recal‐
92 culation but becomes fully integrity protected only after the
93 background operation is finished. This option is available
94 since the Linux kernel version 4.19.
95
96 --journal-watermark PERCENT
97 Journal watermark in percents. When the size of the journal
98 exceeds this watermark, the journal flush will be started.
99
100 --journal-commit-time MS
101 Commit time in milliseconds. When this time passes (and no
102 explicit flush operation was issued), the journal is written.
103
104 --tag-size, -t BYTES
105 Size of the integrity tag per-sector (here the integrity func‐
106 tion will store authentication tag).
107
108 NOTE: The size can be smaller that output size of the hash func‐
109 tion, in that case only part of the hash will be stored.
110
111 --data-device
112 Specify a separate data device that contains existing data. The
113 <device> then will contain calculated integrity tags and journal
114 for this data device.
115
116 --sector-size, -s BYTES
117 Sector size (power of two: 512, 1024, 2048, 4096).
118
119 --buffer-sectors SECTORS
120 The number of sectors in one buffer.
121
122 The tag area is accessed using buffers, the large buffer size
123 means that the I/O size will be larger, but there could be less
124 I/Os issued.
125
126 --integrity, -I ALGORITHM
127 Use internal integrity calculation (standalone mode). The
128 integrity algorithm can be CRC (crc32c/crc32) or hash function
129 (sha1, sha256).
130
131 For HMAC (hmac-sha256) you have also to specify an integrity key
132 and its size.
133
134 --integrity-key-size BYTES
135 The size of the data integrity key.
136
137 --integrity-key-file FILE
138 The file with the integrity key.
139
140 --integrity-no-journal, -D
141 Disable journal for integrity device.
142
143 --integrity-bitmap-mode. -B
144 Use alternate bitmap mode (available since Linux kernel 5.2)
145 where dm-integrity uses bitmap instead of a journal. If a bit in
146 the bitmap is 1, the corresponding region's data and integrity
147 tags are not synchronized - if the machine crashes, the unsyn‐
148 chronized regions will be recalculated. The bitmap mode is
149 faster than the journal mode, because we don't have to write the
150 data twice, but it is also less reliable, because if data cor‐
151 ruption happens when the machine crashes, it may not be
152 detected.
153
154 --bitmap-sectors-per-bit SECTORS
155 Number of 512-byte sectors per bitmap bit, the value must be
156 power of two.
157
158 --bitmap-flush-time MS
159 Bitmap flush time in milliseconds.
160
161
162 WARNING:
163 In case of a crash, it is possible that the data and integrity
164 tag doesn't match if the journal is disabled.
165
166 --integrity-recovery-mode. -R
167 Recovery mode (no journal, no tag checking).
168
169
170 NOTE: The following options are intended for testing purposes only.
171 Using journal encryption does not make sense without encryption
172 the data, these options are internally used in authenticated
173 disk encryption with cryptsetup(8).
174
175 --journal-integrity ALGORITHM
176 Integrity algorithm for journal area. See --integrity option
177 for detailed specification.
178
179 --journal-integrity-key-size BYTES
180 The size of the journal integrity key.
181
182 --journal-integrity-key-file FILE
183 The file with the integrity key.
184
185 --journal-crypt ALGORITHM
186 Encryption algorithm for journal data area. You can use a block
187 cipher here such as cbc-aes or a stream cipher, for example,
188 chacha20 or ctr-aes.
189
190 --journal-crypt-key-size BYTES
191 The size of the journal encryption key.
192
193 --journal-crypt-key-file FILE
194 The file with the journal encryption key.
195
196 --allow-discards
197 Allow the use of discard (TRIM) requests for the device. This
198 option is available since the Linux kernel version 5.7.
199
200 The dm-integrity target is available since Linux kernel version 4.12.
201
202 NOTE: Format and activation of an integrity device always require
203 superuser privilege because the superblock is calculated and
204 handled in dm-integrity kernel target.
205
206
208 WARNING:
209 Do not use these options until you need compatibility with spe‐
210 cific old kernel.
211
212 --integrity-legacy-padding
213 Use inefficient legacy padding.
214
215 --integrity-legacy-hmac
216 Use old flawed HMAC calclation (also does not protect
217 superblock).
218
219 --integrity-legacy-recalculate
220 Allow insecure recalculating of volumes with HMAC keys (recal‐
221 cualtion offset in superblock is not protected).
222
223
225 Integritysetup returns 0 on success and a non-zero value on error.
226
227 Error codes are:
228 1 wrong parameters
229 2 no permission
230 3 out of memory
231 4 wrong device specified
232 5 device already exists, or device is busy.
233
234
236 Format the device with default standalone mode (CRC32C):
237
238 integritysetup format <device>
239
240 Open the device with default parameters:
241
242 integritysetup open <device> test
243
244 Format the device in standalone mode for use with HMAC(SHA256):
245
246 integritysetup format <device> --tag-size 32 --integrity hmac-sha256
247 --integrity-key-file <keyfile> --integrity-key-size <key_bytes>
248
249 Open (activate) the device with HMAC(SHA256) and HMAC key in file:
250
251 integritysetup open <device> test --integrity hmac-sha256
252 --integrity-key-file <keyfile> --integrity-key-size <key_bytes>
253
254 Dump dm-integrity superblock information:
255
256 integritysetup dump <device>
257
258
260 Report bugs, including ones in the documentation, on the cryptsetup
261 mailing list at <dm-crypt@saout.de> or in the 'Issues' section on LUKS
262 website. Please attach the output of the failed command with the
263 --debug option added.
264
266 The integritysetup tool is written by Milan Broz <gmazyland@gmail.com>
267 and is part of the cryptsetup project.
268
270 Copyright © 2016-2021 Red Hat, Inc.
271 Copyright © 2016-2021 Milan Broz
272
273 This is free software; see the source for copying conditions. There is
274 NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
275 PURPOSE.
276
278 The project website at https://gitlab.com/cryptsetup/cryptsetup
279
280 The integrity on-disk format specification available at https://git‐
281 lab.com/cryptsetup/cryptsetup/wikis/DMIntegrity
282
283
284
285integritysetup January 2021 INTEGRITYSETUP(8)