Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-27527

Implement Insights rules for cryptsetup

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Won't Do
    • Icon: Major Major
    • None
    • None
    • cryptsetup
    • None
    • rhel-sst-logical-storage
    • ssg_filesystems_storage_and_HA
    • 3
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None

      Goal: 

      • Implement Insights rules and fixes for cryptsetup-related issues
      • candidates for the rules are:
        • fix for CVE-2021-4122 can cause trouble if cryptsetup is upgraded during encryption (potential boot failure, if block device with root FS is being re-encrypted during reboot)
        • FIPS-enabled system contains encrypted devices with non-FIPS cryptographic algorithms/parameters - PBKDF/Argon bug (suggest recreating the keyslot)
        • warn about weak cryptographic algorithms/parameters and recommend re-encryption or recreating keyslot with stronger parameters
        • warn about misformatted cipher specification see upstream issue

              dzatovic@redhat.com Daniel Zaťovič (Inactive)
              dzatovic@redhat.com Daniel Zaťovič (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: