All of lore.kernel.org
 help / color / mirror / Atom feed
From: Glenn Washburn <development@efficientek.com>
To: grub-devel@gnu.org
Cc: Glenn Washburn <development@efficientek.com>
Subject: [CRYPTOMOUNT-TEST 2/7] cryptodisk: Allow cryptomount password to be specified as argument.
Date: Sun, 16 Aug 2020 19:05:13 -0500	[thread overview]
Message-ID: <20200817000518.4006518-3-development@efficientek.com> (raw)

Signed-off-by: Glenn Washburn <development@efficientek.com>
---
 grub-core/disk/cryptodisk.c | 30 ++++++++++++++++++------------
 1 file changed, 18 insertions(+), 12 deletions(-)

diff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c
index 031e9dd97..5502a6958 100644
--- a/grub-core/disk/cryptodisk.c
+++ b/grub-core/disk/cryptodisk.c
@@ -41,6 +41,7 @@ static const struct grub_arg_option options[] =
     /* TRANSLATORS: It's still restricted to cryptodisks only.  */
     {"all", 'a', 0, N_("Mount all."), 0, 0},
     {"boot", 'b', 0, N_("Mount all volumes with `boot' flag set."), 0, 0},
+    {"password", 'p', 0, N_("Password to open volumes."), 0, ARG_TYPE_STRING},
     {"header", 'H', 0, N_("Read header from file"), 0, ARG_TYPE_STRING},
     {"keyfile", 'k', 0, N_("Key file"), 0, ARG_TYPE_STRING},
     {"keyfile-offset", 'O', 0, N_("Key file offset (bytes)"), 0, ARG_TYPE_INT},
@@ -1102,13 +1103,13 @@ grub_cmd_cryptomount (grub_extcmd_context_t ctxt, int argc, char **args)
   if (argc < 1 && !state[1].set && !state[2].set)
     return grub_error (GRUB_ERR_BAD_ARGUMENT, "device name required");
 
-  if (state[3].set) /* Detached header */
+  if (state[4].set) /* Detached header */
     {
       if (state[0].set)
 	return grub_error (GRUB_ERR_BAD_ARGUMENT,
 			   N_("Cannot use UUID lookup with detached header"));
 
-      hdr = grub_file_open (state[3].arg,
+      hdr = grub_file_open (state[4].arg,
 			    GRUB_FILE_TYPE_CRYPTODISK_DETACHED_HEADER);
       if (!hdr)
 	return grub_errno;
@@ -1119,7 +1120,12 @@ grub_cmd_cryptomount (grub_extcmd_context_t ctxt, int argc, char **args)
   have_it = 0;
   key = NULL;
 
-  if (state[4].set) /* keyfile */
+  if (state[3].set) /* password */
+    {
+      key = (grub_uint8_t *) state[3].arg;
+      key_size = grub_strlen(state[3].arg);
+    }
+  else if (state[5].set) /* keyfile */
     {
       const char *p = NULL;
       grub_file_t keyfile;
@@ -1127,9 +1133,9 @@ grub_cmd_cryptomount (grub_extcmd_context_t ctxt, int argc, char **args)
       grub_size_t requested_keyfile_size = 0;
 
 
-      if (state[5].set) /* keyfile-offset */
+      if (state[6].set) /* keyfile-offset */
 	{
-	  keyfile_offset = grub_strtoul (state[5].arg, &p, 0);
+	  keyfile_offset = grub_strtoul (state[6].arg, &p, 0);
 
 	  if (grub_errno != GRUB_ERR_NONE)
 	    return grub_errno;
@@ -1143,9 +1149,9 @@ grub_cmd_cryptomount (grub_extcmd_context_t ctxt, int argc, char **args)
 	  keyfile_offset = 0;
 	}
 
-      if (state[6].set) /* keyfile-size */
+      if (state[7].set) /* keyfile-size */
 	{
-	  requested_keyfile_size = grub_strtoul (state[6].arg, &p, 0);
+	  requested_keyfile_size = grub_strtoul (state[7].arg, &p, 0);
 
 	  if (*p != '\0')
 	    return grub_error (GRUB_ERR_BAD_ARGUMENT,
@@ -1165,7 +1171,7 @@ grub_cmd_cryptomount (grub_extcmd_context_t ctxt, int argc, char **args)
 			      N_("Key file size is 0\n"));
 	}
 
-      keyfile = grub_file_open (state[4].arg,
+      keyfile = grub_file_open (state[5].arg,
 				GRUB_FILE_TYPE_CRYPTODISK_ENCRYPTION_KEY);
       if (!keyfile)
 	return grub_errno;
@@ -1197,7 +1203,7 @@ grub_cmd_cryptomount (grub_extcmd_context_t ctxt, int argc, char **args)
       key = keyfile_buffer;
     }
 
-  if (state[0].set)
+  if (state[0].set) /* -u uuid */
     {
       grub_cryptodisk_t dev;
 
@@ -1218,7 +1224,7 @@ grub_cmd_cryptomount (grub_extcmd_context_t ctxt, int argc, char **args)
 	return grub_error (GRUB_ERR_BAD_ARGUMENT, "no such cryptodisk found");
       return GRUB_ERR_NONE;
     }
-  else if (state[1].set || (argc == 0 && state[2].set))
+  else if (state[1].set || (argc == 0 && state[2].set)) /* -a || -b */
     {
       search_uuid = NULL;
       check_boot = state[2].set;
@@ -1403,8 +1409,8 @@ GRUB_MOD_INIT (cryptodisk)
 {
   grub_disk_dev_register (&grub_cryptodisk_dev);
   cmd = grub_register_extcmd ("cryptomount", grub_cmd_cryptomount, 0,
-			      N_("SOURCE [-H file] [-k keyfile] [-O keyoffset]"
-				 " [-S keysize]|-u UUID|-a|-b"),
+			      N_("SOURCE [-H file] [-k keyfile|-p password] "
+				 "[-O keyoffset] [-S keysize]|-u UUID|-a|-b"),
 			      N_("Mount a crypto device."), options);
   grub_procfs_register ("luks_script", &luks_script);
 }
-- 
2.25.1



                 reply	other threads:[~2020-08-17  0:05 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200817000518.4006518-3-development@efficientek.com \
    --to=development@efficientek.com \
    --cc=grub-devel@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.