From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1nG0nx-0007DM-8C for mharc-grub-devel@gnu.org; Fri, 04 Feb 2022 10:47:21 -0500 Received: from eggs.gnu.org ([209.51.188.92]:36810) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nG0nf-00077f-PX for grub-devel@gnu.org; Fri, 04 Feb 2022 10:47:04 -0500 Received: from smtp-out1.suse.de ([195.135.220.28]:54658) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1nG0ne-00083c-2T for grub-devel@gnu.org; Fri, 04 Feb 2022 10:47:03 -0500 Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 2627E210F6; Fri, 4 Feb 2022 15:46:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1643989609; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=vh89ZBEFIWoJtjmNTL9RkdzJ0JL+/ea6LNxr979+8wY=; b=a6i0tc1XnEzNVj8H2vNA517Z7O6QlrKtLZxNwEf0ZPpkSFCFyC4zyvhbEYYRBBpNmAM7OL tGdxqwhxfQR7Jx+PhDKQs+MnQkn7Sqz0XaOR6uWMWyWcDGzMs7T0o1PWXrNXphn0aNMa2K KMt09meoZsVJD9rbg/XoPTM/QqJ4lf4= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1643989609; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=vh89ZBEFIWoJtjmNTL9RkdzJ0JL+/ea6LNxr979+8wY=; b=/J2FoOkTKUkwrkYHMREcAa9/Hu6w1QqbisbZlZT7wEIujY+iQ7c3fSW7+G7iSYow8Q8iRd Dgtdpn3xGfXg09Bw== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id CEC7E13AB6; Fri, 4 Feb 2022 15:46:48 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id hbA6MGhK/WEoMwAAMHmgww (envelope-from ); Fri, 04 Feb 2022 15:46:48 +0000 From: Fabian Vogt To: The development of GNU GRUB , Patrick Steinhardt Cc: Josselin Poiret , Michael Chang , Josselin Poiret via Grub-devel , Pierre-Louis Bonicoli Subject: Re: [PATCH 3/4] luks2: set up dummy sector size during scan Date: Fri, 04 Feb 2022 16:46:48 +0100 Message-ID: <2946843.ILLGAiG1oY@linux-e202.suse.de> In-Reply-To: <8735mkbj26.fsf@jpoiret.xyz> References: <43151052.QDiU1Cuimh@linux-e202.suse.de> <8735mkbj26.fsf@jpoiret.xyz> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" Received-SPF: pass client-ip=195.135.220.28; envelope-from=fvogt@suse.de; helo=smtp-out1.suse.de X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Feb 2022 15:47:08 -0000 Hi, Am Mittwoch, 22. Dezember 2021, 19:17:37 CET schrieb Josselin Poiret via Grub-devel: > Hello everyone, > > Fabian Vogt writes: > > It looks like we have a third patch (series) for this feature meanwhile: > > [PATCH 0/2] Have LUKS2 cryptomounts be useable with grub-probe > > > > I CC'd the author, let's try to coordinate. And there's a forth one now (author CC'd)! ("[PATCH 3/3] grub-core/kern/disk.c: handle LUKS2 devices") So we have: "[PATCH 3/4] luks2: set up dummy sector size during scan", which hardcodes 512, "[PATCH 1/2] disk/cryptodisk: When cheatmounting, use the sector info of the cheat device", which queries the sector size of the underlying host device, "[PATCH v2 2/2] devmapper/getroot: Set up cheated LUKS2 cryptodisk mount from DM parameters", which parses the DM table to get the sector_size, and now "[PATCH 3/3] grub-core/kern/disk.c: handle LUKS2 devices", which changes the grub core code to accept a sector size of 0 for LUKS2 devices. Should be enough options to pick a good one ;-) > > Thanks, > > Fabian > > Let me just say that I had not found this patch series while searching > beforehand. Let me just recap what my patches do differently (in > relation to patches 3 and 4 of this series): > > Because cheat-mounting cryptodisks only happens (from my understanding) > when pulling devmapper devices, we can simply ask the kernel for the dm > and dm-crypt parameters that it's opened with, and populate our > cheat-mounted device from that. This completely circumvents the multiple > segments issue, as this will always yield the parameters corresponding > to the user-specified mountpoint of `grub-probe` or `grub-install`. Yup. Did you have a look at my approach? That effectively does the same, but using a single ioctl instead of anything complex with DM directly. > I also opted not to add a GRUB_DEV_ABSTRACTION_LUKS2 abstraction, so as > to reuse all existing code that supports LUKS1, although that can be > confusing. We could simply rename GRUB_DEV_ABSTRACTION_LUKS1 to > GRUB_DEV_ABSTRACTION_CRYTODISK, as LUKS1 and LUKS2 only differ in how > they're unlocked, not in underlying algorithms. > > What do you think? Sounds good to me, though I'd count that as a separate refactoring step for the future. Cheers, Fabian