[PATCH v7 0/6] Support for LUKS2 disk encryption

[Patrick Steinhardt <ps@pks.im>]

Hi,

this is hopefully the last version of this patchset. The previous
version was rejected due to compile issues on 32 bit platforms,
which I didn't test before. Anyway, this version should fix these
issues by

    - using correct types where appropriate (grub_uint64_t
      instead of grub_size_t)

    - using grub_divmod64() for 64 bit division

This got i386 working for me, but I didn't have any arm32
platform available. Chances are good it's fixed on both
platforms, though. As always, the range-diff against v6 can be
found below.

Patrick

Patrick Steinhardt (6):
  json: Import upstream jsmn-1.1.0
  json: Implement wrapping interface
  bootstrap: Add gnulib's base64 module
  afsplitter: Move into its own module
  luks: Move configuration of ciphers into cryptodisk
  disk: Implement support for LUKS2

 Makefile.util.def                             |   4 +-
 bootstrap.conf                                |   3 +-
 conf/Makefile.extra-dist                      |   1 +
 docs/grub-dev.texi                            |  14 +
 docs/grub.texi                                |   5 +-
 grub-core/Makefile.core.def                   |  19 +-
 grub-core/disk/AFSplitter.c                   |   3 +
 grub-core/disk/cryptodisk.c                   | 163 ++++-
 grub-core/disk/luks.c                         | 190 +----
 grub-core/disk/luks2.c                        | 678 ++++++++++++++++++
 grub-core/lib/gnulib-patches/fix-base64.patch |  23 +
 grub-core/lib/json/jsmn.h                     | 468 ++++++++++++
 grub-core/lib/json/json.c                     | 267 +++++++
 grub-core/lib/json/json.h                     | 122 ++++
 include/grub/cryptodisk.h                     |   3 +
 15 files changed, 1783 insertions(+), 180 deletions(-)
 create mode 100644 grub-core/disk/luks2.c
 create mode 100644 grub-core/lib/gnulib-patches/fix-base64.patch
 create mode 100644 grub-core/lib/json/jsmn.h
 create mode 100644 grub-core/lib/json/json.c
 create mode 100644 grub-core/lib/json/json.h

Range-diff against v6:
1:  2469e96f9 = 1:  2469e96f9 json: Import upstream jsmn-1.1.0
2:  88d2b083d ! 2:  c67fda9fb json: Implement wrapping interface
    @@ Commit message
         `grub_json_t`.
     
         Signed-off-by: Patrick Steinhardt <ps@pks.im>
    +    Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
     
      ## grub-core/lib/json/json.c ##
     @@
3:  411a822b4 = 3:  dcca930de bootstrap: Add gnulib's base64 module
4:  be0859313 = 4:  f922aabda afsplitter: Move into its own module
5:  8535bb34a = 5:  3d397ac30 luks: Move configuration of ciphers into cryptodisk
6:  f9b578487 ! 6:  59d36e0e9 disk: Implement support for LUKS2
    @@ grub-core/disk/luks2.c (new)
     +luks2_parse_digest (grub_luks2_digest_t *out, const grub_json_t *digest)
     +{
     +  grub_json_t segments, keyslots, o;
    ++  grub_size_t i, size;
    ++  grub_uint64_t bit;
     +  const char *type;
    -+  grub_size_t i, size, bit;
     +
     +  if (grub_json_getstring (&type, digest, "type"))
     +    return grub_error (GRUB_ERR_BAD_ARGUMENT, "Invalid digest type");
    @@ grub-core/disk/luks2.c (new)
     +		   const grub_json_t *root, grub_size_t i)
     +{
     +  grub_json_t keyslots, keyslot, digests, digest, segments, segment;
    -+  grub_size_t j, idx, size;
    ++  grub_size_t j, size;
    ++  grub_uint64_t idx;
     +
     +  /* Get nth keyslot */
     +  if (grub_json_getvalue (&keyslots, root, "keyslots") ||
    @@ grub-core/disk/luks2.c (new)
     +      grub_dprintf ("luks2", "Trying keyslot %"PRIuGRUB_SIZE"\n", i);
     +
     +      /* Set up disk according to keyslot's segment. */
    -+      crypt->offset = segment.offset / segment.sector_size;
    ++      crypt->offset = grub_divmod64 (segment.offset, segment.sector_size, NULL);
     +      crypt->log_sector_size = sizeof (unsigned int) * 8
     +		- __builtin_clz ((unsigned int) segment.sector_size) - 1;
     +      if (grub_strcmp (segment.size, "dynamic") == 0)
-- 
2.24.1