[PATCH 0/4] Probing support for LUKS2

[Patrick Steinhardt <ps@pks.im>]

[-- Attachment #1: Type: text/plain, Size: 1992 bytes --]

Hi,

while basic LUKS2 support is there already, there is currently no
support yet for auto-detection of LUKS2 for of grub-probe, grub-install
and companions. As a result, users have to manually configure GRUB to
include required modules. This series is a first step towards
auto-detection and implements probing support for LUKS2:

    $ grub-probe -d /dev/mapper/luks2 -t cryptodisk_uuid
    b2e7039b5dd0bdd4d476f4467c1f7168

Noticably missing is auto-detection of required cryptographic modules,
but this will require some refactoring of the cryptodisk code as the
current assumption is that there will be always exactly one cipher, KDF
and hash, which doesn't hold true for LUKS2. I'll thus do this as a
follow up at a later point.

The first two patches make sense on their own and are worthwhile to be
included in GRUB 2.06. The first one is an out-of-bounds read in LUKS
code, while the second one adjusts the internal UUID format of the
cryptodisk to match the dash-less format that we currently use for LUKS1
disks. As such, it breaks current configs using the dashed format, so
including it pre-2.06 would make sense from my point of view.

The latter two patches are required to implement probing. I'm fine with
deferring them until after 2.06.

@Daniel: please let me know if you want me to split up this series into
two. I didn't think it necessary as you can just apply the first two
patches separately.

Patrick

Patrick Steinhardt (4):
  luks: fix out-of-bounds copy of UUID
  luks2: strip dashes off of the UUID
  luks2: set up dummy sector size during scan
  osdep: detect LUKS2-encrypted devices

 grub-core/disk/luks.c               |  2 +-
 grub-core/disk/luks2.c              | 21 ++++++++++++++++++---
 grub-core/osdep/devmapper/getroot.c | 23 +++++++++++++++++++++--
 include/grub/emu/getroot.h          |  1 +
 util/getroot.c                      |  1 +
 5 files changed, 42 insertions(+), 6 deletions(-)

-- 
2.26.2


[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]