From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.90_1)
	id 1jf0Xb-0004YP-9s
	for mharc-grub-devel@gnu.org; Sat, 30 May 2020 08:24:43 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:44646)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ps@pks.im>) id 1jf0XZ-0004YC-5p
 for grub-devel@gnu.org; Sat, 30 May 2020 08:24:41 -0400
Received: from out1-smtp.messagingengine.com ([66.111.4.25]:34845)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ps@pks.im>) id 1jf0XW-0001Ok-RV
 for grub-devel@gnu.org; Sat, 30 May 2020 08:24:40 -0400
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43])
 by mailout.nyi.internal (Postfix) with ESMTP id 7998E5C00A4
 for <grub-devel@gnu.org>; Sat, 30 May 2020 08:24:37 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162])
 by compute3.internal (MEProxy); Sat, 30 May 2020 08:24:37 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pks.im; h=date
 :from:to:subject:message-id:mime-version:content-type; s=fm1;
 bh=BvX2FWC2ViioDzekxR8jlvovc2Uw2HZIvvzvNca4nzs=; b=D7kp1rF2pT2K
 mzW9SqX31GKUfWRXC9+RYtrnLEQaoRD0ieqQQJb/whgS8zM5x+mbtu5alhb+XYEc
 9+fTtiSM7HKF7/j3pCOlxjxTCV7+lg7DTzbrVJREXaTG7dQDubZwmbnGSIhZ/s5f
 dxhqBWGFDZkod6Lsyu/kEGPB709UQO7WOSUBaVbH1e3g3PYOHe3iPTqpeLaWQOKJ
 lFkiMEsvjxhrBWtf6lY3EofV6SIt7eg6k4H173zahhog+bXHsx1uh3UQM+C3qqn3
 ygt5fNNArpvV0TW2TNMimph/3aOWEkmZsMa3k13oUCZpSIYO1fQ2eFsQdA0IEkPr
 FrAqEVlTKg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=content-type:date:from:message-id
 :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender
 :x-me-sender:x-sasl-enc; s=fm2; bh=BvX2FWC2ViioDzekxR8jlvovc2Uw2
 HZIvvzvNca4nzs=; b=yJCndUrreJ+msr6yEP3/je1KrncuKGO9balN+7THSGaN2
 MuY6xBQCWiYgo03gtnyut/wJvsfJtWqSeWZmjkmKY3xsv3six/dLpplIVsqBT6BK
 A7tVtNYgkOBETqYjWkMlrtok2acSjEmVRm+EfeaIHO87N01yXBADpEwg7rhZTY1l
 OjaJJNIc5tuWJHoCrTkVYQCyoe5vg0CoCqUK7vV1PGD0RAUzbbMQhQhwu1rPsksc
 eiG6v71yzfaLC9cLF6ETiMv1gBXtc9nlW3tvwbqg1naroc4u0DLuBz/OOjBx541R
 p0irhSg4mWnaLsPGEEuxAgzhWIIM5leHygqhb0gdw==
X-ME-Sender: <xms:hVDSXsQp8_W67B4pM3f6eOEdiNIkOH_YwXW5rKpq9Ky_o9IrNanU6Q>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduhedrudeftddghedtucetufdoteggodetrfdotf
 fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
 uceurghilhhouhhtmecufedttdenucenucfjughrpeffhffvuffkgggtugesghdtreertd
 dtvdenucfhrhhomheprfgrthhrihgtkhcuufhtvghinhhhrghrughtuceophhssehpkhhs
 rdhimheqnecuggftrfgrthhtvghrnhepjeeifedvueelfffgjeduffdvgefhiefgjefgvd
 dvfeduvefffeevfffhgfekieffnecukfhppeejjedrudeluddrgeehrddugeeknecuvehl
 uhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepphhssehpkhhsrd
 himh
X-ME-Proxy: <xmx:hVDSXpz8tPCdwfETi75c4QI6QRTvb_QTPqmOUL0Vztt97gHxxCSWAQ>
 <xmx:hVDSXp0ONDcd7x8ZkF4TAToZX2UtJEYteMjnZgP-6PicI73Ir0sV0w>
 <xmx:hVDSXgCz6inO5yeOgcikKcVUvhk6S5LqtQpQQqnNrc64pb2ncMnA8Q>
 <xmx:hVDSXsSNL7D2cDmhEaQy3cosRX2MX7BwEWWroj0T0k_bfP5uZIC2hw>
Received: from vm-mail.pks.im (x4dbf2d94.dyn.telefonica.de [77.191.45.148])
 by mail.messagingengine.com (Postfix) with ESMTPA id CEAC8328005E
 for <grub-devel@gnu.org>; Sat, 30 May 2020 08:24:36 -0400 (EDT)
Received: from localhost (ncase [10.192.0.11])
 by vm-mail.pks.im (OpenSMTPD) with ESMTPSA id ec58c651
 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO) for <grub-devel@gnu.org>;
 Sat, 30 May 2020 12:24:34 +0000 (UTC)
Date: Sat, 30 May 2020 14:25:00 +0200
From: Patrick Steinhardt <ps@pks.im>
To: grub-devel@gnu.org
Subject: [PATCH 0/4] Probing support for LUKS2
Message-ID: <cover.1590840835.git.ps@pks.im>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature"; boundary="5mCyUwZo2JvN/JJP"
Content-Disposition: inline
Received-SPF: pass client-ip=66.111.4.25; envelope-from=ps@pks.im;
 helo=out1-smtp.messagingengine.com
X-detected-operating-system: by eggs.gnu.org: First seen = 2020/05/30 08:24:37
X-ACL-Warn: Detected OS   = Linux 2.2.x-3.x [generic] [fuzzy]
X-Spam_score_int: -27
X-Spam_score: -2.8
X-Spam_bar: --
X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 SPF_HELO_PASS=-0.001, SPF_PASS=-0.001,
 URIBL_BLOCKED=0.001 autolearn=_AUTOLEARN
X-Spam_action: no action
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Sat, 30 May 2020 12:24:41 -0000


--5mCyUwZo2JvN/JJP
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi,

while basic LUKS2 support is there already, there is currently no
support yet for auto-detection of LUKS2 for of grub-probe, grub-install
and companions. As a result, users have to manually configure GRUB to
include required modules. This series is a first step towards
auto-detection and implements probing support for LUKS2:

    $ grub-probe -d /dev/mapper/luks2 -t cryptodisk_uuid
    b2e7039b5dd0bdd4d476f4467c1f7168

Noticably missing is auto-detection of required cryptographic modules,
but this will require some refactoring of the cryptodisk code as the
current assumption is that there will be always exactly one cipher, KDF
and hash, which doesn't hold true for LUKS2. I'll thus do this as a
follow up at a later point.

The first two patches make sense on their own and are worthwhile to be
included in GRUB 2.06. The first one is an out-of-bounds read in LUKS
code, while the second one adjusts the internal UUID format of the
cryptodisk to match the dash-less format that we currently use for LUKS1
disks. As such, it breaks current configs using the dashed format, so
including it pre-2.06 would make sense from my point of view.

The latter two patches are required to implement probing. I'm fine with
deferring them until after 2.06.

@Daniel: please let me know if you want me to split up this series into
two. I didn't think it necessary as you can just apply the first two
patches separately.

Patrick

Patrick Steinhardt (4):
  luks: fix out-of-bounds copy of UUID
  luks2: strip dashes off of the UUID
  luks2: set up dummy sector size during scan
  osdep: detect LUKS2-encrypted devices

 grub-core/disk/luks.c               |  2 +-
 grub-core/disk/luks2.c              | 21 ++++++++++++++++++---
 grub-core/osdep/devmapper/getroot.c | 23 +++++++++++++++++++++--
 include/grub/emu/getroot.h          |  1 +
 util/getroot.c                      |  1 +
 5 files changed, 42 insertions(+), 6 deletions(-)

--=20
2.26.2


--5mCyUwZo2JvN/JJP
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEF9hrgiFbCdvenl/rVbJhu7ckPpQFAl7SUJsACgkQVbJhu7ck
PpSG8g//dWDLxLmp67L9NQHV5mzIlUDM1Hu4GzKOtp0tGr7hxQbroKuSsoTAvMlv
2juBufBLAAayw1rh1TGL5lRaAaFhVn1HTKssDxnA/EaLrNWZK+PHtqzD+zvX67FP
HBNCrOJ8WKI50zy7MiobJ3XaIsZ8P8ZskMKCfl9NdyvRSZjuFwqJV1enI2ZDFCMd
5jOe2fTWB/I+NH2oB5D0KuwNDgYnUhIeojuz7vNp1LX99xI0TmB85X2uqiuIACcR
NXoAHgd6Q7BXCcpNAG4UshWTEHHTCGt+KQ/y2PG2n10dBt3vXL5jBEMw6zegnvib
zabcaHxScPUrj6gvfmThdWkPrrErGvEtjbc0aLPU1vpZZsKXu9NozAvLfJxltm6D
DehoRYeOwQ+OihIW+k0/i1mB8WEYuCqGxEktpYU1KNteU3Lp5J9HJovThc4d4IGp
A3PRgm4XyrADupLMviujtSBt/4vW0Hjm+aKcXLBnw7OzQ1CjjaEnRZPGFu4DmNwD
kdM4FbdThRtYRJUfvhjk03fop+jF6EqpX1RMeBtfNrW0U8hqVb9BQTwGuoSImbk7
L1pVeN20u38Sk6q50ffeiLfDqYTYPFbd1wW8GvlAtJBptvVdyrmD5wUyf+KqMf0M
FUrAGcb3lR6Slhiw3ZkKRAzzp0PeTEj+DHdVMDplkPxoJ1VmSLc=
=RbCv
-----END PGP SIGNATURE-----

--5mCyUwZo2JvN/JJP--