From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1kiZg2-0004TC-Hn for mharc-grub-devel@gnu.org; Fri, 27 Nov 2020 04:04:26 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:32810) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kiZg0-0004St-2f for grub-devel@gnu.org; Fri, 27 Nov 2020 04:04:24 -0500 Received: from mail-lj1-x22b.google.com ([2a00:1450:4864:20::22b]:33651) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kiZfy-0005OK-4R for grub-devel@gnu.org; Fri, 27 Nov 2020 04:04:23 -0500 Received: by mail-lj1-x22b.google.com with SMTP id t22so5152775ljk.0 for ; Fri, 27 Nov 2020 01:04:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=efficientek-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=aVDX+u7uNVUhShX7qqbiMoBFtHCF+3Flz1y8bvi7tNk=; b=LgnvyD0iokKRJbPZ5H/l0scSTO4t4ZCi4koMrQZ8sjWe1lHmosS0NQq5khI6n6zXdq /RC2CW8ux1SOrqY1yJhNa5xTqbgcOqTaT9BIgEJwapKrKUWE1EipFT8m6+k/WaktW3Uk 34caAVy02m3G7iFbNga6GDOOZWNhjrnW5Zbe24HkntTaNMg4a2HZG984igBA9RKiiOJm Z2kqDkRYsGaw3+9shSpMgrzST5Sr4SOukHp+mRtwhP2y6154TfFsTCByfckJymENJcnk Ltiat9yNfNBqhfKjfgk1O+qafg2BM8x5zkc2LxWCOzIKK4Z8vh9iDPCr+6vhaCXW4MLi jXvw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=aVDX+u7uNVUhShX7qqbiMoBFtHCF+3Flz1y8bvi7tNk=; b=CnDdGfb1Lk6cXkNqh7+N0FgUZUlhJSMvoBp8WG29gBWtTInYgLuO5BfHogwpivwPbG 4NfVxR9G4RVSEa3FK8eRyfXjjdOcmXLi8j4PC+aB1E9DSGhf+6CdDAa8PgDl+i7S5K3V qir2Rg0a9cDVE21hzvaIlviRxnKfRRqKAJE6AGt2QqvWDFGZFErZnB1ojBLiwNruzaem 5LmqS3PNOo2ZPQwPse7QXE/fBVmSAlxWTMNT27bLSSWcaoFUc1ploGLZqnzOBUEyjDYz N7SPHS4hgHyqy7IlyEIZ8kuIB5IsuscL4LL2SRDURENH75wBcYvLE7xWq+nMULn/Sjxy fgMw== X-Gm-Message-State: AOAM532EGHc4RxWWRFjvIkD1CB0F+0EzcFrv22SgKtpxnC/9JMCmg+/9 dtOFJ7LooKdkg33C/bvHuhcxIoEizxX21A== X-Google-Smtp-Source: ABdhPJxK6s36qHF2CBMTGLTxTff9X3QZ6LK7MDPiO8yrNfC6JuYN/V5KuAI3L60IWtv/JvnugkDlCw== X-Received: by 2002:a2e:a54f:: with SMTP id e15mr496742ljn.461.1606467859355; Fri, 27 Nov 2020 01:04:19 -0800 (PST) Received: from localhost.localdomain ([136.49.211.192]) by smtp.gmail.com with ESMTPSA id g2sm880675lja.87.2020.11.27.01.04.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 27 Nov 2020 01:04:18 -0800 (PST) From: Glenn Washburn To: grub-devel@gnu.org Cc: Patrick Steinhardt , Daniel Kiper , Glenn Washburn Subject: [PATCH v6 00/12] Cryptodisk fixes for v2.06 redux Date: Fri, 27 Nov 2020 03:03:32 -0600 Message-Id: X-Mailer: git-send-email 2.27.0 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=2a00:1450:4864:20::22b; envelope-from=development@efficientek.com; helo=mail-lj1-x22b.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Nov 2020 09:04:24 -0000 This is a minor update to v5. There's a commit message fix, changes to debug messages to add some more information on error, and an extra patch which removes unused arguments to grub_error in luks2_parse_segment and luks2_parse_digest. Glenn Glenn Washburn (12): luks2: Add slot_key member to struct grub_luks2_keyslot/segment/digest luks2: Use more intuitive slot key instead of index in user messages. luks2: Remove unused argument in grub_error cryptodisk: Replace some literals with constants in grub_cryptodisk_endecrypt luks2: grub_cryptodisk_t->total_sectors is the max number of device native sectors cryptodisk: Properly handle non-512 byte sized sectors luks2: Better error handling when setting up the cryptodisk luks2: Error check segment.sector_size whitespace: convert 8 spaces to tabs. mips: Enable __clzdi2() misc: Add grub_log2ull macro for calculating log base 2 of 64-bit integers luks2: Use grub_log2ull to calculate log_sector_size and improve readability grub-core/disk/cryptodisk.c | 64 +++++++++------ grub-core/disk/luks.c | 5 +- grub-core/disk/luks2.c | 153 ++++++++++++++++++++++++++++------- grub-core/kern/compiler-rt.c | 2 +- include/grub/compiler-rt.h | 2 +- include/grub/cryptodisk.h | 8 +- include/grub/disk.h | 16 ++++ include/grub/misc.h | 3 + include/grub/types.h | 5 ++ 9 files changed, 198 insertions(+), 60 deletions(-) Range-diff against v5: 1: e2fbfa3ad = 1: 6262aefe9 luks2: Add slot_key member to struct grub_luks2_keyslot/segment/digest 2: a7be73eb2 ! 2: 3cd52834b luks: Use more intuitive slot key instead of index in user messages. @@ Metadata Author: Glenn Washburn ## Commit message ## - luks: Use more intuitive slot key instead of index in user messages. + luks2: Use more intuitive slot key instead of index in user messages. Use the slot key name in the json array rather than the 0 based index in the json array for keyslots, segments, and digests. This is less confusing for -: --------- > 3: 8527be145 luks2: Remove unused argument in grub_error 3: 2598569ee = 4: 1a248b679 cryptodisk: Replace some literals with constants in grub_cryptodisk_endecrypt 4: 6d67abeb4 = 5: 45f5d644f luks2: grub_cryptodisk_t->total_sectors is the max number of device native sectors 5: 450a8b5a7 = 6: 6e01cafb1 cryptodisk: Properly handle non-512 byte sized sectors 6: 268cceda5 ! 7: d8927c6bc luks2: Better error handling when setting up the cryptodisk @@ grub-core/disk/luks2.c: luks2_recover_key (grub_disk_t source, + if (max_crypt_sectors < crypt->offset_sectors) + { + grub_dprintf ("luks2", "Segment \"%"PRIuGRUB_UINT64_T"\" has offset" -+ " greater than source disk size, skipping\n", -+ segment.slot_key); ++ " %"PRIuGRUB_UINT64_T" which is greater than" ++ " source disk size %"PRIuGRUB_UINT64_T"," ++ " skipping\n", ++ segment.slot_key, crypt->offset_sectors, ++ max_crypt_sectors); + continue; + } + @@ grub-core/disk/luks2.c: luks2_recover_key (grub_disk_t source, + { + /* TODO: Unparsable number-string, try to use the whole disk */ + grub_dprintf ("luks2", "Segment \"%"PRIuGRUB_UINT64_T"\" size" -+ " is not a parsable number\n", -+ segment.slot_key); ++ " \"%s\" is not a parsable number\n", ++ segment.slot_key, segment.size); + continue; + } + else if(grub_errno == GRUB_ERR_OUT_OF_RANGE) @@ grub-core/disk/luks2.c: luks2_recover_key (grub_disk_t source, + * be very large or the string is incorrect. + */ + grub_dprintf ("luks2", "Segment \"%"PRIuGRUB_UINT64_T"\" size" -+ " overflowed 64-bit unsigned integer," ++ " %s overflowed 64-bit unsigned integer," + " the end of the crypto device will be" + " inaccessible\n", -+ segment.slot_key); ++ segment.slot_key, segment.size); + if (crypt->total_sectors > max_crypt_sectors) + crypt->total_sectors = max_crypt_sectors; + } 7: cce3b042e = 8: fcd7aadb7 luks2: Error check segment.sector_size 8: 249967edc = 9: 61f77a1a8 whitespace: convert 8 spaces to tabs. 9: 88490d61e = 10: d71d26701 mips: Enable __clzdi2() 10: 5f3ae1e2d = 11: 8aa295f77 misc: Add grub_log2ull macro for calculating log base 2 of 64-bit integers 11: cc56ab2a0 = 12: 7050a4ace luks2: Use grub_log2ull to calculate log_sector_size and improve readability -- 2.27.0