From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1mJ7dm-00031V-81 for mharc-grub-devel@gnu.org; Thu, 26 Aug 2021 01:09:26 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:40386) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mJ7dk-000318-QP for grub-devel@gnu.org; Thu, 26 Aug 2021 01:09:24 -0400 Received: from mail-qv1-xf33.google.com ([2607:f8b0:4864:20::f33]:38755) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mJ7di-0006iO-W7 for grub-devel@gnu.org; Thu, 26 Aug 2021 01:09:24 -0400 Received: by mail-qv1-xf33.google.com with SMTP id ew6so1360778qvb.5 for ; Wed, 25 Aug 2021 22:09:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=efficientek-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=CBfdK0+zSDnSxCJ1HCYRxk4hw8Wio0eqR54Wzdxf8TM=; b=lw4ESfR70Urmq0z1RN1fDSFPdf78R302r7wMEnyhIwnylmFBNoT202juQbiBaADkBr GJA4oLSifeJ7roe0nXbNLisw43jPv0BIBezFulhkQzNlBq+/D8El8uXwRjbxmmLyW39P 5nWP9kTjIXjebOtGAluEmYYpdZSh7FJMOU5OntzIlTBli2JmdQsWrI3yWZdNHAa7tNSr GrApvwxzeiWKDoDpK0RH3+lx+aD4mF8a1Kll/4haVJnGqOsiDRitjqYjojBw8qoawsDY I2Txzt0bc/yaKmD3bs8T8T34+360cJ0JxZ8x4ORfSLol2PihcuRIASV1tCiuZf4vgDdf QMJQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=CBfdK0+zSDnSxCJ1HCYRxk4hw8Wio0eqR54Wzdxf8TM=; b=d37fU4leysJ8WuqYlNRfaL2l9V7UwIOMp/ghypilUVcY7Iuj+OhTH80YHa5Rlg6aMA Et/MyOKYFjecY+MAClp4BR8MNrq+nf35Jf7vB6pOaWaZEYpKVyAppKnc2JNeX+WkSHZJ CpoX8EnO0SC3kaC2FL13JsHRqOR/vWvgRHypzFA1yaPE0CGVmJR4FF8qilKFjiEBMNRY T8hA9zpj1lL0Ht1lJi9iorh6n8MABBZRdchc0p65Ibq4fV0lCMaI1cgOt9pMEBzdrUO3 EoKKR3ull/RLqmhhss0OcUP1ucAub7iWMTnIGBdVaX9CjZXiuI8Hzhjc/AZbesFbJf1K sz8Q== X-Gm-Message-State: AOAM531xk5UQB/7S9Xm+u5N3bpJnRKuaYi1sgeRgdaM8sz0RAvJaOKVZ 3Dliw/q6B/vLDAcn6AsX6htyXmaB1etpkQ== X-Google-Smtp-Source: ABdhPJxq4qpduiEHwe96x+ZlSFjjehx3STi9+7qe+JKl5L6gtSKY5w5YhLyGh7lSnXbXdsAQE4dOCQ== X-Received: by 2002:a05:6214:a94:: with SMTP id ev20mr1861118qvb.53.1629954561570; Wed, 25 Aug 2021 22:09:21 -0700 (PDT) Received: from localhost.localdomain ([199.58.83.11]) by smtp.gmail.com with ESMTPSA id z6sm1243676qtq.78.2021.08.25.22.09.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 25 Aug 2021 22:09:21 -0700 (PDT) From: Glenn Washburn To: grub-devel@gnu.org, Daniel Kiper , Patrick Steinhardt Cc: Glenn Washburn Subject: [PATCH 0/3] Refactor/improve cryptomount data passing to crypto modules Date: Thu, 26 Aug 2021 00:08:49 -0500 Message-Id: X-Mailer: git-send-email 2.27.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=2607:f8b0:4864:20::f33; envelope-from=development@efficientek.com; helo=mail-qv1-xf33.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Aug 2021 05:09:25 -0000 This patch series refactors the way cryptomount passes data to the crypto modules. Currently, the method has been by global variable and function call argument, neither of which are ideal. This method passes data via a grub_cryptomount_args struct, which can be added to over time as opposed to continually adding arguments to the cryptodisk recover_key (as is being proposed in the keyfile and detached header patches). The infrastructure is implemented in patch #1 along with adding a new -p parameter to cryptomount partly as an example to show how a password would be passed to the crypto module backends. The backends do nothing with this data in this patch, but print a message saying that sending a password is unimplemented. Patch #2 takes advantage of this new data passing mechanism to refactor the essentially duplicated code in each crypto backend module for inputting the password and puts that functionality in the cryptodisk code. Conceptually, the crypto backends should not be getting user input anyway. Finally patch #3, gets rid of some long time globals in cryptodisk, moving them into the passed struct. My intention is for this patch series to lay the foundation for an improved patch series providing detached header and keyfile support (I already have the series updated and ready to send once this is accepted). I also believe tha this will somewhat simplify the patch series by James Bottomley in passing secrets to the crypto backends. Glenn Glenn Washburn (3): cryptodisk: Add infrastructure to pass data from cryptomount to cryptodisk modules cryptodisk: Refactor password input out of crypto dev modules into cryptodisk cryptodisk: Move global variables into grub_cryptomount_args struct grub-core/disk/cryptodisk.c | 109 ++++++++++++++++++++++++------------ grub-core/disk/geli.c | 24 ++------ grub-core/disk/luks.c | 25 ++------- grub-core/disk/luks2.c | 24 ++------ include/grub/cryptodisk.h | 12 ++++ 5 files changed, 102 insertions(+), 92 deletions(-) -- 2.27.0