From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.90_1)
	id 1noeM5-0004DT-77
	for mharc-grub-devel@gnu.org; Wed, 11 May 2022 00:53:45 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:36744)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <development@efficientek.com>)
 id 1noeLx-0004BV-NT
 for grub-devel@gnu.org; Wed, 11 May 2022 00:53:37 -0400
Received: from mail-vs1-xe33.google.com ([2607:f8b0:4864:20::e33]:45896)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <development@efficientek.com>)
 id 1noeLv-0005nd-2X
 for grub-devel@gnu.org; Wed, 11 May 2022 00:53:36 -0400
Received: by mail-vs1-xe33.google.com with SMTP id e19so796798vsu.12
 for <grub-devel@gnu.org>; Tue, 10 May 2022 21:53:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=efficientek-com.20210112.gappssmtp.com; s=20210112;
 h=from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=MOqp3h/mQ8aiWNyjYdktJc8Ohm+h4kq35WETgmVowfg=;
 b=6bTNg7V1N7uJ4Nu7jYAfH8rGkiV/1su9v7foEIKW1Zf0Eos3w013jxEhYaEaJb2Qfn
 ps55vZjF8MmXRS6RwS2uMYaV8gC0mEbwmjVHounmb7fszzq4Z/tAejsjySS/scnce28h
 4CtNEje7TLUuDyp5FsVsc7+GH0Jxii1BcWfY8cD+f92xSH3eXOhqO95v86WoF74OrsBK
 xsa67kZ8VZJUjK9PFIWD3ene6kjigS2/UQiUPm/FjjN/iL+sFO4E25nKXjPax21FH1he
 QZaPErVgWWrT4WsOiNPIeei1pLOkSP6UuowFPUlzDgZh5tBI7m9RUBdHeyQpiW7xy5zI
 WKLA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=MOqp3h/mQ8aiWNyjYdktJc8Ohm+h4kq35WETgmVowfg=;
 b=FqD998MF6AvKqtGzBitndTLprRKfo2xMwJDGQEy+j2opsoFaI8tIfazWsqvIq9Q0EJ
 x5H5ZNLvY+PWGYx9JpQZ6aTrZ3K1VhBwrVc68wx+B2wVclfuqpGO88okpq8AcAmHKKBe
 uP9OBqzP2eTWieFeh9hml19k/QdLv4PTuRtf36Z+tl+dncSybzGzgljQ9vhnotmueytP
 eMZrpySpU0UB3TUhyJmhvjSv2P/ssukFSh1o/pbjZSw4Git4aJX0RXVXEieXObVm0o5r
 BldFOccmTEKErKG1QjLhi7dYgQy+ebqJ393iXKtmy0e37s9YPuid4SP6R8A7kOML1Nl/
 H8Rw==
X-Gm-Message-State: AOAM532FDbYo32UOgKuc/8XOvHGMfD9qNE158hyoWrulJZRUeJw5ex9c
 j1ykGvYYBRLBTjaxGw/hGRp3ldj3tMa5uiLp
X-Google-Smtp-Source: ABdhPJz0BJkIH4h22jv4Pz9gIvmESXxvUsJkOnEBdtdh7jkGEvJxHLiV9u61z0dvpHGlMTmVvMshbw==
X-Received: by 2002:a67:e899:0:b0:32c:db20:e21b with SMTP id
 x25-20020a67e899000000b0032cdb20e21bmr13127055vsn.36.1652244812860; 
 Tue, 10 May 2022 21:53:32 -0700 (PDT)
Received: from localhost.localdomain ([37.218.244.249])
 by smtp.gmail.com with ESMTPSA id
 o75-20020a9f3551000000b0036510b0d45csm169239uao.10.2022.05.10.21.53.30
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 10 May 2022 21:53:32 -0700 (PDT)
From: Glenn Washburn <development@efficientek.com>
To: grub-devel@gnu.org,
	Daniel Kiper <dkiper@net-space.pl>
Cc: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>,
 Patrick Steinhardt <ps@pks.im>, John Lane <john@lane.uk.net>,
 Glenn Washburn <development@efficientek.com>
Subject: [PATCH 0/3] Cryptomount detached headers
Date: Tue, 10 May 2022 23:53:06 -0500
Message-Id: <cover.1652242759.git.development@efficientek.com>
X-Mailer: git-send-email 2.34.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=2607:f8b0:4864:20::e33;
 envelope-from=development@efficientek.com; helo=mail-vs1-xe33.google.com
X-Spam_score_int: -18
X-Spam_score: -1.9
X-Spam_bar: -
X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Wed, 11 May 2022 04:53:37 -0000

This patch series is, I believe, a better approach to supporting detached
headers for cryptomount and backends. This series will probably not apply
cleanly without the changes from the recent series entitled "[PATCH 0/4]
Cryptomount keyfile support". But its only because they touch code in the
same vicinity, not because there's any real dependency.

Conceptually the approach is different than the previous detach header
series because this one uses the disk objects read hook to hook reads to
the disk in scan() and recover_key() such that if there is an associated
header file, the hook will cause the read to return data from the header
file instead of from the source disk.

For this the read hook implementation needed to be upgaded because prior
it didn't get the read buffer sent from the read caller and so could not
modify its contents. Patch #1 updates the hook accordingly and all instances
of its use, but doesn't functionally change how GRUB operates.

The second patch adds the header option to cryptomount and the read hook
to the source disk during the scan() and recover_key() stages. It takes
care of the case where there is already a previous read hook on the source
device and will call that read hook after modifying the read buffer. I don't
believe this is strictly necessary currently because I don't think there
ever is a read hook already set since the disk was just created with a
grub_disk_open(). I'm not opposed to getting rid of this code. The one
benefit I see if a bit of future proofing.

The benefit of this approach is its simpler/less code and does not require
the modification of backends, except to potentially cause a failure in
scan() if the backend doesn't support the current implementation of detached
headers, as with the GELI backend. This implementation requires that the
crypto volume header reside at the beginning of the volume. GELI has its
header at the end, which is why it can not currently be supported. In
theory, GELI could be supported if extra assumptions about its source
access pattern during scan() and recovery_key() were made. I don't use GELI,
no one seems to be asking for GELI detached headers, and I don't think that
GELI even support detached headers with the official tools. So for me, not
supporting crypto volumes with headers at the end of the disk is not a big
deal.

Glenn

Glenn Washburn (3):
  disk: Allow read hook callback to take read buffer to potentially
    modify it
  cryptodisk: Add --header option to cryptomount to support detached
    headers
  docs: Add documentation on detached header option to cryptomount

 docs/grub.texi                 | 13 +++++--
 grub-core/commands/blocklist.c | 10 +++--
 grub-core/commands/loadenv.c   |  8 ++--
 grub-core/commands/testload.c  |  4 +-
 grub-core/disk/cryptodisk.c    | 68 +++++++++++++++++++++++++++++++++-
 grub-core/disk/geli.c          |  4 ++
 grub-core/fs/hfspluscomp.c     |  4 +-
 grub-core/fs/ntfscomp.c        | 14 +++----
 grub-core/kern/disk.c          | 12 +++---
 grub-core/lib/progress.c       | 11 ++++--
 grub-core/net/net.c            |  2 +-
 include/grub/cryptodisk.h      |  2 +
 include/grub/disk.h            |  6 +--
 include/grub/file.h            |  2 +
 14 files changed, 125 insertions(+), 35 deletions(-)

-- 
2.34.1