From: Glenn Washburn <development@efficientek.com>
To: grub-devel@gnu.org, Daniel Kiper <dkiper@net-space.pl>
Cc: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>,
Patrick Steinhardt <ps@pks.im>, John Lane <john@lane.uk.net>,
Glenn Washburn <development@efficientek.com>
Subject: [PATCH v2 0/5] Cryptomount keyfile support
Date: Fri, 13 May 2022 12:00:46 -0500 [thread overview]
Message-ID: <cover.1652461132.git.development@efficientek.com> (raw)
Updates from v1:
* Make some changes suggested by Daniel
* Improve error message for grub_strtoull() failures
* Add patch to use enum constants to index parsed option array
Glenn
Denis 'GNUtoo' Carikli (2):
cryptodisk: luks: Unify grub_cryptodisk_dev function names
cryptodisk: geli: Unify grub_cryptodisk_dev function names
Glenn Washburn (2):
cryptodisk: Use enum constants as indexes into cryptomount option
array
docs: Add documentation on keyfile option to cryptomount
John Lane (1):
cryptodisk: Add options to cryptomount to support keyfiles
docs/grub.texi | 14 ++--
grub-core/disk/cryptodisk.c | 133 +++++++++++++++++++++++++++++++++---
grub-core/disk/geli.c | 8 +--
grub-core/disk/luks.c | 4 +-
include/grub/cryptodisk.h | 2 +
include/grub/file.h | 2 +
6 files changed, 142 insertions(+), 21 deletions(-)
Range-diff against v1:
1: b19b567a6 = 1: b19b567a6 cryptodisk: luks: Unify grub_cryptodisk_dev function names
2: 80a284dbe = 2: 80a284dbe cryptodisk: geli: Unify grub_cryptodisk_dev function names
3: 8c2cd5ce6 ! 3: 34816c265 cryptodisk: Add options to cryptomount to support keyfiles
@@ grub-core/disk/cryptodisk.c: grub_cmd_cryptomount (grub_extcmd_context_t ctxt, i
+ if (state[4].set) /* keyfile */
+ {
++ char tmp_errmsg[GRUB_MAX_ERRMSG];
+ const char *p = NULL;
+ grub_file_t keyfile;
+ unsigned long long keyfile_offset = 0, keyfile_size = 0;
+
+ if (state[5].set) /* keyfile-offset */
+ {
++ grub_errno = GRUB_ERR_NONE;
+ keyfile_offset = grub_strtoull (state[5].arg, &p, 0);
+
-+ if (grub_errno != GRUB_ERR_NONE)
-+ return grub_errno;
-+
+ if (state[5].arg[0] == '\0' || *p != '\0')
-+ return grub_error (GRUB_ERR_BAD_ARGUMENT,
-+ N_("non-numeric or invalid keyfile offset `%s'"),
-+ state[5].arg);
++ {
++ if (grub_errno != GRUB_ERR_NONE)
++ {
++ grub_strncpy (tmp_errmsg, grub_errmsg, GRUB_MAX_ERRMSG);
++ return grub_error (grub_errno,
++ N_("non-numeric or invalid keyfile offset `%s': %s"),
++ state[5].arg, tmp_errmsg);
++ }
++ else
++ return grub_error (GRUB_ERR_BAD_ARGUMENT,
++ N_("invalid keyfile offset `%s': non-numeric"
++ " characters at end of number"),
++ state[5].arg);
++ }
+ }
+
+ if (state[6].set) /* keyfile-size */
+ {
-+ keyfile_size = grub_strtoul (state[6].arg, &p, 0);
++ grub_errno = GRUB_ERR_NONE;
++ keyfile_size = grub_strtoull (state[6].arg, &p, 0);
+
+ if (state[6].arg[0] == '\0' || *p != '\0')
-+ return grub_error (GRUB_ERR_BAD_ARGUMENT,
-+ N_("non-numeric or invalid keyfile size `%s'"),
-+ state[6].arg);
-+
-+ if (grub_errno != GRUB_ERR_NONE)
-+ return grub_errno;
++ {
++ if (grub_errno != GRUB_ERR_NONE)
++ {
++ grub_strncpy (tmp_errmsg, grub_errmsg, GRUB_MAX_ERRMSG);
++ return grub_error (grub_errno,
++ N_("non-numeric or invalid keyfile offset `%s': %s"),
++ state[5].arg, tmp_errmsg);
++ }
++ else
++ return grub_error (GRUB_ERR_BAD_ARGUMENT,
++ N_("invalid keyfile offset `%s': non-numeric"
++ " characters at end of number"),
++ state[6].arg);
++ }
+
+ if (keyfile_size > GRUB_CRYPTODISK_MAX_KEYFILE_SIZE)
+ return grub_error (GRUB_ERR_OUT_OF_RANGE,
@@ grub-core/disk/cryptodisk.c: grub_cmd_cryptomount (grub_extcmd_context_t ctxt, i
+ return grub_errno;
+
+ if (keyfile_offset > keyfile->size)
-+ {
-+ keyfile_offset = keyfile->size;
-+ grub_dprintf ("cryptodisk","Keyfile offset, %llu, is greater than"
-+ "keyfile size, %" PRIuGRUB_UINT64_T "\n",
-+ keyfile_offset, keyfile->size);
-+ }
++ return grub_error (GRUB_ERR_OUT_OF_RANGE,
++ N_("Keyfile offset, %llu, is greater than"
++ "keyfile size, %" PRIuGRUB_UINT64_T),
++ keyfile_offset, keyfile->size);
+
+ if (grub_file_seek (keyfile, (grub_off_t) keyfile_offset) == (grub_off_t) -1)
+ return grub_errno;
+
-+ if (keyfile_size > 0)
++ if (keyfile_size != 0)
+ {
+ if (keyfile_size > (keyfile->size - keyfile_offset))
+ return grub_error (GRUB_ERR_FILE_READ_ERROR,
+ N_("keyfile is too small: requested %llu bytes,"
+ " but the file only has %" PRIuGRUB_UINT64_T
-+ " bytes"),
++ " bytes left at offset %llu"),
+ keyfile_size,
-+ keyfile->size);
++ (grub_size_t) (keyfile->size - keyfile_offset),
++ keyfile_offset);
+
+ cargs.key_len = keyfile_size;
+ }
@@ grub-core/disk/cryptodisk.c: grub_cmd_cryptomount (grub_extcmd_context_t ctxt, i
+ return GRUB_ERR_OUT_OF_MEMORY;
+
+ if (grub_file_read (keyfile, cargs.key_data, cargs.key_len) != (grub_ssize_t) cargs.key_len)
-+ return grub_error (GRUB_ERR_FILE_READ_ERROR, (N_("reading key file")));
++ return grub_error (GRUB_ERR_FILE_READ_ERROR, (N_("failed to read key file")));
+ }
+
if (state[0].set) /* uuid */
-: --------- > 4: e7fd2c8cb cryptodisk: Use enum constants as indexes into cryptomount option array
4: 459a61800 = 5: dccdd7e03 docs: Add documentation on keyfile option to cryptomount
--
2.34.1
next reply other threads:[~2022-05-13 17:01 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-13 17:00 Glenn Washburn [this message]
2022-05-13 17:00 ` [PATCH v2 1/5] cryptodisk: luks: Unify grub_cryptodisk_dev function names Glenn Washburn
2022-05-13 17:00 ` [PATCH v2 2/5] cryptodisk: geli: " Glenn Washburn
2022-05-13 17:00 ` [PATCH v2 3/5] cryptodisk: Add options to cryptomount to support keyfiles Glenn Washburn
2022-05-19 18:23 ` Daniel Kiper
2022-05-19 21:09 ` Glenn Washburn
2022-05-13 17:00 ` [PATCH v2 4/5] cryptodisk: Use enum constants as indexes into cryptomount option array Glenn Washburn
2022-05-19 18:24 ` Daniel Kiper
2022-05-19 20:31 ` Glenn Washburn
2022-05-20 10:46 ` Daniel Kiper
2022-05-13 17:00 ` [PATCH v2 5/5] docs: Add documentation on keyfile option to cryptomount Glenn Washburn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1652461132.git.development@efficientek.com \
--to=development@efficientek.com \
--cc=GNUtoo@cyberdimension.org \
--cc=dkiper@net-space.pl \
--cc=grub-devel@gnu.org \
--cc=john@lane.uk.net \
--cc=ps@pks.im \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.