From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.90_1)
	id 1npYfF-0001WM-AD
	for mharc-grub-devel@gnu.org; Fri, 13 May 2022 13:01:17 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:39742)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <development@efficientek.com>)
 id 1npYfD-0001Uc-7G
 for grub-devel@gnu.org; Fri, 13 May 2022 13:01:15 -0400
Received: from mail-vs1-xe2a.google.com ([2607:f8b0:4864:20::e2a]:46715)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <development@efficientek.com>)
 id 1npYfB-0004si-9q
 for grub-devel@gnu.org; Fri, 13 May 2022 13:01:14 -0400
Received: by mail-vs1-xe2a.google.com with SMTP id z144so8968462vsz.13
 for <grub-devel@gnu.org>; Fri, 13 May 2022 10:01:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=efficientek-com.20210112.gappssmtp.com; s=20210112;
 h=from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=pXJGscFBxZbqy/D1aoscfMyXZZL/Y12m2xjgltzNaeU=;
 b=Hi4/uCEuiXrTQdtmPZkNGH+H/ppRKL5dLkD+K3HQYLwQzeoX12Ay8rRzDL3v5KkxLi
 XvAbxkxn7/3sEWhI8Duz7dYONZ7NcOvi/9uNdKA9JSRXr5HjAU+x1bDhlAlWRyPlPpEj
 y/vaxP4xURiWAEacltQH+5PfUAMBtTIQtpJ3y4DAX37BEcQD8KXUz4K9r73Gs6NAaheN
 Gw6KxxbVoZeBbKU3XuVvscvUBX3DESefTM2aWb7jxiKMdiPwl1NZpxYFv7rvy9+wMHmM
 qBiDzMAXYBjIcq0CAgwdHnpQ7xq5XfmYs7w0MMfh5tYmhuZpTU/aKnEmarG+iIrmeXV+
 527g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=pXJGscFBxZbqy/D1aoscfMyXZZL/Y12m2xjgltzNaeU=;
 b=Mn2nZN/CFv3KKXh24gTs2GMocywOtm9xIvMdv7NzRDPebT3T2PweYucvlOWmdlE92D
 2eI5L+mOCnhVSusrV6UEzvsTt0SGnfQCOnVDXl0JtaW9PBvkL10CA8qaIPxI+e0H0aHm
 VdFTdVN3ggCoCUBy5YI3LMGXseKaX6ZIpud9T36zds+Zwd55okxTvQ+UaVFGvENc3dyT
 N2NQNNhOPhtVo/OpqohpoRawDcUm7R7TYiWlj//4cUC6iE0j4Eq/t4sw2yyJEVBb8poT
 Djxom0QSC3RVUVmUQah7z4iLogrYcumN+6wBcOf2H+pb0Vy5OZfnbjbVhbNi9jIEy3PR
 DVCw==
X-Gm-Message-State: AOAM533hX2LTnsn2r44gRg1q8L19tswKAg/3Hytm5gKYpYhSRMo5s+13
 /RGpLjoQwat7WjX621l+wIfM7tzN+NJhHspb
X-Google-Smtp-Source: ABdhPJyUqWpRXhXb+UNQzgLW7W82Zdwp2s6U9vOxeS4PQ5VWSFOULw7O791B+Q4xMAGDRNrqIcz2CA==
X-Received: by 2002:a05:6102:548a:b0:32d:8c72:ee18 with SMTP id
 bk10-20020a056102548a00b0032d8c72ee18mr2655162vsb.70.1652461271775; 
 Fri, 13 May 2022 10:01:11 -0700 (PDT)
Received: from localhost.localdomain ([37.218.244.249])
 by smtp.gmail.com with ESMTPSA id
 g4-20020a1fe904000000b0034e6f1fd03esm346323vkh.8.2022.05.13.10.01.09
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 13 May 2022 10:01:11 -0700 (PDT)
From: Glenn Washburn <development@efficientek.com>
To: grub-devel@gnu.org,
	Daniel Kiper <dkiper@net-space.pl>
Cc: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>,
 Patrick Steinhardt <ps@pks.im>, John Lane <john@lane.uk.net>,
 Glenn Washburn <development@efficientek.com>
Subject: [PATCH v2 0/5] Cryptomount keyfile support
Date: Fri, 13 May 2022 12:00:46 -0500
Message-Id: <cover.1652461132.git.development@efficientek.com>
X-Mailer: git-send-email 2.34.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=2607:f8b0:4864:20::e2a;
 envelope-from=development@efficientek.com; helo=mail-vs1-xe2a.google.com
X-Spam_score_int: -18
X-Spam_score: -1.9
X-Spam_bar: -
X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Fri, 13 May 2022 17:01:15 -0000

Updates from v1:
 * Make some changes suggested by Daniel
 * Improve error message for grub_strtoull() failures
 * Add patch to use enum constants to index parsed option array

Glenn

Denis 'GNUtoo' Carikli (2):
  cryptodisk: luks: Unify grub_cryptodisk_dev function names
  cryptodisk: geli: Unify grub_cryptodisk_dev function names

Glenn Washburn (2):
  cryptodisk: Use enum constants as indexes into cryptomount option
    array
  docs: Add documentation on keyfile option to cryptomount

John Lane (1):
  cryptodisk: Add options to cryptomount to support keyfiles

 docs/grub.texi              |  14 ++--
 grub-core/disk/cryptodisk.c | 133 +++++++++++++++++++++++++++++++++---
 grub-core/disk/geli.c       |   8 +--
 grub-core/disk/luks.c       |   4 +-
 include/grub/cryptodisk.h   |   2 +
 include/grub/file.h         |   2 +
 6 files changed, 142 insertions(+), 21 deletions(-)

Range-diff against v1:
1:  b19b567a6 = 1:  b19b567a6 cryptodisk: luks: Unify grub_cryptodisk_dev function names
2:  80a284dbe = 2:  80a284dbe cryptodisk: geli: Unify grub_cryptodisk_dev function names
3:  8c2cd5ce6 ! 3:  34816c265 cryptodisk: Add options to cryptomount to support keyfiles
    @@ grub-core/disk/cryptodisk.c: grub_cmd_cryptomount (grub_extcmd_context_t ctxt, i
      
     +  if (state[4].set) /* keyfile */
     +    {
    ++      char tmp_errmsg[GRUB_MAX_ERRMSG];
     +      const char *p = NULL;
     +      grub_file_t keyfile;
     +      unsigned long long keyfile_offset = 0, keyfile_size = 0;
     +
     +      if (state[5].set) /* keyfile-offset */
     +	{
    ++	  grub_errno = GRUB_ERR_NONE;
     +	  keyfile_offset = grub_strtoull (state[5].arg, &p, 0);
     +
    -+	  if (grub_errno != GRUB_ERR_NONE)
    -+	    return grub_errno;
    -+
     +	  if (state[5].arg[0] == '\0' || *p != '\0')
    -+	    return grub_error (GRUB_ERR_BAD_ARGUMENT,
    -+			       N_("non-numeric or invalid keyfile offset `%s'"),
    -+			       state[5].arg);
    ++	    {
    ++	      if (grub_errno != GRUB_ERR_NONE)
    ++		{
    ++		  grub_strncpy (tmp_errmsg, grub_errmsg, GRUB_MAX_ERRMSG);
    ++		  return grub_error (grub_errno,
    ++				     N_("non-numeric or invalid keyfile offset `%s': %s"),
    ++				     state[5].arg, tmp_errmsg);
    ++		}
    ++	      else
    ++		return grub_error (GRUB_ERR_BAD_ARGUMENT,
    ++				   N_("invalid keyfile offset `%s': non-numeric"
    ++				      " characters at end of number"),
    ++				   state[5].arg);
    ++	    }
     +	}
     +
     +      if (state[6].set) /* keyfile-size */
     +	{
    -+	  keyfile_size = grub_strtoul (state[6].arg, &p, 0);
    ++	  grub_errno = GRUB_ERR_NONE;
    ++	  keyfile_size = grub_strtoull (state[6].arg, &p, 0);
     +
     +	  if (state[6].arg[0] == '\0' || *p != '\0')
    -+	    return grub_error (GRUB_ERR_BAD_ARGUMENT,
    -+			       N_("non-numeric or invalid keyfile size `%s'"),
    -+			       state[6].arg);
    -+
    -+	  if (grub_errno != GRUB_ERR_NONE)
    -+	    return grub_errno;
    ++	    {
    ++	      if (grub_errno != GRUB_ERR_NONE)
    ++		{
    ++		  grub_strncpy (tmp_errmsg, grub_errmsg, GRUB_MAX_ERRMSG);
    ++		  return grub_error (grub_errno,
    ++				     N_("non-numeric or invalid keyfile offset `%s': %s"),
    ++				     state[5].arg, tmp_errmsg);
    ++		}
    ++	      else
    ++		return grub_error (GRUB_ERR_BAD_ARGUMENT,
    ++				   N_("invalid keyfile offset `%s': non-numeric"
    ++				      " characters at end of number"),
    ++				   state[6].arg);
    ++	    }
     +
     +	  if (keyfile_size > GRUB_CRYPTODISK_MAX_KEYFILE_SIZE)
     +	    return grub_error (GRUB_ERR_OUT_OF_RANGE,
    @@ grub-core/disk/cryptodisk.c: grub_cmd_cryptomount (grub_extcmd_context_t ctxt, i
     +	return grub_errno;
     +
     +      if (keyfile_offset > keyfile->size)
    -+	{
    -+	  keyfile_offset = keyfile->size;
    -+	  grub_dprintf ("cryptodisk","Keyfile offset, %llu, is greater than"
    -+				     "keyfile size, %" PRIuGRUB_UINT64_T "\n",
    -+				     keyfile_offset, keyfile->size);
    -+	}
    ++	return grub_error (GRUB_ERR_OUT_OF_RANGE,
    ++			   N_("Keyfile offset, %llu, is greater than"
    ++			      "keyfile size, %" PRIuGRUB_UINT64_T),
    ++			   keyfile_offset, keyfile->size);
     +
     +      if (grub_file_seek (keyfile, (grub_off_t) keyfile_offset) == (grub_off_t) -1)
     +	return grub_errno;
     +
    -+      if (keyfile_size > 0)
    ++      if (keyfile_size != 0)
     +	{
     +	  if (keyfile_size > (keyfile->size - keyfile_offset))
     +	    return grub_error (GRUB_ERR_FILE_READ_ERROR,
     +			       N_("keyfile is too small: requested %llu bytes,"
     +				  " but the file only has %" PRIuGRUB_UINT64_T
    -+				  " bytes"),
    ++				  " bytes left at offset %llu"),
     +			       keyfile_size,
    -+			       keyfile->size);
    ++			       (grub_size_t) (keyfile->size - keyfile_offset),
    ++			       keyfile_offset);
     +
     +	  cargs.key_len = keyfile_size;
     +	}
    @@ grub-core/disk/cryptodisk.c: grub_cmd_cryptomount (grub_extcmd_context_t ctxt, i
     +	return GRUB_ERR_OUT_OF_MEMORY;
     +
     +      if (grub_file_read (keyfile, cargs.key_data, cargs.key_len) != (grub_ssize_t) cargs.key_len)
    -+	return grub_error (GRUB_ERR_FILE_READ_ERROR, (N_("reading key file")));
    ++	return grub_error (GRUB_ERR_FILE_READ_ERROR, (N_("failed to read key file")));
     +    }
     +
        if (state[0].set) /* uuid */
-:  --------- > 4:  e7fd2c8cb cryptodisk: Use enum constants as indexes into cryptomount option array
4:  459a61800 = 5:  dccdd7e03 docs: Add documentation on keyfile option to cryptomount
-- 
2.34.1