[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v6 5/6] cryptodisk: enable the backends to implement key file
From: |
Glenn Washburn |
Subject: |
Re: [PATCH v6 5/6] cryptodisk: enable the backends to implement key files |
Date: |
Mon, 5 Oct 2020 00:30:32 -0500 |
There are a couple issues with format string conversions that do not
currently cause building to fail. However, they will when/if my strict
format string checking for grub_error is accepted. Its best to fix
them anyway.
On Wed, 19 Aug 2020 17:09:13 +0200
Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org> wrote:
> From: John Lane <john@lane.uk.net>
>
> Signed-off-by: John Lane <john@lane.uk.net>
> GNUtoo@cyberdimension.org: rebase, patch split, small fixes, commit
> message Signed-off-by: Denis 'GNUtoo' Carikli
> <GNUtoo@cyberdimension.org> Reviewed-by: Patrick Steinhardt
> <ps@pks.im> ---
> Changelog since v3:
> -------------------
> - Fixed the size formating with PRIuGRUB_SIZE
> - Added Reviewed-by
>
> ChangeLog since v4:
> -------------------
> - Style fixes:
> - Added missing space between function and '('
> - Removed trailing backslashes in split strings
>
> ChangeLog since v5:
> -------------------
> - No changes
> ---
> grub-core/disk/cryptodisk.c | 87
> ++++++++++++++++++++++++++++++++++++- grub-core/disk/geli.c |
> 7 +-- grub-core/disk/luks.c | 7 ++-
> grub-core/disk/luks2.c | 7 +--
> include/grub/cryptodisk.h | 5 ++-
> include/grub/file.h | 2 +
> 6 files changed, 106 insertions(+), 9 deletions(-)
>
> diff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c
> index 6ad2e486e..dd94736d3 100644
> --- a/grub-core/disk/cryptodisk.c
> +++ b/grub-core/disk/cryptodisk.c
> @@ -42,6 +42,9 @@ static const struct grub_arg_option options[] =
> {"all", 'a', 0, N_("Mount all."), 0, 0},
> {"boot", 'b', 0, N_("Mount all volumes with `boot' flag set."),
> 0, 0}, {"header", 'H', 0, N_("Read header from file"), 0,
> ARG_TYPE_STRING},
> + {"keyfile", 'k', 0, N_("Key file"), 0, ARG_TYPE_STRING},
> + {"keyfile-offset", 'O', 0, N_("Key file offset (bytes)"), 0,
> ARG_TYPE_INT},
> + {"keyfile-size", 'S', 0, N_("Key file data size (bytes)"), 0,
> ARG_TYPE_INT}, {0, 0, 0, 0, 0, 0}
> };
>
> @@ -972,6 +975,8 @@ grub_util_cryptodisk_get_uuid (grub_disk_t disk)
> static int check_boot, have_it;
> static char *search_uuid;
> static grub_file_t hdr;
> +static grub_uint8_t *key,
> keyfile_buffer[GRUB_CRYPTODISK_MAX_KEYFILE_SIZE]; +static
> grub_ssize_t key_size;
> static void
> cryptodisk_close (grub_cryptodisk_t dev)
> @@ -1002,7 +1007,7 @@ grub_cryptodisk_scan_device_real (const char
> *name, grub_disk_t source) if (!dev)
> continue;
>
> - err = cr->recover_key (source, dev, hdr);
> + err = cr->recover_key (source, dev, hdr, key, key_size);
> if (err)
> {
> cryptodisk_close (dev);
> @@ -1112,6 +1117,86 @@ grub_cmd_cryptomount (grub_extcmd_context_t
> ctxt, int argc, char **args) hdr = NULL;
>
> have_it = 0;
> + key = NULL;
> +
> + if (state[4].set) /* keyfile */
> + {
> + const char *p = NULL;
> + grub_file_t keyfile;
> + int keyfile_offset;
> + grub_size_t requested_keyfile_size = 0;
> +
> +
> + if (state[5].set) /* keyfile-offset */
> + {
> + keyfile_offset = grub_strtoul (state[5].arg, &p, 0);
> +
> + if (grub_errno != GRUB_ERR_NONE)
> + return grub_errno;
> +
> + if (*p != '\0')
> + return grub_error (GRUB_ERR_BAD_ARGUMENT,
> + N_("unrecognized number"));
> + }
> + else
> + {
> + keyfile_offset = 0;
> + }
> +
> + if (state[6].set) /* keyfile-size */
> + {
> + requested_keyfile_size = grub_strtoul (state[6].arg, &p,
> 0); +
> + if (*p != '\0')
> + return grub_error (GRUB_ERR_BAD_ARGUMENT,
> + N_("unrecognized number"));
> +
> + if (grub_errno != GRUB_ERR_NONE)
> + return grub_errno;
> +
> + if (requested_keyfile_size >
> GRUB_CRYPTODISK_MAX_KEYFILE_SIZE)
> + return grub_error (GRUB_ERR_OUT_OF_RANGE,
> + N_("Key file size exceeds maximum (%"
> + PRIuGRUB_SIZE ")\n"),
> + GRUB_CRYPTODISK_MAX_KEYFILE_SIZE);
The macro GRUB_CRYPTODISK_MAX_KEYFILE_SIZE gets expanded to an integer
literal which gets type cast as an int, but PRIuGRUB_SIZE expects long
or long long. I'd say use "%d" instead of PRIuGRUB_SIZE because
GRUB_CRYPTODISK_MAX_KEYFILE_SIZE is a literal and won't change with
architecture.
> + if (requested_keyfile_size == 0)
> + return grub_error (GRUB_ERR_OUT_OF_RANGE,
> + N_("Key file size is 0\n"));
> + }
> +
> + keyfile = grub_file_open (state[4].arg,
> +
> GRUB_FILE_TYPE_CRYPTODISK_ENCRYPTION_KEY);
> + if (!keyfile)
> + return grub_errno;
> +
> + if (grub_file_seek (keyfile, keyfile_offset) == (grub_off_t)-1)
> + return grub_errno;
> +
> + if (requested_keyfile_size)
> + {
> + if (requested_keyfile_size > (keyfile->size -
> keyfile_offset))
> + return grub_error (GRUB_ERR_FILE_READ_ERROR,
> + N_("Keyfile is too small: "
> + "requested %" PRIuGRUB_SIZE "
> bytes, "
> + "but the file only has %"
> PRIuGRUB_SIZE
> + " bytes.\n"),
> + requested_keyfile_size,
> + keyfile->size);
The type of keyfile->size is grub_off_t which is typedef'd from
grub_uint64_t. There is no problem when building for x86_64 because
PRIuGRUB_SIZE expands to %llu, which accepts a 64-bit uint. But when
compiling for i386, PRIuGRUB_SIZE expands to %lu, which accepts a
32-bit uint. This will cause the strict format string checking to fail
the build. I recommend changing the second PRIuGRUB_SIZE to
PRIuGRUB_UINT64_T.
> +
> + key_size = requested_keyfile_size;
> + }
> + else
> + {
> + key_size = keyfile->size - keyfile_offset;
> + }
> +
> + if (grub_file_read (keyfile, keyfile_buffer, key_size) !=
> key_size)
> + return grub_error (GRUB_ERR_FILE_READ_ERROR,
> + (N_("Error reading key file\n")));
> + key = keyfile_buffer;
> + }
> +
> if (state[0].set)
> {
> grub_cryptodisk_t dev;
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: [PATCH v6 5/6] cryptodisk: enable the backends to implement key files,
Glenn Washburn <=