From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1kkiyf-0006LC-Ln for mharc-grub-devel@gnu.org; Thu, 03 Dec 2020 02:24:33 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:56110) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kkiye-0006Ki-6D for grub-devel@gnu.org; Thu, 03 Dec 2020 02:24:32 -0500 Received: from mail-lj1-x243.google.com ([2a00:1450:4864:20::243]:35255) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kkiyc-0003D8-5w for grub-devel@gnu.org; Thu, 03 Dec 2020 02:24:31 -0500 Received: by mail-lj1-x243.google.com with SMTP id r18so1440192ljc.2 for ; Wed, 02 Dec 2020 23:24:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=efficientek-com.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:in-reply-to:references:reply-to :mime-version:content-transfer-encoding; bh=TSYyX+T21BzXJYsJEVYv4My96B+cd2T46VmTFKWJRfc=; b=KOBkAtWUjh2N+orK5Zf+S85wEvr8cbtIBXUGWeLCwjpEEWqaksgYDJGvzSgMoBDX1/ 0SbKwCDSc9t+DOj3aqw+xHuwk7ux4yinBr/lmzsbCPWWgtryxwCNim7fuxaRIghsJqlT j2oRBj0CXPDpVU7DlOtmyBxrItFTvii8NFABYSn+3bTy4BGMpiJuQ30nRDABBvwDuYtz zeUv/hyBOFV8yZpOQjEyn2xQfudMv9nCIVTVTr8Tnnj+vDiaTX66MEiJxqK+ljhjZMIA hqoMBCM0eeS1Oo61QAI3DL2/EN8fLyrV/90fE/RJT5JsmGZ/Ce542VqfD3O1zkM4+lyV ssUA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:in-reply-to :references:reply-to:mime-version:content-transfer-encoding; bh=TSYyX+T21BzXJYsJEVYv4My96B+cd2T46VmTFKWJRfc=; b=S5c6fPusv+mzai6exgDJz1HoJ26LvzC7YXKVsV9MtqGJv4g2B3r5vROQverRTNOn0r RFPVb3yws7un45jbyMfHATdliVGhZE+MnK8mGiq/XAL59Lk8dkIk/OF3Ej01IgvIqASz Q9uXEdWiMVFCiOy/YKCanGJaZP9B9vRoHIlocaF12EgNVShxkn+aVpFl5MT/7el2wU+x 2MxLQFAdpKh1cCGMvLGnx/QidGtdQ1dUPKJnjGMpIzarPfR5QpujQecX3zwn3DX8hda2 D3KmrpH+gFsKuiVBk1NQuufDvZ8E7lu4UaVRwdciiZyG3eWzztzffGyH0Gaa0XNmaIU0 YxUA== X-Gm-Message-State: AOAM532TDHY0tHVpCY0tnTFv00opME3NP8Abf02YKCQnQIQRkzJ9LtKV akmPM17bbvFyrlABDmFVmpl/3w== X-Google-Smtp-Source: ABdhPJxO5WFiAhaC37rb+4cu9mmx/8KwKIaEDe3zBqm4b9k8J9DXQu4KUiSGJnj/1199vXXgm8L5Ow== X-Received: by 2002:a2e:95cd:: with SMTP id y13mr728186ljh.305.1606980267597; Wed, 02 Dec 2020 23:24:27 -0800 (PST) Received: from crass-HP-ZBook-15-G2 ([136.49.211.192]) by smtp.gmail.com with ESMTPSA id u18sm201049lfq.145.2020.12.02.23.24.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Dec 2020 23:24:27 -0800 (PST) Date: Thu, 3 Dec 2020 01:24:18 -0600 From: Glenn Washburn To: Daniel Kiper Cc: grub-devel@gnu.org, Patrick Steinhardt Subject: Re: [PATCH v6 02/12] luks2: Use more intuitive slot key instead of index in user messages. Message-ID: <20201203012418.0aa8278f@crass-HP-ZBook-15-G2> In-Reply-To: <20201202172308.lqiigjxcf4wu4tnc@tomti.i.net-space.pl> References: <3cd52834b9d76ed50720d64a0f05455e70dac0fb.1606467382.git.development@efficientek.com> <20201202172308.lqiigjxcf4wu4tnc@tomti.i.net-space.pl> Reply-To: development@efficientek.com X-Mailer: Claws Mail 3.17.4 (GTK+ 2.24.32; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Received-SPF: pass client-ip=2a00:1450:4864:20::243; envelope-from=development@efficientek.com; helo=mail-lj1-x243.google.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Dec 2020 07:24:32 -0000 On Wed, 2 Dec 2020 18:23:08 +0100 Daniel Kiper wrote: > On Fri, Nov 27, 2020 at 03:03:34AM -0600, Glenn Washburn wrote: > > Use the slot key name in the json array rather than the 0 based > > index in the json array for keyslots, segments, and digests. This > > is less confusing for the end user. For example, say you have a > > LUKS2 device with a key in slot 1 and slot 4. When using the > > password for slot 4 to unlock the device, the messages using the > > index of the keyslot will mention keyslot 1 (its a zero-based > > index). Furthermore, with this change the keyslot number will align > > with the number used to reference the keyslot when using the > > --key-slot argument to cryptsetup. Error messages now distinguish > > between indexes and slot keys. The former include the string > > "index" in the error string, and the later are surrounded in quotes. > > This should be split into two separate patches. One should add "index" > to the messages another should add quotes. Well, I am not convinced > that quotes are good differentiators... I would drop them or rephrase > messages to really differentiate indexes and slot keys. I thought the quotes would make more intuitive sense to a user because the value would also be quoted in the json which would be output when using cryptosetup with --debug-json. I can split it in to two patches, but just tell me how you want me to rephrase and I will. No need for another round of reviews. > > Signed-off-by: Glenn Washburn > > --- > > grub-core/disk/luks2.c | 24 ++++++++++++------------ > > 1 file changed, 12 insertions(+), 12 deletions(-) > > > > diff --git a/grub-core/disk/luks2.c b/grub-core/disk/luks2.c > > index ab2c31dcd..c390ea3e6 100644 > > --- a/grub-core/disk/luks2.c > > +++ b/grub-core/disk/luks2.c > > @@ -269,7 +269,7 @@ luks2_get_keyslot (grub_luks2_keyslot_t *k, > > grub_luks2_digest_t *d, grub_luks2_s grub_json_getuint64 > > (&k->slot_key, &keyslot, NULL) || grub_json_getchild (&keyslot, > > &keyslot, 0) || luks2_parse_keyslot (k, &keyslot)) > > - return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse > > keyslot %"PRIuGRUB_SIZE, keyslot_idx); > > + return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse > > keyslot index %"PRIuGRUB_SIZE, keyslot_idx); > > > > /* Get digest that matches the keyslot. */ > > if (grub_json_getvalue (&digests, root, "digests") || > > @@ -281,13 +281,13 @@ luks2_get_keyslot (grub_luks2_keyslot_t *k, > > grub_luks2_digest_t *d, grub_luks2_s grub_json_getuint64 > > (&d->slot_key, &digest, NULL) || grub_json_getchild (&digest, > > &digest, 0) || luks2_parse_digest (d, &digest)) > > - return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse > > digest %"PRIuGRUB_SIZE, i); > > + return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse > > digest index %"PRIuGRUB_SIZE, i); > > > > if ((d->keyslots & (1 << k->slot_key))) > > break; > > } > > if (i == size) > > - return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No digest for > > keyslot %"PRIuGRUB_SIZE, keyslot_idx); > > + return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No digest for > > keyslot \"%"PRIuGRUB_UINT64_T"\"", k->slot_key); > > > > /* Get segment that matches the digest. */ > > if (grub_json_getvalue (&segments, root, "segments") || > > @@ -299,13 +299,13 @@ luks2_get_keyslot (grub_luks2_keyslot_t *k, > > grub_luks2_digest_t *d, grub_luks2_s grub_json_getuint64 > > (&s->slot_key, &segment, NULL) || grub_json_getchild (&segment, > > &segment, 0) || luks2_parse_segment (s, &segment)) > > - return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse > > segment %"PRIuGRUB_SIZE, i); > > + return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse > > segment index %"PRIuGRUB_SIZE, i); > > > > if ((d->segments & (1 << s->slot_key))) > > break; > > } > > if (i == size) > > - return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No segment for > > digest %"PRIuGRUB_SIZE); > > + return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No segment for > > digest \"%"PRIuGRUB_UINT64_T"\"", d->slot_key); > > > > return GRUB_ERR_NONE; > > } > > @@ -601,11 +601,11 @@ luks2_recover_key (grub_disk_t source, > > > > if (keyslot.priority == 0) > > { > > - grub_dprintf ("luks2", "Ignoring keyslot > > %"PRIuGRUB_SIZE" due to priority\n", i); > > + grub_dprintf ("luks2", "Ignoring keyslot > > %"PRIuGRUB_UINT64_T" due to priority\n", keyslot.slot_key); > > Quotes are missing? Yep. good catch. > > continue; > > } > > > > - grub_dprintf ("luks2", "Trying keyslot %"PRIuGRUB_SIZE"\n", > > i); > > + grub_dprintf ("luks2", "Trying keyslot > > %"PRIuGRUB_UINT64_T"\n", keyslot.slot_key); > > Ditto... > > > /* Set up disk according to keyslot's segment. */ > > crypt->offset_sectors = grub_divmod64 (segment.offset, > > segment.sector_size, NULL); @@ -620,16 +620,16 @@ luks2_recover_key > > (grub_disk_t source, (const grub_uint8_t *) passphrase, grub_strlen > > (passphrase)); if (ret) > > { > > - grub_dprintf ("luks2", "Decryption with keyslot > > %"PRIuGRUB_SIZE" failed: %s\n", > > - i, grub_errmsg); > > + grub_dprintf ("luks2", "Decryption with keyslot > > %"PRIuGRUB_UINT64_T" failed: %s\n", > > Ditto and below... > > > + keyslot.slot_key, grub_errmsg); > > continue; > > } > > > > ret = luks2_verify_key (&digest, candidate_key, > > keyslot.key_size); if (ret) > > { > > - grub_dprintf ("luks2", "Could not open keyslot > > %"PRIuGRUB_SIZE": %s\n", > > - i, grub_errmsg); > > + grub_dprintf ("luks2", "Could not open keyslot > > %"PRIuGRUB_UINT64_T": %s\n", > > + keyslot.slot_key, grub_errmsg); > > continue; > > } > > > > @@ -637,7 +637,7 @@ luks2_recover_key (grub_disk_t source, > > * TRANSLATORS: It's a cryptographic key slot: one element > > of an array > > * where each element is either empty or holds a key. > > */ > > - grub_printf_ (N_("Slot %"PRIuGRUB_SIZE" opened\n"), i); > > + grub_printf_ (N_("Slot %"PRIuGRUB_UINT64_T" opened\n"), > > keyslot.slot_key); > > Daniel Glenn