From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.90_1)
	id 1kwULy-0007Wz-2O
	for mharc-grub-devel@gnu.org; Mon, 04 Jan 2021 13:13:14 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10]:47492)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <jejb@linux.ibm.com>)
 id 1kwULv-0007RZ-Lw
 for grub-devel@gnu.org; Mon, 04 Jan 2021 13:13:11 -0500
Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:62210
 helo=mx0a-001b2d01.pphosted.com)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <jejb@linux.ibm.com>)
 id 1kwULt-0004Cr-AP
 for grub-devel@gnu.org; Mon, 04 Jan 2021 13:13:11 -0500
Received: from pps.filterd (m0098413.ppops.net [127.0.0.1])
 by mx0b-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id
 104I1CMZ083288; Mon, 4 Jan 2021 13:13:05 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com;
 h=message-id : subject :
 from : reply-to : to : cc : date : in-reply-to : references : content-type
 : mime-version : content-transfer-encoding; s=pp1;
 bh=uEyHZ4lrp3zB+CFoxTlo3vpQB6qehwLKIpkDpdr7DRo=;
 b=U9lNuLT4mlxDsOwfUaXIxibjmfOFKisA2Xx8QwZIqrAPanj7meoN/igDXXNS+R9OoIJt
 eh4DdCLG6u4M12rsERd88sBz14keDJexDHL2uZkLDni8lkLhteoGwHNxf+f+w2GCF+RH
 5cwqrcDUwXYhVzAi7CgGokw+08+ijXf3d3OiIMpEuS1/cIB/BWMdVflqSp+WOF1g4KIE
 S41FwfjsgG+kyTk2bpckStCm1qhlJpNI+du3Yb+nbx6r84JjiQ41pN0HxChP+f34RFmW
 7GcRR0w3Rxsgf8Iq5Eb/qBH9tg3Nro1+xSFZ1wxUCVm5Xg0CvaRS+4gwuiStMVuNjVDJ cg== 
Received: from pps.reinject (localhost [127.0.0.1])
 by mx0b-001b2d01.pphosted.com with ESMTP id 35v7ry8kkx-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
 Mon, 04 Jan 2021 13:13:05 -0500
Received: from m0098413.ppops.net (m0098413.ppops.net [127.0.0.1])
 by pps.reinject (8.16.0.36/8.16.0.36) with SMTP id 104I2N5C091019;
 Mon, 4 Jan 2021 13:13:05 -0500
Received: from ppma05wdc.us.ibm.com (1b.90.2fa9.ip4.static.sl-reverse.com
 [169.47.144.27])
 by mx0b-001b2d01.pphosted.com with ESMTP id 35v7ry8kkn-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
 Mon, 04 Jan 2021 13:13:05 -0500
Received: from pps.filterd (ppma05wdc.us.ibm.com [127.0.0.1])
 by ppma05wdc.us.ibm.com (8.16.0.42/8.16.0.42) with SMTP id 104I1q3a031364;
 Mon, 4 Jan 2021 18:13:04 GMT
Received: from b03cxnp08027.gho.boulder.ibm.com
 (b03cxnp08027.gho.boulder.ibm.com [9.17.130.19])
 by ppma05wdc.us.ibm.com with ESMTP id 35tgf90104-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
 Mon, 04 Jan 2021 18:13:04 +0000
Received: from b03ledav004.gho.boulder.ibm.com
 (b03ledav004.gho.boulder.ibm.com [9.17.130.235])
 by b03cxnp08027.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id
 104ID1W410093192
 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
 Mon, 4 Jan 2021 18:13:01 GMT
Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1])
 by IMSVA (Postfix) with ESMTP id 5014D7806A;
 Mon,  4 Jan 2021 18:13:01 +0000 (GMT)
Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1])
 by IMSVA (Postfix) with ESMTP id D8DB97805C;
 Mon,  4 Jan 2021 18:12:58 +0000 (GMT)
Received: from jarvis.int.hansenpartnership.com (unknown [9.85.172.80])
 by b03ledav004.gho.boulder.ibm.com (Postfix) with ESMTP;
 Mon,  4 Jan 2021 18:12:58 +0000 (GMT)
Message-ID: <4f4f1763950595028a30fc42be4a7578b5bcd100.camel@linux.ibm.com>
Subject: Re: [PATCH v3 1/3] cryptodisk: make the password getter and
 additional argument to recover_key
From: James Bottomley <jejb@linux.ibm.com>
Reply-To: jejb@linux.ibm.com
To: The development of GNU GRUB <grub-devel@gnu.org>
Cc: thomas.lendacky@amd.com, ashish.kalra@amd.com, brijesh.singh@amd.com,
 david.kaplan@amd.com, jon.grimm@amd.com, tobin@ibm.com, "Dr . David Alan
 Gilbert" <dgilbert@redhat.com>, frankeh@us.ibm.com,
 Dov.Murik1@il.ibm.com, dovmurik@linux.vnet.ibm.com
Date: Mon, 04 Jan 2021 10:12:57 -0800
In-Reply-To: <CABqXoSfC_XmDF+-QS6p6YRDfT+G4Jr5W0qn8=VsZqf5DpDhMEw@mail.gmail.com>
References: <20201231173618.20751-1-jejb@linux.ibm.com>
 <20201231173618.20751-2-jejb@linux.ibm.com>
 <CABqXoSfC_XmDF+-QS6p6YRDfT+G4Jr5W0qn8=VsZqf5DpDhMEw@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
User-Agent: Evolution 3.34.4 
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-TM-AS-GCONF: 00
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.343, 18.0.737
 definitions=2021-01-04_11:2021-01-04,
 2021-01-04 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0
 suspectscore=0
 mlxlogscore=999 phishscore=0 impostorscore=0 clxscore=1015 spamscore=0
 mlxscore=0 lowpriorityscore=0 adultscore=0 bulkscore=0 malwarescore=0
 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.12.0-2009150000 definitions=main-2101040114
Received-SPF: pass client-ip=148.163.158.5; envelope-from=jejb@linux.ibm.com;
 helo=mx0a-001b2d01.pphosted.com
X-Spam_score_int: -26
X-Spam_score: -2.7
X-Spam_bar: --
X-Spam_report: (-2.7 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7,
 RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Jan 2021 18:13:11 -0000

On Thu, 2020-12-31 at 21:42 +0300, Dmitry wrote:
[...]
> > --- a/grub-core/disk/luks2.c
> > +++ b/grub-core/disk/luks2.c
> > @@ -542,7 +542,8 @@ luks2_decrypt_key (grub_uint8_t *out_key,
> > 
> >  static grub_err_t
> >  luks2_recover_key (grub_disk_t source,
> > -                  grub_cryptodisk_t crypt)
> > +                  grub_cryptodisk_t crypt,
> > +                  grub_passwd_cb *password_get)
> 
> Do you have any thoughts for the future if we want to add luks header
> and master key passing to this function?

I really don't think you want to add luks header, because that takes
what is a generic interface and makes it luks specific.  You could add
some sort of opaque context instead, which the caller doesn't
understand, but the callee does, but I don't currently know how you
plan to use the header, so I have no idea if this would work or not.

> I'm using my own branch where I added this in a trivial way:
> static grub_err_t
> luks2_recover_key (grub_disk_t source,
>            grub_cryptodisk_t crypt,
>            grub_file_t hdr_file, grub_file_t key_file, grub_file_t
> mkey_file)
> 
> https://gitlab.com/reagentoo/grub/-/blob/cryptopatch_tiny_v2/grub-core/disk/luks2.c#L571-573
> 
> But I'm at a loss to think of how this can be done in combination
> with a 'grub_passwd_cb*'.

Well, we're both adding arguments to the function, so you just would
combine the additions, I think.

James