From: Patrick Steinhardt <ps@pks.im>
To: Glenn Washburn <development@efficientek.com>
Cc: grub-devel@gnu.org, Daniel Kiper <dkiper@net-space.pl>,
Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>,
James Bottomley <James.Bottomley@HansenPartnership.com>
Subject: Re: [PATCH v2 2/4] cryptodisk: Refactor password input from crypto dev modules into cryptodisk
Date: Sun, 3 Oct 2021 21:10:01 +0200 [thread overview]
Message-ID: <YVoACfj+0AZbO+Zy@xps> (raw)
In-Reply-To: <20210927231403.642857-3-development@efficientek.com>
[-- Attachment #1: Type: text/plain, Size: 2925 bytes --]
On Mon, Sep 27, 2021 at 06:14:01PM -0500, Glenn Washburn wrote:
> The crypto device modules should only be setting up the crypto devices and
> not getting user input. This has the added benefit of simplifying the code
> such that three essentially duplicate pieces of code are merged into one.
>
> Signed-off-by: Glenn Washburn <development@efficientek.com>
> ---
> grub-core/disk/cryptodisk.c | 52 ++++++++++++++++++++++++++++++-------
> grub-core/disk/geli.c | 26 ++++---------------
> grub-core/disk/luks.c | 27 +++----------------
> grub-core/disk/luks2.c | 26 ++++---------------
> include/grub/cryptodisk.h | 1 +
> 5 files changed, 57 insertions(+), 75 deletions(-)
>
> diff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c
> index ca034859e..86eaabe60 100644
> --- a/grub-core/disk/cryptodisk.c
> +++ b/grub-core/disk/cryptodisk.c
> @@ -1001,9 +1001,11 @@ grub_cryptodisk_scan_device_real (const char *name,
> grub_disk_t source,
> grub_cryptomount_args_t cargs)
> {
> - grub_err_t err;
> + grub_err_t ret = GRUB_ERR_NONE;
> grub_cryptodisk_t dev;
> grub_cryptodisk_dev_t cr;
> + int askpass = 0;
> + char *part = NULL;
>
> dev = grub_cryptodisk_get_by_source_disk (source);
>
> @@ -1017,21 +1019,51 @@ grub_cryptodisk_scan_device_real (const char *name,
> return grub_errno;
> if (!dev)
> continue;
> -
> - err = cr->recover_key (source, dev, cargs);
> - if (err)
> - {
> - cryptodisk_close (dev);
> - return err;
> - }
> +
> + if (cargs->key_len == 0)
> + {
> + /* Get the passphrase from the user, if no key data. */
> + askpass = 1;
> + if (source->partition)
> + part = grub_partition_get_name (source->partition);
> + grub_printf_ (N_("Enter passphrase for %s%s%s (%s): "), source->name,
> + source->partition ? "," : "", part ? : "",
> + dev->uuid);
> + grub_free (part);
> +
> + cargs->key_data = grub_malloc (GRUB_CRYPTODISK_MAX_PASSPHRASE);
> + if (!cargs->key_data)
> + return grub_errno;
> +
> + if (!grub_password_get ((char *) cargs->key_data, GRUB_CRYPTODISK_MAX_PASSPHRASE))
> + {
> + ret = grub_error (GRUB_ERR_BAD_ARGUMENT, "Passphrase not supplied");
> + goto error;
> + }
> + cargs->key_len = grub_strlen((char *) cargs->key_data);
Missing space.
> + }
> +
> + ret = cr->recover_key (source, dev, cargs);
> + if (ret)
> + goto error;
>
> grub_cryptodisk_insert (dev, name, source);
>
> have_it = 1;
>
> - return GRUB_ERR_NONE;
> + goto cleanup;
> }
> - return GRUB_ERR_NONE;
> + goto cleanup;
> +
> +error:
> + cryptodisk_close (dev);
> +cleanup:
> + if (askpass)
> + {
> + cargs->key_len = 0;
> + grub_free(cargs->key_data);
Here, too. Otherwise, the patch looks good to me.
Patrick
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next prev parent reply other threads:[~2021-10-03 19:05 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-27 23:13 [PATCH v2 0/4] Refactor/improve cryptomount data passing to crypto modules Glenn Washburn
2021-09-27 23:14 ` [PATCH v2 1/4] cryptodisk: Add infrastructure to pass data from cryptomount to cryptodisk modules Glenn Washburn
2021-10-03 19:04 ` Patrick Steinhardt
2021-09-27 23:14 ` [PATCH v2 2/4] cryptodisk: Refactor password input from crypto dev modules into cryptodisk Glenn Washburn
2021-10-03 19:10 ` Patrick Steinhardt [this message]
2021-09-27 23:14 ` [PATCH v2 3/4] cryptodisk: Move global variables into grub_cryptomount_args struct Glenn Washburn
2021-10-03 19:16 ` Patrick Steinhardt
2021-10-03 23:57 ` Glenn Washburn
2021-10-04 8:43 ` Patrick Steinhardt
2021-10-04 17:13 ` Glenn Washburn
2021-09-27 23:14 ` [PATCH v2 4/4] cryptodisk: Remove unneeded found_uuid from cryptomount args Glenn Washburn
2021-10-03 20:22 ` Patrick Steinhardt
2021-10-03 23:57 ` Glenn Washburn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YVoACfj+0AZbO+Zy@xps \
--to=ps@pks.im \
--cc=GNUtoo@cyberdimension.org \
--cc=James.Bottomley@HansenPartnership.com \
--cc=development@efficientek.com \
--cc=dkiper@net-space.pl \
--cc=grub-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.