From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1ikrNk-0002fJ-OO for mharc-grub-devel@gnu.org; Fri, 27 Dec 2019 10:18:28 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:48920) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ikrNi-0002do-0y for grub-devel@gnu.org; Fri, 27 Dec 2019 10:18:27 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ikrNg-000071-Mo for grub-devel@gnu.org; Fri, 27 Dec 2019 10:18:25 -0500 Received: from out2-smtp.messagingengine.com ([66.111.4.26]:58273) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ikrNg-0008VB-Iq for grub-devel@gnu.org; Fri, 27 Dec 2019 10:18:24 -0500 Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id 276AA21F30; Fri, 27 Dec 2019 10:18:23 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Fri, 27 Dec 2019 10:18:23 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pks.im; h=from :to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; s=fm2; bh=hvCHbXH1uFAs9 cEwWggC/ne19iucPqM6s/ZQNErUVtw=; b=JBFbdw8qWu2q3o3t/utPQV/38/dkO xepHtmbmbbzKOJZvnXIuis5B834wLCedcOjHPz3QgG0GEaMCVaPGDz/n2+NiKpFg yEz4TrxQZXPQ1UDJGRCVb62SU3P9lppRc55fkvJjORZikdJMm9UK8dciDSELCuKn DNmus4bB1kesfadkFErAefwloy313MZd0fBkMvxKiqv6rGcSG21xwBrdjs8pZPFi 7x4DidM9BX1zILcMMCSryqSU/u8C8Cf8wxlmwjdM68MRmE34Ya4AUkN2bAzdMar5 XMpCP1EZb0NQi1Fj1jnymaClUDYCf2xJMGXOY9ZhLUFcllRWNyVsYG02w== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:date:from :in-reply-to:message-id:mime-version:references:subject:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm1; bh=hvCHbXH1uFAs9cEwWggC/ne19iucPqM6s/ZQNErUVtw=; b=pal3zjQd 87FNQq9aKg0Yi4iaV/7TkN70WrA7DmaoKfux3aFxJsUBbZkZBvbZQuXKxQ7PHEIr +ZjvBYFYKAN2gfHgAr9cLnTpkgC6h6wOUs42yOjuV2NtYODAE8gtGm3WS8yb8+7Z 6IJOSq+AHtd6M/ccUP4+NhJ3AOmWvxdL2dmOKQHbSFf5BRZUNv8sXJD4aDZx2i1b NwFMsPfH4zSQipwSMPbATHVCHx0SHPm59B+8OusSNjSsEFAPwj53F4v41JOXKen5 Reux3tsuEaK9cdeVB6Otmzc8RHifRQpLwhvp8tuw1T+c46Kk4fVSnhd4I4YPA707 q7eDRyLvgU/ZZw== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedufedrvddvkedgjeegucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhephffvufffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpefrrghtrhhi tghkucfuthgvihhnhhgrrhguthcuoehpshesphhkshdrihhmqeenucfkphepkeelrdduvd drudeifedrgeelnecurfgrrhgrmhepmhgrihhlfhhrohhmpehpshesphhkshdrihhmnecu vehluhhsthgvrhfuihiivgeptd X-ME-Proxy:

Received: from vm-mail (x590ca331.dyn.telefonica.de [89.12.163.49]) by mail.messagingengine.com (Postfix) with ESMTPA id 698B780060; Fri, 27 Dec 2019 10:18:22 -0500 (EST) Received: from localhost ( [10.192.0.11]) by vm-mail (OpenSMTPD) with ESMTPSA id 5a210174 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Fri, 27 Dec 2019 15:18:19 +0000 (UTC) From: Patrick Steinhardt To: grub-devel@gnu.org Cc: Patrick Steinhardt , Daniel Kiper Subject: [PATCH v7 0/6] Support for LUKS2 disk encryption Date: Fri, 27 Dec 2019 16:18:33 +0100 Message-Id: X-Mailer: git-send-email 2.24.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.111.4.26 X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Dec 2019 15:18:27 -0000 Hi, this is hopefully the last version of this patchset. The previous version was rejected due to compile issues on 32 bit platforms, which I didn't test before. Anyway, this version should fix these issues by - using correct types where appropriate (grub_uint64_t instead of grub_size_t) - using grub_divmod64() for 64 bit division This got i386 working for me, but I didn't have any arm32 platform available. Chances are good it's fixed on both platforms, though. As always, the range-diff against v6 can be found below. Patrick Patrick Steinhardt (6): json: Import upstream jsmn-1.1.0 json: Implement wrapping interface bootstrap: Add gnulib's base64 module afsplitter: Move into its own module luks: Move configuration of ciphers into cryptodisk disk: Implement support for LUKS2 Makefile.util.def | 4 +- bootstrap.conf | 3 +- conf/Makefile.extra-dist | 1 + docs/grub-dev.texi | 14 + docs/grub.texi | 5 +- grub-core/Makefile.core.def | 19 +- grub-core/disk/AFSplitter.c | 3 + grub-core/disk/cryptodisk.c | 163 ++++- grub-core/disk/luks.c | 190 +---- grub-core/disk/luks2.c | 678 ++++++++++++++++++ grub-core/lib/gnulib-patches/fix-base64.patch | 23 + grub-core/lib/json/jsmn.h | 468 ++++++++++++ grub-core/lib/json/json.c | 267 +++++++ grub-core/lib/json/json.h | 122 ++++ include/grub/cryptodisk.h | 3 + 15 files changed, 1783 insertions(+), 180 deletions(-) create mode 100644 grub-core/disk/luks2.c create mode 100644 grub-core/lib/gnulib-patches/fix-base64.patch create mode 100644 grub-core/lib/json/jsmn.h create mode 100644 grub-core/lib/json/json.c create mode 100644 grub-core/lib/json/json.h Range-diff against v6: 1: 2469e96f9 = 1: 2469e96f9 json: Import upstream jsmn-1.1.0 2: 88d2b083d ! 2: c67fda9fb json: Implement wrapping interface @@ Commit message `grub_json_t`. Signed-off-by: Patrick Steinhardt + Reviewed-by: Daniel Kiper ## grub-core/lib/json/json.c ## @@ 3: 411a822b4 = 3: dcca930de bootstrap: Add gnulib's base64 module 4: be0859313 = 4: f922aabda afsplitter: Move into its own module 5: 8535bb34a = 5: 3d397ac30 luks: Move configuration of ciphers into cryptodisk 6: f9b578487 ! 6: 59d36e0e9 disk: Implement support for LUKS2 @@ grub-core/disk/luks2.c (new) +luks2_parse_digest (grub_luks2_digest_t *out, const grub_json_t *digest) +{ + grub_json_t segments, keyslots, o; ++ grub_size_t i, size; ++ grub_uint64_t bit; + const char *type; -+ grub_size_t i, size, bit; + + if (grub_json_getstring (&type, digest, "type")) + return grub_error (GRUB_ERR_BAD_ARGUMENT, "Invalid digest type"); @@ grub-core/disk/luks2.c (new) + const grub_json_t *root, grub_size_t i) +{ + grub_json_t keyslots, keyslot, digests, digest, segments, segment; -+ grub_size_t j, idx, size; ++ grub_size_t j, size; ++ grub_uint64_t idx; + + /* Get nth keyslot */ + if (grub_json_getvalue (&keyslots, root, "keyslots") || @@ grub-core/disk/luks2.c (new) + grub_dprintf ("luks2", "Trying keyslot %"PRIuGRUB_SIZE"\n", i); + + /* Set up disk according to keyslot's segment. */ -+ crypt->offset = segment.offset / segment.sector_size; ++ crypt->offset = grub_divmod64 (segment.offset, segment.sector_size, NULL); + crypt->log_sector_size = sizeof (unsigned int) * 8 + - __builtin_clz ((unsigned int) segment.sector_size) - 1; + if (grub_strcmp (segment.size, "dynamic") == 0) -- 2.24.1