From: Patrick Steinhardt <ps@pks.im>
To: grub-devel@gnu.org
Cc: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>,
Glenn Washburn <development@efficientek.com>,
Daniel Kiper <daniel.kiper@oracle.com>
Subject: [PATCH 0/9] Cryptodisk fixes for v2.06
Date: Sun, 23 Aug 2020 12:59:47 +0200 [thread overview]
Message-ID: <cover.1598179677.git.ps@pks.im> (raw)
[-- Attachment #1: Type: text/plain, Size: 2701 bytes --]
Hi,
I've sifted through the mailing list contents of the last few months to
cherry-pick cryptodisk bugfixes which I think should be included in the
v2.06 release. I've found the following 9 patches from Glenn and me
which should probably be included, separated them out from their
respective patch series and made them play nice with each other.
This patch series shouldn't be applied as-is, but my intention is
instead to bundle all fixes which apply to v2.06 in a single thread to
make discussion easier and help us keep track of what needs to be done.
I've got some comments which I've sent to the original threads already
and added notes below.
- luks2: grub_cryptodisk_t->total_length is the max number of device
native sectors
I'm not sure if this fix is correct, mostly because I think that
`grub_disk_get_size` is buggy already: it returns sectors for
partitions and the total size for disks. So I do think we need
another patch to fix that function, too.
- cryptodisk: Incorrect calculation of start sector for grub_disk_read
in grub_cryptodisk_read
The patch looks correct to me and matches what both LUKS and LUKS2
on-disk format say. But I'm surprised our code ever worked correctly
without this fix, which does make me feel uncomfortable.
- cryptodisk: Properly handle non-512 byte sized sectors
Should we pick this for v2.06? It definitely fixes things, but also
feels a bit like feature-enablement.
I've added my Reviewed-by to those patches which look obviously correct
to me.
Glenn, please let me know if this somehow interferes with your work or
if you'd like to handle upstreaming of those fixes yourself.
Patrick
Glenn Washburn (6):
luks2: Fix use of incorrect index and some error messages
luks2: grub_cryptodisk_t->total_length is the max number of device
native sectors
cryptodisk: Unregister cryptomount command when removing module
cryptodisk: Incorrect calculation of start sector for grub_disk_read
in grub_cryptodisk_read
cryptodisk: Fix cipher IV mode 'plain64' always being set as 'plain'
cryptodisk: Properly handle non-512 byte sized sectors
Patrick Steinhardt (3):
json: Remove invalid typedef redefinition
luks: Fix out-of-bounds copy of UUID
luks2: Improve error reporting when decrypting/verifying key
grub-core/disk/cryptodisk.c | 56 +++++++++++++++++++++----------------
grub-core/disk/luks.c | 7 +++--
grub-core/disk/luks2.c | 33 +++++++++++++---------
grub-core/lib/json/json.h | 9 +++---
include/grub/cryptodisk.h | 2 +-
5 files changed, 62 insertions(+), 45 deletions(-)
--
2.28.0
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next reply other threads:[~2020-08-23 11:00 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-23 10:59 Patrick Steinhardt [this message]
2020-08-23 10:59 ` [PATCH 1/9] json: Remove invalid typedef redefinition Patrick Steinhardt
2020-08-23 10:59 ` [PATCH 2/9] luks: Fix out-of-bounds copy of UUID Patrick Steinhardt
2020-08-23 21:34 ` Denis 'GNUtoo' Carikli
2020-08-26 7:18 ` Patrick Steinhardt
2020-08-23 11:03 ` [PATCH 3/9] luks2: Fix use of incorrect index and some error messages Patrick Steinhardt
2020-08-24 6:30 ` Glenn Washburn
2020-08-24 6:33 ` Patrick Steinhardt
2020-08-23 11:03 ` [PATCH 4/9] luks2: grub_cryptodisk_t->total_length is the max number of device native sectors Patrick Steinhardt
2020-08-23 11:03 ` [PATCH 5/9] luks2: Improve error reporting when decrypting/verifying key Patrick Steinhardt
2020-08-23 11:03 ` [PATCH 6/9] cryptodisk: Unregister cryptomount command when removing module Patrick Steinhardt
2020-08-23 11:04 ` [PATCH 7/9] cryptodisk: Incorrect calculation of start sector for grub_disk_read in grub_cryptodisk_read Patrick Steinhardt
2020-08-23 11:04 ` [PATCH 8/9] cryptodisk: Fix cipher IV mode 'plain64' always being set as 'plain' Patrick Steinhardt
2020-08-23 11:04 ` [PATCH 9/9] cryptodisk: Properly handle non-512 byte sized sectors Patrick Steinhardt
2020-08-24 6:22 ` [PATCH 0/9] Cryptodisk fixes for v2.06 Glenn Washburn
2020-08-24 6:31 ` Patrick Steinhardt
2020-08-26 8:13 ` [PATCH v2 " Patrick Steinhardt
2020-08-26 8:13 ` [PATCH v2 1/9] json: Remove invalid typedef redefinition Patrick Steinhardt
2020-08-26 8:13 ` [PATCH v2 2/9] luks: Fix out-of-bounds copy of UUID Patrick Steinhardt
2020-08-26 8:13 ` [PATCH v2 3/9] luks2: Fix use of incorrect index and some error messages Patrick Steinhardt
2020-08-26 8:13 ` [PATCH v2 4/9] luks2: grub_cryptodisk_t->total_length is the max number of device native sectors Patrick Steinhardt
2020-08-26 8:13 ` [PATCH v2 5/9] luks2: Improve error reporting when decrypting/verifying key Patrick Steinhardt
2020-08-26 8:13 ` [PATCH v2 6/9] cryptodisk: Unregister cryptomount command when removing module Patrick Steinhardt
2020-08-26 23:44 ` [PATCH] cryptodisk: Incorrect calculation of sector in grub_cryptodisk_read/write Glenn Washburn
2020-08-26 23:50 ` Glenn Washburn
2020-08-28 7:12 ` Patrick Steinhardt
2020-08-26 8:13 ` [PATCH v2 7/9] cryptodisk: Fix incorrect calculation of start sector Patrick Steinhardt
2020-08-26 8:13 ` [PATCH v2 8/9] cryptodisk: Fix cipher IV mode 'plain64' always being set as 'plain' Patrick Steinhardt
2020-08-26 8:14 ` [PATCH v2 9/9] cryptodisk: Properly handle non-512 byte sized sectors Patrick Steinhardt
2020-08-31 18:43 ` Glenn Washburn
2020-09-01 15:28 ` Patrick Steinhardt
2020-09-01 23:21 ` [PATCH] " Glenn Washburn
2020-09-02 0:01 ` Glenn Washburn
2020-09-07 15:28 ` Patrick Steinhardt
2020-08-26 22:16 ` [PATCH v2 0/9] Cryptodisk fixes for v2.06 Glenn Washburn
2020-08-28 7:17 ` Patrick Steinhardt
2020-09-07 15:27 ` [PATCH v3 " Patrick Steinhardt
2020-09-07 15:27 ` [PATCH v3 1/9] json: Remove invalid typedef redefinition Patrick Steinhardt
2020-09-07 15:27 ` [PATCH v3 2/9] luks: Fix out-of-bounds copy of UUID Patrick Steinhardt
2020-09-07 15:27 ` [PATCH v3 3/9] luks2: Fix use of incorrect index and some error messages Patrick Steinhardt
2020-09-08 12:58 ` Daniel Kiper
2020-09-21 6:45 ` Glenn Washburn
2020-09-21 11:24 ` Daniel Kiper
2020-09-07 15:27 ` [PATCH v3 4/9] luks2: grub_cryptodisk_t->total_length is the max number of device native sectors Patrick Steinhardt
2020-09-08 13:21 ` Daniel Kiper
2020-09-21 6:28 ` Glenn Washburn
2020-09-21 11:23 ` Daniel Kiper
2020-10-03 5:42 ` Glenn Washburn
2020-10-27 19:11 ` Daniel Kiper
2020-10-29 19:53 ` Glenn Washburn
2020-10-30 12:49 ` Daniel Kiper
2020-11-03 20:21 ` Glenn Washburn
2020-11-04 13:15 ` Daniel Kiper
2020-11-06 6:41 ` Glenn Washburn
2020-09-07 15:27 ` [PATCH v3 5/9] luks2: Improve error reporting when decrypting/verifying key Patrick Steinhardt
2020-09-07 15:27 ` [PATCH v3 6/9] cryptodisk: Unregister cryptomount command when removing module Patrick Steinhardt
2020-09-08 13:28 ` Daniel Kiper
2020-09-21 6:45 ` Glenn Washburn
2020-09-21 11:25 ` Daniel Kiper
2020-09-07 15:27 ` [PATCH v3 7/9] cryptodisk: Fix incorrect calculation of start sector Patrick Steinhardt
2020-09-07 15:28 ` [PATCH v3 8/9] cryptodisk: Fix cipher IV mode 'plain64' always being set as 'plain' Patrick Steinhardt
2020-09-08 13:42 ` Daniel Kiper
2020-09-07 15:28 ` [PATCH v3 9/9] cryptodisk: Properly handle non-512 byte sized sectors Patrick Steinhardt
2020-09-09 11:21 ` Daniel Kiper
2020-09-21 5:58 ` Glenn Washburn
2020-09-21 11:16 ` Daniel Kiper
2020-09-09 11:28 ` [PATCH v3 0/9] Cryptodisk fixes for v2.06 Daniel Kiper
2020-09-17 14:14 ` Patrick Steinhardt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1598179677.git.ps@pks.im \
--to=ps@pks.im \
--cc=GNUtoo@cyberdimension.org \
--cc=daniel.kiper@oracle.com \
--cc=development@efficientek.com \
--cc=grub-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.