Commit graph

41 commits

Author SHA1 Message Date
Glenn Washburn
84ff10b1c0 cryptodisk: Use cipher name instead of object in error message
Signed-off-by: Glenn Washburn <development@efficientek.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-09-18 22:31:30 +02:00
Glenn Washburn
e1b0992a8d cryptodisk: Fix incorrect calculation of start sector
Here dev is a grub_cryptodisk_t and dev->offset is offset in sectors of size
native to the cryptodisk device. The sector is correctly transformed into
native grub sector size, but then added to dev->offset which is not
transformed. It would be nice if the type system would help us with this.

Signed-off-by: Glenn Washburn <development@efficientek.com>
Reviewed-by: Patrick Steinhardt <ps@pks.im>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-09-11 15:51:04 +02:00
Glenn Washburn
3b3ac0c982 cryptodisk: Unregister cryptomount command when removing module
Signed-off-by: Glenn Washburn <development@efficientek.com>
Reviewed-by: Patrick Steinhardt <ps@pks.im>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-09-11 15:48:50 +02:00
Patrick Steinhardt
dd3f49b106 luks: Move configuration of ciphers into cryptodisk
The luks module contains quite a lot of logic to parse cipher and
cipher-mode strings like aes-xts-plain64 into constants to apply them
to the grub_cryptodisk_t structure. This code will be required by the
upcoming luks2 module, as well, which is why this commit moves it into
its own function grub_cryptodisk_setcipher in the cryptodisk module.
While the strings are probably rather specific to the LUKS modules, it
certainly does make sense that the cryptodisk module houses code to set
up its own internal ciphers instead of hosting that code in the luks
module.

Except for necessary adjustments around error handling, this commit does
an exact move of the cipher configuration logic from luks.c to
cryptodisk.c. Any behavior changes are unintentional.

Signed-off-by: Patrick Steinhardt <ps@pks.im>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-01-10 14:29:37 +01:00
Vladimir Serbinenko
384091967d Rename grub_disk members
Otherwise it horribly clashes with gnulib when it's
replacing open/write/read/close

Signed-off-by: Vladimir Serbinenko <phcoder@google.com>
2019-03-25 15:14:52 +01:00
Andrei Borzenkov
4bd4a88725 i386, x86_64, ppc: fix switch fallthrough cases with GCC7
In util/getroot and efidisk slightly modify exitsing comment to mostly
retain it but still make GCC7 compliant with respect to fall through
annotation.

In grub-core/lib/xzembed/xz_dec_lzma2.c it adds same comments as
upstream.

In grub-core/tests/setjmp_tets.c declare functions as "noreturn" to
suppress GCC7 warning.

In grub-core/gnulib/regexec.c use new __attribute__, because existing
annotation is not recognized by GCC7 parser (which requires that comment
immediately precedes case statement).

Otherwise add FALLTHROUGH comment.

Closes: 50598
2017-04-04 19:23:55 +03:00
grub-devel@iam.tj
c7f93a20c4 cryptodisk: teach grub_cryptodisk_insert() about partitions (bug #45889)
It is not possible to configure encrypted containers on multiple partitions of
the same disk; after the first one all subsequent fail with

disk/cryptodisk.c:978: already mounted as crypto0

Store partition offset in cryptomount descriptor to distinguish between them.
2015-11-07 18:52:59 +03:00
Andrei Borzenkov
c93d3e6947 cryptodisk: strip parenthesis from backing device name
Otherwise subsequent disk open fails.

Reported-By: Klemens Nanni <contact@autoboot.org>
2015-09-13 20:12:31 +03:00
Vladimir Serbinenko
94f701a826 crypto: restrict cipher block size to power of 2.
All current ciphers have blocks which are power of 2 and it's
unlikely to change. Other block length would be tricky to handle anyway.
This restriction allows avoiding extra divisions.
2015-02-26 22:04:40 +01:00
Vladimir Serbinenko
4c7337bfe9 disk/cryptodisk: Add missing error check.
Found by: Coverity scan.
2015-01-24 21:38:22 +01:00
Colin Watson
24024dac7f Fix partmap, cryptodisk, and abstraction handling in grub-mkconfig.
Commit 588744d0dc caused grub-mkconfig
no longer to be forgiving of trailing spaces on grub-probe output
lines, which among other things means that util/grub.d/10_linux.in
no longer detects LVM.  To fix this, make grub-probe's output
delimiting more consistent.  As a bonus, this improves the coverage
of the -0 option.

Fixes Debian bug #735935.

* grub-core/disk/cryptodisk.c
(grub_util_cryptodisk_get_abstraction): Add a user-data argument.
* grub-core/disk/diskfilter.c (grub_diskfilter_get_partmap):
Likewise.
* include/grub/cryptodisk.h (grub_util_cryptodisk_get_abstraction):
Update prototype.
* include/grub/diskfilter.h (grub_diskfilter_get_partmap): Likewise.
* util/grub-install.c (push_partmap_module, push_cryptodisk_module,
probe_mods): Adjust for extra user-data arguments.
* util/grub-probe.c (do_print, probe_partmap, probe_cryptodisk_uuid,
probe_abstraction): Use configured delimiter.  Update callers.
2014-03-31 14:48:46 +01:00
Vladimir Serbinenko
6f5f3337d8 * grub-core/disk/cryptodisk.c: Rename "n" to "last_cryptodisk_id". 2013-12-15 14:21:14 +01:00
Vladimir Serbinenko
431e57a797 * grub-core/disk/cryptodisk.c (luks_script_get): Adapt to new procfs
API.
2013-11-12 16:01:19 +01:00
Vladimir Serbinenko
c35fcdc0b7 * grub-core/disk/AFSplitter.c: Remove variable length arrays.
* grub-core/disk/cryptodisk.c: Likewise.
	* grub-core/disk/geli.c: Likewise.
	* grub-core/disk/luks.c: Likewise.
2013-11-12 02:48:02 +01:00
Vladimir Serbinenko
cb72aa1809 Rewrite blocklist functions in order to get progress when
reading large extents and decrease amount of blocklist hook calls.
2013-11-01 23:28:03 +01:00
Vladimir Serbinenko
442b86de32 Move grub_disk_write out of kernel into disk.mod. 2013-10-27 15:44:55 +01:00
Vladimir 'phcoder' Serbinenko
20d535419f * grub-core/disk/cryptodisk.c: Use grub_util_fd_strerror instead
of strerror.
2013-10-15 17:52:43 +02:00
Vladimir 'phcoder' Serbinenko
b73249d260 Make grub_util_fd_seek match behaviour of other grub_util_fd_* and
fseeko.
2013-10-14 12:47:09 +02:00
Vladimir 'phcoder' Serbinenko
6de292cb9b Define GRUB_UTIL_FD_O_* and always use them with grub_util_fd_open. 2013-10-14 02:11:59 +02:00
Vladimir 'phcoder' Serbinenko
bf25f87931 Make cryptodisk and diskfilter probe data retrievable programmatically
and not just printable.
2013-10-04 01:43:47 +02:00
Vladimir 'phcoder' Serbinenko
a47a78be88 * include/grub/cryptodisk.h (grub_cryptodisk): Use grub_util_fd_t
for cheat_fd.
	* grub-core/disk/cryptodisk.c (grub_cryptodisk_open): Use grub_util_*
	functions.
	(grub_cryptodisk_cheat_insert): Likewise.
	(grub_cryptodisk_close): Likewise.
2013-09-23 11:58:19 +02:00
Grégoire Sutre
418f86c659 Prevent shadowing of stdlib's devname(3) on BSD. 2013-08-12 11:49:33 +02:00
Vladimir 'phcoder' Serbinenko
eeada7b1da Use GRUB_PROPERLY_ALIGNED_ARRAY in grub-core/disk/cryptodisk.c and
grub-core/disk/geli.c.
2013-04-05 13:26:10 +02:00
Vladimir 'phcoder' Serbinenko
1865baa72c Replace 8 with GRUB_CHAR_BIT in several places when appropriate. 2013-04-05 10:59:26 +02:00
Vladimir 'phcoder' Serbinenko
ce50dbd746 Add new 'proc' filesystem framework and put luks_script into it. 2013-03-24 13:05:59 +01:00
Vladimir 'phcoder' Serbinenko
c5dbdc3357 * grub-core/disk/cryptodisk.c (grub_cryptodisk_scan_device): Don't stop
on first error.
2013-02-04 15:36:03 +01:00
Colin Watson
25239370fd Remove nested functions from device iterators.
* include/grub/arc/arc.h (grub_arc_iterate_devs_hook_t): New type.
(grub_arc_iterate_devs): Add hook_data argument.
* include/grub/ata.h (grub_ata_dev_iterate_hook_t): New type.
(struct grub_ata_dev.iterate): Add hook_data argument.
* include/grub/device.h (grub_device_iterate_hook_t): New type.
(grub_device_iterate): Add hook_data argument.
* include/grub/disk.h (grub_disk_dev_iterate_hook_t): New type.
(struct grub_disk_dev.iterate): Add hook_data argument.
(grub_disk_dev_iterate): Likewise.
* include/grub/gpt_partition.h (grub_gpt_partition_map_iterate):
Likewise.
* include/grub/msdos_partition.h (grub_partition_msdos_iterate):
Likewise.
* include/grub/partition.h (grub_partition_iterate_hook_t): New
type.
(struct grub_partition_map.iterate): Add hook_data argument.
(grub_partition_iterate): Likewise.
* include/grub/scsi.h (grub_scsi_dev_iterate_hook_t): New type.
(struct grub_scsi_dev.iterate): Add hook_data argument.

Update all callers.
2013-01-20 15:52:15 +00:00
Vladimir 'phcoder' Serbinenko
ce96d01c93 * grub-core/disk/cryptodisk.c (grub_cmd_cryptomount): Strip brackets
around device name if necessarry.
2012-12-10 19:15:51 +01:00
Vladimir 'phcoder' Serbinenko
40211ab884 * grub-core/commands/acpihalt.c: Add TRANSLATORS comments.
* grub-core/commands/keystatus.c: Likewise.
	* grub-core/commands/loadenv.c: Likewise.
	* grub-core/commands/probe.c: Likewise.
	* grub-core/commands/regexp.c: Likewise.
	* grub-core/commands/true.c: Likewise.
	* grub-core/commands/videoinfo.c: Likewise.
	* grub-core/disk/cryptodisk.c: Likewise.
	* grub-core/disk/ldm.c: Likewise.
	* grub-core/disk/loopback.c: Likewise.
	* grub-core/disk/luks.c: Likewise.
	* grub-core/fs/zfs/zfsinfo.c: Likewise.
	* grub-core/kern/disk.c: Likewise.
	* grub-core/kern/emu/hostdisk.c: Likewise.
2012-03-03 12:59:28 +01:00
Vladimir 'phcoder' Serbinenko
7b5784d4d3 * grub-core/disk/cryptodisk.c (grub_cryptodisk_endecrypt): Rename
argument from encrypt to do_encrypt to avoid shadowing.
2012-02-10 12:11:50 +01:00
Vladimir 'phcoder' Serbinenko
9c4b5c13e6 Improve gettext support. Stylistic fixes and error handling fixes while
on it.
2012-02-08 19:26:01 +01:00
Vladimir 'phcoder' Serbinenko
63fe43f3c3 * util/getroot.c (grub_util_get_dm_node_linear_info): Fix memory leak.
* grub-core/disk/cryptodisk.c (cryptodisk_cleanup): Disable for
	now to avoid double free.
	* grub-core/kern/emu/hostdisk.c (grub_util_biosdisk_dev): Rename to
	hostdisk.
	* include/grub/disk.h (grub_disk_dev_id): New id HOSTDISK.
	* util/grub-probe.c (escape_of_path): Always return a new copy.
	(print_full_name): Escape path.
	(probe): Don't call grub_util_devname_to_ofpath on NULL.
	Fix hints on abstractions.
2012-01-29 21:49:44 +01:00
Vladimir 'phcoder' Serbinenko
9c6e84b838 Cryptodisk write support.
* grub-core/disk/cryptodisk.c (grub_crypto_pcbc_encrypt): New function.
	(grub_cryptodisk_decrypt): Moved logic to ...
	(grub_cryptodisk_endecrypt): ...this. New argument "encrypt".
	(grub_cryptodisk_write): Implement.
	* grub-core/kern/emu/hostdisk.c (nwrite): Rename to ...
	(grub_util_fd_write): ... this. Make global.
	* include/grub/emu/hostdisk.h (grub_util_fd_write): New proto.
2012-01-29 18:16:48 +01:00
Vladimir 'phcoder' Serbinenko
cd8fe79a59 Fix compilation on GNU/Linux.
* grub-core/kern/emu/getroot.c (grub_util_pull_device) [!FreeBSD]:
	Disable geli.
	(grub_util_get_grub_dev) [!FreeBSD]: Likewise.
	(grub_util_pull_device) [HAVE_DEVICE_MAPPER]: Fix const and func name.
	* grub-core/disk/cryptodisk.c (grub_cryptodisk_open): Fix proto.
2011-07-08 03:59:05 +02:00
Vladimir 'phcoder' Serbinenko
20a409405b Integrate geli into autoconfiguration system 2011-04-25 14:52:07 +02:00
Vladimir 'phcoder' Serbinenko
171e2be183 geli xts support 2011-04-24 17:41:50 +02:00
Vladimir 'phcoder' Serbinenko
88ac3146d6 geli v5 (including rekeying support) 2011-04-24 17:15:55 +02:00
Vladimir 'phcoder' Serbinenko
3e90811d88 support non-512B sectors for geli 2011-04-24 14:59:38 +02:00
Vladimir 'phcoder' Serbinenko
572e3ea650 merge 4096 into luks 2011-04-24 03:12:06 +02:00
Vladimir 'phcoder' Serbinenko
b44cd9e710 zero-fill hash context for safety 2011-04-24 02:34:32 +02:00
Vladimir 'phcoder' Serbinenko
1a1f408f20 geli support 2011-04-24 00:00:29 +02:00