Re: [PATCH 2/7] Cryptomount support key files

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 2/7] Cryptomount support key files

From:	TJ
Subject:	Re: [PATCH 2/7] Cryptomount support key files
Date:	Sat, 17 Mar 2018 11:10:07 +0000
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0

On 14/03/18 09:44, John Lane wrote:
> --- a/grub-core/disk/cryptodisk.c
> +++ b/grub-core/disk/cryptodisk.c
> @@ -949,6 +954,45 @@ grub_cmd_cryptomount (grub_extcmd_context_t ctxt, int 
> argc, char **args)
>      hdr = NULL;
>  
>    have_it = 0;
> +  key = NULL;
> +
> +  if (state[4].set) /* Key file; fails back to passphrase entry */
> +    {
> +      grub_file_t keyfile;
> +      int keyfile_offset;
> +      grub_size_t requested_keyfile_size;
> +
> +      requested_keyfile_size = state[6].set ? grub_strtoul(state[6].arg, 0, 
> 0) : 0;
> +
> +      if (requested_keyfile_size > GRUB_CRYPTODISK_MAX_KEYFILE_SIZE)
> +        grub_printf (N_("Key file size exceeds maximum (%llu)\n"), \
> +                          (unsigned long long) 
> GRUB_CRYPTODISK_MAX_KEYFILE_SIZE);
> +      else
> +        {
> +          keyfile_offset = state[5].set ? grub_strtoul (state[5].arg, 0, 0) 
> : 0;
> +          keyfile_size = requested_keyfile_size ? requested_keyfile_size : \
> +                                          GRUB_CRYPTODISK_MAX_KEYFILE_SIZE;
> +
> +          keyfile = grub_file_open (state[4].arg);
> +          if (!keyfile)
> +            grub_printf (N_("Unable to open key file %s\n"), state[4].arg);
> +          else if (grub_file_seek (keyfile, keyfile_offset) == 
> (grub_off_t)-1)
> +            grub_printf (N_("Unable to seek to offset %d in key file\n"), 
> keyfile_offset);
> +          else
> +            {
> +              keyfile_size = grub_file_read (keyfile, keyfile_buffer, 
> keyfile_size);
> +              if (keyfile_size == (grub_size_t)-1)

grub_file_read() returns grub_ssize_t (signed). Is casting to
grub_size_t (unsigned) required or going to work as intended?

Is the only possible error -1? Underlying readwrite functions can return
error codes via grub_error() that are > 0: see include/grub/err.h

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH 1/7] Cryptomount support LUKS detached header, John Lane, 2018/03/14
- [PATCH 5/7] Cryptomount support for hyphens in UUID, John Lane, 2018/03/14
- [PATCH 4/7] Cryptomount support plain dm-crypt, John Lane, 2018/03/14
- [PATCH 2/7] Cryptomount support key files, John Lane, 2018/03/14
  - Re: [PATCH 2/7] Cryptomount support key files, TJ <=
    - Re: [PATCH 2/7] Cryptomount support key files, John Lane, 2018/03/18
- [PATCH 3/7] cryptomount luks allow multiple passphrase attempts, John Lane, 2018/03/14
  - Re: [PATCH 3/7] cryptomount luks allow multiple passphrase attempts, TJ, 2018/03/17
    - Re: [PATCH 3/7] cryptomount luks allow multiple passphrase attempts, John Lane, 2018/03/18
- [PATCH 7/7] Add support for using a whole device as a keyfile, John Lane, 2018/03/14
- [PATCH 6/7] Retain constness of parameters., John Lane, 2018/03/14
- Re: [PATCH 1/7] Cryptomount support LUKS detached header, Daniel Kiper, 2018/03/14
  - Re: [PATCH 1/7] Cryptomount support LUKS detached header, John Lane, 2018/03/14
    - Re: [PATCH 1/7] Cryptomount support LUKS detached header, Paul Menzel, 2018/03/21
    - Re: [PATCH 1/7] Cryptomount support LUKS detached header, Daniel Kiper, 2018/03/22

Prev by Date: Re: [PATCH] F2FS support
Next by Date: Re: [PATCH 1/7] Cryptomount support LUKS detached header
Previous by thread: [PATCH 2/7] Cryptomount support key files
Next by thread: Re: [PATCH 2/7] Cryptomount support key files
Index(es):
- Date
- Thread