Re: [PATCH v6 02/12] luks2: Use more intuitive slot key instead of index

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v6 02/12] luks2: Use more intuitive slot key instead of index

From:	Glenn Washburn
Subject:	Re: [PATCH v6 02/12] luks2: Use more intuitive slot key instead of index in user messages.
Date:	Thu, 3 Dec 2020 01:24:18 -0600

On Wed, 2 Dec 2020 18:23:08 +0100
Daniel Kiper <dkiper@net-space.pl> wrote:

> On Fri, Nov 27, 2020 at 03:03:34AM -0600, Glenn Washburn wrote:
> > Use the slot key name in the json array rather than the 0 based
> > index in the json array for keyslots, segments, and digests. This
> > is less confusing for the end user. For example, say you have a
> > LUKS2 device with a key in slot 1 and slot 4. When using the
> > password for slot 4 to unlock the device, the messages using the
> > index of the keyslot will mention keyslot 1 (its a zero-based
> > index). Furthermore, with this change the keyslot number will align
> > with the number used to reference the keyslot when using the
> > --key-slot argument to cryptsetup. Error messages now distinguish
> > between indexes and slot keys. The former include the string
> > "index" in the error string, and the later are surrounded in quotes.
> 
> This should be split into two separate patches. One should add "index"
> to the messages another should add quotes. Well, I am not convinced
> that quotes are good differentiators... I would drop them or rephrase
> messages to really differentiate indexes and slot keys.

I thought the quotes would make more intuitive sense to a user because
the value would also be quoted in the json which would be output when
using cryptosetup with --debug-json.  I can split it in to two patches,
but just tell me how you want me to rephrase and I will.  No need for
another round of reviews.

> > Signed-off-by: Glenn Washburn <development@efficientek.com>
> > ---
> >  grub-core/disk/luks2.c | 24 ++++++++++++------------
> >  1 file changed, 12 insertions(+), 12 deletions(-)
> >
> > diff --git a/grub-core/disk/luks2.c b/grub-core/disk/luks2.c
> > index ab2c31dcd..c390ea3e6 100644
> > --- a/grub-core/disk/luks2.c
> > +++ b/grub-core/disk/luks2.c
> > @@ -269,7 +269,7 @@ luks2_get_keyslot (grub_luks2_keyslot_t *k,
> > grub_luks2_digest_t *d, grub_luks2_s grub_json_getuint64
> > (&k->slot_key, &keyslot, NULL) || grub_json_getchild (&keyslot,
> > &keyslot, 0) || luks2_parse_keyslot (k, &keyslot))
> > -    return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse
> > keyslot %"PRIuGRUB_SIZE, keyslot_idx);
> > +    return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse
> > keyslot index %"PRIuGRUB_SIZE, keyslot_idx);
> >
> >    /* Get digest that matches the keyslot. */
> >    if (grub_json_getvalue (&digests, root, "digests") ||
> > @@ -281,13 +281,13 @@ luks2_get_keyslot (grub_luks2_keyslot_t *k,
> > grub_luks2_digest_t *d, grub_luks2_s grub_json_getuint64
> > (&d->slot_key, &digest, NULL) || grub_json_getchild (&digest,
> > &digest, 0) || luks2_parse_digest (d, &digest))
> > -   return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse
> > digest %"PRIuGRUB_SIZE, i);
> > +   return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse
> > digest index %"PRIuGRUB_SIZE, i);
> >
> >        if ((d->keyslots & (1 << k->slot_key)))
> >     break;
> >      }
> >    if (i == size)
> > -      return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No digest for
> > keyslot %"PRIuGRUB_SIZE, keyslot_idx);
> > +      return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No digest for
> > keyslot \"%"PRIuGRUB_UINT64_T"\"", k->slot_key);
> >
> >    /* Get segment that matches the digest. */
> >    if (grub_json_getvalue (&segments, root, "segments") ||
> > @@ -299,13 +299,13 @@ luks2_get_keyslot (grub_luks2_keyslot_t *k,
> > grub_luks2_digest_t *d, grub_luks2_s grub_json_getuint64
> > (&s->slot_key, &segment, NULL) || grub_json_getchild (&segment,
> > &segment, 0) || luks2_parse_segment (s, &segment))
> > -   return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse
> > segment %"PRIuGRUB_SIZE, i);
> > +   return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse
> > segment index %"PRIuGRUB_SIZE, i);
> >
> >        if ((d->segments & (1 << s->slot_key)))
> >     break;
> >      }
> >    if (i == size)
> > -    return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No segment for
> > digest %"PRIuGRUB_SIZE);
> > +    return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No segment for
> > digest \"%"PRIuGRUB_UINT64_T"\"", d->slot_key);
> >
> >    return GRUB_ERR_NONE;
> >  }
> > @@ -601,11 +601,11 @@ luks2_recover_key (grub_disk_t source,
> >
> >        if (keyslot.priority == 0)
> >     {
> > -     grub_dprintf ("luks2", "Ignoring keyslot
> > %"PRIuGRUB_SIZE" due to priority\n", i);
> > +     grub_dprintf ("luks2", "Ignoring keyslot
> > %"PRIuGRUB_UINT64_T" due to priority\n", keyslot.slot_key);
> 
> Quotes are missing?

Yep. good catch.

> >       continue;
> >          }
> >
> > -      grub_dprintf ("luks2", "Trying keyslot %"PRIuGRUB_SIZE"\n",
> > i);
> > +      grub_dprintf ("luks2", "Trying keyslot
> > %"PRIuGRUB_UINT64_T"\n", keyslot.slot_key);
> 
> Ditto...
> 
> >        /* Set up disk according to keyslot's segment. */
> >        crypt->offset_sectors = grub_divmod64 (segment.offset,
> > segment.sector_size, NULL); @@ -620,16 +620,16 @@ luks2_recover_key
> > (grub_disk_t source, (const grub_uint8_t *) passphrase, grub_strlen
> > (passphrase)); if (ret)
> >     {
> > -     grub_dprintf ("luks2", "Decryption with keyslot
> > %"PRIuGRUB_SIZE" failed: %s\n",
> > -                   i, grub_errmsg);
> > +     grub_dprintf ("luks2", "Decryption with keyslot
> > %"PRIuGRUB_UINT64_T" failed: %s\n",
> 
> Ditto and below...
> 
> > +                   keyslot.slot_key, grub_errmsg);
> >       continue;
> >     }
> >
> >        ret = luks2_verify_key (&digest, candidate_key,
> > keyslot.key_size); if (ret)
> >     {
> > -     grub_dprintf ("luks2", "Could not open keyslot
> > %"PRIuGRUB_SIZE": %s\n",
> > -                   i, grub_errmsg);
> > +     grub_dprintf ("luks2", "Could not open keyslot
> > %"PRIuGRUB_UINT64_T": %s\n",
> > +                   keyslot.slot_key, grub_errmsg);
> >       continue;
> >     }
> >
> > @@ -637,7 +637,7 @@ luks2_recover_key (grub_disk_t source,
> >         * TRANSLATORS: It's a cryptographic key slot: one element
> > of an array
> >         * where each element is either empty or holds a key.
> >         */
> > -      grub_printf_ (N_("Slot %"PRIuGRUB_SIZE" opened\n"), i);
> > +      grub_printf_ (N_("Slot %"PRIuGRUB_UINT64_T" opened\n"),
> > keyslot.slot_key);
> 
> Daniel

Glenn

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH v6 02/12] luks2: Use more intuitive slot key instead of index in user messages., Daniel Kiper, 2020/12/02
- Re: [PATCH v6 02/12] luks2: Use more intuitive slot key instead of index in user messages., Glenn Washburn <=
  - Re: [PATCH v6 02/12] luks2: Use more intuitive slot key instead of index in user messages., Daniel Kiper, 2020/12/03

Prev by Date: Re: [PATCH v6 01/12] luks2: Add slot_key member to struct grub_luks2_keyslot/segment/digest
Next by Date: Re: [PATCH v6 04/12] cryptodisk: Replace some literals with constants in grub_cryptodisk_endecrypt
Previous by thread: Re: [PATCH v6 02/12] luks2: Use more intuitive slot key instead of index in user messages.
Next by thread: Re: [PATCH v6 02/12] luks2: Use more intuitive slot key instead of index in user messages.
Index(es):
- Date
- Thread