Re: [PATCH 0/4] Various LUKS2 improvements

[Glenn Washburn]

On Tue, 23 Mar 2021 18:43:59 +0100
Daniel Kiper <dkiper@net-space.pl> wrote:

> On Fri, Mar 19, 2021 at 07:14:47PM -0500, Glenn Washburn wrote:
> > Patch #1: Allows GRUB to be more resilient in the fact or
> > unexpected json data, thus allowing access to LUKS2 volumes in
> > cases where currently it would be inaccessible
> > Patch #2-3: Add some text to go along with the error in case it gets
> >   bubbled up to the user
> > Patch #4: Simplifies some error handling and makes the code a
> > little easier to read
> >
> > Glenn
> >
> > Glenn Washburn (4):
> >   luks2: Continue trying all keyslots even if there are some
> > failures luks2: Add error message strings to crypto errors
> >   luks2: Add error message strings to errors in luks2_read_header
> >   luks2: Fix potential grub_free with NULL pointer
> 
> Are there any of these patches critical and should be applied before
> release?

None of these are critical. Considering the length of time between grub
releases, the first one might be worth considering. If there is a
non-standard key slot (eg. Someone adds their own KDF) that is before a
standard key slot, we will currently bail and not even check further
keyslots. This can be mitigated by the user making sure that
non-standard keyslots are after standard ones (but that may not
necessarily mean that the key index is larger depending if the json
writer is not sorting keys).

I'm fine with it not being included too. I would guess this use-case is
very improbable.

Glenn