[PATCH 0/3] Refactor/improve cryptomount data passing to crypto modules

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 0/3] Refactor/improve cryptomount data passing to crypto modules

From:	Glenn Washburn
Subject:	[PATCH 0/3] Refactor/improve cryptomount data passing to crypto modules
Date:	Thu, 26 Aug 2021 00:08:49 -0500

This patch series refactors the way cryptomount passes data to the crypto
modules. Currently, the method has been by global variable and function call
argument, neither of which are ideal. This method passes data via a
grub_cryptomount_args struct, which can be added to over time as opposed to
continually adding arguments to the cryptodisk recover_key (as is being
proposed in the keyfile and detached header patches).

The infrastructure is implemented in patch #1 along with adding a new -p
parameter to cryptomount partly as an example to show how a password would be
passed to the crypto module backends. The backends do nothing with this data
in this patch, but print a message saying that sending a password is
unimplemented.

Patch #2 takes advantage of this new data passing mechanism to refactor the
essentially duplicated code in each crypto backend module for inputting the
password and puts that functionality in the cryptodisk code. Conceptually,
the crypto backends should not be getting user input anyway.

Finally patch #3, gets rid of some long time globals in cryptodisk, moving them
into the passed struct.

My intention is for this patch series to lay the foundation for an improved
patch series providing detached header and keyfile support (I already have
the series updated and ready to send once this is accepted). I also believe
tha this will somewhat simplify the patch series by James Bottomley in
passing secrets to the crypto backends.

Glenn

Glenn Washburn (3):
  cryptodisk: Add infrastructure to pass data from cryptomount to
    cryptodisk modules
  cryptodisk: Refactor password input out of crypto dev modules into
    cryptodisk
  cryptodisk: Move global variables into grub_cryptomount_args struct

 grub-core/disk/cryptodisk.c | 109 ++++++++++++++++++++++++------------
 grub-core/disk/geli.c       |  24 ++------
 grub-core/disk/luks.c       |  25 ++-------
 grub-core/disk/luks2.c      |  24 ++------
 include/grub/cryptodisk.h   |  12 ++++
 5 files changed, 102 insertions(+), 92 deletions(-)

-- 
2.27.0

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH 0/3] Refactor/improve cryptomount data passing to crypto modules, Glenn Washburn <=
- [PATCH 1/3] cryptodisk: Add infrastructure to pass data from cryptomount to cryptodisk modules, Glenn Washburn, 2021/08/26
  - Re: [PATCH 1/3] cryptodisk: Add infrastructure to pass data from cryptomount to cryptodisk modules, Patrick Steinhardt, 2021/08/30
- [PATCH 2/3] cryptodisk: Refactor password input out of crypto dev modules into cryptodisk, Glenn Washburn, 2021/08/26
- [PATCH 3/3] cryptodisk: Move global variables into grub_cryptomount_args struct, Glenn Washburn, 2021/08/26
  - Re: [PATCH 3/3] cryptodisk: Move global variables into grub_cryptomount_args struct, Patrick Steinhardt, 2021/08/30

Prev by Date: Re: [PATCH 00/12] Grub-shell improvements
Next by Date: [PATCH 1/3] cryptodisk: Add infrastructure to pass data from cryptomount to cryptodisk modules
Previous by thread: Re: [PATCH 00/12] Grub-shell improvements
Next by thread: [PATCH 1/3] cryptodisk: Add infrastructure to pass data from cryptomount to cryptodisk modules
Index(es):
- Date
- Thread