[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v3 3/4] cryptodisk: Move global variables into grub_cryptomou
From: |
Daniel Kiper |
Subject: |
Re: [PATCH v3 3/4] cryptodisk: Move global variables into grub_cryptomount_args struct |
Date: |
Thu, 18 Nov 2021 15:06:56 +0100 |
User-agent: |
NeoMutt/20170113 (1.7.2) |
On Tue, Oct 12, 2021 at 06:26:28PM -0500, Glenn Washburn wrote:
> Signed-off-by: Glenn Washburn <development@efficientek.com>
> ---
> grub-core/disk/cryptodisk.c | 26 +++++++++-----------------
> grub-core/disk/geli.c | 9 ++++-----
> grub-core/disk/luks.c | 11 +++++------
> grub-core/disk/luks2.c | 6 +++---
> include/grub/cryptodisk.h | 10 ++++++++--
> 5 files changed, 29 insertions(+), 33 deletions(-)
>
> diff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c
> index a5f7b860c..5b38606ed 100644
> --- a/grub-core/disk/cryptodisk.c
> +++ b/grub-core/disk/cryptodisk.c
> @@ -984,9 +984,6 @@ grub_util_cryptodisk_get_uuid (grub_disk_t disk)
>
> #endif
>
> -static int check_boot, have_it;
> -static char *search_uuid;
> -
> static void
> cryptodisk_close (grub_cryptodisk_t dev)
> {
> @@ -1014,7 +1011,7 @@ grub_cryptodisk_scan_device_real (const char *name,
>
> FOR_CRYPTODISK_DEVS (cr)
> {
> - dev = cr->scan (source, search_uuid, check_boot);
> + dev = cr->scan (source, cargs);
> if (grub_errno)
> return grub_errno;
> if (!dev)
> @@ -1049,7 +1046,7 @@ grub_cryptodisk_scan_device_real (const char *name,
>
> grub_cryptodisk_insert (dev, name, source);
>
> - have_it = 1;
> + cargs->found_uuid = 1;
Please say in the commit message you are changing variable/member name too.
Or maybe it would be better if you do this in separate patch.
> goto cleanup;
> }
> @@ -1091,7 +1088,7 @@ grub_cryptodisk_cheat_mount (const char *sourcedev,
> const char *cheat)
>
> FOR_CRYPTODISK_DEVS (cr)
> {
> - dev = cr->scan (source, search_uuid, check_boot);
> + dev = cr->scan (source, NULL);
> if (grub_errno)
> return grub_errno;
> if (!dev)
> @@ -1135,7 +1132,7 @@ grub_cryptodisk_scan_device (const char *name,
>
> if (err)
> grub_print_error ();
> - return have_it && search_uuid ? 1 : 0;
> + return (cargs->found_uuid && cargs->search_uuid) ? 1 : 0;
I think this should be enough:
return (cargs->found_uuid && cargs->search_uuid != NULL)
> }
>
> static grub_err_t
> @@ -1153,7 +1150,6 @@ grub_cmd_cryptomount (grub_extcmd_context_t ctxt, int
> argc, char **args)
> cargs.key_len = grub_strlen (state[3].arg);
> }
>
> - have_it = 0;
cargs->found_uuid = 0?
> if (state[0].set) /* uuid */
> {
> grub_cryptodisk_t dev;
> @@ -1166,21 +1162,18 @@ grub_cmd_cryptomount (grub_extcmd_context_t ctxt, int
> argc, char **args)
> return GRUB_ERR_NONE;
> }
>
> - check_boot = state[2].set;
> - search_uuid = args[0];
> + cargs.check_boot = state[2].set;
> + cargs.search_uuid = args[0];
> grub_device_iterate (&grub_cryptodisk_scan_device, &cargs);
> - search_uuid = NULL;
cargs.search_uuid = NULL?
> - if (!have_it)
> + if (!cargs.found_uuid)
> return grub_error (GRUB_ERR_BAD_ARGUMENT, "no such cryptodisk found");
> return GRUB_ERR_NONE;
> }
> else if (state[1].set || (argc == 0 && state[2].set)) /* -a|-b */
> {
> - search_uuid = NULL;
> - check_boot = state[2].set;
> + cargs.check_boot = state[2].set;
> grub_device_iterate (&grub_cryptodisk_scan_device, &cargs);
> - search_uuid = NULL;
Ditto. If this is correct then I think it should be shortly explained in
the commit message why you can drop these assignments.
> return GRUB_ERR_NONE;
> }
> else
> @@ -1192,8 +1185,7 @@ grub_cmd_cryptomount (grub_extcmd_context_t ctxt, int
> argc, char **args)
> char *disklast = NULL;
> grub_size_t len;
>
> - search_uuid = NULL;
Ditto.
> - check_boot = state[2].set;
> + cargs.check_boot = state[2].set;
> diskname = args[0];
> len = grub_strlen (diskname);
> if (len && diskname[0] == '(' && diskname[len - 1] == ')')
> diff --git a/grub-core/disk/geli.c b/grub-core/disk/geli.c
> index 32f34d5c3..32d35521b 100644
> --- a/grub-core/disk/geli.c
> +++ b/grub-core/disk/geli.c
> @@ -240,8 +240,7 @@ grub_util_get_geli_uuid (const char *dev)
> #endif
>
> static grub_cryptodisk_t
> -configure_ciphers (grub_disk_t disk, const char *check_uuid,
> - int boot_only)
> +configure_ciphers (grub_disk_t disk, grub_cryptomount_args_t cargs)
> {
> grub_cryptodisk_t newdev;
> struct grub_geli_phdr header;
> @@ -289,7 +288,7 @@ configure_ciphers (grub_disk_t disk, const char
> *check_uuid,
> return NULL;
> }
>
> - if (boot_only && !(grub_le_to_cpu32 (header.flags) & GRUB_GELI_FLAGS_BOOT))
> + if (cargs->check_boot && !(grub_le_to_cpu32 (header.flags) &
> GRUB_GELI_FLAGS_BOOT))
> {
> grub_dprintf ("geli", "not a boot volume\n");
> return NULL;
> @@ -302,9 +301,9 @@ configure_ciphers (grub_disk_t disk, const char
> *check_uuid,
> return NULL;
> }
>
> - if (check_uuid && grub_strcasecmp (check_uuid, uuid) != 0)
> + if (cargs->search_uuid && grub_strcasecmp (cargs->search_uuid, uuid) != 0)
> {
> - grub_dprintf ("geli", "%s != %s\n", uuid, check_uuid);
> + grub_dprintf ("geli", "%s != %s\n", uuid, cargs->search_uuid);
> return NULL;
> }
>
> diff --git a/grub-core/disk/luks.c b/grub-core/disk/luks.c
> index 51646cefe..6ced312c7 100644
> --- a/grub-core/disk/luks.c
> +++ b/grub-core/disk/luks.c
> @@ -63,8 +63,7 @@ gcry_err_code_t AF_merge (const gcry_md_spec_t * hash,
> grub_uint8_t * src,
> grub_size_t blocknumbers);
>
> static grub_cryptodisk_t
> -configure_ciphers (grub_disk_t disk, const char *check_uuid,
> - int check_boot)
> +configure_ciphers (grub_disk_t disk, grub_cryptomount_args_t cargs)
> {
> grub_cryptodisk_t newdev;
> const char *iptr;
> @@ -76,7 +75,7 @@ configure_ciphers (grub_disk_t disk, const char *check_uuid,
> char hashspec[sizeof (header.hashSpec) + 1];
> grub_err_t err;
>
> - if (check_boot)
> + if (cargs->check_boot)
> return NULL;
>
> /* Read the LUKS header. */
> @@ -103,9 +102,9 @@ configure_ciphers (grub_disk_t disk, const char
> *check_uuid,
> }
> *optr = 0;
>
> - if (check_uuid && grub_strcasecmp (check_uuid, uuid) != 0)
> + if (cargs->search_uuid && grub_strcasecmp (cargs->search_uuid, uuid) != 0)
if (cargs->search_uuid != NULL...
Please fix similar things below too.
> {
> - grub_dprintf ("luks", "%s != %s\n", uuid, check_uuid);
> + grub_dprintf ("luks", "%s != %s\n", uuid, cargs->search_uuid);
> return NULL;
> }
>
> @@ -162,7 +161,7 @@ luks_recover_key (grub_disk_t source,
> grub_err_t err;
> grub_size_t max_stripes = 1;
>
> - if (cargs->key_data == NULL || cargs->key_len == 0)
> + if (cargs->key_data == NULL || cargs->key_len == 0)
> return grub_error (GRUB_ERR_BAD_ARGUMENT, "No key data");
> err = grub_disk_read (source, 0, 0, sizeof (header), &header);
> diff --git a/grub-core/disk/luks2.c b/grub-core/disk/luks2.c
> index c77380cbb..28fad54aa 100644
> --- a/grub-core/disk/luks2.c
> +++ b/grub-core/disk/luks2.c
> @@ -346,14 +346,14 @@ luks2_read_header (grub_disk_t disk,
> grub_luks2_header_t *outhdr)
> }
>
> static grub_cryptodisk_t
> -luks2_scan (grub_disk_t disk, const char *check_uuid, int check_boot)
> +luks2_scan (grub_disk_t disk, grub_cryptomount_args_t cargs)
> {
> grub_cryptodisk_t cryptodisk;
> grub_luks2_header_t header;
> char uuid[sizeof (header.uuid) + 1];
> grub_size_t i, j;
>
> - if (check_boot)
> + if (cargs->check_boot)
> return NULL;
>
> if (luks2_read_header (disk, &header))
> @@ -367,7 +367,7 @@ luks2_scan (grub_disk_t disk, const char *check_uuid, int
> check_boot)
> uuid[j++] = header.uuid[i];
> uuid[j] = '\0';
>
> - if (check_uuid && grub_strcasecmp (check_uuid, uuid) != 0)
> + if (cargs->search_uuid && grub_strcasecmp (cargs->search_uuid, uuid) != 0)
> return NULL;
>
> cryptodisk = grub_zalloc (sizeof (*cryptodisk));
> diff --git a/include/grub/cryptodisk.h b/include/grub/cryptodisk.h
> index 5bd970692..2823fa80f 100644
> --- a/include/grub/cryptodisk.h
> +++ b/include/grub/cryptodisk.h
> @@ -69,7 +69,14 @@ typedef gcry_err_code_t
>
> struct grub_cryptomount_args
> {
> + /* scan: Flag to indicate that only bootable volumes should be decrypted */
> + grub_uint32_t check_boot : 1;
Could you add a comment what found_uuid flags means too?
> + grub_uint32_t found_uuid : 1;
> + /* scan: Only volumes matching this UUID should be decrpyted */
> + char *search_uuid;
> + /* recover_key: Key data used to decrypt voume */
> grub_uint8_t *key_data;
> + /* recover_key: Length of key_data */
> grub_size_t key_len;
> };
Please address Patrick's concern expressed in the other email too.
Daniel