[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-block] [PATCH v2 08/13] qcrypto-luks: extract store and load h
From: |
Daniel P . Berrangé |
Subject: |
Re: [Qemu-block] [PATCH v2 08/13] qcrypto-luks: extract store and load header |
Date: |
Fri, 6 Sep 2019 14:06:03 +0100 |
User-agent: |
Mutt/1.12.1 (2019-06-15) |
On Mon, Aug 26, 2019 at 04:50:58PM +0300, Maxim Levitsky wrote:
> Signed-off-by: Maxim Levitsky <address@hidden>
> ---
> crypto/block-luks.c | 166 +++++++++++++++++++++++++++-----------------
> 1 file changed, 102 insertions(+), 64 deletions(-)
>
> diff --git a/crypto/block-luks.c b/crypto/block-luks.c
> index cad65ae0aa..b4dc6fc899 100644
> --- a/crypto/block-luks.c
> +++ b/crypto/block-luks.c
> @@ -409,6 +409,105 @@ qcrypto_block_luks_essiv_cipher(QCryptoCipherAlgorithm
> cipher,
> }
> }
>
> +/*
> + * Stores the main LUKS header, taking care of endianess
> + */
> +static int
> +qcrypto_block_luks_store_header(QCryptoBlock *block,
> + QCryptoBlockWriteFunc writefunc,
> + void *opaque,
> + Error **errp)
> +{
> + const QCryptoBlockLUKS *luks = block->opaque;
> + Error *local_err = NULL;
> + size_t i;
> + QCryptoBlockLUKSHeader *hdr_copy;
Initialize to NULL and mark with g_autofree
> +
> + /* Create a copy of the header */
> + hdr_copy = g_new0(QCryptoBlockLUKSHeader, 1);
> + memcpy(hdr_copy, &luks->header, sizeof(QCryptoBlockLUKSHeader));
> +
> + /*
> + * Everything on disk uses Big Endian (tm), so flip header fields
> + * before writing them
> + */
> + cpu_to_be16s(&hdr_copy->version);
> + cpu_to_be32s(&hdr_copy->payload_offset_sector);
> + cpu_to_be32s(&hdr_copy->master_key_len);
> + cpu_to_be32s(&hdr_copy->master_key_iterations);
> +
> + for (i = 0; i < QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS; i++) {
> + cpu_to_be32s(&hdr_copy->key_slots[i].active);
> + cpu_to_be32s(&hdr_copy->key_slots[i].iterations);
> + cpu_to_be32s(&hdr_copy->key_slots[i].key_offset_sector);
> + cpu_to_be32s(&hdr_copy->key_slots[i].stripes);
> + }
> +
> + /* Write out the partition header and key slot headers */
> + writefunc(block, 0, (const uint8_t *)hdr_copy, sizeof(*hdr_copy),
> + opaque, &local_err);
> +
> + g_free(hdr_copy);
And then this can be removed
> +
> + if (local_err) {
> + error_propagate(errp, local_err);
> + return -1;
> + }
> + return 0;
> +}
> +
> +/*
> + * Loads the main LUKS header,and byteswaps it to native endianess
> + * And run basic sanity checks on it
> + */
> +static int
> +qcrypto_block_luks_load_header(QCryptoBlock *block,
> + QCryptoBlockReadFunc readfunc,
> + void *opaque,
> + Error **errp)
> +{
> + ssize_t rv;
> + size_t i;
> + int ret = 0;
> + QCryptoBlockLUKS *luks = block->opaque;
> +
> + /*
> + * Read the entire LUKS header, minus the key material from
> + * the underlying device
> + */
> +
> + rv = readfunc(block, 0,
> + (uint8_t *)&luks->header,
> + sizeof(luks->header),
> + opaque,
> + errp);
> + if (rv < 0) {
> + ret = rv;
> + goto fail;
Nothing happens at the fail: label, so you can just 'return rv'
straightaway IMHO
> + }
> +
> + /*
> + * The header is always stored in big-endian format, so
> + * convert everything to native
> + */
> + be16_to_cpus(&luks->header.version);
> + be32_to_cpus(&luks->header.payload_offset_sector);
> + be32_to_cpus(&luks->header.master_key_len);
> + be32_to_cpus(&luks->header.master_key_iterations);
> +
> + for (i = 0; i < QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS; i++) {
> + be32_to_cpus(&luks->header.key_slots[i].active);
> + be32_to_cpus(&luks->header.key_slots[i].iterations);
> + be32_to_cpus(&luks->header.key_slots[i].key_offset_sector);
> + be32_to_cpus(&luks->header.key_slots[i].stripes);
> + }
> +
> +
> + return 0;
> +fail:
> + return ret;
> +}
> - /* Read the entire LUKS header, minus the key material from
> - * the underlying device */
> - rv = readfunc(block, 0,
> - (uint8_t *)&luks->header,
> - sizeof(luks->header),
> - opaque,
> - errp);
> - if (rv < 0) {
> - ret = rv;
> + ret = qcrypto_block_luks_load_header(block, readfunc, opaque, errp);
> + if (ret) {
if (ret < 0)
> goto fail;
> }
>
> - /* The header is always stored in big-endian format, so
> - * convert everything to native */
> - be16_to_cpus(&luks->header.version);
> - be32_to_cpus(&luks->header.payload_offset_sector);
> - be32_to_cpus(&luks->header.master_key_len);
> - be32_to_cpus(&luks->header.master_key_iterations);
> -
> - for (i = 0; i < QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS; i++) {
> - be32_to_cpus(&luks->header.key_slots[i].active);
> - be32_to_cpus(&luks->header.key_slots[i].iterations);
> - be32_to_cpus(&luks->header.key_slots[i].key_offset_sector);
> - be32_to_cpus(&luks->header.key_slots[i].stripes);
> - }
>
> if (memcmp(luks->header.magic, qcrypto_block_luks_magic,
> QCRYPTO_BLOCK_LUKS_MAGIC_LEN) != 0) {
> @@ -1235,46 +1312,7 @@ qcrypto_block_luks_create(QCryptoBlock *block,
> goto error;
> }
> - if (local_err) {
> - error_propagate(errp, local_err);
> + if (qcrypto_block_luks_store_header(block, writefunc, opaque, errp)) {
The comparison should be "< 0"
> goto error;
> }
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: [Qemu-block] [PATCH v2 08/13] qcrypto-luks: extract store and load header,
Daniel P . Berrangé <=