From b0fc16bfc71156cbf5e423502428a6c058c1f89b Mon Sep 17 00:00:00 2001 From: Johannes Bauer Date: Sun, 27 Jun 2021 09:47:59 +0200 Subject: [PATCH] Consistent naming and implemented flag honoring Name the flag exactly as it's used by LUKS everywhere: allow_discards (we had in some places "discard", "allow_discard"). Implement actually honoring that flag if it's set. Untested code. --- client.c | 3 ++- editor.c | 10 +++++----- keydb.h | 2 +- luks.c | 28 +++++++++++++++++++++------- luks.h | 2 +- 5 files changed, 30 insertions(+), 15 deletions(-) diff --git a/client.c b/client.c index ddfac7d..360bbf7 100644 --- a/client.c +++ b/client.c @@ -65,7 +65,8 @@ static bool unlock_luks_volume(const volume_entry_t *volume, const struct msg_t bool success = true; char luks_passphrase[LUKS_PASSPHRASE_TEXT_SIZE_BYTES]; if (ascii_encode(luks_passphrase, sizeof(luks_passphrase), unlock_msg->luks_passphrase_raw, sizeof(unlock_msg->luks_passphrase_raw))) { - success = open_luks_device(volume->volume_uuid, volume->devmapper_name, luks_passphrase, strlen(luks_passphrase)); + bool allow_discards = volume->volume_flags & VOLUME_FLAG_ALLOW_DISCARDS; + success = open_luks_device(volume->volume_uuid, volume->devmapper_name, luks_passphrase, strlen(luks_passphrase), allow_discards); } else { log_msg(LLVL_FATAL, "Failed to transcribe raw LUKS passphrase to text form."); success = false; diff --git a/editor.c b/editor.c index b5c19bf..5e7d91f 100644 --- a/editor.c +++ b/editor.c @@ -249,8 +249,8 @@ static enum cmd_returncode_t cmd_list(struct editor_context_t *ctx, const char * if (volume->volume_flags == 0) { printf("defaults"); } else { - if (volume->volume_flags & VOLUME_FLAG_ALLOW_DISCARD) { - printf("allow_discard "); + if (volume->volume_flags & VOLUME_FLAG_ALLOW_DISCARDS) { + printf("allow_discards "); } } printf("\n"); @@ -409,10 +409,10 @@ static enum cmd_returncode_t cmd_flag_volume(struct editor_context_t *ctx, const } unsigned int flag_value = 0; - if (!strcasecmp(flag_str + 1, "discard")) { - flag_value = VOLUME_FLAG_ALLOW_DISCARD; + if (!strcasecmp(flag_str + 1, "allow_discards")) { + flag_value = VOLUME_FLAG_ALLOW_DISCARDS; } else { - fprintf(stderr, "Invalid flag '%s': allowed is only 'discard'.\n", flag_str + 1); + fprintf(stderr, "Invalid flag '%s': allowed is only 'allow_discards'.\n", flag_str + 1); return COMMAND_FAILURE; } diff --git a/keydb.h b/keydb.h index 34cf004..3e79e6a 100644 --- a/keydb.h +++ b/keydb.h @@ -33,7 +33,7 @@ #define ALIGNED __attribute__ ((aligned(4))) enum volume_flag_t { - VOLUME_FLAG_ALLOW_DISCARD = (1 << 0), + VOLUME_FLAG_ALLOW_DISCARDS = (1 << 0), }; /* Unused so far */ diff --git a/luks.c b/luks.c index 164c506..c73809c 100644 --- a/luks.c +++ b/luks.c @@ -50,25 +50,39 @@ bool is_luks_device_opened(const char *mapping_name) { return runresult.success && (runresult.returncode == 0); } -bool open_luks_device(const uint8_t *encrypted_device_uuid, const char *mapping_name, const char *passphrase, unsigned int passphrase_length) { +bool open_luks_device(const uint8_t *encrypted_device_uuid, const char *mapping_name, const char *passphrase, unsigned int passphrase_length, bool allow_discards) { char encrypted_device[64]; strcpy(encrypted_device, "UUID="); sprintf_uuid(encrypted_device + 5, encrypted_device_uuid); log_msg(LLVL_INFO, "Trying to unlock LUKS mapping %s based on %s", mapping_name, encrypted_device); struct exec_cmd_t cmd = { - .argv = (const char *[]){ + .stdin_data = passphrase, + .stdin_length = passphrase_length, + .show_output = should_log(LLVL_DEBUG), + }; + + if (!allow_discards) { + cmd.argv = (const char *[]) { "cryptsetup", "luksOpen", "-T", "1", encrypted_device, mapping_name, NULL, - }, - .stdin_data = passphrase, - .stdin_length = passphrase_length, - .show_output = should_log(LLVL_DEBUG), - }; + }; + } else { + cmd.argv = (const char *[]) { + "cryptsetup", + "--allow-discards", + "luksOpen", + "-T", "1", + encrypted_device, + mapping_name, + NULL, + }; + } + struct exec_result_t runresult = exec_command(&cmd); return runresult.success && (runresult.returncode == 0); } diff --git a/luks.h b/luks.h index 53521d9..0c5703a 100644 --- a/luks.h +++ b/luks.h @@ -29,7 +29,7 @@ /*************** AUTO GENERATED SECTION FOLLOWS ***************/ bool is_luks_device_opened(const char *mapping_name); -bool open_luks_device(const uint8_t *encrypted_device_uuid, const char *mapping_name, const char *passphrase, unsigned int passphrase_length); +bool open_luks_device(const uint8_t *encrypted_device_uuid, const char *mapping_name, const char *passphrase, unsigned int passphrase_length, bool allow_discards); /*************** AUTO GENERATED SECTION ENDS ***************/ #endif