Georg/luksrku
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Consistent naming and implemented flag honoring

Browse Source 
Name the flag exactly as it's used by LUKS everywhere: allow_discards
(we had in some places "discard", "allow_discard"). Implement actually
honoring that flag if it's set. Untested code.
This commit is contained in:
Johannes Bauer 2021-06-27 09:47:59 +02:00
parent cd38193993
commit b0fc16bfc7
5 changed files with 30 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
client.c
View File

@ -65,7 +65,8 @@ static bool unlock_luks_volume(const volume_entry_t *volume, const struct msg_t
bool success = true; bool success = true;
char luks_passphrase[LUKS_PASSPHRASE_TEXT_SIZE_BYTES]; char luks_passphrase[LUKS_PASSPHRASE_TEXT_SIZE_BYTES];
if (ascii_encode(luks_passphrase, sizeof(luks_passphrase), unlock_msg->luks_passphrase_raw, sizeof(unlock_msg->luks_passphrase_raw))) { if (ascii_encode(luks_passphrase, sizeof(luks_passphrase), unlock_msg->luks_passphrase_raw, sizeof(unlock_msg->luks_passphrase_raw))) {
success = open_luks_device(volume->volume_uuid, volume->devmapper_name, luks_passphrase, strlen(luks_passphrase)); bool allow_discards = volume->volume_flags & VOLUME_FLAG_ALLOW_DISCARDS;
success = open_luks_device(volume->volume_uuid, volume->devmapper_name, luks_passphrase, strlen(luks_passphrase), allow_discards);
} else { } else {
log_msg(LLVL_FATAL, "Failed to transcribe raw LUKS passphrase to text form."); log_msg(LLVL_FATAL, "Failed to transcribe raw LUKS passphrase to text form.");
success = false; success = false;

10
editor.c
View File

@ -249,8 +249,8 @@ static enum cmd_returncode_t cmd_list(struct editor_context_t *ctx, const char *
if (volume->volume_flags == 0) { if (volume->volume_flags == 0) {
printf("defaults"); printf("defaults");
} else { } else {
if (volume->volume_flags & VOLUME_FLAG_ALLOW_DISCARD) { if (volume->volume_flags & VOLUME_FLAG_ALLOW_DISCARDS) {
printf("allow_discard "); printf("allow_discards ");
} }
} }
printf("\n"); printf("\n");
@ -409,10 +409,10 @@ static enum cmd_returncode_t cmd_flag_volume(struct editor_context_t *ctx, const
} }
unsigned int flag_value = 0; unsigned int flag_value = 0;
if (!strcasecmp(flag_str + 1, "discard")) { if (!strcasecmp(flag_str + 1, "allow_discards")) {
flag_value = VOLUME_FLAG_ALLOW_DISCARD; flag_value = VOLUME_FLAG_ALLOW_DISCARDS;
} else { } else {
fprintf(stderr, "Invalid flag '%s': allowed is only 'discard'.\n", flag_str + 1); fprintf(stderr, "Invalid flag '%s': allowed is only 'allow_discards'.\n", flag_str + 1);
return COMMAND_FAILURE; return COMMAND_FAILURE;
} }

2
keydb.h
View File

@ -33,7 +33,7 @@
#define ALIGNED __attribute__ ((aligned(4))) #define ALIGNED __attribute__ ((aligned(4)))
enum volume_flag_t { enum volume_flag_t {
VOLUME_FLAG_ALLOW_DISCARD = (1 << 0), VOLUME_FLAG_ALLOW_DISCARDS = (1 << 0),
}; };
/* Unused so far */ /* Unused so far */

26
luks.c
View File

@ -50,25 +50,39 @@ bool is_luks_device_opened(const char *mapping_name) {
return runresult.success && (runresult.returncode == 0); return runresult.success && (runresult.returncode == 0);
} }
bool open_luks_device(const uint8_t *encrypted_device_uuid, const char *mapping_name, const char *passphrase, unsigned int passphrase_length) { bool open_luks_device(const uint8_t *encrypted_device_uuid, const char *mapping_name, const char *passphrase, unsigned int passphrase_length, bool allow_discards) {
char encrypted_device[64]; char encrypted_device[64];
strcpy(encrypted_device, "UUID="); strcpy(encrypted_device, "UUID=");
sprintf_uuid(encrypted_device + 5, encrypted_device_uuid); sprintf_uuid(encrypted_device + 5, encrypted_device_uuid);
log_msg(LLVL_INFO, "Trying to unlock LUKS mapping %s based on %s", mapping_name, encrypted_device); log_msg(LLVL_INFO, "Trying to unlock LUKS mapping %s based on %s", mapping_name, encrypted_device);
struct exec_cmd_t cmd = { struct exec_cmd_t cmd = {
.argv = (const char *[]){ .stdin_data = passphrase,
.stdin_length = passphrase_length,
.show_output = should_log(LLVL_DEBUG),
};
if (!allow_discards) {
cmd.argv = (const char *[]) {
"cryptsetup", "cryptsetup",
"luksOpen", "luksOpen",
"-T", "1", "-T", "1",
encrypted_device, encrypted_device,
mapping_name, mapping_name,
NULL, NULL,
},
.stdin_data = passphrase,
.stdin_length = passphrase_length,
.show_output = should_log(LLVL_DEBUG),
}; };
} else {
cmd.argv = (const char *[]) {
"cryptsetup",
"--allow-discards",
"luksOpen",
"-T", "1",
encrypted_device,
mapping_name,
NULL,
};
}
struct exec_result_t runresult = exec_command(&cmd); struct exec_result_t runresult = exec_command(&cmd);
return runresult.success && (runresult.returncode == 0); return runresult.success && (runresult.returncode == 0);
} }

2
luks.h
View File

@ -29,7 +29,7 @@
/*************** AUTO GENERATED SECTION FOLLOWS ***************/ /*************** AUTO GENERATED SECTION FOLLOWS ***************/
bool is_luks_device_opened(const char *mapping_name); bool is_luks_device_opened(const char *mapping_name);
bool open_luks_device(const uint8_t *encrypted_device_uuid, const char *mapping_name, const char *passphrase, unsigned int passphrase_length); bool open_luks_device(const uint8_t *encrypted_device_uuid, const char *mapping_name, const char *passphrase, unsigned int passphrase_length, bool allow_discards);
/*************** AUTO GENERATED SECTION ENDS ***************/ /*************** AUTO GENERATED SECTION ENDS ***************/
#endif #endif