Hi everyone,
It's been brought to my attention that in my commit [1], I mistakenly
indicated that SHA256 was the only hash supported by the PBKDF2 kdf. I
may have misread the default value for the list of possible values in
the upstream spec, since more hashes are supported. One possible
Hello Daniel,
Thanks for the review. The following updated patches should contain all the
changes you asked for.
>Please add your Signed-off-by here. Same applies to first patch too.
Done.
> Please format comments, here and below, properly [1].
Sorry about that, I missed the empty first line.
This lets a LUKS2 cryptodisk have its cipher and hash filled out,
otherwise they wouldn't be initialized if cheat mounted.
Signed-off-by: Josselin Poiret
---
grub-core/osdep/devmapper/getroot.c | 107 +++-
1 file changed, 106 insertions(+), 1 deletion(-)
diff --git
Changes UUID comparisons so that LUKS1 and LUKS2 are both recognized
as being LUKS cryptodisks.
Signed-off-by: Josselin Poiret
---
grub-core/osdep/devmapper/getroot.c | 11 +++
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/grub-core/osdep/devmapper/getroot.c
This lets a LUKS2 cryptodisk have its cipher and hash filled out,
otherwise they wouldn't be initialized if cheat mounted.
---
grub-core/osdep/devmapper/getroot.c | 87 -
1 file changed, 86 insertions(+), 1 deletion(-)
diff --git a/grub-core/osdep/devmapper/getroot.c
Changes UUID comparisons so that LUKS1 and LUKS2 are both recognized
as being LUKS cryptodisks.
---
grub-core/osdep/devmapper/getroot.c | 11 +++
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/grub-core/osdep/devmapper/getroot.c
b/grub-core/osdep/devmapper/getroot.c
index
Hello again,
Following Michael's mail, here's hopefully the latest patch series!
This fixes building on 32-bit by using grub_uint64_t indiscriminately,
and removes the curly braces for the the two ifs at the end.
Sorry for all the noise.
Best,
--
Josselin Poiret
Hello Glenn,
I took the time to rebase all the patches on the latest master, then
remove the problematic parsing, keeping only the cipher part, as well
as add some additional error checking for grub_cryptodisk_setcipher
and grub_crypto_lookup_md_by_name. I also took note of another mail
saying
This lets a LUKS2 cryptodisk have its cipher and hash filled out,
otherwise they wouldn't be initialized if cheat mounted.
---
grub-core/osdep/devmapper/getroot.c | 91 -
1 file changed, 90 insertions(+), 1 deletion(-)
diff --git a/grub-core/osdep/devmapper/getroot.c
Changes UUID comparisons so that LUKS1 and LUKS2 are both recognized
as being LUKS cryptodisks.
---
grub-core/osdep/devmapper/getroot.c | 11 +++
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/grub-core/osdep/devmapper/getroot.c
b/grub-core/osdep/devmapper/getroot.c
index
Hello Glenn,
Glenn Washburn writes:
> After reviewing this, I stumbled upon Fabian's patch. I wrote a
> response on the thread of that patch with the suggestion that his patch
> be used to get the total number of sectors and sector size and this
> patch be used to get the crypto information.
Hello Glenn,
Thanks for your review! I've adressed all of your comments with these
revised patches (only the second one has changed), with the caveats below:
Glenn Washburn writes:
>
>> +grub_util_error (_("can't set dm task name to `%s'"), name);
>> + if
This lets a LUKS2 cryptodisk have all the cipher, hash, and sizes
filled out, otherwise they wouldn't be initialized if cheat mounted.
---
grub-core/osdep/devmapper/getroot.c | 130 +++-
1 file changed, 129 insertions(+), 1 deletion(-)
diff --git
Changes UUID comparisons so that LUKS1 and LUKS2 are both recognized
as being LUKS cryptodisks.
---
grub-core/osdep/devmapper/getroot.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/grub-core/osdep/devmapper/getroot.c
b/grub-core/osdep/devmapper/getroot.c
index
Hello everyone,
Glenn Washburn writes:
> I don't really like this, but it gets the job done and is a work-around
> for a peculiarity of the LUKS2 backend. The cheat mount code for
> cryptodisk does only calls scan() and not recover_key(). For LUKS1 scan
> will return a grub_cryptodisk_t with
Hi Fabian,
Fabian Vogt writes:
> Did you have a look at my approach? That effectively does the same, but using
> a
> single ioctl instead of anything complex with DM directly.
I agree that it's sufficient for sector_size, but we still need the
cryptodisk algorithm so that grub-install will
Hello everyone,
Fabian Vogt writes:
> It looks like we have a third patch (series) for this feature meanwhile:
> [PATCH 0/2] Have LUKS2 cryptomounts be useable with grub-probe
>
> I CC'd the author, let's try to coordinate.
>
> Thanks,
> Fabian
Let me just say that I had not found this patch
Glenn Washburn writes:
> Its not clear to me, did you test a LUKS2 device with sector size 4096
> with this change? I believe DM does use 512-byte sectors internally,
> but it can create block devices that report and use other sector sizes.
> You can verfiy this by creating a 4096 sector size
Changes UUID comparisons so that LUKS1 and LUKS2 are both recognized
as being LUKS cryptodisks.
---
grub-core/osdep/devmapper/getroot.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/grub-core/osdep/devmapper/getroot.c
b/grub-core/osdep/devmapper/getroot.c
index
This lets a LUKS2 cryptodisk have all the cipher, hash, and sizes
filled out, otherwise they wouldn't be initialized if cheat mounted.
---
grub-core/osdep/devmapper/getroot.c | 99 -
1 file changed, 98 insertions(+), 1 deletion(-)
diff --git
Hello,
These two draft patches make devmapper set up LUKS2 cryptomount
properties when pulling, as well as report LUKS2 cryptomounts as
having GRUB_DEV_ABSTRACTION_LUKS. This makes grub-probe and
grub-install behave properly wrt. LUKS2 drives: `grub-probe -t
abstraction /` reports all the needed
This lets a LUKS2 cryptodisk have all the cipher, hash, and sizes
filled out, otherwise they wouldn't be initialized if cheat mounted.
---
grub-core/osdep/devmapper/getroot.c | 51 -
1 file changed, 50 insertions(+), 1 deletion(-)
diff --git
Changes UUID comparisons so that LUKS1 and LUKS2 are both recognized
as being LUKS cryptodisks.
---
grub-core/osdep/devmapper/getroot.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/grub-core/osdep/devmapper/getroot.c
b/grub-core/osdep/devmapper/getroot.c
index
23 matches
Mail list logo