Support in grub userland tools for other PBKDF2 hashes

Hi everyone, It's been brought to my attention that in my commit [1], I mistakenly indicated that SHA256 was the only hash supported by the PBKDF2 kdf. I may have misread the default value for the list of possible values in the upstream spec, since more hashes are supported. One possible

[PATCH v6 0/2] Have LUKS2 cryptomounts be useable with grub-probe

Hello Daniel, Thanks for the review. The following updated patches should contain all the changes you asked for. >Please add your Signed-off-by here. Same applies to first patch too. Done. > Please format comments, here and below, properly [1]. Sorry about that, I missed the empty first line.

[PATCH v6 2/2] devmapper/getroot: Set up cheated LUKS2 cryptodisk mount from DM parameters

This lets a LUKS2 cryptodisk have its cipher and hash filled out, otherwise they wouldn't be initialized if cheat mounted. Signed-off-by: Josselin Poiret --- grub-core/osdep/devmapper/getroot.c | 107 +++- 1 file changed, 106 insertions(+), 1 deletion(-) diff --git

[PATCH v6 1/2] devmapper/getroot: Have devmapper recognize LUKS2

Changes UUID comparisons so that LUKS1 and LUKS2 are both recognized as being LUKS cryptodisks. Signed-off-by: Josselin Poiret --- grub-core/osdep/devmapper/getroot.c | 11 +++ 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/grub-core/osdep/devmapper/getroot.c

[PATCH v5 2/2] devmapper/getroot: Set up cheated LUKS2 cryptodisk mount from DM parameters

This lets a LUKS2 cryptodisk have its cipher and hash filled out, otherwise they wouldn't be initialized if cheat mounted. --- grub-core/osdep/devmapper/getroot.c | 87 - 1 file changed, 86 insertions(+), 1 deletion(-) diff --git a/grub-core/osdep/devmapper/getroot.c

[PATCH v5 1/2] devmapper/getroot: Have devmapper recognize LUKS2

Changes UUID comparisons so that LUKS1 and LUKS2 are both recognized as being LUKS cryptodisks. --- grub-core/osdep/devmapper/getroot.c | 11 +++ 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/grub-core/osdep/devmapper/getroot.c b/grub-core/osdep/devmapper/getroot.c index

[PATCH v5 0/2] Have LUKS2 cryptomounts be useable with grub-probe

Hello again, Following Michael's mail, here's hopefully the latest patch series! This fixes building on 32-bit by using grub_uint64_t indiscriminately, and removes the curly braces for the the two ifs at the end. Sorry for all the noise. Best, -- Josselin Poiret

[PATCH v4 0/2] Have LUKS2 cryptomounts be useable with grub-probe

Hello Glenn, I took the time to rebase all the patches on the latest master, then remove the problematic parsing, keeping only the cipher part, as well as add some additional error checking for grub_cryptodisk_setcipher and grub_crypto_lookup_md_by_name. I also took note of another mail saying

[PATCH v4 2/2] devmapper/getroot: Set up cheated LUKS2 cryptodisk mount from DM parameters

This lets a LUKS2 cryptodisk have its cipher and hash filled out, otherwise they wouldn't be initialized if cheat mounted. --- grub-core/osdep/devmapper/getroot.c | 91 - 1 file changed, 90 insertions(+), 1 deletion(-) diff --git a/grub-core/osdep/devmapper/getroot.c

[PATCH v4 1/2] devmapper/getroot: Have devmapper recognize LUKS2

Changes UUID comparisons so that LUKS1 and LUKS2 are both recognized as being LUKS cryptodisks. --- grub-core/osdep/devmapper/getroot.c | 11 +++ 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/grub-core/osdep/devmapper/getroot.c b/grub-core/osdep/devmapper/getroot.c index

Re: [PATCH v3 2/2] devmapper/getroot: Set up cheated LUKS2 cryptodisk mount from DM parameters

Hello Glenn, Glenn Washburn writes: > After reviewing this, I stumbled upon Fabian's patch. I wrote a > response on the thread of that patch with the suggestion that his patch > be used to get the total number of sectors and sector size and this > patch be used to get the crypto information.

[PATCH v3 0/2] Have LUKS2 cryptomounts be useable with grub-probe

Hello Glenn, Thanks for your review! I've adressed all of your comments with these revised patches (only the second one has changed), with the caveats below: Glenn Washburn writes: > >> +grub_util_error (_("can't set dm task name to `%s'"), name); >> + if

[PATCH v3 2/2] devmapper/getroot: Set up cheated LUKS2 cryptodisk mount from DM parameters

This lets a LUKS2 cryptodisk have all the cipher, hash, and sizes filled out, otherwise they wouldn't be initialized if cheat mounted. --- grub-core/osdep/devmapper/getroot.c | 130 +++- 1 file changed, 129 insertions(+), 1 deletion(-) diff --git

[PATCH v3 1/2] devmapper/getroot: Have devmapper recognize LUKS2

Changes UUID comparisons so that LUKS1 and LUKS2 are both recognized as being LUKS cryptodisks. --- grub-core/osdep/devmapper/getroot.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/grub-core/osdep/devmapper/getroot.c b/grub-core/osdep/devmapper/getroot.c index

Re: [PATCH v2 3/3] grub-core/kern/disk.c: handle LUKS2 devices

Hello everyone, Glenn Washburn writes: > I don't really like this, but it gets the job done and is a work-around > for a peculiarity of the LUKS2 backend. The cheat mount code for > cryptodisk does only calls scan() and not recover_key(). For LUKS1 scan > will return a grub_cryptodisk_t with

Re: [PATCH 3/4] luks2: set up dummy sector size during scan

Hi Fabian, Fabian Vogt writes: > Did you have a look at my approach? That effectively does the same, but using > a > single ioctl instead of anything complex with DM directly. I agree that it's sufficient for sector_size, but we still need the cryptodisk algorithm so that grub-install will

Re: [PATCH 3/4] luks2: set up dummy sector size during scan

Hello everyone, Fabian Vogt writes: > It looks like we have a third patch (series) for this feature meanwhile: > [PATCH 0/2] Have LUKS2 cryptomounts be useable with grub-probe > > I CC'd the author, let's try to coordinate. > > Thanks, > Fabian Let me just say that I had not found this patch

[PATCH v2 0/2] Have LUKS2 cryptomounts be useable with grub-probe

Glenn Washburn writes: > Its not clear to me, did you test a LUKS2 device with sector size 4096 > with this change? I believe DM does use 512-byte sectors internally, > but it can create block devices that report and use other sector sizes. > You can verfiy this by creating a 4096 sector size

[PATCH v2 1/2] devmapper/getroot: Have devmapper recognize LUKS2

Changes UUID comparisons so that LUKS1 and LUKS2 are both recognized as being LUKS cryptodisks. --- grub-core/osdep/devmapper/getroot.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/grub-core/osdep/devmapper/getroot.c b/grub-core/osdep/devmapper/getroot.c index

[PATCH v2 2/2] devmapper/getroot: Set up cheated LUKS2 cryptodisk mount from DM parameters

This lets a LUKS2 cryptodisk have all the cipher, hash, and sizes filled out, otherwise they wouldn't be initialized if cheat mounted. --- grub-core/osdep/devmapper/getroot.c | 99 - 1 file changed, 98 insertions(+), 1 deletion(-) diff --git

[PATCH 0/2] Have LUKS2 cryptomounts be useable with grub-probe

Hello, These two draft patches make devmapper set up LUKS2 cryptomount properties when pulling, as well as report LUKS2 cryptomounts as having GRUB_DEV_ABSTRACTION_LUKS. This makes grub-probe and grub-install behave properly wrt. LUKS2 drives: `grub-probe -t abstraction /` reports all the needed

[PATCH 2/2] devmapper/getroot: Set up cheated LUKS2 cryptodisk mount from DM parameters

This lets a LUKS2 cryptodisk have all the cipher, hash, and sizes filled out, otherwise they wouldn't be initialized if cheat mounted. --- grub-core/osdep/devmapper/getroot.c | 51 - 1 file changed, 50 insertions(+), 1 deletion(-) diff --git

[PATCH 1/2] devmapper/getroot: Have devmapper recognize LUKS2

Changes UUID comparisons so that LUKS1 and LUKS2 are both recognized as being LUKS cryptodisks. --- grub-core/osdep/devmapper/getroot.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/grub-core/osdep/devmapper/getroot.c b/grub-core/osdep/devmapper/getroot.c index