subject:"Re\: \[PATCH v7 06\/17\] luks2\: Use more intuitive slot key instead of index in user messages"

Re: [PATCH v7 06/17] luks2: Use more intuitive slot key instead of index in user messages

2020-12-08 Thread Glenn Washburn

On Mon, 7 Dec 2020 21:15:33 +0100
Daniel Kiper  wrote:

> On Fri, Dec 04, 2020 at 10:43:35AM -0600, Glenn Washburn wrote:
> > Use the slot key name in the json array rather than the 0 based
> > index in the json array for keyslots, segments, and digests. This
> > is less confusing for the end user. For example, say you have a
> > LUKS2 device with a key in slot 1 and slot 4. When using the
> > password for slot 4 to unlock the device, the messages using the
> > index of the keyslot will mention keyslot 1 (its a zero-based
> > index). Furthermore, with this change the keyslot number will align
> > with the number used to reference the keyslot when using the
> > --key-slot argument to cryptsetup.
> >
> > Signed-off-by: Glenn Washburn 
> > ---
> >  grub-core/disk/luks2.c | 20 ++--
> >  1 file changed, 10 insertions(+), 10 deletions(-)
> >
> > diff --git a/grub-core/disk/luks2.c b/grub-core/disk/luks2.c
> > index 437c1da07..ea1065bcf 100644
> > --- a/grub-core/disk/luks2.c
> > +++ b/grub-core/disk/luks2.c
> > @@ -284,13 +284,13 @@ luks2_get_keyslot (grub_luks2_keyslot_t *k,
> > grub_luks2_digest_t *d, grub_luks2_s grub_json_getuint64
> > (>json_slot_key, , NULL) || grub_json_getchild (,
> > , 0) || luks2_parse_digest (d, ))
> > -   return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse
> > digest %"PRIuGRUB_SIZE, i);
> > +   return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse
> > digest index %"PRIuGRUB_SIZE, i);
> 
> Does not this change belong to next patch?

Ugh, yes.

> >if ((d->keyslots & (1 << k->json_slot_key)))
> > break;
> >  }
> >if (i == size)
> > -  return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No digest for
> > keyslot %"PRIuGRUB_SIZE, keyslot_idx);
> > +  return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No digest for
> > keyslot \"%"PRIuGRUB_UINT64_T"\"", k->slot_key);
> 
> I am afraid this does not build. The slot_key seems a remnant from v6.

Hmm, yes, I'm fairly certain the whole patch series builds, which is
why I didn't catch this.  Some changes got applied to the wrong
patches, which is why this happened, I think.

> >/* Get segment that matches the digest. */
> >if (grub_json_getvalue (, root, "segments") ||
> > @@ -308,7 +308,7 @@ luks2_get_keyslot (grub_luks2_keyslot_t *k,
> > grub_luks2_digest_t *d, grub_luks2_s break;
> >  }
> >if (i == size)
> > -return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No segment for
> > digest %"PRIuGRUB_SIZE);
> > +return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No segment for
> > digest \"%"PRIuGRUB_UINT64_T"\"", d->slot_key);
> 
> Ditto and below...
>
> >return GRUB_ERR_NONE;
> >  }
> > @@ -604,11 +604,11 @@ luks2_recover_key (grub_disk_t source,
> >
> >if (keyslot.priority == 0)
> > {
> > - grub_dprintf ("luks2", "Ignoring keyslot
> > %"PRIuGRUB_SIZE" due to priority\n", i);
> > + grub_dprintf ("luks2", "Ignoring keyslot
> > \"%"PRIuGRUB_UINT64_T"\" due to priority\n", keyslot.slot_key);
> > continue; }
> >
> > -  grub_dprintf ("luks2", "Trying keyslot %"PRIuGRUB_SIZE"\n",
> > i);
> > +  grub_dprintf ("luks2", "Trying keyslot
> > \"%"PRIuGRUB_UINT64_T"\"\n", keyslot.slot_key);
> >
> >/* Set up disk according to keyslot's segment. */
> >crypt->offset_sectors = grub_divmod64 (segment.offset,
> > segment.sector_size, NULL); @@ -623,16 +623,16 @@ luks2_recover_key
> > (grub_disk_t source, (const grub_uint8_t *) passphrase, grub_strlen
> > (passphrase)); if (ret)
> > {
> > - grub_dprintf ("luks2", "Decryption with keyslot
> > %"PRIuGRUB_SIZE" failed: %s\n",
> > -   i, grub_errmsg);
> > + grub_dprintf ("luks2", "Decryption with keyslot
> > \"%"PRIuGRUB_UINT64_T"\" failed: %s\n",
> > +   keyslot.slot_key, grub_errmsg);
> >   continue;
> > }
> >
> >ret = luks2_verify_key (, candidate_key,
> > keyslot.key_size); if (ret)
> > {
> > - grub_dprintf ("luks2", "Could not open keyslot
> > %"PRIuGRUB_SIZE": %s\n",
> > -   i, grub_errmsg);
> > + grub_dprintf ("luks2", "Could not open keyslot
> > \"%"PRIuGRUB_UINT64_T"\": %s\n",
> > +   keyslot.slot_key, grub_errmsg);
> >   continue;
> > }
> >
> > @@ -640,7 +640,7 @@ luks2_recover_key (grub_disk_t source,
> > * TRANSLATORS: It's a cryptographic key slot: one element
> > of an array
> > * where each element is either empty or holds a key.
> > */
> > -  grub_printf_ (N_("Slot %"PRIuGRUB_SIZE" opened\n"), i);
> > +  grub_printf_ (N_("Slot \"%"PRIuGRUB_UINT64_T"\" opened\n"),
> > keyslot.slot_key);
> >
> >candidate_key_len = keyslot.key_size;
> >break;
> 
> Daniel

Glenn

___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Re: [PATCH v7 06/17] luks2: Use more intuitive slot key instead of index in user messages

2020-12-07 Thread Daniel Kiper

On Fri, Dec 04, 2020 at 10:43:35AM -0600, Glenn Washburn wrote:
> Use the slot key name in the json array rather than the 0 based index in the
> json array for keyslots, segments, and digests. This is less confusing for
> the end user. For example, say you have a LUKS2 device with a key in slot 1
> and slot 4. When using the password for slot 4 to unlock the device, the
> messages using the index of the keyslot will mention keyslot 1 (its a
> zero-based index). Furthermore, with this change the keyslot number will
> align with the number used to reference the keyslot when using the
> --key-slot argument to cryptsetup.
>
> Signed-off-by: Glenn Washburn 
> ---
>  grub-core/disk/luks2.c | 20 ++--
>  1 file changed, 10 insertions(+), 10 deletions(-)
>
> diff --git a/grub-core/disk/luks2.c b/grub-core/disk/luks2.c
> index 437c1da07..ea1065bcf 100644
> --- a/grub-core/disk/luks2.c
> +++ b/grub-core/disk/luks2.c
> @@ -284,13 +284,13 @@ luks2_get_keyslot (grub_luks2_keyslot_t *k, 
> grub_luks2_digest_t *d, grub_luks2_s
> grub_json_getuint64 (>json_slot_key, , NULL) ||
>grub_json_getchild (, , 0) ||
>luks2_parse_digest (d, ))
> - return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse digest 
> %"PRIuGRUB_SIZE, i);
> + return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse digest index 
> %"PRIuGRUB_SIZE, i);

Does not this change belong to next patch?

>if ((d->keyslots & (1 << k->json_slot_key)))
>   break;
>  }
>if (i == size)
> -  return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No digest for keyslot 
> %"PRIuGRUB_SIZE, keyslot_idx);
> +  return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No digest for keyslot 
> \"%"PRIuGRUB_UINT64_T"\"", k->slot_key);

I am afraid this does not build. The slot_key seems a remnant from v6.

>/* Get segment that matches the digest. */
>if (grub_json_getvalue (, root, "segments") ||
> @@ -308,7 +308,7 @@ luks2_get_keyslot (grub_luks2_keyslot_t *k, 
> grub_luks2_digest_t *d, grub_luks2_s
>   break;
>  }
>if (i == size)
> -return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No segment for digest 
> %"PRIuGRUB_SIZE);
> +return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No segment for digest 
> \"%"PRIuGRUB_UINT64_T"\"", d->slot_key);

Ditto and below...

>return GRUB_ERR_NONE;
>  }
> @@ -604,11 +604,11 @@ luks2_recover_key (grub_disk_t source,
>
>if (keyslot.priority == 0)
>   {
> -   grub_dprintf ("luks2", "Ignoring keyslot %"PRIuGRUB_SIZE" due to 
> priority\n", i);
> +   grub_dprintf ("luks2", "Ignoring keyslot \"%"PRIuGRUB_UINT64_T"\" due 
> to priority\n", keyslot.slot_key);
> continue;
>  }
>
> -  grub_dprintf ("luks2", "Trying keyslot %"PRIuGRUB_SIZE"\n", i);
> +  grub_dprintf ("luks2", "Trying keyslot \"%"PRIuGRUB_UINT64_T"\"\n", 
> keyslot.slot_key);
>
>/* Set up disk according to keyslot's segment. */
>crypt->offset_sectors = grub_divmod64 (segment.offset, 
> segment.sector_size, NULL);
> @@ -623,16 +623,16 @@ luks2_recover_key (grub_disk_t source,
>  (const grub_uint8_t *) passphrase, grub_strlen 
> (passphrase));
>if (ret)
>   {
> -   grub_dprintf ("luks2", "Decryption with keyslot %"PRIuGRUB_SIZE" 
> failed: %s\n",
> - i, grub_errmsg);
> +   grub_dprintf ("luks2", "Decryption with keyslot 
> \"%"PRIuGRUB_UINT64_T"\" failed: %s\n",
> + keyslot.slot_key, grub_errmsg);
> continue;
>   }
>
>ret = luks2_verify_key (, candidate_key, keyslot.key_size);
>if (ret)
>   {
> -   grub_dprintf ("luks2", "Could not open keyslot %"PRIuGRUB_SIZE": 
> %s\n",
> - i, grub_errmsg);
> +   grub_dprintf ("luks2", "Could not open keyslot 
> \"%"PRIuGRUB_UINT64_T"\": %s\n",
> + keyslot.slot_key, grub_errmsg);
> continue;
>   }
>
> @@ -640,7 +640,7 @@ luks2_recover_key (grub_disk_t source,
> * TRANSLATORS: It's a cryptographic key slot: one element of an array
> * where each element is either empty or holds a key.
> */
> -  grub_printf_ (N_("Slot %"PRIuGRUB_SIZE" opened\n"), i);
> +  grub_printf_ (N_("Slot \"%"PRIuGRUB_UINT64_T"\" opened\n"), 
> keyslot.slot_key);
>
>candidate_key_len = keyslot.key_size;
>break;

Daniel

___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Re: [PATCH v7 06/17] luks2: Use more intuitive slot key instead of index in user messages

2020-12-06 Thread Patrick Steinhardt

On Fri, Dec 04, 2020 at 10:43:35AM -0600, Glenn Washburn wrote:
> Use the slot key name in the json array rather than the 0 based index in the
> json array for keyslots, segments, and digests. This is less confusing for
> the end user. For example, say you have a LUKS2 device with a key in slot 1
> and slot 4. When using the password for slot 4 to unlock the device, the
> messages using the index of the keyslot will mention keyslot 1 (its a
> zero-based index). Furthermore, with this change the keyslot number will
> align with the number used to reference the keyslot when using the
> --key-slot argument to cryptsetup.
> 
> Signed-off-by: Glenn Washburn 

Reviewed-by: Patrick Steinhardt 

Oops. I just realized I gave SOBs on the previous patches. Naturally,
these should've been Reviewed-by's :(

> ---
>  grub-core/disk/luks2.c | 20 ++--
>  1 file changed, 10 insertions(+), 10 deletions(-)
> 
> diff --git a/grub-core/disk/luks2.c b/grub-core/disk/luks2.c
> index 437c1da07..ea1065bcf 100644
> --- a/grub-core/disk/luks2.c
> +++ b/grub-core/disk/luks2.c
> @@ -284,13 +284,13 @@ luks2_get_keyslot (grub_luks2_keyslot_t *k, 
> grub_luks2_digest_t *d, grub_luks2_s
> grub_json_getuint64 (>json_slot_key, , NULL) ||
>grub_json_getchild (, , 0) ||
>luks2_parse_digest (d, ))
> - return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse digest 
> %"PRIuGRUB_SIZE, i);
> + return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse digest index 
> %"PRIuGRUB_SIZE, i);
>  
>if ((d->keyslots & (1 << k->json_slot_key)))
>   break;
>  }
>if (i == size)
> -  return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No digest for keyslot 
> %"PRIuGRUB_SIZE, keyslot_idx);
> +  return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No digest for keyslot 
> \"%"PRIuGRUB_UINT64_T"\"", k->slot_key);
>  
>/* Get segment that matches the digest. */
>if (grub_json_getvalue (, root, "segments") ||
> @@ -308,7 +308,7 @@ luks2_get_keyslot (grub_luks2_keyslot_t *k, 
> grub_luks2_digest_t *d, grub_luks2_s
>   break;
>  }
>if (i == size)
> -return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No segment for digest 
> %"PRIuGRUB_SIZE);
> +return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No segment for digest 
> \"%"PRIuGRUB_UINT64_T"\"", d->slot_key);
>  
>return GRUB_ERR_NONE;
>  }
> @@ -604,11 +604,11 @@ luks2_recover_key (grub_disk_t source,
>  
>if (keyslot.priority == 0)
>   {
> -   grub_dprintf ("luks2", "Ignoring keyslot %"PRIuGRUB_SIZE" due to 
> priority\n", i);
> +   grub_dprintf ("luks2", "Ignoring keyslot \"%"PRIuGRUB_UINT64_T"\" due 
> to priority\n", keyslot.slot_key);
> continue;
>  }
>  
> -  grub_dprintf ("luks2", "Trying keyslot %"PRIuGRUB_SIZE"\n", i);
> +  grub_dprintf ("luks2", "Trying keyslot \"%"PRIuGRUB_UINT64_T"\"\n", 
> keyslot.slot_key);
>  
>/* Set up disk according to keyslot's segment. */
>crypt->offset_sectors = grub_divmod64 (segment.offset, 
> segment.sector_size, NULL);
> @@ -623,16 +623,16 @@ luks2_recover_key (grub_disk_t source,
>  (const grub_uint8_t *) passphrase, grub_strlen 
> (passphrase));
>if (ret)
>   {
> -   grub_dprintf ("luks2", "Decryption with keyslot %"PRIuGRUB_SIZE" 
> failed: %s\n",
> - i, grub_errmsg);
> +   grub_dprintf ("luks2", "Decryption with keyslot 
> \"%"PRIuGRUB_UINT64_T"\" failed: %s\n",
> + keyslot.slot_key, grub_errmsg);
> continue;
>   }
>  
>ret = luks2_verify_key (, candidate_key, keyslot.key_size);
>if (ret)
>   {
> -   grub_dprintf ("luks2", "Could not open keyslot %"PRIuGRUB_SIZE": 
> %s\n",
> - i, grub_errmsg);
> +   grub_dprintf ("luks2", "Could not open keyslot 
> \"%"PRIuGRUB_UINT64_T"\": %s\n",
> + keyslot.slot_key, grub_errmsg);
> continue;
>   }
>  
> @@ -640,7 +640,7 @@ luks2_recover_key (grub_disk_t source,
> * TRANSLATORS: It's a cryptographic key slot: one element of an array
> * where each element is either empty or holds a key.
> */
> -  grub_printf_ (N_("Slot %"PRIuGRUB_SIZE" opened\n"), i);
> +  grub_printf_ (N_("Slot \"%"PRIuGRUB_UINT64_T"\" opened\n"), 
> keyslot.slot_key);
>  
>candidate_key_len = keyslot.key_size;
>break;
> -- 
> 2.27.0
> 


signature.asc
Description: PGP signature
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Re: [PATCH v7 06/17] luks2: Use more intuitive slot key instead of index in user messages

Re: [PATCH v7 06/17] luks2: Use more intuitive slot key instead of index in user messages

Re: [PATCH v7 06/17] luks2: Use more intuitive slot key instead of index in user messages

3 matches

Site Navigation

Mail list logo

Footer information