[CRYPTOMOUNT-TEST 2/7] cryptodisk: Allow cryptomount password to be spec

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[CRYPTOMOUNT-TEST 2/7] cryptodisk: Allow cryptomount password to be spec

From:	Glenn Washburn
Subject:	[CRYPTOMOUNT-TEST 2/7] cryptodisk: Allow cryptomount password to be specified as argument.
Date:	Sun, 16 Aug 2020 19:05:13 -0500

Signed-off-by: Glenn Washburn <development@efficientek.com>
---
 grub-core/disk/cryptodisk.c | 30 ++++++++++++++++++------------
 1 file changed, 18 insertions(+), 12 deletions(-)

diff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c
index 031e9dd97..5502a6958 100644
--- a/grub-core/disk/cryptodisk.c
+++ b/grub-core/disk/cryptodisk.c
@@ -41,6 +41,7 @@ static const struct grub_arg_option options[] =
     /* TRANSLATORS: It's still restricted to cryptodisks only.  */
     {"all", 'a', 0, N_("Mount all."), 0, 0},
     {"boot", 'b', 0, N_("Mount all volumes with `boot' flag set."), 0, 0},
+    {"password", 'p', 0, N_("Password to open volumes."), 0, ARG_TYPE_STRING},
     {"header", 'H', 0, N_("Read header from file"), 0, ARG_TYPE_STRING},
     {"keyfile", 'k', 0, N_("Key file"), 0, ARG_TYPE_STRING},
     {"keyfile-offset", 'O', 0, N_("Key file offset (bytes)"), 0, ARG_TYPE_INT},
@@ -1102,13 +1103,13 @@ grub_cmd_cryptomount (grub_extcmd_context_t ctxt, int 
argc, char **args)
   if (argc < 1 && !state[1].set && !state[2].set)
     return grub_error (GRUB_ERR_BAD_ARGUMENT, "device name required");
 
-  if (state[3].set) /* Detached header */
+  if (state[4].set) /* Detached header */
     {
       if (state[0].set)
        return grub_error (GRUB_ERR_BAD_ARGUMENT,
                           N_("Cannot use UUID lookup with detached header"));
 
-      hdr = grub_file_open (state[3].arg,
+      hdr = grub_file_open (state[4].arg,
                            GRUB_FILE_TYPE_CRYPTODISK_DETACHED_HEADER);
       if (!hdr)
        return grub_errno;
@@ -1119,7 +1120,12 @@ grub_cmd_cryptomount (grub_extcmd_context_t ctxt, int 
argc, char **args)
   have_it = 0;
   key = NULL;
 
-  if (state[4].set) /* keyfile */
+  if (state[3].set) /* password */
+    {
+      key = (grub_uint8_t *) state[3].arg;
+      key_size = grub_strlen(state[3].arg);
+    }
+  else if (state[5].set) /* keyfile */
     {
       const char *p = NULL;
       grub_file_t keyfile;
@@ -1127,9 +1133,9 @@ grub_cmd_cryptomount (grub_extcmd_context_t ctxt, int 
argc, char **args)
       grub_size_t requested_keyfile_size = 0;
 
 
-      if (state[5].set) /* keyfile-offset */
+      if (state[6].set) /* keyfile-offset */
        {
-         keyfile_offset = grub_strtoul (state[5].arg, &p, 0);
+         keyfile_offset = grub_strtoul (state[6].arg, &p, 0);
 
          if (grub_errno != GRUB_ERR_NONE)
            return grub_errno;
@@ -1143,9 +1149,9 @@ grub_cmd_cryptomount (grub_extcmd_context_t ctxt, int 
argc, char **args)
          keyfile_offset = 0;
        }
 
-      if (state[6].set) /* keyfile-size */
+      if (state[7].set) /* keyfile-size */
        {
-         requested_keyfile_size = grub_strtoul (state[6].arg, &p, 0);
+         requested_keyfile_size = grub_strtoul (state[7].arg, &p, 0);
 
          if (*p != '\0')
            return grub_error (GRUB_ERR_BAD_ARGUMENT,
@@ -1165,7 +1171,7 @@ grub_cmd_cryptomount (grub_extcmd_context_t ctxt, int 
argc, char **args)
                              N_("Key file size is 0\n"));
        }
 
-      keyfile = grub_file_open (state[4].arg,
+      keyfile = grub_file_open (state[5].arg,
                                GRUB_FILE_TYPE_CRYPTODISK_ENCRYPTION_KEY);
       if (!keyfile)
        return grub_errno;
@@ -1197,7 +1203,7 @@ grub_cmd_cryptomount (grub_extcmd_context_t ctxt, int 
argc, char **args)
       key = keyfile_buffer;
     }
 
-  if (state[0].set)
+  if (state[0].set) /* -u uuid */
     {
       grub_cryptodisk_t dev;
 
@@ -1218,7 +1224,7 @@ grub_cmd_cryptomount (grub_extcmd_context_t ctxt, int 
argc, char **args)
        return grub_error (GRUB_ERR_BAD_ARGUMENT, "no such cryptodisk found");
       return GRUB_ERR_NONE;
     }
-  else if (state[1].set || (argc == 0 && state[2].set))
+  else if (state[1].set || (argc == 0 && state[2].set)) /* -a || -b */
     {
       search_uuid = NULL;
       check_boot = state[2].set;
@@ -1403,8 +1409,8 @@ GRUB_MOD_INIT (cryptodisk)
 {
   grub_disk_dev_register (&grub_cryptodisk_dev);
   cmd = grub_register_extcmd ("cryptomount", grub_cmd_cryptomount, 0,
-                             N_("SOURCE [-H file] [-k keyfile] [-O keyoffset]"
-                                " [-S keysize]|-u UUID|-a|-b"),
+                             N_("SOURCE [-H file] [-k keyfile|-p password] "
+                                "[-O keyoffset] [-S keysize]|-u UUID|-a|-b"),
                              N_("Mount a crypto device."), options);
   grub_procfs_register ("luks_script", &luks_script);
 }
-- 
2.25.1

[Prev in Thread]

Current Thread

[Next in Thread]

[CRYPTOMOUNT-TEST 2/7] cryptodisk: Allow cryptomount password to be specified as argument., Glenn Washburn <=

Prev by Date: [CRYPTOMOUNT-TEST 1/7] cryptodisk: Improve cryptomount short help string.
Next by Date: [CRYPTOMOUNT-TEST 3/7] grub-shell: Allow specifying non-default trim line contents.
Previous by thread: [CRYPTOMOUNT-TEST 1/7] cryptodisk: Improve cryptomount short help string.
Next by thread: [CRYPTOMOUNT-TEST 3/7] grub-shell: Allow specifying non-default trim line contents.
Index(es):
- Date
- Thread