[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 03/13] qcrypto-luks: refactoring: extract load/s
From: |
Maxim Levitsky |
Subject: |
Re: [Qemu-devel] [PATCH 03/13] qcrypto-luks: refactoring: extract load/store/check/parse header functions |
Date: |
Sun, 25 Aug 2019 17:09:24 +0300 |
On Thu, 2019-08-22 at 11:38 +0100, Daniel P. Berrangé wrote:
> On Wed, Aug 14, 2019 at 11:22:09PM +0300, Maxim Levitsky wrote:
> > With upcoming key management, the header will
> > need to be stored after the image is created.
> >
> > Extracting load header isn't strictly needed, but
> > do this anyway for the symmetry.
> >
> > Also I extracted a function that does basic sanity
> > checks on the just read header, and a function
> > which parses all the crypto format to make the
> > code a bit more readable, plus now the code
> > doesn't destruct the in-header cipher-mode string,
> > so that the header now can be stored many times,
> > which is needed for the key management.
> >
> > Also this allows to contain the endianess conversions
> > in these functions alone
> >
> > The header is no longer endian swapped in place,
> > to prevent (mostly theoretical races I think)
> > races where someone could see the header in the
> > process of beeing byteswapped.
> >
> > Signed-off-by: Maxim Levitsky <address@hidden>
> > ---
> > crypto/block-luks.c | 756 ++++++++++++++++++++++++++------------------
> > 1 file changed, 440 insertions(+), 316 deletions(-)
> > if (!(flags & QCRYPTO_BLOCK_OPEN_NO_IO)) {
> > /* Try to find which key slot our password is valid for
> > * and unlock the master key from that slot.
> > */
> > -
> > masterkey = g_new0(uint8_t, masterkeylen(luks));
> >
> > if (qcrypto_block_luks_find_key(block,
> > @@ -845,12 +1132,10 @@ qcrypto_block_luks_open(QCryptoBlock *block,
> > }
> >
> > block->sector_size = QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
> > - block->payload_offset = luks->header.payload_offset *
> > - block->sector_size;
> > + block->payload_offset = luks->header.payload_offset *
> > block->sector_size;
> >
> > g_free(masterkey);
> > g_free(password);
> > -
> > return 0;
>
> Smoe unrelated whitespace changes here.
>
>
> > + /* populate the slot 0 with the password encrypted master key*/
> > + /* This will also store the header */
> > + if (qcrypto_block_luks_store_key(block,
> > + 0,
> > + password,
> > + masterkey,
> > + luks_opts.iter_time,
> > + writefunc,
> > + opaque,
> > + errp)) {
> > goto error;
> > - }
> > + }
>
> Indent is off by 1
>
>
> Regards,
> Daniel
Fixed,
Best regards,
Maxim Levitsky
- Re: [Qemu-devel] [PATCH 07/13] block: add manage-encryption command (qmp and blockdev), (continued)
[Qemu-devel] [PATCH 03/13] qcrypto-luks: refactoring: extract load/store/check/parse header functions, Maxim Levitsky, 2019/08/14
Re: [Qemu-devel] [PATCH 03/13] qcrypto-luks: refactoring: extract load/store/check/parse header functions, Daniel P . Berrangé, 2019/08/22
- Re: [Qemu-devel] [PATCH 03/13] qcrypto-luks: refactoring: extract load/store/check/parse header functions,
Maxim Levitsky <=
[Qemu-devel] [PATCH 06/13] qcrypto-luks: implement more rigorous header checking, Maxim Levitsky, 2019/08/14
[Qemu-devel] [PATCH 08/13] qcrypto: add the plumbing for encryption management, Maxim Levitsky, 2019/08/14