eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-05 16:00:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

bitlk: Ignore unknown metadata entries for unsupported VMKs

Browse Source 
VMKs (keyslots) protected with a smart card or TPM have some
additional metadata entries that are currently unkwnon. We can
safely ignore these because we don't support unlocking the device
using these VMKs so we should still be able to parse the metadata
and unlock the device using other VMKs like the recovery password.
This commit is contained in:
Vojtěch Trefný
2019-12-15 16:28:56 +01:00
committed by Milan Broz
parent fc740f8b6d
commit 420387a7a5
1 changed files with 16 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
lib/bitlk/bitlk.c
View File

@@ -275,6 +275,10 @@ static int parse_vmk_entry(struct crypt_device *cd, uint8_t *data, int start, in
size_t key_size = 0;
const char *key = NULL;
struct volume_key *vk = NULL;
bool supported = false;
/* only passphrase or recovery passphrase vmks are supported (can be used to activate) */
supported = (*vmk)->protection == BITLK_PROTECTION_PASSPHRASE || (*vmk)->protection == BITLK_PROTECTION_RECOVERY_PASSPHRASE;
while (end - start > 2) {
/* size of this entry */
@@ -292,8 +296,12 @@ static int parse_vmk_entry(struct crypt_device *cd, uint8_t *data, int start, in
key_entry_value = le16_to_cpu(key_entry_value);
if (key_entry_type != BITLK_ENTRY_TYPE_PROPERTY) {
log_err(cd, _("Unexpected metadata entry found when parsing VMK."));
return -EINVAL;
if (supported) {
log_err(cd, _("Unexpected metadata entry found when parsing VMK."));
return -EINVAL;
} else {
log_dbg(cd, "Unknown metadata entry type '%u' found when parsing VMK.", key_entry_type);
}
}
/* stretch key with salt, skip 4 B (encryption method of the stretch key) */
@@ -335,8 +343,12 @@ static int parse_vmk_entry(struct crypt_device *cd, uint8_t *data, int start, in
} else if (key_entry_value == BITLK_ENTRY_VALUE_RECOVERY_TIME) {
;
} else {
log_err(cd, _("Unexpected metadata entry found when parsing VMK."));
return -EINVAL;
if (supported) {
log_err(cd, _("Unexpected metadata entry found when parsing VMK."));
return -EINVAL;
} else {
log_dbg(cd, "Unknown metadata entry value '%u' found when parsing VMK.", key_entry_value);
}
}
start += key_entry_size;