diff --git a/lib/keyslot_context.c b/lib/keyslot_context.c index bab82a54..ecbf271c 100644 --- a/lib/keyslot_context.c +++ b/lib/keyslot_context.c @@ -456,17 +456,11 @@ void crypt_keyslot_context_init_by_keyring_internal(struct crypt_keyslot_context kc->type = CRYPT_KC_TYPE_KEYRING; kc->u.kr.key_description = key_description; - kc->u.kr.i_key_description = NULL; kc->get_luks2_key = get_luks2_key_by_keyring; - kc->get_luks2_volume_key = get_luks2_volume_key_by_keyring; kc->get_luks1_volume_key = get_luks1_volume_key_by_keyring; + kc->get_luks2_volume_key = get_luks2_volume_key_by_keyring; kc->get_passphrase = get_passphrase_by_keyring; - kc->get_plain_volume_key = NULL; - kc->get_bitlk_volume_key = NULL; - kc->get_fvault2_volume_key = NULL; - kc->get_verity_volume_key = NULL; - kc->get_integrity_volume_key = NULL; kc->context_free = keyring_context_free; crypt_keyslot_context_init_common(kc); } @@ -486,12 +480,11 @@ void crypt_keyslot_context_init_by_key_internal(struct crypt_keyslot_context *kc kc->type = CRYPT_KC_TYPE_KEY; kc->u.k.volume_key = volume_key; - kc->u.k.i_vk = NULL; kc->u.k.volume_key_size = volume_key_size; + kc->get_luks2_key = get_key_by_key; - kc->get_luks2_volume_key = get_volume_key_by_key; kc->get_luks1_volume_key = get_volume_key_by_key; - kc->get_passphrase = NULL; /* keyslot key context does not provide passphrase */ + kc->get_luks2_volume_key = get_volume_key_by_key; kc->get_plain_volume_key = get_generic_volume_key_by_key; kc->get_bitlk_volume_key = get_generic_volume_key_by_key; kc->get_fvault2_volume_key = get_generic_volume_key_by_key; @@ -522,17 +515,8 @@ void crypt_keyslot_context_init_by_signed_key_internal(struct crypt_keyslot_cont kc->u.ks.volume_key_size = volume_key_size; kc->u.ks.signature = signature; kc->u.ks.signature_size = signature_size; - kc->u.ks.i_vk = NULL; - kc->u.ks.i_vk_sig = NULL; - kc->get_luks2_key = NULL; - kc->get_luks2_volume_key = NULL; - kc->get_luks1_volume_key = NULL; - kc->get_passphrase = NULL; - kc->get_plain_volume_key = NULL; - kc->get_bitlk_volume_key = NULL; - kc->get_fvault2_volume_key = NULL; + kc->get_verity_volume_key = get_generic_signed_key_by_key; - kc->get_integrity_volume_key = NULL; kc->context_free = signed_key_context_free; crypt_keyslot_context_init_common(kc); } @@ -547,15 +531,9 @@ void crypt_keyslot_context_init_by_passphrase_internal(struct crypt_keyslot_cont kc->u.p.passphrase = passphrase; kc->u.p.passphrase_size = passphrase_size; kc->get_luks2_key = get_luks2_key_by_passphrase; - kc->get_luks2_volume_key = get_luks2_volume_key_by_passphrase; kc->get_luks1_volume_key = get_luks1_volume_key_by_passphrase; + kc->get_luks2_volume_key = get_luks2_volume_key_by_passphrase; kc->get_passphrase = get_passphrase_by_passphrase; - kc->get_plain_volume_key = NULL; - kc->get_bitlk_volume_key = NULL; - kc->get_fvault2_volume_key = NULL; - kc->get_verity_volume_key = NULL; - kc->get_integrity_volume_key = NULL; - kc->context_free = NULL; crypt_keyslot_context_init_common(kc); } @@ -575,19 +553,13 @@ void crypt_keyslot_context_init_by_keyfile_internal(struct crypt_keyslot_context kc->type = CRYPT_KC_TYPE_KEYFILE; kc->u.kf.keyfile = keyfile; - kc->u.kf.i_keyfile = NULL; - kc->u.kf.keyfile_size = keyfile_size; kc->u.kf.keyfile_offset = keyfile_offset; - kc->u.kf.i_keyfile = NULL; + kc->u.kf.keyfile_size = keyfile_size; + kc->get_luks2_key = get_luks2_key_by_keyfile; - kc->get_luks2_volume_key = get_luks2_volume_key_by_keyfile; kc->get_luks1_volume_key = get_luks1_volume_key_by_keyfile; + kc->get_luks2_volume_key = get_luks2_volume_key_by_keyfile; kc->get_passphrase = get_passphrase_by_keyfile; - kc->get_plain_volume_key = NULL; - kc->get_bitlk_volume_key = NULL; - kc->get_fvault2_volume_key = NULL; - kc->get_verity_volume_key = NULL; - kc->get_integrity_volume_key = NULL; kc->context_free = keyfile_context_free; crypt_keyslot_context_init_common(kc); } @@ -612,20 +584,13 @@ void crypt_keyslot_context_init_by_token_internal(struct crypt_keyslot_context * kc->type = CRYPT_KC_TYPE_TOKEN; kc->u.t.id = token; kc->u.t.type = type; - kc->u.t.i_type = NULL; kc->u.t.pin = pin; - kc->u.t.i_pin = NULL; kc->u.t.pin_size = pin_size; kc->u.t.usrptr = usrptr; + kc->get_luks2_key = get_luks2_key_by_token; kc->get_luks2_volume_key = get_luks2_volume_key_by_token; - kc->get_luks1_volume_key = NULL; /* LUKS1 is not supported */ kc->get_passphrase = get_passphrase_by_token; - kc->get_plain_volume_key = NULL; - kc->get_bitlk_volume_key = NULL; - kc->get_fvault2_volume_key = NULL; - kc->get_verity_volume_key = NULL; - kc->get_integrity_volume_key = NULL; kc->context_free = token_context_free; crypt_keyslot_context_init_common(kc); } @@ -644,17 +609,9 @@ void crypt_keyslot_context_init_by_vk_in_keyring_internal(struct crypt_keyslot_c kc->type = CRYPT_KC_TYPE_VK_KEYRING; kc->u.vk_kr.key_description = key_description; - kc->u.vk_kr.i_key_description = NULL; kc->get_luks2_key = get_key_by_vk_in_keyring; kc->get_luks2_volume_key = get_volume_key_by_vk_in_keyring; - kc->get_luks1_volume_key = NULL; - kc->get_passphrase = NULL; /* keyslot key context does not provide passphrase */ - kc->get_plain_volume_key = NULL; - kc->get_bitlk_volume_key = NULL; - kc->get_fvault2_volume_key = NULL; - kc->get_verity_volume_key = NULL; - kc->get_integrity_volume_key = NULL; kc->context_free = vk_in_keyring_context_free; crypt_keyslot_context_init_common(kc); } @@ -668,8 +625,6 @@ void crypt_keyslot_context_destroy_internal(struct crypt_keyslot_context *kc) kc->context_free(kc); crypt_safe_free(kc->i_passphrase); - kc->i_passphrase = NULL; - kc->i_passphrase_size = 0; } void crypt_keyslot_context_free(struct crypt_keyslot_context *kc) @@ -689,7 +644,7 @@ static int _crypt_keyslot_context_init_by_passphrase(const char *passphrase, if (!kc || !passphrase) return -EINVAL; - tmp = malloc(sizeof(*tmp)); + tmp = crypt_zalloc(sizeof(*tmp)); if (!tmp) return -ENOMEM; @@ -755,7 +710,7 @@ static int _crypt_keyslot_context_init_by_keyfile(const char *keyfile, if (!kc || !keyfile) return -EINVAL; - tmp = malloc(sizeof(*tmp)); + tmp = crypt_zalloc(sizeof(*tmp)); if (!tmp) return -ENOMEM; @@ -816,7 +771,7 @@ static int _crypt_keyslot_context_init_by_token(int token, (pin && !pin_size)) return -EINVAL; - tmp = malloc(sizeof(*tmp)); + tmp = crypt_zalloc(sizeof(*tmp)); if (!tmp) return -ENOMEM; @@ -887,7 +842,7 @@ static int _crypt_keyslot_context_init_by_volume_key(const char *volume_key, if (!kc) return -EINVAL; - tmp = malloc(sizeof(*tmp)); + tmp = crypt_zalloc(sizeof(*tmp)); if (!tmp) return -ENOMEM; @@ -944,7 +899,7 @@ static int _crypt_keyslot_context_init_by_signed_key(const char *volume_key, if (!kc) return -EINVAL; - tmp = malloc(sizeof(*tmp)); + tmp = crypt_zalloc(sizeof(*tmp)); if (!tmp) return -ENOMEM; @@ -1014,7 +969,7 @@ static int _crypt_keyslot_context_init_by_keyring(const char *key_description, if (!kc || !key_description) return -EINVAL; - tmp = malloc(sizeof(*tmp)); + tmp = crypt_zalloc(sizeof(*tmp)); if (!tmp) return -ENOMEM; @@ -1066,7 +1021,7 @@ static int _crypt_keyslot_context_init_by_vk_in_keyring(const char *key_descript if (!kc || !key_description) return -EINVAL; - tmp = malloc(sizeof(*tmp)); + tmp = crypt_zalloc(sizeof(*tmp)); if (!tmp) return -ENOMEM; diff --git a/lib/keyslot_context.h b/lib/keyslot_context.h index 8344c7ef..df40beca 100644 --- a/lib/keyslot_context.h +++ b/lib/keyslot_context.h @@ -83,8 +83,8 @@ struct crypt_keyslot_context { } t; struct { const char *volume_key; - struct volume_key *i_vk; size_t volume_key_size; + struct volume_key *i_vk; } k; struct { const char *volume_key; diff --git a/lib/setup.c b/lib/setup.c index bedbd623..7b25d327 100644 --- a/lib/setup.c +++ b/lib/setup.c @@ -4395,7 +4395,7 @@ int crypt_resume_by_passphrase(struct crypt_device *cd, size_t passphrase_size) { int r; - struct crypt_keyslot_context kc; + struct crypt_keyslot_context kc = {}; crypt_keyslot_context_init_by_passphrase_internal(&kc, passphrase, passphrase_size); r = crypt_resume_by_keyslot_context(cd, name, keyslot, &kc); @@ -4412,7 +4412,7 @@ int crypt_resume_by_keyfile_device_offset(struct crypt_device *cd, uint64_t keyfile_offset) { int r; - struct crypt_keyslot_context kc; + struct crypt_keyslot_context kc = {}; crypt_keyslot_context_init_by_keyfile_internal(&kc, keyfile, keyfile_size, keyfile_offset); r = crypt_resume_by_keyslot_context(cd, name, keyslot, &kc); @@ -4448,7 +4448,7 @@ int crypt_resume_by_volume_key(struct crypt_device *cd, size_t volume_key_size) { int r; - struct crypt_keyslot_context kc; + struct crypt_keyslot_context kc = {}; crypt_keyslot_context_init_by_key_internal(&kc, volume_key, volume_key_size); r = crypt_resume_by_keyslot_context(cd, name, CRYPT_ANY_SLOT /* unused */, &kc); @@ -4465,7 +4465,7 @@ int crypt_resume_by_token_pin(struct crypt_device *cd, const char *name, void *usrptr) { int r; - struct crypt_keyslot_context kc; + struct crypt_keyslot_context kc = {}; crypt_keyslot_context_init_by_token_internal(&kc, token, type, pin, pin_size, usrptr); r = crypt_resume_by_keyslot_context(cd, name, CRYPT_ANY_SLOT, &kc); @@ -4485,7 +4485,7 @@ int crypt_keyslot_add_by_passphrase(struct crypt_device *cd, size_t new_passphrase_size) { int r; - struct crypt_keyslot_context kc, new_kc; + struct crypt_keyslot_context kc = {}, new_kc = {}; if (!passphrase || !new_passphrase) return -EINVAL; @@ -4629,7 +4629,7 @@ int crypt_keyslot_add_by_keyfile_device_offset(struct crypt_device *cd, uint64_t new_keyfile_offset) { int r; - struct crypt_keyslot_context kc, new_kc; + struct crypt_keyslot_context kc = {}, new_kc = {}; if (!keyfile || !new_keyfile) return -EINVAL; @@ -4679,7 +4679,7 @@ int crypt_keyslot_add_by_volume_key(struct crypt_device *cd, size_t passphrase_size) { int r; - struct crypt_keyslot_context kc, new_kc; + struct crypt_keyslot_context kc = {}, new_kc = {}; if (!passphrase) return -EINVAL; @@ -5837,7 +5837,7 @@ int crypt_activate_by_passphrase(struct crypt_device *cd, uint32_t flags) { int r; - struct crypt_keyslot_context kc; + struct crypt_keyslot_context kc = {}; crypt_keyslot_context_init_by_passphrase_internal(&kc, passphrase, passphrase_size); r = crypt_activate_by_keyslot_context(cd, name, keyslot, &kc, CRYPT_ANY_SLOT, NULL, flags); @@ -5855,7 +5855,7 @@ int crypt_activate_by_keyfile_device_offset(struct crypt_device *cd, uint32_t flags) { int r; - struct crypt_keyslot_context kc; + struct crypt_keyslot_context kc = {}; crypt_keyslot_context_init_by_keyfile_internal(&kc, keyfile, keyfile_size, keyfile_offset); r = crypt_activate_by_keyslot_context(cd, name, keyslot, &kc, CRYPT_ANY_SLOT, NULL, flags); @@ -5894,7 +5894,7 @@ int crypt_activate_by_volume_key(struct crypt_device *cd, uint32_t flags) { int r; - struct crypt_keyslot_context kc; + struct crypt_keyslot_context kc = {}; crypt_keyslot_context_init_by_key_internal(&kc, volume_key, volume_key_size); r = crypt_activate_by_keyslot_context(cd, name, CRYPT_ANY_SLOT /* unused */, &kc, CRYPT_ANY_SLOT, NULL, flags); @@ -5912,7 +5912,7 @@ int crypt_activate_by_signed_key(struct crypt_device *cd, uint32_t flags) { int r; - struct crypt_keyslot_context kc; + struct crypt_keyslot_context kc = {}; if (!cd || !isVERITY(cd->type)) return -EINVAL; @@ -6111,7 +6111,7 @@ int crypt_volume_key_get(struct crypt_device *cd, size_t passphrase_size) { int r; - struct crypt_keyslot_context kc; + struct crypt_keyslot_context kc = {}; if (!passphrase) return crypt_volume_key_get_by_keyslot_context(cd, keyslot, volume_key, volume_key_size, NULL); @@ -7127,7 +7127,7 @@ int crypt_activate_by_token_pin(struct crypt_device *cd, const char *name, void *usrptr, uint32_t flags) { int r; - struct crypt_keyslot_context kc; + struct crypt_keyslot_context kc = {}; crypt_keyslot_context_init_by_token_internal(&kc, token, type, pin, pin_size, usrptr); r = crypt_activate_by_keyslot_context(cd, name, CRYPT_ANY_SLOT, &kc, CRYPT_ANY_SLOT, NULL, flags); @@ -7524,7 +7524,7 @@ int crypt_keyslot_add_by_key(struct crypt_device *cd, uint32_t flags) { int r; - struct crypt_keyslot_context kc, new_kc; + struct crypt_keyslot_context kc = {}, new_kc = {}; if (!passphrase || ((flags & CRYPT_VOLUME_KEY_NO_SEGMENT) && (flags & CRYPT_VOLUME_KEY_SET))) @@ -7894,7 +7894,7 @@ int crypt_activate_by_keyring(struct crypt_device *cd, uint32_t flags) { int r; - struct crypt_keyslot_context kc; + struct crypt_keyslot_context kc = {}; if (!cd || !key_description) return -EINVAL;