Make all keyslot context types fully self-contained.

Duplicate all dynamically allocated memory passed keyslot context during initialization and make it self contained. Before current patch all pointers passed in keyslot context initialization routines have to remain valid for the duration of the keyslot context. Otherwise memory violation could occur. This patch fixes the issue in backward compatible way so that we do not have to change API for all keyslot contexts. As of now all dynamically allocated memory can be freed right after keyslot context initialization.
2025-12-11 19:00:02 +01:00 · 2024-02-20 12:03:15 +01:00
parent 209e6167b5
commit 9311c923ca
4 changed files with 434 additions and 48 deletions
--- a/lib/libcryptsetup.h
+++ b/lib/libcryptsetup.h
@@ -1204,6 +1204,10 @@ void crypt_keyslot_context_free(struct crypt_keyslot_context *kc);
 * @param kc returns crypt keyslot context handle type CRYPT_KC_TYPE_PASSPHRASE
 *
 * @return zero on success or negative errno otherwise.
+ *
+ * @note The original buffer containing passphrase passed in parameters does
+ * 	 not have to be valid after context initialization. The context
+ * 	 contains copy of the original before freed with @link crypt_keyslot_context_free @endlink.
 */
 int crypt_keyslot_context_init_by_passphrase(struct crypt_device *cd,
 	const char *passphrase,