eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-13 11:50:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

bitlk: Do not allow activation of EOW and unknown devices

Browse Source 
We currently do not support these BITLK devices.
This commit is contained in:
Vojtech Trefny
2020-01-29 21:04:17 +01:00
parent 9697f17b9d
commit d98cc3bb6c
2 changed files with 42 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
lib/bitlk/bitlk.c
View File

@@ -70,6 +70,12 @@
#define UUID_STR_LEN 37 #define UUID_STR_LEN 37
#endif #endif
/* known types of GUIDs from the BITLK superblock */
const uint8_t BITLK_GUID_NORMAL[16] = { 0x3b, 0xd6, 0x67, 0x49, 0x29, 0x2e, 0xd8, 0x4a,
0x83, 0x99, 0xf6, 0xa3, 0x39, 0xe3, 0xd0, 0x01 };
const uint8_t BITLK_GUID_EOW[16] = { 0x3b, 0x4d, 0xa8, 0x92, 0x80, 0xdd, 0x0e, 0x4d,
0x9e, 0x4e, 0xb1, 0xe3, 0x28, 0x4e, 0xae, 0xd8 };
/* taken from libfdisk gpt.c -- TODO: this is a good candidate for adding to libuuid */ /* taken from libfdisk gpt.c -- TODO: this is a good candidate for adding to libuuid */
struct bitlk_guid { struct bitlk_guid {
uint32_t time_low; uint32_t time_low;
@@ -200,6 +206,19 @@ static const char* get_vmk_protection_string(BITLKVMKProtection protection)
} }
} }
static const char* get_bitlk_type_string(BITLKEncryptionType type)
{
switch (type)
{
case BITLK_ENCRYPTION_TYPE_NORMAL:
return "normal";
case BITLK_ENCRYPTION_TYPE_EOW:
return "encrypt-on-write";
default:
return "unknown";
}
}
/* TODO -- move to some utils file */ /* TODO -- move to some utils file */
static void hexprint(struct crypt_device *cd, const char *d, int n, const char *sep) static void hexprint(struct crypt_device *cd, const char *d, int n, const char *sep)
{ {
@@ -493,6 +512,15 @@ int BITLK_read_sb(struct crypt_device *cd, struct bitlk_metadata *params)
goto out; goto out;
} }
/* get encryption "type" based on the GUID from BITLK superblock */
if (memcmp(&sb.guid, BITLK_GUID_NORMAL, 16) == 0)
params->type = BITLK_ENCRYPTION_TYPE_NORMAL;
else if (memcmp(&sb.guid, BITLK_GUID_EOW, 16) == 0)
params->type = BITLK_ENCRYPTION_TYPE_EOW;
else
params->type = BITLK_ENCRYPTION_TYPE_UNKNOWN;
log_dbg(cd, "BITLK type from GUID: %s.", get_bitlk_type_string(params->type));
for (i = 0; i < 3; i++) for (i = 0; i < 3; i++)
params->metadata_offset[i] = le64_to_cpu(sb.fve_offset[i]); params->metadata_offset[i] = le64_to_cpu(sb.fve_offset[i]);
@@ -935,7 +963,13 @@ int BITLK_activate(struct crypt_device *cd,
uint32_t dmt_flags; uint32_t dmt_flags;
if (!params->state) { if (!params->state) {
log_err(cd, _("This BITLK device is in an unsupported state and can't be activated.")); log_err(cd, _("This BITLK device is in an unsupported state and cannot be activated."));
r = -ENOTSUP;
goto out;
}
if (params->type != BITLK_ENCRYPTION_TYPE_NORMAL) {
log_err(cd, _("BITLK devices with type '%s' cannot be activated."), get_bitlk_type_string(params->type));
r = -ENOTSUP; r = -ENOTSUP;
goto out; goto out;
} }

7
lib/bitlk/bitlk.h
View File

@@ -38,6 +38,12 @@ struct device;
#define BITLK_STATE_NORMAL 0x0004 #define BITLK_STATE_NORMAL 0x0004
typedef enum {
BITLK_ENCRYPTION_TYPE_NORMAL = 0,
BITLK_ENCRYPTION_TYPE_EOW,
BITLK_ENCRYPTION_TYPE_UNKNOWN,
} BITLKEncryptionType;
typedef enum { typedef enum {
BITLK_PROTECTION_CLEAR_KEY = 0, BITLK_PROTECTION_CLEAR_KEY = 0,
BITLK_PROTECTION_TPM, BITLK_PROTECTION_TPM,
@@ -93,6 +99,7 @@ struct bitlk_fvek {
struct bitlk_metadata { struct bitlk_metadata {
bool togo; bool togo;
bool state; bool state;
BITLKEncryptionType type;
const char *cipher; const char *cipher;
const char *cipher_mode; const char *cipher_mode;
uint16_t key_size; uint16_t key_size;