eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-06 00:10:04 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
e3e3027e12c677267515ae711211d69baa01cf88
cryptsetup/lib/utils.c
Milan Broz e3e3027e12 Optimize o_direct read/writes. 
* Pad luks header to 512 sector size. We need read/write in whole
sector anyway and space is unused (wiped in luksFormat) so there is
no need for read/seek/write exercise.

* Rework read/write blockwise to not split operation to many pieces.
thanks to Sebastian Andrzej Siewior:

  The buffer has to be aligned due to the O_DIRECT in open(). Currently a small
  blocksize buffer is allocated and everything is read in multiple reads and
  copied back to the original buffer. In my case AFEKSize gets computed to 64000
  which results in 125 reads with 512 bytes each.
  This patch changes this behavior to a single operation where the majority is
  read()/write() plus an optional fixup in case the request is not modulo block
  size.

* Use posix_memalign and check for alignment if available.
Othewise use old align functions. Add autoconf to detect posix_memalign.



git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@74 36d66b0a-2a48-0410-832c-cd162a569da5
2009-07-28 09:29:13 +00:00

510 lines
11 KiB
C
Raw Blame History

#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <stddef.h>
#include <stdarg.h>
#include <errno.h>
#include <linux/fs.h>
#include <sys/types.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/ioctl.h>
#include <fcntl.h>
#include <termios.h>
#include "libcryptsetup.h"
#include "internal.h"
struct safe_allocation {
size_t size;
char data[1];
};
static char *error=NULL;
void set_error_va(const char *fmt, va_list va)
{
if(error) {
free(error);
error=NULL;
}
if(!fmt) return;
if (vasprintf(&error, fmt, va) < 0) {
free(error);
error = NULL;
}
}
void set_error(const char *fmt, ...)
{
va_list va;
va_start(va, fmt);
set_error_va(fmt, va);
va_end(va);
}
const char *get_error(void)
{
return error;
}
void *safe_alloc(size_t size)
{
struct safe_allocation *alloc;
if (!size)
return NULL;
alloc = malloc(size + offsetof(struct safe_allocation, data));
if (!alloc)
return NULL;
alloc->size = size;
return &alloc->data;
}
void safe_free(void *data)
{
struct safe_allocation *alloc;
if (!data)
return;
alloc = data - offsetof(struct safe_allocation, data);
memset(data, 0, alloc->size);
alloc->size = 0x55aa55aa;
free(alloc);
}
void *safe_realloc(void *data, size_t size)
{
void *new_data;
new_data = safe_alloc(size);
if (new_data && data) {
struct safe_allocation *alloc;
alloc = data - offsetof(struct safe_allocation, data);
if (size > alloc->size)
size = alloc->size;
memcpy(new_data, data, size);
}
safe_free(data);
return new_data;
}
char *safe_strdup(const char *s)
{
char *s2 = safe_alloc(strlen(s) + 1);
if (!s2)
return NULL;
return strcpy(s2, s);
}
static int get_alignment(int fd)
{
int alignment = DEFAULT_ALIGNMENT;
#ifdef _PC_REC_XFER_ALIGN
alignment = fpathconf(fd, _PC_REC_XFER_ALIGN);
if (alignment < 0)
alignment = DEFAULT_ALIGNMENT;
#endif
return alignment;
}
static void *aligned_malloc(void **base, int size, int alignment)
{
#ifdef HAVE_POSIX_MEMALIGN
return posix_memalign(base, alignment, size) ? NULL : *base;
#else
/* Credits go to Michal's padlock patches for this alignment code */
char *ptr;
ptr = malloc(size + alignment);
if(ptr == NULL) return NULL;
*base = ptr;
if(alignment > 1 && ((long)ptr & (alignment - 1))) {
ptr += alignment - ((long)(ptr) & (alignment - 1));
}
return ptr;
#endif
}
static int sector_size(int fd)
{
int bsize;
if (ioctl(fd,BLKSSZGET, &bsize) < 0)
return -EINVAL;
else
return bsize;
}
int sector_size_for_device(const char *device)
{
int fd = open(device, O_RDONLY);
int r;
if(fd < 0)
return -EINVAL;
r = sector_size(fd);
close(fd);
return r;
}
ssize_t write_blockwise(int fd, const void *orig_buf, size_t count)
{
void *hangover_buf, *hangover_buf_base = NULL;
void *buf, *buf_base = NULL;
int r, hangover, solid, bsize, alignment;
ssize_t ret = -1;
if ((bsize = sector_size(fd)) < 0)
return bsize;
hangover = count % bsize;
solid = count - hangover;
alignment = get_alignment(fd);
if ((long)orig_buf & (alignment - 1)) {
buf = aligned_malloc(&buf_base, count, alignment);
if (!buf)
goto out;
memcpy(buf, orig_buf, count);
} else
buf = (void *)orig_buf;
r = write(fd, buf, solid);
if (r < 0 || r != solid)
goto out;
if (hangover) {
hangover_buf = aligned_malloc(&hangover_buf_base, bsize, alignment);
if (!hangover_buf)
goto out;
r = read(fd, hangover_buf, bsize);
if(r < 0 || r != bsize) goto out;
r = lseek(fd, -bsize, SEEK_CUR);
if (r < 0)
goto out;
memcpy(hangover_buf, buf + solid, hangover);
r = write(fd, hangover_buf, bsize);
if(r < 0 || r != bsize) goto out;
free(hangover_buf_base);
}
ret = count;
out:
if (buf != orig_buf)
free(buf_base);
return ret;
}
ssize_t read_blockwise(int fd, void *orig_buf, size_t count) {
void *hangover_buf, *hangover_buf_base;
void *buf, *buf_base = NULL;
int r, hangover, solid, bsize, alignment;
ssize_t ret = -1;
if ((bsize = sector_size(fd)) < 0)
return bsize;
hangover = count % bsize;
solid = count - hangover;
alignment = get_alignment(fd);
if ((long)orig_buf & (alignment - 1)) {
buf = aligned_malloc(&buf_base, count, alignment);
if (!buf)
goto out;
} else
buf = orig_buf;
r = read(fd, buf, solid);
if(r < 0 || r != solid) {
set_error("read failed in read_blockwise.\n");
goto out;
}
if (hangover) {
hangover_buf = aligned_malloc(&hangover_buf_base, bsize, alignment);
if (!hangover_buf)
goto out;
r = read(fd, hangover_buf, bsize);
if (r < 0 || r != bsize)
goto out;
memcpy(buf + solid, hangover_buf, hangover);
free(hangover_buf_base);
}
ret = count;
out:
if (buf != orig_buf) {
memcpy(orig_buf, buf, count);
free(buf_base);
}
return ret;
}
/*
* Combines llseek with blockwise write. write_blockwise can already deal with short writes
* but we also need a function to deal with short writes at the start. But this information
* is implicitly included in the read/write offset, which can not be set to non-aligned
* boundaries. Hence, we combine llseek with write.
*/
ssize_t write_lseek_blockwise(int fd, const char *buf, size_t count, off_t offset) {
int bsize = sector_size(fd);
const char *orig_buf = buf;
char frontPadBuf[bsize];
int frontHang = offset % bsize;
int r;
int innerCount = count < bsize ? count : bsize;
if (bsize < 0)
return bsize;
lseek(fd, offset - frontHang, SEEK_SET);
if(offset % bsize) {
r = read(fd,frontPadBuf,bsize);
if(r < 0) return -1;
memcpy(frontPadBuf+frontHang, buf, innerCount);
lseek(fd, offset - frontHang, SEEK_SET);
r = write(fd,frontPadBuf,bsize);
if(r < 0) return -1;
buf += innerCount;
count -= innerCount;
}
if(count <= 0) return buf - orig_buf;
return write_blockwise(fd, buf, count) + innerCount;
}
/* Password reading helpers */
static int untimed_read(int fd, char *pass, size_t maxlen)
{
ssize_t i;
i = read(fd, pass, maxlen);
if (i > 0) {
pass[i-1] = '\0';
i = 0;
} else if (i == 0) { /* EOF */
*pass = 0;
i = -1;
}
return i;
}
static int timed_read(int fd, char *pass, size_t maxlen, long timeout)
{
struct timeval t;
fd_set fds;
int failed = -1;
FD_ZERO(&fds);
FD_SET(fd, &fds);
t.tv_sec = timeout;
t.tv_usec = 0;
if (select(fd+1, &fds, NULL, NULL, &t) > 0)
failed = untimed_read(fd, pass, maxlen);
else
set_error("Operation timed out");
return failed;
}
static int interactive_pass(const char *prompt, char *pass, size_t maxlen,
long timeout)
{
struct termios orig, tmp;
int failed = -1;
int infd = STDIN_FILENO, outfd;
if (maxlen < 1)
goto out_err;
/* Read and write to /dev/tty if available */
if ((infd = outfd = open("/dev/tty", O_RDWR)) == -1) {
infd = STDIN_FILENO;
outfd = STDERR_FILENO;
}
if (tcgetattr(infd, &orig)) {
set_error("Unable to get terminal");
goto out_err;
}
memcpy(&tmp, &orig, sizeof(tmp));
tmp.c_lflag &= ~ECHO;
if (write(outfd, prompt, strlen(prompt)) < 0)
goto out_err;
tcsetattr(infd, TCSAFLUSH, &tmp);
if (timeout)
failed = timed_read(infd, pass, maxlen, timeout);
else
failed = untimed_read(infd, pass, maxlen);
tcsetattr(infd, TCSAFLUSH, &orig);
out_err:
if (!failed)
(void)write(outfd, "\n", 1);
if (infd != STDIN_FILENO)
close(infd);
return failed;
}
/*
* Password reading behaviour matrix of get_key
*
* p v n h
* -----------------+---+---+---+---
* interactive | Y | Y | Y | Inf
* from fd | N | N | Y | Inf
* from binary file | N | N | N | Inf or options->key_size
*
* Legend: p..prompt, v..can verify, n..newline-stop, h..read horizon
*
* Note: --key-file=- is interpreted as a read from a binary file (stdin)
*
* Returns true when more keys are available (that is when password
* reading can be retried as for interactive terminals).
*/
int get_key(char *prompt, char **key, unsigned int *passLen, int key_size,
const char *key_file, int passphrase_fd, int timeout, int how2verify)
{
int fd;
const int verify = how2verify & CRYPT_FLAG_VERIFY;
const int verify_if_possible = how2verify & CRYPT_FLAG_VERIFY_IF_POSSIBLE;
char *pass = NULL;
int newline_stop;
int read_horizon;
if(key_file && !strcmp(key_file, "-")) {
/* Allow binary reading from stdin */
fd = passphrase_fd;
newline_stop = 0;
read_horizon = 0;
} else if (key_file) {
fd = open(key_file, O_RDONLY);
if (fd < 0) {
char buf[128];
set_error("Error opening key file: %s",
strerror_r(errno, buf, 128));
goto out_err;
}
newline_stop = 0;
/* This can either be 0 (LUKS) or the actually number
* of key bytes (default or passed by -s) */
read_horizon = key_size;
} else {
fd = passphrase_fd;
newline_stop = 1;
read_horizon = 0; /* Infinite, if read from terminal or fd */
}
/* Interactive case */
if(isatty(fd)) {
int i;
pass = safe_alloc(512);
if (!pass || (i = interactive_pass(prompt, pass, 512, timeout))) {
set_error("Error reading passphrase");
goto out_err;
}
if (verify || verify_if_possible) {
char pass_verify[512];
i = interactive_pass("Verify passphrase: ", pass_verify, sizeof(pass_verify), timeout);
if (i || strcmp(pass, pass_verify) != 0) {
set_error("Passphrases do not match");
goto out_err;
}
memset(pass_verify, 0, sizeof(pass_verify));
}
*passLen = strlen(pass);
*key = pass;
} else {
/*
* This is either a fd-input or a file, in neither case we can verify the input,
* however we don't stop on new lines if it's a binary file.
*/
int buflen, i;
if(verify) {
set_error("Can't do passphrase verification on non-tty inputs");
goto out_err;
}
/* The following for control loop does an exhausting
* read on the key material file, if requested with
* key_size == 0, as it's done by LUKS. However, we
* should warn the user, if it's a non-regular file,
* such as /dev/random, because in this case, the loop
* will read forever.
*/
if(key_file && strcmp(key_file, "-") && read_horizon == 0) {
struct stat st;
if(stat(key_file, &st) < 0) {
set_error("Can't stat key file");
goto out_err;
}
if(!S_ISREG(st.st_mode)) {
// set_error("Can't do exhausting read on non regular files");
// goto out_err;
fprintf(stderr,"Warning: exhausting read requested, but key file is not a regular file, function might never return.\n");
}
}
buflen = 0;
for(i = 0; read_horizon == 0 || i < read_horizon; i++) {
if(i >= buflen - 1) {
buflen += 128;
pass = safe_realloc(pass, buflen);
if (!pass) {
set_error("Not enough memory while "
"reading passphrase");
goto out_err;
}
}
if(read(fd, pass + i, 1) != 1 || (newline_stop && pass[i] == '\n'))
break;
}
if(key_file)
close(fd);
pass[i] = 0;
*key = pass;
*passLen = i;
}
return isatty(fd); /* Return true, when password reading can be tried on interactive fds */
out_err:
if(pass)
safe_free(pass);
*key = NULL;
*passLen = 0;
return 0;
}
Reference in New Issue View Git Blame Copy Permalink