Skip to content

Commit

Permalink
Simplify keyslot context initialization code.
Browse files Browse the repository at this point in the history
  • Loading branch information
@oniko @mbroz
oniko authored and mbroz committed Sep 29, 2024
1 parent 3c00305 commit 8ad2854
Show file tree
Hide file tree
Showing 3 changed files with 32 additions and 77 deletions.
77 changes: 16 additions & 61 deletions lib/keyslot_context.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -456,17 +456,11 @@ void crypt_keyslot_context_init_by_keyring_internal(struct crypt_keyslot_context

kc->type = CRYPT_KC_TYPE_KEYRING;
kc->u.kr.key_description = key_description;
kc->u.kr.i_key_description = NULL;

kc->get_luks2_key = get_luks2_key_by_keyring;
kc->get_luks2_volume_key = get_luks2_volume_key_by_keyring;
kc->get_luks1_volume_key = get_luks1_volume_key_by_keyring;
kc->get_luks2_volume_key = get_luks2_volume_key_by_keyring;
kc->get_passphrase = get_passphrase_by_keyring;
kc->get_plain_volume_key = NULL;
kc->get_bitlk_volume_key = NULL;
kc->get_fvault2_volume_key = NULL;
kc->get_verity_volume_key = NULL;
kc->get_integrity_volume_key = NULL;
kc->context_free = keyring_context_free;
crypt_keyslot_context_init_common(kc);
}
Expand All @@ -486,12 +480,11 @@ void crypt_keyslot_context_init_by_key_internal(struct crypt_keyslot_context *kc

kc->type = CRYPT_KC_TYPE_KEY;
kc->u.k.volume_key = volume_key;
kc->u.k.i_vk = NULL;
kc->u.k.volume_key_size = volume_key_size;

kc->get_luks2_key = get_key_by_key;
kc->get_luks2_volume_key = get_volume_key_by_key;
kc->get_luks1_volume_key = get_volume_key_by_key;
kc->get_passphrase = NULL; /* keyslot key context does not provide passphrase */
kc->get_luks2_volume_key = get_volume_key_by_key;
kc->get_plain_volume_key = get_generic_volume_key_by_key;
kc->get_bitlk_volume_key = get_generic_volume_key_by_key;
kc->get_fvault2_volume_key = get_generic_volume_key_by_key;
Expand Down Expand Up @@ -522,17 +515,8 @@ void crypt_keyslot_context_init_by_signed_key_internal(struct crypt_keyslot_cont
kc->u.ks.volume_key_size = volume_key_size;
kc->u.ks.signature = signature;
kc->u.ks.signature_size = signature_size;
kc->u.ks.i_vk = NULL;
kc->u.ks.i_vk_sig = NULL;
kc->get_luks2_key = NULL;
kc->get_luks2_volume_key = NULL;
kc->get_luks1_volume_key = NULL;
kc->get_passphrase = NULL;
kc->get_plain_volume_key = NULL;
kc->get_bitlk_volume_key = NULL;
kc->get_fvault2_volume_key = NULL;

kc->get_verity_volume_key = get_generic_signed_key_by_key;
kc->get_integrity_volume_key = NULL;
kc->context_free = signed_key_context_free;
crypt_keyslot_context_init_common(kc);
}
Expand All @@ -547,15 +531,9 @@ void crypt_keyslot_context_init_by_passphrase_internal(struct crypt_keyslot_cont
kc->u.p.passphrase = passphrase;
kc->u.p.passphrase_size = passphrase_size;
kc->get_luks2_key = get_luks2_key_by_passphrase;
kc->get_luks2_volume_key = get_luks2_volume_key_by_passphrase;
kc->get_luks1_volume_key = get_luks1_volume_key_by_passphrase;
kc->get_luks2_volume_key = get_luks2_volume_key_by_passphrase;
kc->get_passphrase = get_passphrase_by_passphrase;
kc->get_plain_volume_key = NULL;
kc->get_bitlk_volume_key = NULL;
kc->get_fvault2_volume_key = NULL;
kc->get_verity_volume_key = NULL;
kc->get_integrity_volume_key = NULL;
kc->context_free = NULL;
crypt_keyslot_context_init_common(kc);
}

Expand All @@ -575,19 +553,13 @@ void crypt_keyslot_context_init_by_keyfile_internal(struct crypt_keyslot_context

kc->type = CRYPT_KC_TYPE_KEYFILE;
kc->u.kf.keyfile = keyfile;
kc->u.kf.i_keyfile = NULL;
kc->u.kf.keyfile_size = keyfile_size;
kc->u.kf.keyfile_offset = keyfile_offset;
kc->u.kf.i_keyfile = NULL;
kc->u.kf.keyfile_size = keyfile_size;

kc->get_luks2_key = get_luks2_key_by_keyfile;
kc->get_luks2_volume_key = get_luks2_volume_key_by_keyfile;
kc->get_luks1_volume_key = get_luks1_volume_key_by_keyfile;
kc->get_luks2_volume_key = get_luks2_volume_key_by_keyfile;
kc->get_passphrase = get_passphrase_by_keyfile;
kc->get_plain_volume_key = NULL;
kc->get_bitlk_volume_key = NULL;
kc->get_fvault2_volume_key = NULL;
kc->get_verity_volume_key = NULL;
kc->get_integrity_volume_key = NULL;
kc->context_free = keyfile_context_free;
crypt_keyslot_context_init_common(kc);
}
Expand All @@ -612,20 +584,13 @@ void crypt_keyslot_context_init_by_token_internal(struct crypt_keyslot_context *
kc->type = CRYPT_KC_TYPE_TOKEN;
kc->u.t.id = token;
kc->u.t.type = type;
kc->u.t.i_type = NULL;
kc->u.t.pin = pin;
kc->u.t.i_pin = NULL;
kc->u.t.pin_size = pin_size;
kc->u.t.usrptr = usrptr;

kc->get_luks2_key = get_luks2_key_by_token;
kc->get_luks2_volume_key = get_luks2_volume_key_by_token;
kc->get_luks1_volume_key = NULL; /* LUKS1 is not supported */
kc->get_passphrase = get_passphrase_by_token;
kc->get_plain_volume_key = NULL;
kc->get_bitlk_volume_key = NULL;
kc->get_fvault2_volume_key = NULL;
kc->get_verity_volume_key = NULL;
kc->get_integrity_volume_key = NULL;
kc->context_free = token_context_free;
crypt_keyslot_context_init_common(kc);
}
Expand All @@ -644,17 +609,9 @@ void crypt_keyslot_context_init_by_vk_in_keyring_internal(struct crypt_keyslot_c

kc->type = CRYPT_KC_TYPE_VK_KEYRING;
kc->u.vk_kr.key_description = key_description;
kc->u.vk_kr.i_key_description = NULL;

kc->get_luks2_key = get_key_by_vk_in_keyring;
kc->get_luks2_volume_key = get_volume_key_by_vk_in_keyring;
kc->get_luks1_volume_key = NULL;
kc->get_passphrase = NULL; /* keyslot key context does not provide passphrase */
kc->get_plain_volume_key = NULL;
kc->get_bitlk_volume_key = NULL;
kc->get_fvault2_volume_key = NULL;
kc->get_verity_volume_key = NULL;
kc->get_integrity_volume_key = NULL;
kc->context_free = vk_in_keyring_context_free;
crypt_keyslot_context_init_common(kc);
}
Expand All @@ -668,8 +625,6 @@ void crypt_keyslot_context_destroy_internal(struct crypt_keyslot_context *kc)
kc->context_free(kc);

crypt_safe_free(kc->i_passphrase);
kc->i_passphrase = NULL;
kc->i_passphrase_size = 0;
}

void crypt_keyslot_context_free(struct crypt_keyslot_context *kc)
Expand All @@ -689,7 +644,7 @@ static int _crypt_keyslot_context_init_by_passphrase(const char *passphrase,
if (!kc || !passphrase)
return -EINVAL;

tmp = malloc(sizeof(*tmp));
tmp = crypt_zalloc(sizeof(*tmp));
if (!tmp)
return -ENOMEM;

Expand Down Expand Up @@ -755,7 +710,7 @@ static int _crypt_keyslot_context_init_by_keyfile(const char *keyfile,
if (!kc || !keyfile)
return -EINVAL;

tmp = malloc(sizeof(*tmp));
tmp = crypt_zalloc(sizeof(*tmp));
if (!tmp)
return -ENOMEM;

Expand Down Expand Up @@ -816,7 +771,7 @@ static int _crypt_keyslot_context_init_by_token(int token,
(pin && !pin_size))
return -EINVAL;

tmp = malloc(sizeof(*tmp));
tmp = crypt_zalloc(sizeof(*tmp));
if (!tmp)
return -ENOMEM;

Expand Down Expand Up @@ -887,7 +842,7 @@ static int _crypt_keyslot_context_init_by_volume_key(const char *volume_key,
if (!kc)
return -EINVAL;

tmp = malloc(sizeof(*tmp));
tmp = crypt_zalloc(sizeof(*tmp));
if (!tmp)
return -ENOMEM;

Expand Down Expand Up @@ -944,7 +899,7 @@ static int _crypt_keyslot_context_init_by_signed_key(const char *volume_key,
if (!kc)
return -EINVAL;

tmp = malloc(sizeof(*tmp));
tmp = crypt_zalloc(sizeof(*tmp));
if (!tmp)
return -ENOMEM;

Expand Down Expand Up @@ -1014,7 +969,7 @@ static int _crypt_keyslot_context_init_by_keyring(const char *key_description,
if (!kc || !key_description)
return -EINVAL;

tmp = malloc(sizeof(*tmp));
tmp = crypt_zalloc(sizeof(*tmp));
if (!tmp)
return -ENOMEM;

Expand Down Expand Up @@ -1066,7 +1021,7 @@ static int _crypt_keyslot_context_init_by_vk_in_keyring(const char *key_descript
if (!kc || !key_description)
return -EINVAL;

tmp = malloc(sizeof(*tmp));
tmp = crypt_zalloc(sizeof(*tmp));
if (!tmp)
return -ENOMEM;

Expand Down
2 changes: 1 addition & 1 deletion lib/keyslot_context.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,8 +83,8 @@ struct crypt_keyslot_context {
} t;
struct {
const char *volume_key;
struct volume_key *i_vk;
size_t volume_key_size;
struct volume_key *i_vk;
} k;
struct {
const char *volume_key;
Expand Down
30 changes: 15 additions & 15 deletions lib/setup.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4395,7 +4395,7 @@ int crypt_resume_by_passphrase(struct crypt_device *cd,
size_t passphrase_size)
{
int r;
struct crypt_keyslot_context kc;
struct crypt_keyslot_context kc = {};

crypt_keyslot_context_init_by_passphrase_internal(&kc, passphrase, passphrase_size);
r = crypt_resume_by_keyslot_context(cd, name, keyslot, &kc);
Expand All @@ -4412,7 +4412,7 @@ int crypt_resume_by_keyfile_device_offset(struct crypt_device *cd,
uint64_t keyfile_offset)
{
int r;
struct crypt_keyslot_context kc;
struct crypt_keyslot_context kc = {};

crypt_keyslot_context_init_by_keyfile_internal(&kc, keyfile, keyfile_size, keyfile_offset);
r = crypt_resume_by_keyslot_context(cd, name, keyslot, &kc);
Expand Down Expand Up @@ -4448,7 +4448,7 @@ int crypt_resume_by_volume_key(struct crypt_device *cd,
size_t volume_key_size)
{
int r;
struct crypt_keyslot_context kc;
struct crypt_keyslot_context kc = {};

crypt_keyslot_context_init_by_key_internal(&kc, volume_key, volume_key_size);
r = crypt_resume_by_keyslot_context(cd, name, CRYPT_ANY_SLOT /* unused */, &kc);
Expand All @@ -4465,7 +4465,7 @@ int crypt_resume_by_token_pin(struct crypt_device *cd, const char *name,
void *usrptr)
{
int r;
struct crypt_keyslot_context kc;
struct crypt_keyslot_context kc = {};

crypt_keyslot_context_init_by_token_internal(&kc, token, type, pin, pin_size, usrptr);
r = crypt_resume_by_keyslot_context(cd, name, CRYPT_ANY_SLOT, &kc);
Expand All @@ -4485,7 +4485,7 @@ int crypt_keyslot_add_by_passphrase(struct crypt_device *cd,
size_t new_passphrase_size)
{
int r;
struct crypt_keyslot_context kc, new_kc;
struct crypt_keyslot_context kc = {}, new_kc = {};

if (!passphrase || !new_passphrase)
return -EINVAL;
Expand Down Expand Up @@ -4629,7 +4629,7 @@ int crypt_keyslot_add_by_keyfile_device_offset(struct crypt_device *cd,
uint64_t new_keyfile_offset)
{
int r;
struct crypt_keyslot_context kc, new_kc;
struct crypt_keyslot_context kc = {}, new_kc = {};

if (!keyfile || !new_keyfile)
return -EINVAL;
Expand Down Expand Up @@ -4679,7 +4679,7 @@ int crypt_keyslot_add_by_volume_key(struct crypt_device *cd,
size_t passphrase_size)
{
int r;
struct crypt_keyslot_context kc, new_kc;
struct crypt_keyslot_context kc = {}, new_kc = {};

if (!passphrase)
return -EINVAL;
Expand Down Expand Up @@ -5837,7 +5837,7 @@ int crypt_activate_by_passphrase(struct crypt_device *cd,
uint32_t flags)
{
int r;
struct crypt_keyslot_context kc;
struct crypt_keyslot_context kc = {};

crypt_keyslot_context_init_by_passphrase_internal(&kc, passphrase, passphrase_size);
r = crypt_activate_by_keyslot_context(cd, name, keyslot, &kc, CRYPT_ANY_SLOT, NULL, flags);
Expand All @@ -5855,7 +5855,7 @@ int crypt_activate_by_keyfile_device_offset(struct crypt_device *cd,
uint32_t flags)
{
int r;
struct crypt_keyslot_context kc;
struct crypt_keyslot_context kc = {};

crypt_keyslot_context_init_by_keyfile_internal(&kc, keyfile, keyfile_size, keyfile_offset);
r = crypt_activate_by_keyslot_context(cd, name, keyslot, &kc, CRYPT_ANY_SLOT, NULL, flags);
Expand Down Expand Up @@ -5894,7 +5894,7 @@ int crypt_activate_by_volume_key(struct crypt_device *cd,
uint32_t flags)
{
int r;
struct crypt_keyslot_context kc;
struct crypt_keyslot_context kc = {};

crypt_keyslot_context_init_by_key_internal(&kc, volume_key, volume_key_size);
r = crypt_activate_by_keyslot_context(cd, name, CRYPT_ANY_SLOT /* unused */, &kc, CRYPT_ANY_SLOT, NULL, flags);
Expand All @@ -5912,7 +5912,7 @@ int crypt_activate_by_signed_key(struct crypt_device *cd,
uint32_t flags)
{
int r;
struct crypt_keyslot_context kc;
struct crypt_keyslot_context kc = {};

if (!cd || !isVERITY(cd->type))
return -EINVAL;
Expand Down Expand Up @@ -6111,7 +6111,7 @@ int crypt_volume_key_get(struct crypt_device *cd,
size_t passphrase_size)
{
int r;
struct crypt_keyslot_context kc;
struct crypt_keyslot_context kc = {};

if (!passphrase)
return crypt_volume_key_get_by_keyslot_context(cd, keyslot, volume_key, volume_key_size, NULL);
Expand Down Expand Up @@ -7127,7 +7127,7 @@ int crypt_activate_by_token_pin(struct crypt_device *cd, const char *name,
void *usrptr, uint32_t flags)
{
int r;
struct crypt_keyslot_context kc;
struct crypt_keyslot_context kc = {};

crypt_keyslot_context_init_by_token_internal(&kc, token, type, pin, pin_size, usrptr);
r = crypt_activate_by_keyslot_context(cd, name, CRYPT_ANY_SLOT, &kc, CRYPT_ANY_SLOT, NULL, flags);
Expand Down Expand Up @@ -7524,7 +7524,7 @@ int crypt_keyslot_add_by_key(struct crypt_device *cd,
uint32_t flags)
{
int r;
struct crypt_keyslot_context kc, new_kc;
struct crypt_keyslot_context kc = {}, new_kc = {};

if (!passphrase || ((flags & CRYPT_VOLUME_KEY_NO_SEGMENT) &&
(flags & CRYPT_VOLUME_KEY_SET)))
Expand Down Expand Up @@ -7894,7 +7894,7 @@ int crypt_activate_by_keyring(struct crypt_device *cd,
uint32_t flags)
{
int r;
struct crypt_keyslot_context kc;
struct crypt_keyslot_context kc = {};

if (!cd || !key_description)
return -EINVAL;
Expand Down

0 comments on commit 8ad2854

Please sign in to comment.