[PATCH] file-systems: Handle v2 LUKS header

  • Done
  • quality assurance status badge
Details
2 participants
  • Danny Milosavljevic
  • David Trudgian
Owner
unassigned
Submitted by
David Trudgian
Severity
normal

Debbugs page

David Trudgian wrote 5 years ago
(address . guix-patches@gnu.org)(address . dave@trudgian.net)
20200104151917.GA8616@lappy.randomroad.net
Let luks-superblock? read a LUKS2 header. The binary header prior to
the JSON LUKS2 data is backward compatible with LUKS1, so the UUID
can be read from the same location, and we just need to accept
version=2.
---
gnu/build/file-systems.scm | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)

Toggle diff (44 lines)
diff --git a/gnu/build/file-systems.scm b/gnu/build/file-systems.scm
index 9299cc2e4c..df06905c4e 100644
--- a/gnu/build/file-systems.scm
+++ b/gnu/build/file-systems.scm
@@ -4,6 +4,7 @@
;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>
;;; Copyright © 2019 Guillaume Le Vaillant <glv@posteo.net>
;;; Copyright © 2019 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2019 David C. Trudgian <dave@trudgian.net>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -343,6 +344,10 @@ if DEVICE does not contain a JFS file system."
;; <https://gitlab.com/cryptsetup/cryptsetup/wikis/Specification>. We follow
;; version 1.2.1 of this document.
+;; The LUKS2 header format is described in "LUKS2 On-Disk Format Specification":
+;; <https://gitlab.com/cryptsetup/LUKS2-docs/blob/master/luks2_doc_wip.pdf>.
+;; This is a WIP document.
+
(define-syntax %luks-endianness
;; Endianness of LUKS headers.
(identifier-syntax (endianness big)))
@@ -356,12 +361,16 @@ if DEVICE does not contain a JFS file system."
(let ((magic (sub-bytevector sblock 0 6))
(version (bytevector-u16-ref sblock 6 %luks-endianness)))
(and (bytevector=? magic %luks-magic)
- (= version 1))))
+ (or (= version 1) (= version 2)))))
(define (read-luks-header file)
"Read a LUKS header from FILE. Return the raw header on success, and #f if
not valid header was found."
- ;; Size in bytes of the LUKS header, including key slots.
+ ;; Size in bytes of the LUKS binary header, which includes key slots in
+ ;; LUKS1. In LUKS2 the binary header is partially backward compatible, so
+ ;; that UUID can be extracted as for LUKS1. Keyslots and other metadata are
+ ;; not part of this header in LUKS2, but are included in the JSON metadata
+ ;; area that follows.
(read-superblock file 0 592 luks-superblock?))
(define (luks-header-uuid header)
--
2.24.1
Danny Milosavljevic wrote 5 years ago
(name . David Trudgian)(address . dave@trudgian.net)(address . 38920-done@debbugs.gnu.org)
20200105111536.22dfc557@scratchpost.org
Hi David,

thanks for the patch!

Pushed as commit 7aa28eb339dd667d07cfb8b5347e159d5da3ccd7 to guix master.
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEds7GsXJ0tGXALbPZ5xo1VCwwuqUFAl4Rt0gACgkQ5xo1VCww
uqWztwf/egPHOFSPO8XPeQ+mTajy5aCM3/i3GLDb9UsqTp/wvw3DR8byi28sSvko
hgAXb6mm5gJBVD+6wu0Ub6QCyww68lvfXXOLv99TNsIEAXtIJ7OCSac7cNzKQF2i
viuYgbaYlpWYukW7D+rXWeoeEbCYPn8bBLBM5xIMv0sf1PXNYutrSbiVf/cCJm1D
mNV4YMCLctwumML20C/WN3NM/vx+YD0WzdaZrpaU+Dcb9Xrq7CETAkXy9yaF81Up
EVWsi24R/vdhzdb4EzR6Fx9YoFxyudzljg47Wo1g7DUBqqt6OtwV8SvwPpxXJUkx
ssjOcLu+Ow7eB5hwvwxV+UrF0QGsUg==
=3Zhn
-----END PGP SIGNATURE-----


Closed
?
Your comment

This issue is archived.

To comment on this conversation send an email to 38920@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 38920
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch
You may also tag this issue. See list of standard tags. For example, to set the confirmed and easy tags
mumi command -t +confirmed -t +easy
Or, remove the moreinfo tag and set the help tag
mumi command -t -moreinfo -t +help