From: David Trudgian <dave@trudgian.net>
To: 38920@debbugs.gnu.org
Cc: dave@trudgian.net
Subject: [bug#38920] [PATCH] file-systems: Handle v2 LUKS header
Date: Sat, 4 Jan 2020 09:19:17 -0600 [thread overview]
Message-ID: <20200104151917.GA8616@lappy.randomroad.net> (raw)
Let luks-superblock? read a LUKS2 header. The binary header prior to
the JSON LUKS2 data is backward compatible with LUKS1, so the UUID
can be read from the same location, and we just need to accept
version=2.
---
gnu/build/file-systems.scm | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/gnu/build/file-systems.scm b/gnu/build/file-systems.scm
index 9299cc2e4c..df06905c4e 100644
--- a/gnu/build/file-systems.scm
+++ b/gnu/build/file-systems.scm
@@ -4,6 +4,7 @@
;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>
;;; Copyright © 2019 Guillaume Le Vaillant <glv@posteo.net>
;;; Copyright © 2019 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2019 David C. Trudgian <dave@trudgian.net>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -343,6 +344,10 @@ if DEVICE does not contain a JFS file system."
;; <https://gitlab.com/cryptsetup/cryptsetup/wikis/Specification>. We follow
;; version 1.2.1 of this document.
+;; The LUKS2 header format is described in "LUKS2 On-Disk Format Specification":
+;; <https://gitlab.com/cryptsetup/LUKS2-docs/blob/master/luks2_doc_wip.pdf>.
+;; This is a WIP document.
+
(define-syntax %luks-endianness
;; Endianness of LUKS headers.
(identifier-syntax (endianness big)))
@@ -356,12 +361,16 @@ if DEVICE does not contain a JFS file system."
(let ((magic (sub-bytevector sblock 0 6))
(version (bytevector-u16-ref sblock 6 %luks-endianness)))
(and (bytevector=? magic %luks-magic)
- (= version 1))))
+ (or (= version 1) (= version 2)))))
(define (read-luks-header file)
"Read a LUKS header from FILE. Return the raw header on success, and #f if
not valid header was found."
- ;; Size in bytes of the LUKS header, including key slots.
+ ;; Size in bytes of the LUKS binary header, which includes key slots in
+ ;; LUKS1. In LUKS2 the binary header is partially backward compatible, so
+ ;; that UUID can be extracted as for LUKS1. Keyslots and other metadata are
+ ;; not part of this header in LUKS2, but are included in the JSON metadata
+ ;; area that follows.
(read-superblock file 0 592 luks-superblock?))
(define (luks-header-uuid header)
--
2.24.1
next reply other threads:[~2020-01-04 16:23 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-04 15:19 David Trudgian [this message]
2020-01-05 10:15 ` bug#38920: [PATCH] file-systems: Handle v2 LUKS header Danny Milosavljevic
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200104151917.GA8616@lappy.randomroad.net \
--to=dave@trudgian.net \
--cc=38920@debbugs.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.