Laszlo Ersek
2022-Feb-28 15:54 UTC
[Libguestfs] [libguestfs-common PATCH 0/3] cleanups for "options/decrypt.c"
Three patches to address the comments that Rich made (on preexistent
code) in this thread:
[libguestfs-common PATCH 0/2] options: decrypt LUKS-on-LV devices
Message-Id: <20220223161915.16604-1-lersek at redhat.com>
https://listman.redhat.com/archives/libguestfs/2022-February/msg00369.html
Thanks,
Laszlo
Laszlo Ersek (3):
options: assume GUESTFS_HAVE_LUKS_UUID and
GUESTFS_HAVE_CRYPTSETUP_OPEN
options: remove stale comment about GUESTFS_CRYPTSETUP_OPEN_READONLY
options: allocate the decrypted LUKS device name dynamically
options/decrypt.c | 90 ++++++++++++++------
1 file changed, 63 insertions(+), 27 deletions(-)
base-commit: 2d8c0f8d40b5d43e45b969e25eb5c4a12b3c675a
--
2.19.1.3.g30247aa5d201
Laszlo Ersek
2022-Feb-28 15:54 UTC
[Libguestfs] [libguestfs-common PATCH 1/3] options: assume GUESTFS_HAVE_LUKS_UUID and GUESTFS_HAVE_CRYPTSETUP_OPEN
guestfs_luks_uuid() was added in libguestfs 1.42 (released March 2020).
guestfs_cryptsetup_open was added in libguestfs 1.44 (Jan 2021).
guestfs-tools already requires libguestfs >= 1.44 (see
guestfs-tools.git/m4/guestfs-libraries.m4), as of commit 27da4b0c4991.
The libguestfs version required in virt-v2v.git/m4/guestfs-libraries.m4
will have to be bumped to 1.44 (at commit 6711106145f9, the requirement is
1.40).
Suggested-by: Richard W.M. Jones <rjones at redhat.com>
Signed-off-by: Laszlo Ersek <lersek at redhat.com>
---
options/decrypt.c | 6 ------
1 file changed, 6 deletions(-)
diff --git a/options/decrypt.c b/options/decrypt.c
index f7c1d876b3ed..6e0ea95f1716 100644
--- a/options/decrypt.c
+++ b/options/decrypt.c
@@ -92,9 +92,7 @@ decrypt_mountables (guestfs_h *g, const char * const
*mountables,
* (unclear if this is a limitation of the format or cryptsetup).
*/
if (STREQ (type, "crypto_LUKS")) {
-#ifdef GUESTFS_HAVE_LUKS_UUID
uuid = guestfs_luks_uuid (g, mountable);
-#endif
} else if (STRNEQ (type, "BitLocker"))
continue;
@@ -115,14 +113,10 @@ decrypt_mountables (guestfs_h *g, const char * const
*mountables,
int r;
guestfs_push_error_handler (g, NULL, NULL);
-#ifdef GUESTFS_HAVE_CRYPTSETUP_OPEN
/* XXX Should we set GUESTFS_CRYPTSETUP_OPEN_READONLY if readonly is
* set? This might break 'mount_ro'.
*/
r = guestfs_cryptsetup_open (g, mountable, key, mapname, -1);
-#else
- r = guestfs_luks_open (g, mountable, key, mapname);
-#endif
guestfs_pop_error_handler (g);
if (r == 0)
--
2.19.1.3.g30247aa5d201
Laszlo Ersek
2022-Feb-28 15:54 UTC
[Libguestfs] [libguestfs-common PATCH 2/3] options: remove stale comment about GUESTFS_CRYPTSETUP_OPEN_READONLY
When the appliance opens the disk image in read-only mode, it uses a
writeable qcow2 overlay to protect the disk image from writes. Writable
guest devices are required to mount filesystems with journals, even when
mounting them with "-o ro".
Suggested-by: Richard W.M. Jones <rjones at redhat.com>
Signed-off-by: Laszlo Ersek <lersek at redhat.com>
---
options/decrypt.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/options/decrypt.c b/options/decrypt.c
index 6e0ea95f1716..c5b8f8f566fd 100644
--- a/options/decrypt.c
+++ b/options/decrypt.c
@@ -113,9 +113,6 @@ decrypt_mountables (guestfs_h *g, const char * const
*mountables,
int r;
guestfs_push_error_handler (g, NULL, NULL);
- /* XXX Should we set GUESTFS_CRYPTSETUP_OPEN_READONLY if readonly is
- * set? This might break 'mount_ro'.
- */
r = guestfs_cryptsetup_open (g, mountable, key, mapname, -1);
guestfs_pop_error_handler (g);
--
2.19.1.3.g30247aa5d201
Laszlo Ersek
2022-Feb-28 15:54 UTC
[Libguestfs] [libguestfs-common PATCH 3/3] options: allocate the decrypted LUKS device name dynamically
This includes rewriting make_mapname() with dynamic memory allocation.
Suggested-by: Richard W.M. Jones <rjones at redhat.com>
Signed-off-by: Laszlo Ersek <lersek at redhat.com>
---
options/decrypt.c | 81 +++++++++++++++-----
1 file changed, 63 insertions(+), 18 deletions(-)
diff --git a/options/decrypt.c b/options/decrypt.c
index c5b8f8f566fd..b899a0028620 100644
--- a/options/decrypt.c
+++ b/options/decrypt.c
@@ -30,6 +30,7 @@
#include <libintl.h>
#include <error.h>
#include <assert.h>
+#include <errno.h>
#include "c-ctype.h"
@@ -37,6 +38,23 @@
#include "options.h"
+static void
+append_char (size_t *idx, char *buffer, char c)
+{
+ /* bail out if the size of the string (including the terminating NUL, if any
+ * cannot be expressed as a size_t
+ */
+ if (*idx == (size_t)-1)
+ error (EXIT_FAILURE, 0, _("string size overflow"));
+
+ /* if we're not just counting, then actually write the character */
+ if (buffer != NULL)
+ buffer[*idx] = c;
+
+ /* advance */
+ ++*idx;
+}
+
/**
* Make a LUKS map name from the partition or logical volume name, eg.
* C<"/dev/vda2" =E<gt> "cryptvda2">, or
C<"/dev/vg-ssd/lv-root7" =E<gt>
@@ -44,28 +62,55 @@
* c_isalnum() eliminates the "/" separator from between the VG and
the LV, so
* this mapping is not unique; but for our purposes, it will do.
*/
-static void
-make_mapname (const char *device, char *mapname, size_t len)
+static char *
+make_mapname (const char *device)
{
- size_t i = 0;
+ bool strip_iprefix;
+ static const char iprefix[] = "/dev/";
+ char *mapname;
+ enum { COUNT, WRITE, DONE } mode;
- if (len < 6)
- abort ();
- strcpy (mapname, "crypt");
- mapname += 5;
- len -= 5;
+ strip_iprefix = STRPREFIX (device, iprefix);
- if (STRPREFIX (device, "/dev/"))
- i = 5;
+ /* set to NULL in COUNT mode, flipped to non-NULL for WRITE mode */
+ mapname = NULL;
- for (; device[i] != '\0' && len >= 1; ++i) {
- if (c_isalnum (device[i])) {
- *mapname++ = device[i];
- len--;
+ for (mode = COUNT; mode < DONE; ++mode) {
+ size_t ipos;
+ static const size_t iprefixlen = sizeof iprefix - 1;
+ size_t opos;
+ static const char oprefix[] = "crypt";
+ static const size_t oprefixlen = sizeof oprefix - 1;
+ char ichar;
+
+ /* skip the input prefix, if any */
+ ipos = strip_iprefix ? iprefixlen : 0;
+ /* start producing characters after the output prefix */
+ opos = oprefixlen;
+
+ /* filter & copy */
+ while ((ichar = device[ipos]) != '\0') {
+ if (c_isalnum (ichar))
+ append_char (&opos, mapname, ichar);
+ ++ipos;
+ }
+
+ /* terminate */
+ append_char (&opos, mapname, '\0');
+
+ /* allocate the output buffer when flipping from COUNT to WRITE mode */
+ if (mode == COUNT) {
+ assert (opos >= sizeof oprefix);
+ mapname = malloc (opos);
+ if (mapname == NULL)
+ error (EXIT_FAILURE, errno, "malloc");
+
+ /* populate the output prefix -- note: not NUL-terminated yet */
+ memcpy (mapname, oprefix, oprefixlen);
}
}
- *mapname = '\0';
+ return mapname;
}
static bool
@@ -80,7 +125,7 @@ decrypt_mountables (guestfs_h *g, const char * const
*mountables,
CLEANUP_FREE char *type = NULL;
CLEANUP_FREE char *uuid = NULL;
CLEANUP_FREE_STRING_LIST char **keys = NULL;
- char mapname[512];
+ CLEANUP_FREE char *mapname = NULL;
const char * const *key_scan;
const char *key;
@@ -104,8 +149,8 @@ decrypt_mountables (guestfs_h *g, const char * const
*mountables,
/* Generate a node name for the plaintext (decrypted) device node. */
if (!name_decrypted_by_uuid || uuid == NULL ||
- snprintf (mapname, sizeof mapname, "luks-%s", uuid) < 0)
- make_mapname (mountable, mapname, sizeof mapname);
+ asprintf (&mapname, "luks-%s", uuid) == -1)
+ mapname = make_mapname (mountable);
/* Try each key in turn. */
key_scan = (const char * const *)keys;
--
2.19.1.3.g30247aa5d201
Laszlo Ersek
2022-Mar-01 16:32 UTC
[Libguestfs] [libguestfs-common PATCH 0/3] cleanups for "options/decrypt.c"
On 02/28/22 16:54, Laszlo Ersek wrote:> Three patches to address the comments that Rich made (on preexistent > code) in this thread: > > [libguestfs-common PATCH 0/2] options: decrypt LUKS-on-LV devices > Message-Id: <20220223161915.16604-1-lersek at redhat.com> > https://listman.redhat.com/archives/libguestfs/2022-February/msg00369.html > > Thanks, > Laszlo > > Laszlo Ersek (3): > options: assume GUESTFS_HAVE_LUKS_UUID and > GUESTFS_HAVE_CRYPTSETUP_OPEN > options: remove stale comment about GUESTFS_CRYPTSETUP_OPEN_READONLY > options: allocate the decrypted LUKS device name dynamically > > options/decrypt.c | 90 ++++++++++++++------ > 1 file changed, 63 insertions(+), 27 deletions(-) > > > base-commit: 2d8c0f8d40b5d43e45b969e25eb5c4a12b3c675a >Merged as commit range 2d8c0f8d40b5..60efc5407552, per <https://listman.redhat.com/archives/libguestfs/2022-March/msg00000.html>. Thanks! Laszlo