Update to 2.06.

1 files changed, 4 insertions, 241 deletions

diff --git a/0004-Cryptomount-support-plain-dm-crypt.patch b/0004-Cryptomount-support-plain-dm-crypt.patch
index 34c10d7216bb..1ea3232b9b5e 100644
--- a/0004-Cryptomount-support-plain-dm-crypt.patch
+++ b/0004-Cryptomount-support-plain-dm-crypt.patch
@@ -111,8 +111,8 @@ index 5261af547..7f656f75c 100644
 +
 +          dev = grub_cryptodisk_create (disk, NULL, cipher, mode, digest);
 +
-+          dev->offset = offset;
-+	  if (size) dev->total_length = size;
++          dev->offset_sectors = offset;
++	  if (size) dev->total_sectors = size;
 +
 +          if (key)
 +	    {
@@ -325,7 +325,7 @@ index 5261af547..7f656f75c 100644
 +      return NULL;
 +    }
 +  newdev->cipher = cipher;
-+  newdev->offset = 0;
++  newdev->offset_sectors = 0;
 +  newdev->source_disk = NULL;
 +  newdev->benbi_log = benbi_log;
 +  newdev->mode = mode;
@@ -335,7 +335,7 @@ index 5261af547..7f656f75c 100644
 +  newdev->essiv_hash = essiv_hash;
 +  newdev->hash = hash;
 +  newdev->log_sector_size = 9;
-+  newdev->total_length = grub_disk_get_size (disk) - newdev->offset;
++  newdev->total_sectors = grub_disk_native_sectors (disk) - newdev->offset_sectors;
 +  grub_memcpy (newdev->uuid, uuid, sizeof (newdev->uuid));
 +  COMPILE_TIME_ASSERT (sizeof (newdev->uuid) >= sizeof (uuid));
 +
@@ -357,234 +357,6 @@ diff --git a/grub-core/disk/luks.c b/grub-core/disk/luks.c
 index 11e437edb..4ebe21b4e 100644
 --- a/grub-core/disk/luks.c
 +++ b/grub-core/disk/luks.c
-@@ -30,8 +30,6 @@
- 
- GRUB_MOD_LICENSE ("GPLv3+");
- 
--#define MAX_PASSPHRASE 256
--
- #define LUKS_KEY_ENABLED  0x00AC71F3
- 
- /* On disk LUKS header */
-@@ -76,15 +74,7 @@ configure_ciphers (grub_disk_t disk, const char *check_uuid,
-   char uuid[sizeof (header.uuid) + 1];
-   char ciphername[sizeof (header.cipherName) + 1];
-   char ciphermode[sizeof (header.cipherMode) + 1];
--  char *cipheriv = NULL;
-   char hashspec[sizeof (header.hashSpec) + 1];
--  grub_crypto_cipher_handle_t cipher = NULL, secondary_cipher = NULL;
--  grub_crypto_cipher_handle_t essiv_cipher = NULL;
--  const gcry_md_spec_t *hash = NULL, *essiv_hash = NULL;
--  const struct gcry_cipher_spec *ciph;
--  grub_cryptodisk_mode_t mode;
--  grub_cryptodisk_mode_iv_t mode_iv = GRUB_CRYPTODISK_MODE_IV_PLAIN64;
--  int benbi_log = 0;
-   grub_err_t err;
- 
-   err = GRUB_ERR_NONE;
-@@ -119,7 +109,7 @@ configure_ciphers (grub_disk_t disk, const char *check_uuid,
-        iptr++)
-     {
-       if (*iptr != '-')
--	*optr++ = *iptr;
-+        *optr++ = *iptr;
-     }
-   *optr = 0;
- 
-@@ -129,6 +119,7 @@ configure_ciphers (grub_disk_t disk, const char *check_uuid,
-       return NULL;
-     }
- 
-+
-   /* Make sure that strings are null terminated.  */
-   grub_memcpy (ciphername, header.cipherName, sizeof (header.cipherName));
-   ciphername[sizeof (header.cipherName)] = 0;
-@@ -137,184 +128,10 @@ configure_ciphers (grub_disk_t disk, const char *check_uuid,
-   grub_memcpy (hashspec, header.hashSpec, sizeof (header.hashSpec));
-   hashspec[sizeof (header.hashSpec)] = 0;
- 
--  ciph = grub_crypto_lookup_cipher_by_name (ciphername);
--  if (!ciph)
--    {
--      grub_error (GRUB_ERR_FILE_NOT_FOUND, "Cipher %s isn't available",
--		  ciphername);
--      return NULL;
--    }
--
--  /* Configure the cipher used for the bulk data.  */
--  cipher = grub_crypto_cipher_open (ciph);
--  if (!cipher)
--    return NULL;
--
--  if (grub_be_to_cpu32 (header.keyBytes) > 1024)
--    {
--      grub_error (GRUB_ERR_BAD_ARGUMENT, "invalid keysize %d",
--		  grub_be_to_cpu32 (header.keyBytes));
--      grub_crypto_cipher_close (cipher);
--      return NULL;
--    }
--
--  /* Configure the cipher mode.  */
--  if (grub_strcmp (ciphermode, "ecb") == 0)
--    {
--      mode = GRUB_CRYPTODISK_MODE_ECB;
--      mode_iv = GRUB_CRYPTODISK_MODE_IV_PLAIN;
--      cipheriv = NULL;
--    }
--  else if (grub_strcmp (ciphermode, "plain") == 0)
--    {
--      mode = GRUB_CRYPTODISK_MODE_CBC;
--      mode_iv = GRUB_CRYPTODISK_MODE_IV_PLAIN;
--      cipheriv = NULL;
--    }
--  else if (grub_memcmp (ciphermode, "cbc-", sizeof ("cbc-") - 1) == 0)
--    {
--      mode = GRUB_CRYPTODISK_MODE_CBC;
--      cipheriv = ciphermode + sizeof ("cbc-") - 1;
--    }
--  else if (grub_memcmp (ciphermode, "pcbc-", sizeof ("pcbc-") - 1) == 0)
--    {
--      mode = GRUB_CRYPTODISK_MODE_PCBC;
--      cipheriv = ciphermode + sizeof ("pcbc-") - 1;
--    }
--  else if (grub_memcmp (ciphermode, "xts-", sizeof ("xts-") - 1) == 0)
--    {
--      mode = GRUB_CRYPTODISK_MODE_XTS;
--      cipheriv = ciphermode + sizeof ("xts-") - 1;
--      secondary_cipher = grub_crypto_cipher_open (ciph);
--      if (!secondary_cipher)
--	{
--	  grub_crypto_cipher_close (cipher);
--	  return NULL;
--	}
--      if (cipher->cipher->blocksize != GRUB_CRYPTODISK_GF_BYTES)
--	{
--	  grub_error (GRUB_ERR_BAD_ARGUMENT, "Unsupported XTS block size: %d",
--		      cipher->cipher->blocksize);
--	  grub_crypto_cipher_close (cipher);
--	  grub_crypto_cipher_close (secondary_cipher);
--	  return NULL;
--	}
--      if (secondary_cipher->cipher->blocksize != GRUB_CRYPTODISK_GF_BYTES)
--	{
--	  grub_crypto_cipher_close (cipher);
--	  grub_error (GRUB_ERR_BAD_ARGUMENT, "Unsupported XTS block size: %d",
--		      secondary_cipher->cipher->blocksize);
--	  grub_crypto_cipher_close (secondary_cipher);
--	  return NULL;
--	}
--    }
--  else if (grub_memcmp (ciphermode, "lrw-", sizeof ("lrw-") - 1) == 0)
--    {
--      mode = GRUB_CRYPTODISK_MODE_LRW;
--      cipheriv = ciphermode + sizeof ("lrw-") - 1;
--      if (cipher->cipher->blocksize != GRUB_CRYPTODISK_GF_BYTES)
--	{
--	  grub_error (GRUB_ERR_BAD_ARGUMENT, "Unsupported LRW block size: %d",
--		      cipher->cipher->blocksize);
--	  grub_crypto_cipher_close (cipher);
--	  return NULL;
--	}
--    }
--  else
--    {
--      grub_crypto_cipher_close (cipher);
--      grub_error (GRUB_ERR_BAD_ARGUMENT, "Unknown cipher mode: %s",
--		  ciphermode);
--      return NULL;
--    }
--
--  if (cipheriv == NULL);
--  else if (grub_memcmp (cipheriv, "plain", sizeof ("plain") - 1) == 0)
--      mode_iv = GRUB_CRYPTODISK_MODE_IV_PLAIN;
--  else if (grub_memcmp (cipheriv, "plain64", sizeof ("plain64") - 1) == 0)
--      mode_iv = GRUB_CRYPTODISK_MODE_IV_PLAIN64;
--  else if (grub_memcmp (cipheriv, "benbi", sizeof ("benbi") - 1) == 0)
--    {
--      if (cipher->cipher->blocksize & (cipher->cipher->blocksize - 1)
--	  || cipher->cipher->blocksize == 0)
--	grub_error (GRUB_ERR_BAD_ARGUMENT, "Unsupported benbi blocksize: %d",
--		    cipher->cipher->blocksize);
--	/* FIXME should we return an error here? */
--      for (benbi_log = 0; 
--	   (cipher->cipher->blocksize << benbi_log) < GRUB_DISK_SECTOR_SIZE;
--	   benbi_log++);
--      mode_iv = GRUB_CRYPTODISK_MODE_IV_BENBI;
--    }
--  else if (grub_memcmp (cipheriv, "null", sizeof ("null") - 1) == 0)
--      mode_iv = GRUB_CRYPTODISK_MODE_IV_NULL;
--  else if (grub_memcmp (cipheriv, "essiv:", sizeof ("essiv:") - 1) == 0)
--    {
--      char *hash_str = cipheriv + 6;
--
--      mode_iv = GRUB_CRYPTODISK_MODE_IV_ESSIV;
--
--      /* Configure the hash and cipher used for ESSIV.  */
--      essiv_hash = grub_crypto_lookup_md_by_name (hash_str);
--      if (!essiv_hash)
--	{
--	  grub_crypto_cipher_close (cipher);
--	  grub_crypto_cipher_close (secondary_cipher);
--	  grub_error (GRUB_ERR_FILE_NOT_FOUND,
--		      "Couldn't load %s hash", hash_str);
--	  return NULL;
--	}
--      essiv_cipher = grub_crypto_cipher_open (ciph);
--      if (!essiv_cipher)
--	{
--	  grub_crypto_cipher_close (cipher);
--	  grub_crypto_cipher_close (secondary_cipher);
--	  return NULL;
--	}
--    }
--  else
--    {
--      grub_crypto_cipher_close (cipher);
--      grub_crypto_cipher_close (secondary_cipher);
--      grub_error (GRUB_ERR_BAD_ARGUMENT, "Unknown IV mode: %s",
--		  cipheriv);
--      return NULL;
--    }
--
--  /* Configure the hash used for the AF splitter and HMAC.  */
--  hash = grub_crypto_lookup_md_by_name (hashspec);
--  if (!hash)
--    {
--      grub_crypto_cipher_close (cipher);
--      grub_crypto_cipher_close (essiv_cipher);
--      grub_crypto_cipher_close (secondary_cipher);
--      grub_error (GRUB_ERR_FILE_NOT_FOUND, "Couldn't load %s hash",
--		  hashspec);
--      return NULL;
--    }
-+  newdev = grub_cryptodisk_create (disk, uuid, ciphername, ciphermode, hashspec);
- 
--  newdev = grub_zalloc (sizeof (struct grub_cryptodisk));
--  if (!newdev)
--    {
--      grub_crypto_cipher_close (cipher);
--      grub_crypto_cipher_close (essiv_cipher);
--      grub_crypto_cipher_close (secondary_cipher);
--      return NULL;
--    }
--  newdev->cipher = cipher;
-   newdev->offset = grub_be_to_cpu32 (header.payloadOffset);
--  newdev->source_disk = NULL;
--  newdev->benbi_log = benbi_log;
--  newdev->mode = mode;
--  newdev->mode_iv = mode_iv;
--  newdev->secondary_cipher = secondary_cipher;
--  newdev->essiv_cipher = essiv_cipher;
--  newdev->essiv_hash = essiv_hash;
--  newdev->hash = hash;
--  newdev->log_sector_size = 9;
--  newdev->total_length = grub_disk_get_size (disk) - newdev->offset;
--  grub_memcpy (newdev->uuid, uuid, sizeof (newdev->uuid));
-   newdev->modname = "luks";
--  COMPILE_TIME_ASSERT (sizeof (newdev->uuid) >= sizeof (uuid));
- 
-   return newdev;
- }
 @@ -329,7 +146,7 @@ luks_recover_key (grub_disk_t source,
    struct grub_luks_phdr header;
    grub_size_t keysize;
@@ -594,15 +366,6 @@ index 11e437edb..4ebe21b4e 100644
    grub_uint8_t *passphrase;
    grub_size_t passphrase_length;
    grub_uint8_t candidate_digest[sizeof (header.mkDigest)];
-@@ -376,7 +193,7 @@ luks_recover_key (grub_disk_t source,
-           /* Use bytestring from key file as passphrase */
-           passphrase = keyfile_bytes;
-           passphrase_length = keyfile_bytes_size;
--	  keyfile_bytes = NULL; /* use it only once */
-+          keyfile_bytes = NULL; /* use it only once */
-         }
-       else
-         {
 @@ -387,7 +204,7 @@ luks_recover_key (grub_disk_t source,
            grub_printf_ (N_("Enter passphrase for %s%s%s (%s): "), source->name,
                                source->partition ? "," : "", tmp ? : "", dev->uuid);