diff options
| author | Marcus Förster | 2015-06-08 18:57:17 +0200 |
|---|---|---|
| committer | Marcus Förster | 2015-06-08 18:57:17 +0200 |
| commit | e231475024fa1c8e3afb781af5df1bf7d99a5427 (patch) | |
| tree | c964e762f054d9c3eb13dff9fa428b9517aac30a | |
| download | aur-e231475024fa1c8e3afb781af5df1bf7d99a5427.tar.gz | |
init. 2.26.2-2
| -rw-r--r-- | .SRCINFO | 59 | ||||
| -rw-r--r-- | PKGBUILD | 123 | ||||
| -rw-r--r-- | util-linux-2.26.2.diff | 5746 | ||||
| -rw-r--r-- | util-linux-aes.install | 16 |
4 files changed, 5944 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 000000000000..c3c6a79485d3 --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,59 @@ +pkgbase = util-linux-aes + pkgdesc = Miscellaneous system utilities for Linux, with loop-AES support + pkgver = 2.26.2 + pkgrel = 2 + url = http://sourceforge.net/projects/loop-aes/ + install = util-linux-aes.install + arch = any + groups = base + license = GPL2 + makedepends = systemd + makedepends = python + makedepends = autoconf + makedepends = automake + depends = pam + depends = shadow + depends = coreutils + depends = libsystemd + depends = glibc + depends = zlib + provides = eject + provides = zramctl + provides = util-linux=2.26.2 + provides = libutil-linux=2.26.2 + provides = util-linux-ng=2.26.2 + provides = libblkid.so + provides = libfdisk.so + provides = libmount.so + provides = libsmartcols.so + provides = libuuid.so + conflicts = eject + conflicts = zramctl + conflicts = util-linux + conflicts = libutil-linux + conflicts = util-linux-ng + conflicts = util-linux-ng-aes + replaces = eject + replaces = zramctl + replaces = util-linux + replaces = libutil-linux + replaces = util-linux-ng + replaces = util-linux-ng-aes + options = strip + options = debug + options = !libtool + source = https://www.kernel.org/pub/linux/utils/util-linux/v2.26/util-linux-2.26.2.tar.xz + source = pam-common::https://projects.archlinux.org/svntogit/packages.git/plain/trunk/pam-common?h=packages/util-linux + source = pam-login::https://projects.archlinux.org/svntogit/packages.git/plain/trunk/pam-login?h=packages/util-linux + source = pam-su::https://projects.archlinux.org/svntogit/packages.git/plain/trunk/pam-su?h=packages/util-linux + source = uuidd.tmpfiles::https://projects.archlinux.org/svntogit/packages.git/plain/trunk/uuidd.tmpfiles?h=packages/util-linux + source = util-linux-2.26.2.diff + md5sums = 9bdf368c395f1b70325d0eb22c7f48fb + md5sums = a31374fef2cba0ca34dfc7078e2969e4 + md5sums = 4368b3f98abd8a32662e094c54e7f9b1 + md5sums = fa85e5cce5d723275b14365ba71a8aad + md5sums = a39554bfd65cccfd8254bb46922f4a67 + md5sums = 430bd16a629e44d33ffe299f993e8a2c + +pkgname = util-linux-aes + diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 000000000000..fa44e0467b3d --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,123 @@ +# Maintainer: xerc <aur[at]xerc.de> +# Contributor: judd <jvinet[at]zeroflux.org> +# Contributor: milomouse <vincent[at]fea.st> +# Contributor: falconindy <d[at]falconindy.com> + +_basename=util-linux +pkgname=${_basename}-aes +_basever=2.26 +pkgver=${_basever}.2 +pkgrel=2 +aneurysma=${pkgver} + +pkgdesc="Miscellaneous system utilities for Linux, with loop-AES support" +url="http://sourceforge.net/projects/loop-aes/" + +license=('GPL2') +arch=('any') +groups=('base') + +options=('strip' 'debug' '!libtool') +depends=('pam' 'shadow' 'coreutils' 'libsystemd' 'glibc' 'zlib') + +provides=('eject' 'zramctl' "${_basename}=${pkgver}" "lib${_basename}=${pkgver}" "${_basename}-ng=${pkgver}" 'libblkid.so' 'libfdisk.so' 'libmount.so' 'libsmartcols.so' 'libuuid.so') +replaces=('eject' 'zramctl' "${_basename}" "lib${_basename}" "${_basename}-ng" "${_basename}-ng-aes") +conflicts=(${replaces[*]}) + +install=${pkgname}.install +makedepends=('systemd' 'python' 'autoconf' 'automake') + +# ToChk +# autopoint: /usr/bin/autopoint (GNU gettext-tools) 0.18.3 +# aclocal: aclocal (GNU automake) 1.14.1 +# autoconf: autoconf (GNU Autoconf) 2.69 +# autoheader: autoheader (GNU Autoconf) 2.69 +# automake: automake (GNU automake) 1.14.1 +# libtoolize: libtoolize (GNU libtool) 2.4.2 + +#validpgpkeys=('B0C64D14301CC6EFAEDF60E4E4B71D5EEC39C284') # Karel Zak +#source=("https://www.kernel.org/pub/linux/utils/${_basename}/v${_basever}/${_basename}-${pkgver}.tar."{xz,sign} + +source=("https://www.kernel.org/pub/linux/utils/${_basename}/v${_basever}/${_basename}-${pkgver}.tar.xz" + pam-common::"https://projects.archlinux.org/svntogit/packages.git/plain/trunk/pam-common?h=packages/${_basename}" + pam-login::"https://projects.archlinux.org/svntogit/packages.git/plain/trunk/pam-login?h=packages/${_basename}" + pam-su::"https://projects.archlinux.org/svntogit/packages.git/plain/trunk/pam-su?h=packages/${_basename}" + uuidd.tmpfiles::"https://projects.archlinux.org/svntogit/packages.git/plain/trunk/uuidd.tmpfiles?h=packages/${_basename}" +# http://loop-aes.sourceforge.net/updates/${_basename}-${aneurysma}.diff.bz2 + ${_basename}-${aneurysma}.diff +) + +build() { + cd "${srcdir}/${_basename}-${pkgver}" + + msg "Patching with loop-AES" + patch -Np1 -i "${srcdir}/${_basename}-${aneurysma}.diff" + + msg "Starting autogen" + ./autogen.sh + + msg "Starting configure" + ./configure \ + --prefix=/usr \ + --libdir=/usr/lib \ + --bindir=/usr/bin \ + --localstatedir=/run \ + --enable-fs-paths-extra=/usr/bin \ + --enable-raw \ + --enable-vipw \ + --enable-newgrp \ + --enable-chfn-chsh \ + --enable-write \ + --enable-mesg \ + --enable-partx \ + --enable-libmount-force-mountinfo \ + --with-python=3 + + msg "Starting make" + make +} + +package() { + cd "${srcdir}/${_basename}-${pkgver}" + + make DESTDIR="$pkgdir" install + + cd "${pkgdir}" + + # enable modules + cat > "${srcdir}/${pkgname}.modules" <<EOF +loop +aes-i586 +cryptoloop +EOF + + [ -d /etc/modules-load.d ] && install -Dm644 "${srcdir}/${pkgname}.modules" "${pkgdir}/etc/modules-load.d/${pkgname}.conf" + + # setuid chfn and chsh + chmod 4755 "${pkgdir}"/usr/bin/{newgrp,ch{sh,fn}} + + # install PAM files for login-utils + install -Dm644 "${srcdir}/pam-common" "${pkgdir}/etc/pam.d/chfn" + install -m644 "${srcdir}/pam-common" "${pkgdir}/etc/pam.d/chsh" + install -m644 "${srcdir}/pam-login" "${pkgdir}/etc/pam.d/login" + install -m644 "${srcdir}/pam-su" "${pkgdir}/etc/pam.d/su" + install -m644 "${srcdir}/pam-su" "${pkgdir}/etc/pam.d/su-l" + + # include tmpfiles fragment for uuidd + # TODO(dreisner): offer this upstream? + install -Dm644 "${srcdir}/uuidd.tmpfiles" "${pkgdir}/usr/lib/tmpfiles.d/uuidd.conf" + + # usrmove + cd "${pkgdir}" + mv {,usr/}sbin/* usr/bin + rmdir sbin usr/sbin + + # DO NOT create libutil-linux split : The AUR does not support split packages! +} + +md5sums=('9bdf368c395f1b70325d0eb22c7f48fb' + 'a31374fef2cba0ca34dfc7078e2969e4' + '4368b3f98abd8a32662e094c54e7f9b1' + 'fa85e5cce5d723275b14365ba71a8aad' + 'a39554bfd65cccfd8254bb46922f4a67' + '430bd16a629e44d33ffe299f993e8a2c') diff --git a/util-linux-2.26.2.diff b/util-linux-2.26.2.diff new file mode 100644 index 000000000000..b37b332c10b7 --- /dev/null +++ b/util-linux-2.26.2.diff @@ -0,0 +1,5746 @@ +If this patch does not apply cleanly to newer version of util-linux, try +replacing original sys-utils/losetup.8 with version from util-linux that the +patch is for. And then apply this patch. + +To compile this software, you need recent versions of autohell tools +(autopoint aclocal autoconf autoheader automake libtoolize). + +Loop device setup and tear down bits are in included libmount library. This +patch does not break libmount ABI or version numbering. This version of +libmount library can be installed as system library. mount, umount, swapon, +and swapoff programs require libmount library. losetup does not require +libmount library. If you are uncomfortable replacing system libraries (due +to library version dependency problems that it may cause), you can compile +and link supplied programs so that included libraries are statically linked +to programs, like this: + + ./autogen.sh + CFLAGS="-O2 -Wall" ./configure --disable-shared --enable-static --disable-pylibmount + make + + +diff -urN util-linux-2.26.2/include/Makemodule.am util-linux-2.26.2-AES/include/Makemodule.am +--- util-linux-2.26.2/include/Makemodule.am 2015-04-29 13:11:51.000000000 +0300 ++++ util-linux-2.26.2-AES/include/Makemodule.am 2015-05-23 13:08:09.000000000 +0300 +@@ -49,6 +49,7 @@ + include/ttyutils.h \ + include/widechar.h \ + include/xalloc.h \ ++ include/xgetpass.h \ + include/pt-sgi.h \ + include/pt-bsd.h \ + include/pt-mbr.h \ +diff -urN util-linux-2.26.2/include/xgetpass.h util-linux-2.26.2-AES/include/xgetpass.h +--- util-linux-2.26.2/include/xgetpass.h 1970-01-01 02:00:00.000000000 +0200 ++++ util-linux-2.26.2-AES/include/xgetpass.h 2015-05-23 13:08:09.000000000 +0300 +@@ -0,0 +1,6 @@ ++#ifndef UTIL_LINUX_XGETPASS_H ++#define UTIL_LINUX_XGETPASS_H ++ ++extern char *xgetpass(int pfd, const char *prompt); ++ ++#endif /* UTIL_LINUX_XGETPASS_H */ +diff -urN util-linux-2.26.2/lib/Makemodule.am util-linux-2.26.2-AES/lib/Makemodule.am +--- util-linux-2.26.2/lib/Makemodule.am 2015-04-29 13:11:51.000000000 +0300 ++++ util-linux-2.26.2-AES/lib/Makemodule.am 2015-05-23 13:08:09.000000000 +0300 +@@ -24,6 +24,7 @@ + lib/sysfs.c \ + lib/timeutils.c \ + lib/ttyutils.c \ ++ lib/xgetpass.c \ + lib/exec_shell.c \ + lib/readutmp.c + +diff -urN util-linux-2.26.2/lib/xgetpass.c util-linux-2.26.2-AES/lib/xgetpass.c +--- util-linux-2.26.2/lib/xgetpass.c 1970-01-01 02:00:00.000000000 +0200 ++++ util-linux-2.26.2-AES/lib/xgetpass.c 2015-05-23 13:08:09.000000000 +0300 +@@ -0,0 +1,64 @@ ++/* ++ * A function to read the passphrase either from the terminal or from ++ * an open file descriptor. ++ * ++ * Public domain. ++ */ ++ ++#include <stdio.h> ++#include <string.h> ++#include <stdlib.h> ++#include <unistd.h> ++#include <sys/ioctl.h> ++#include <sys/stat.h> ++ ++#include "c.h" ++#include "xgetpass.h" ++ ++char *xgetpass(int pfd, const char *prompt) ++{ ++ char *p = NULL, *n; ++ int x = 0, y = 0; ++ ++ if (pfd < 0) { ++ /* read from terminal */ ++ p = getpass(prompt); ++ if(!p) return NULL; ++ /* caller insists on free()ing this pointer, so make sure it is such */ ++ n = strdup(p); ++ y = strlen(p); ++ if(y) memset(p, 0, y); /* erase original */ ++ /* return a free()able copy, or 0 if strdup() failed */ ++ return n; ++ } ++ ++ do { ++ if(y >= (x - 1)) { ++ x += 128; ++ /* Must enforce some max limit here -- this code */ ++ /* runs as part of mount, and mount is setuid root */ ++ /* and has used mlockall(MCL_CURRENT | MCL_FUTURE) */ ++ if(x > (4*1024)) { ++ error_out: ++ if(p) { ++ memset(p, 0, y); ++ free(p); ++ } ++ return NULL; ++ } ++ n = malloc(x); ++ if(!n) goto error_out; ++ if(p) { ++ memcpy(n, p, y); ++ memset(p, 0, y); ++ free(p); ++ } ++ p = n; ++ } ++ if(read(pfd, p + y, 1) != 1) break; ++ if((p[y] == '\n') || !p[y]) break; ++ y++; ++ } while(1); ++ if(p) p[y] = 0; ++ return p; ++} +diff -urN util-linux-2.26.2/libmount/src/Makemodule.am util-linux-2.26.2-AES/libmount/src/Makemodule.am +--- util-linux-2.26.2/libmount/src/Makemodule.am 2015-04-29 13:11:51.000000000 +0300 ++++ util-linux-2.26.2-AES/libmount/src/Makemodule.am 2015-05-23 13:08:09.000000000 +0300 +@@ -28,7 +28,10 @@ + if LINUX + libmount_la_SOURCES += \ + libmount/src/context.c \ +- libmount/src/context_loopdev.c \ ++ libmount/src/context_loopdev1.c \ ++ libmount/src/sha512.c \ ++ libmount/src/rmd160.c \ ++ libmount/src/aes.c \ + libmount/src/context_mount.c \ + libmount/src/context_umount.c \ + libmount/src/monitor.c +diff -urN util-linux-2.26.2/libmount/src/aes.c util-linux-2.26.2-AES/libmount/src/aes.c +--- util-linux-2.26.2/libmount/src/aes.c 1970-01-01 02:00:00.000000000 +0200 ++++ util-linux-2.26.2-AES/libmount/src/aes.c 2015-05-23 13:08:09.000000000 +0300 +@@ -0,0 +1,299 @@ ++// I retain copyright in this code but I encourage its free use provided ++// that I don't carry any responsibility for the results. I am especially ++// happy to see it used in free and open source software. If you do use ++// it I would appreciate an acknowledgement of its origin in the code or ++// the product that results and I would also appreciate knowing a little ++// about the use to which it is being put. I am grateful to Frank Yellin ++// for some ideas that are used in this implementation. ++// ++// Dr B. R. Gladman <brg@gladman.uk.net> 6th April 2001. ++// ++// This is an implementation of the AES encryption algorithm (Rijndael) ++// designed by Joan Daemen and Vincent Rijmen. This version is designed ++// to provide both fixed and dynamic block and key lengths and can also ++// run with either big or little endian internal byte order (see aes.h). ++// It inputs block and key lengths in bytes with the legal values being ++// 16, 24 and 32. ++ ++/* ++ * Modified by Jari Ruusu, May 1 2001 ++ * - Fixed some compile warnings, code was ok but gcc warned anyway. ++ * - Changed basic types: byte -> unsigned char, word -> u_int32_t ++ * - Major name space cleanup: Names visible to outside now begin ++ * with "aes_" or "AES_". A lot of stuff moved from aes.h to aes.c ++ * - Removed C++ and DLL support as part of name space cleanup. ++ * - Eliminated unnecessary recomputation of tables. (actual bug fix) ++ * - Merged precomputed constant tables to aes.c file. ++ * - Removed data alignment restrictions for portability reasons. ++ * - Made block and key lengths accept bit count (128/192/256) ++ * as well byte count (16/24/32). ++ * - Removed all error checks. This change also eliminated the need ++ * to preinitialize the context struct to zero. ++ * - Removed some totally unused constants. ++ */ ++ ++/* ++ * Modified by Jari Ruusu, June 9 2003 ++ * - Removed all code not necessary for small size ++ * optimized encryption using 256 bit keys. ++ */ ++ ++#include "aes.h" ++ ++#if AES_BLOCK_SIZE != 16 ++#error an illegal block size has been specified ++#endif ++ ++// upr(x,n): rotates bytes within words by n positions, moving bytes ++// to higher index positions with wrap around into low positions ++// bval(x,n): extracts a byte from a word ++ ++#define upr(x,n) (((x) << 8 * (n)) | ((x) >> (32 - 8 * (n)))) ++#define bval(x,n) ((unsigned char)((x) >> 8 * (n))) ++#define bytes2word(b0, b1, b2, b3) \ ++ ((u_int32_t)(b3) << 24 | (u_int32_t)(b2) << 16 | (u_int32_t)(b1) << 8 | (b0)) ++ ++#if defined(i386) || defined(_I386) || defined(__i386__) || defined(__i386) ++/* little endian processor without data alignment restrictions */ ++#define word_in(x) *(u_int32_t*)(x) ++#define word_out(x,v) *(u_int32_t*)(x) = (v) ++#else ++/* slower but generic big endian or with data alignment restrictions */ ++#define word_in(x) ((u_int32_t)(((unsigned char *)(x))[0])|((u_int32_t)(((unsigned char *)(x))[1])<<8)|((u_int32_t)(((unsigned char *)(x))[2])<<16)|((u_int32_t)(((unsigned char *)(x))[3])<<24)) ++#define word_out(x,v) ((unsigned char *)(x))[0]=(v),((unsigned char *)(x))[1]=((v)>>8),((unsigned char *)(x))[2]=((v)>>16),((unsigned char *)(x))[3]=((v)>>24) ++#endif ++ ++// the finite field modular polynomial and elements ++ ++#define ff_poly 0x011b ++#define ff_hi 0x80 ++ ++static int tab_gen = 0; ++static unsigned char s_box[256]; // the S box ++static u_int32_t rcon_tab[AES_RC_LENGTH]; // table of round constants ++static u_int32_t ft_tab[4][256]; ++static u_int32_t fl_tab[4][256]; ++ ++// Generate the tables for the dynamic table option ++ ++// It will generally be sensible to use tables to compute finite ++// field multiplies and inverses but where memory is scarse this ++// code might sometimes be better. ++ ++// return 2 ^ (n - 1) where n is the bit number of the highest bit ++// set in x with x in the range 1 < x < 0x00000200. This form is ++// used so that locals within FFinv can be bytes rather than words ++ ++static unsigned char hibit(const u_int32_t x) ++{ unsigned char r = (unsigned char)((x >> 1) | (x >> 2)); ++ ++ r |= (r >> 2); ++ r |= (r >> 4); ++ return (r + 1) >> 1; ++} ++ ++// return the inverse of the finite field element x ++ ++static unsigned char FFinv(const unsigned char x) ++{ unsigned char p1 = x, p2 = 0x1b, n1 = hibit(x), n2 = 0x80, v1 = 1, v2 = 0; ++ ++ if(x < 2) return x; ++ ++ for(;;) ++ { ++ if(!n1) return v1; ++ ++ while(n2 >= n1) ++ { ++ n2 /= n1; p2 ^= p1 * n2; v2 ^= v1 * n2; n2 = hibit(p2); ++ } ++ ++ if(!n2) return v2; ++ ++ while(n1 >= n2) ++ { ++ n1 /= n2; p1 ^= p2 * n1; v1 ^= v2 * n1; n1 = hibit(p1); ++ } ++ } ++} ++ ++// define the finite field multiplies required for Rijndael ++ ++#define FFmul02(x) ((((x) & 0x7f) << 1) ^ ((x) & 0x80 ? 0x1b : 0)) ++#define FFmul03(x) ((x) ^ FFmul02(x)) ++ ++// The forward and inverse affine transformations used in the S-box ++ ++#define fwd_affine(x) \ ++ (w = (u_int32_t)x, w ^= (w<<1)^(w<<2)^(w<<3)^(w<<4), 0x63^(unsigned char)(w^(w>>8))) ++ ++static void gen_tabs(void) ++{ u_int32_t i, w; ++ ++ for(i = 0, w = 1; i < AES_RC_LENGTH; ++i) ++ { ++ rcon_tab[i] = bytes2word(w, 0, 0, 0); ++ w = (w << 1) ^ (w & ff_hi ? ff_poly : 0); ++ } ++ ++ for(i = 0; i < 256; ++i) ++ { unsigned char b; ++ ++ s_box[i] = b = fwd_affine(FFinv((unsigned char)i)); ++ ++ w = bytes2word(b, 0, 0, 0); ++ fl_tab[0][i] = w; ++ fl_tab[1][i] = upr(w,1); ++ fl_tab[2][i] = upr(w,2); ++ fl_tab[3][i] = upr(w,3); ++ w = bytes2word(FFmul02(b), b, b, FFmul03(b)); ++ ft_tab[0][i] = w; ++ ft_tab[1][i] = upr(w,1); ++ ft_tab[2][i] = upr(w,2); ++ ft_tab[3][i] = upr(w,3); ++ } ++} ++ ++#define four_tables(x,tab,vf,rf,c) \ ++ ( tab[0][bval(vf(x,0,c),rf(0,c))] \ ++ ^ tab[1][bval(vf(x,1,c),rf(1,c))] \ ++ ^ tab[2][bval(vf(x,2,c),rf(2,c))] \ ++ ^ tab[3][bval(vf(x,3,c),rf(3,c))]) ++ ++#define vf1(x,r,c) (x) ++#define rf1(r,c) (r) ++#define rf2(r,c) ((r-c)&3) ++ ++#define ls_box(x,c) four_tables(x,fl_tab,vf1,rf2,c) ++ ++#define nc (AES_BLOCK_SIZE / 4) ++ ++// Initialise the key schedule from the user supplied key. ++// The key length is now specified in bytes, 32. ++// This corresponds to bit length of 256 bits, and ++// to Nk value of 8 respectively. ++ ++void __loDev_aes_set_key(aes_context *cx, const unsigned char in_key[], int n_bytes, const int f) ++{ u_int32_t *kf, *kt, rci; ++ ++ if(!tab_gen) { gen_tabs(); tab_gen = 1; } ++ ++ cx->aes_Nkey = 8; ++ cx->aes_Nrnd = (cx->aes_Nkey > nc ? cx->aes_Nkey : nc) + 6; ++ ++ cx->aes_e_key[0] = word_in(in_key ); ++ cx->aes_e_key[1] = word_in(in_key + 4); ++ cx->aes_e_key[2] = word_in(in_key + 8); ++ cx->aes_e_key[3] = word_in(in_key + 12); ++ ++ kf = cx->aes_e_key; ++ kt = kf + nc * (cx->aes_Nrnd + 1) - cx->aes_Nkey; ++ rci = 0; ++ ++ switch(cx->aes_Nkey) ++ { ++ case 8: cx->aes_e_key[4] = word_in(in_key + 16); ++ cx->aes_e_key[5] = word_in(in_key + 20); ++ cx->aes_e_key[6] = word_in(in_key + 24); ++ cx->aes_e_key[7] = word_in(in_key + 28); ++ do ++ { kf[ 8] = kf[0] ^ ls_box(kf[7],3) ^ rcon_tab[rci++]; ++ kf[ 9] = kf[1] ^ kf[ 8]; ++ kf[10] = kf[2] ^ kf[ 9]; ++ kf[11] = kf[3] ^ kf[10]; ++ kf[12] = kf[4] ^ ls_box(kf[11],0); ++ kf[13] = kf[5] ^ kf[12]; ++ kf[14] = kf[6] ^ kf[13]; ++ kf[15] = kf[7] ^ kf[14]; ++ kf += 8; ++ } ++ while (kf < kt); ++ break; ++ } ++} ++ ++// y = output word, x = input word, r = row, c = column ++// for r = 0, 1, 2 and 3 = column accessed for row r ++ ++#define s(x,c) x[c] ++ ++// I am grateful to Frank Yellin for the following constructions ++// which, given the column (c) of the output state variable that ++// is being computed, return the input state variables which are ++// needed for each row (r) of the state ++ ++// For the fixed block size options, compilers reduce these two ++// expressions to fixed variable references. For variable block ++// size code conditional clauses will sometimes be returned ++ ++#define fwd_var(x,r,c) \ ++ ( r==0 ? \ ++ ( c==0 ? s(x,0) \ ++ : c==1 ? s(x,1) \ ++ : c==2 ? s(x,2) \ ++ : c==3 ? s(x,3) \ ++ : c==4 ? s(x,4) \ ++ : c==5 ? s(x,5) \ ++ : c==6 ? s(x,6) \ ++ : s(x,7)) \ ++ : r==1 ? \ ++ ( c==0 ? s(x,1) \ ++ : c==1 ? s(x,2) \ ++ : c==2 ? s(x,3) \ ++ : c==3 ? nc==4 ? s(x,0) : s(x,4) \ ++ : c==4 ? s(x,5) \ ++ : c==5 ? nc==8 ? s(x,6) : s(x,0) \ ++ : c==6 ? s(x,7) \ ++ : s(x,0)) \ ++ : r==2 ? \ ++ ( c==0 ? nc==8 ? s(x,3) : s(x,2) \ ++ : c==1 ? nc==8 ? s(x,4) : s(x,3) \ ++ : c==2 ? nc==4 ? s(x,0) : nc==8 ? s(x,5) : s(x,4) \ ++ : c==3 ? nc==4 ? s(x,1) : nc==8 ? s(x,6) : s(x,5) \ ++ : c==4 ? nc==8 ? s(x,7) : s(x,0) \ ++ : c==5 ? nc==8 ? s(x,0) : s(x,1) \ ++ : c==6 ? s(x,1) \ ++ : s(x,2)) \ ++ : \ ++ ( c==0 ? nc==8 ? s(x,4) : s(x,3) \ ++ : c==1 ? nc==4 ? s(x,0) : nc==8 ? s(x,5) : s(x,4) \ ++ : c==2 ? nc==4 ? s(x,1) : nc==8 ? s(x,6) : s(x,5) \ ++ : c==3 ? nc==4 ? s(x,2) : nc==8 ? s(x,7) : s(x,0) \ ++ : c==4 ? nc==8 ? s(x,0) : s(x,1) \ ++ : c==5 ? nc==8 ? s(x,1) : s(x,2) \ ++ : c==6 ? s(x,2) \ ++ : s(x,3))) ++ ++#define si(y,x,k,c) s(y,c) = word_in(x + 4 * c) ^ k[c] ++#define so(y,x,c) word_out(y + 4 * c, s(x,c)) ++ ++#define fwd_rnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,ft_tab,fwd_var,rf1,c) ++#define fwd_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,fl_tab,fwd_var,rf1,c) ++ ++#define locals(y,x) x[4],y[4] ++ ++#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \ ++ s(y,2) = s(x,2); s(y,3) = s(x,3); ++#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3) ++#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3) ++#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3) ++ ++void __loDev_aes_encrypt(const aes_context *cx, const unsigned char in_blk[], unsigned char out_blk[]) ++{ u_int32_t locals(b0, b1); ++ const u_int32_t *kp = cx->aes_e_key; ++ ++ state_in(b0, in_blk, kp); kp += nc; ++ ++ { u_int32_t rnd; ++ ++ for(rnd = 0; rnd < cx->aes_Nrnd - 1; ++rnd) ++ { ++ round(fwd_rnd, b1, b0, kp); ++ l_copy(b0, b1); kp += nc; ++ } ++ ++ round(fwd_lrnd, b0, b1, kp); ++ } ++ ++ state_out(out_blk, b0); ++} +diff -urN util-linux-2.26.2/libmount/src/aes.h util-linux-2.26.2-AES/libmount/src/aes.h +--- util-linux-2.26.2/libmount/src/aes.h 1970-01-01 02:00:00.000000000 +0200 ++++ util-linux-2.26.2-AES/libmount/src/aes.h 2015-05-23 13:08:09.000000000 +0300 +@@ -0,0 +1,97 @@ ++// I retain copyright in this code but I encourage its free use provided ++// that I don't carry any responsibility for the results. I am especially ++// happy to see it used in free and open source software. If you do use ++// it I would appreciate an acknowledgement of its origin in the code or ++// the product that results and I would also appreciate knowing a little ++// about the use to which it is being put. I am grateful to Frank Yellin ++// for some ideas that are used in this implementation. ++// ++// Dr B. R. Gladman <brg@gladman.uk.net> 6th April 2001. ++// ++// This is an implementation of the AES encryption algorithm (Rijndael) ++// designed by Joan Daemen and Vincent Rijmen. This version is designed ++// to provide both fixed and dynamic block and key lengths and can also ++// run with either big or little endian internal byte order (see aes.h). ++// It inputs block and key lengths in bytes with the legal values being ++// 16, 24 and 32. ++ ++/* ++ * Modified by Jari Ruusu, May 1 2001 ++ * - Fixed some compile warnings, code was ok but gcc warned anyway. ++ * - Changed basic types: byte -> unsigned char, word -> u_int32_t ++ * - Major name space cleanup: Names visible to outside now begin ++ * with "aes_" or "AES_". A lot of stuff moved from aes.h to aes.c ++ * - Removed C++ and DLL support as part of name space cleanup. ++ * - Eliminated unnecessary recomputation of tables. (actual bug fix) ++ * - Merged precomputed constant tables to aes.c file. ++ * - Removed data alignment restrictions for portability reasons. ++ * - Made block and key lengths accept bit count (128/192/256) ++ * as well byte count (16/24/32). ++ * - Removed all error checks. This change also eliminated the need ++ * to preinitialize the context struct to zero. ++ * - Removed some totally unused constants. ++ */ ++ ++#ifndef _AES_H ++#define _AES_H ++ ++#if defined(__linux__) && defined(__KERNEL__) ++# include <linux/types.h> ++#else ++# include <sys/types.h> ++#endif ++ ++// CONFIGURATION OPTIONS (see also aes.c) ++// ++// Define AES_BLOCK_SIZE to set the cipher block size (16, 24 or 32) or ++// leave this undefined for dynamically variable block size (this will ++// result in much slower code). ++// IMPORTANT NOTE: AES_BLOCK_SIZE is in BYTES (16, 24, 32 or undefined). If ++// left undefined a slower version providing variable block length is compiled ++ ++#define AES_BLOCK_SIZE 16 ++ ++// The number of key schedule words for different block and key lengths ++// allowing for method of computation which requires the length to be a ++// multiple of the key length ++// ++// Nk = 4 6 8 ++// ------------- ++// Nb = 4 | 60 60 64 ++// 6 | 96 90 96 ++// 8 | 120 120 120 ++ ++#if !defined(AES_BLOCK_SIZE) || (AES_BLOCK_SIZE == 32) ++#define AES_KS_LENGTH 120 ++#define AES_RC_LENGTH 29 ++#else ++#define AES_KS_LENGTH 4 * AES_BLOCK_SIZE ++#define AES_RC_LENGTH (9 * AES_BLOCK_SIZE) / 8 - 8 ++#endif ++ ++typedef struct ++{ ++ u_int32_t aes_Nkey; // the number of words in the key input block ++ u_int32_t aes_Nrnd; // the number of cipher rounds ++ u_int32_t aes_e_key[AES_KS_LENGTH]; // the encryption key schedule ++ u_int32_t aes_d_key[AES_KS_LENGTH]; // the decryption key schedule ++#if !defined(AES_BLOCK_SIZE) ++ u_int32_t aes_Ncol; // the number of columns in the cipher state ++#endif ++} aes_context; ++ ++// THE CIPHER INTERFACE ++ ++#if !defined(AES_BLOCK_SIZE) ++extern void aes_set_blk(aes_context *, const int); ++#endif ++extern void __loDev_aes_set_key(aes_context *, const unsigned char [], const int, const int); ++extern void __loDev_aes_encrypt(const aes_context *, const unsigned char [], unsigned char []); ++extern void __loDev_aes_decrypt(const aes_context *, const unsigned char [], unsigned char []); ++ ++// The block length inputs to aes_set_block and aes_set_key are in numbers ++// of bytes or bits. The calls to subroutines must be made in the above ++// order but multiple calls can be made without repeating earlier calls ++// if their parameters have not changed. ++ ++#endif // _AES_H +diff -urN util-linux-2.26.2/libmount/src/context.c util-linux-2.26.2-AES/libmount/src/context.c +--- util-linux-2.26.2/libmount/src/context.c 2015-04-29 10:52:21.000000000 +0300 ++++ util-linux-2.26.2-AES/libmount/src/context.c 2015-05-23 13:08:09.000000000 +0300 +@@ -88,7 +88,6 @@ + mnt_unref_table(cxt->fstab); + mnt_unref_cache(cxt->cache); + +- mnt_context_clear_loopdev(cxt); + mnt_free_lock(cxt->lock); + mnt_free_update(cxt->update); + +@@ -128,6 +127,8 @@ + DBG(CXT, ul_debugobj(cxt, "<---- reset [status=%d] ---->", + mnt_context_get_status(cxt))); + ++ mnt_context_clear_loopdev(cxt); /* this _has_ to be called before cxt->fs gets freed */ ++ + fl = cxt->flags; + + mnt_unref_fs(cxt->fs); +diff -urN util-linux-2.26.2/libmount/src/context_loopdev1.c util-linux-2.26.2-AES/libmount/src/context_loopdev1.c +--- util-linux-2.26.2/libmount/src/context_loopdev1.c 1970-01-01 02:00:00.000000000 +0200 ++++ util-linux-2.26.2-AES/libmount/src/context_loopdev1.c 2015-05-23 13:08:09.000000000 +0300 +@@ -0,0 +1,1524 @@ ++/* ++ * Copyright (C) 2011 Karel Zak <kzak@redhat.com> ++ * ++ * This file may be redistributed under the terms of the ++ * GNU Lesser General Public License. ++ */ ++ ++/* (c) 2001-2012 Jari Ruusu */ ++ ++#include <blkid.h> ++#include <sys/ioctl.h> ++#include <errno.h> ++#include <string.h> ++#include <strings.h> ++#include <stdlib.h> ++#include <stdio.h> ++#include <sys/types.h> ++#include <sys/stat.h> ++#include <unistd.h> ++#include <pwd.h> ++#include <fcntl.h> ++#include <signal.h> ++#include <sys/wait.h> ++#include <sys/time.h> ++#include <ctype.h> ++ ++#include "mountP.h" ++#include "linux_version.h" ++ ++#include <linux/version.h> ++#include <linux/posix_types.h> ++ ++#include "sha512.h" ++#include "rmd160.h" ++#include "aes.h" ++ ++ ++#define LO_CRYPT_NONE 0 ++#define LO_CRYPT_XOR 1 ++#define LO_CRYPT_DES 2 ++#define LO_CRYPT_CRYPTOAPI 18 ++ ++#define LOOP_SET_FD 0x4C00 ++#define LOOP_CLR_FD 0x4C01 ++#define LOOP_SET_STATUS 0x4C02 ++#define LOOP_GET_STATUS 0x4C03 ++#define LOOP_SET_STATUS64 0x4C04 ++#define LOOP_GET_STATUS64 0x4C05 ++#define LOOP_MULTI_KEY_SETUP 0x4C4D ++#define LOOP_MULTI_KEY_SETUP_V3 0x4C4E ++#define LOOP_RECOMPUTE_DEV_SIZE 0x4C52 ++ ++#define LO_NAME_SIZE 64 ++#define LO_KEY_SIZE 32 ++ ++struct loop_info { ++ int lo_number; ++#if LINUX_VERSION_CODE >= 0x20600 ++ __kernel_old_dev_t lo_device; ++#else ++ __kernel_dev_t lo_device; ++#endif ++ unsigned long lo_inode; ++#if LINUX_VERSION_CODE >= 0x20600 ++ __kernel_old_dev_t lo_rdevice; ++#else ++ __kernel_dev_t lo_rdevice; ++#endif ++ int lo_offset; ++ int lo_encrypt_type; ++ int lo_encrypt_key_size; ++ int lo_flags; ++ char lo_name[LO_NAME_SIZE]; ++ unsigned char lo_encrypt_key[LO_KEY_SIZE]; ++ unsigned long lo_init[2]; ++ char reserved[4]; ++}; ++ ++struct loop_info64 { ++ u_int64_t lo_device; /* ioctl r/o */ ++ u_int64_t lo_inode; /* ioctl r/o */ ++ u_int64_t lo_rdevice; /* ioctl r/o */ ++ u_int64_t lo_offset; /* bytes */ ++ u_int64_t lo_sizelimit; /* bytes, 0 == max available */ ++ u_int32_t lo_number; /* ioctl r/o */ ++ u_int32_t lo_encrypt_type; ++ u_int32_t lo_encrypt_key_size; /* ioctl w/o */ ++ u_int32_t lo_flags; /* ioctl r/o */ ++ unsigned char lo_file_name[LO_NAME_SIZE]; ++ unsigned char lo_crypt_name[LO_NAME_SIZE]; ++ unsigned char lo_encrypt_key[LO_KEY_SIZE]; /* ioctl w/o */ ++ u_int64_t lo_init[2]; ++}; ++ ++#if !defined(LOOP_PASSWORD_MIN_LENGTH) ++# define LOOP_PASSWORD_MIN_LENGTH 20 ++#endif ++ ++typedef struct { ++ char *multiKeyPass[66]; ++ int multiKeyMode; ++ char *loopFileName; ++ char *pass_cb_string; ++ char *extraPtrToFree; ++ ++ char *loopDevName; ++ char *loopOffsetBytes; ++ char *loopSizeBytes; ++ char *loopEncryptionType; ++ char *passSeedString; ++ char *passHashFuncName; ++ char *passIterThousands; ++ char *loInitValue; ++ char *gpgKeyFile; ++ char *gpgHomeDir; ++ char *clearTextKeyFile; ++} loDev_passInfo; ++ ++ ++ ++static int loDev_rd_wr_retry(int fd, char *buf, int cnt, int w) ++{ ++ int x, y, z; ++ ++ x = 0; ++ while(x < cnt) { ++ y = cnt - x; ++ if(w) { ++ z = write(fd, buf + x, y); ++ } else { ++ z = read(fd, buf + x, y); ++ if (!z) return x; ++ } ++ if(z < 0) { ++ if ((errno == EAGAIN) || (errno == ENOMEM) || (errno == ERESTART) || (errno == EINTR)) { ++ continue; ++ } ++ return x; ++ } ++ x += z; ++ } ++ return x; ++} ++ ++static char *loDev_get_FD_pass(int fd) ++{ ++ char *p = NULL, *n; ++ int x = 0, y = 0; ++ ++ do { ++ if(y >= (x - 1)) { ++ x += 128; ++ /* Must enforce some max limit here -- this code */ ++ /* runs as part of mount, and mount is setuid root */ ++ /* and has used mlockall(MCL_CURRENT | MCL_FUTURE) */ ++ if(x > (4*1024)) { ++ error_out: ++ if(p) { ++ memset(p, 0, y); ++ free(p); ++ } ++ return NULL; ++ } ++ n = malloc(x); ++ if(!n) goto error_out; ++ if(p) { ++ memcpy(n, p, y); ++ memset(p, 0, y); ++ free(p); ++ } ++ p = n; ++ } ++ if(loDev_rd_wr_retry(fd, p + y, 1, 0) != 1) break; ++ if((p[y] == '\n') || !p[y]) break; ++ y++; ++ } while(1); ++ if(p) p[y] = 0; ++ return p; ++} ++ ++static unsigned long long loDev_mystrtoull(char *s, int acceptAT) ++{ ++ unsigned long long v = 0; ++ int negative = 0; ++ ++ while ((*s == ' ') || (*s == '\t')) ++ s++; ++ if (acceptAT && (*s == '@')) { ++ s++; ++ negative = 1; ++ } ++ if (*s == '0') { ++ s++; ++ if ((*s == 'x') || (*s == 'X')) { ++ s++; ++ sscanf(s, "%llx", &v); ++ } else { ++ sscanf(s, "%llo", &v); ++ } ++ } else { ++ sscanf(s, "%llu", &v); ++ } ++ return negative ? -v : v; ++} ++ ++static void loDev_warnAboutBadKeyData(struct libmnt_context *cxt, int x) ++{ ++ if((x > 1) && (x != 64) && (x != 65)) { ++ DBG(CXT, ul_debugobj(cxt, "Warning: Unknown key data format - using it anyway")); ++ } ++} ++ ++ ++static int loDev_are_these_files_same(const char *name1, const char *name2) ++{ ++ struct stat statbuf1; ++ struct stat statbuf2; ++ ++ if(!name1 || !*name1 || !name2 || !*name2) return 0; ++ if(stat(name1, &statbuf1)) return 0; ++ if(stat(name2, &statbuf2)) return 0; ++ if(statbuf1.st_dev != statbuf2.st_dev) return 0; ++ if(statbuf1.st_ino != statbuf2.st_ino) return 0; ++ return 1; /* are same */ ++} ++ ++static char *loDev_do_GPG_pipe(struct libmnt_context *cxt, loDev_passInfo *pi, char *pass) ++{ ++ int x, pfdi[2], pfdo[2], failed = 0; ++ char str[10], *a[16], *e[2], *h; ++ pid_t gpid; ++ struct passwd *p; ++ void *oldSigPipeHandler; ++ ++ if((getuid() == 0) && pi->gpgHomeDir && pi->gpgHomeDir[0]) { ++ h = pi->gpgHomeDir; ++ } else { ++ if(!(p = getpwuid(getuid()))) { ++ DBG(CXT, ul_debugobj(cxt, "Error: Unable to detect home directory")); ++ return NULL; ++ } ++ h = p->pw_dir; ++ } ++ if(!(e[0] = malloc(strlen(h) + 6))) { ++ nomem1: ++ DBG(CXT, ul_debugobj(cxt, "Error: Unable to allocate memory")); ++ return NULL; ++ } ++ sprintf(e[0], "HOME=%s", h); ++ e[1] = 0; ++ ++ if(pipe(&pfdi[0])) { ++ nomem2: ++ free(e[0]); ++ goto nomem1; ++ } ++ if(pipe(&pfdo[0])) { ++ close(pfdi[0]); ++ close(pfdi[1]); ++ goto nomem2; ++ } ++ ++ /* ++ * When this code is run as part of mount, only root can set ++ * 'gpgKeyFile' and as such, only root can decide what file is opened ++ * below. However, since mount is usually setuid-root all non-root ++ * users can also open() the file too, but that file's contents are ++ * only piped to gpg. This readable-for-all is intended behaviour, ++ * and is very useful in situations where non-root users mount loop ++ * devices with their own gpg private key, and yet don't have access ++ * to the actual key used to encrypt loop device. ++ */ ++ if((x = open(pi->gpgKeyFile, O_RDONLY)) == -1) { ++ DBG(CXT, ul_debugobj(cxt, "Error: unable to open gpg key file for reading")); ++ nomem3: ++ free(e[0]); ++ close(pfdo[0]); ++ close(pfdo[1]); ++ close(pfdi[0]); ++ close(pfdi[1]); ++ return NULL; ++ } ++ ++ /* ++ * If someone puts a gpg key file at beginning of device and ++ * puts the real file system at some offset into the device, ++ * this code extracts that gpg key file into a temp file so gpg ++ * won't end up reading whole device when decrypting the key file. ++ * ++ * Example of encrypted cdrom mount with 8192 bytes reserved for gpg key file: ++ * mount -t iso9660 /dev/cdrom /cdrom -o loop=/dev/loop0,encryption=AES128,gpgkey=/dev/cdrom,offset=8192 ++ * ^^^^^^^^^^ ^^^^^^^^^^ ^^^^ ++ */ ++ if(pi->loopOffsetBytes && loDev_are_these_files_same(pi->loopFileName, pi->gpgKeyFile)) { ++ FILE *f; ++ char b[1024]; ++ long long cnt; ++ int cnt2, cnt3; ++ ++ cnt = loDev_mystrtoull(pi->loopOffsetBytes, 1); ++ if(cnt < 0) cnt = -cnt; ++ if(cnt > (1024 * 1024)) cnt = 1024 * 1024; /* sanity check */ ++ f = tmpfile(); ++ if(!f) { ++ DBG(CXT, ul_debugobj(cxt, "Error: unable to create temp file")); ++ close(x); ++ goto nomem3; ++ } ++ while(cnt > 0) { ++ cnt2 = sizeof(b); ++ if(cnt < cnt2) cnt2 = cnt; ++ cnt3 = loDev_rd_wr_retry(x, b, cnt2, 0); ++ if(cnt3 && (fwrite(b, cnt3, 1, f) != 1)) { ++ tmpWrErr: ++ DBG(CXT, ul_debugobj(cxt, "Error: unable to write to temp file")); ++ fclose(f); ++ close(x); ++ goto nomem3; ++ } ++ if(cnt2 != cnt3) break; ++ cnt -= cnt3; ++ } ++ if(fflush(f)) goto tmpWrErr; ++ close(x); ++ x = dup(fileno(f)); ++ fclose(f); ++ lseek(x, 0L, SEEK_SET); ++ } ++ ++ sprintf(str, "%d", pfdi[0]); ++ if(!(gpid = fork())) { ++ dup2(x, 0); ++ dup2(pfdo[1], 1); ++ close(x); ++ close(pfdi[1]); ++ close(pfdo[0]); ++ close(pfdo[1]); ++ if((x = open("/dev/null", O_WRONLY)) >= 0) { ++ dup2(x, 2); ++ close(x); ++ } ++ x = 0; ++ a[x++] = "gpg"; ++ if(pi->gpgHomeDir && pi->gpgHomeDir[0]) { ++ a[x++] = "--homedir"; ++ a[x++] = pi->gpgHomeDir; ++ } ++ a[x++] = "--no-options"; ++ a[x++] = "--quiet"; ++ a[x++] = "--batch"; ++ a[x++] = "--no-tty"; ++ a[x++] = "--passphrase-fd"; ++ a[x++] = str; ++ a[x++] = "--decrypt"; ++ a[x] = 0; ++ if(setgid(getgid())) exit(1); ++ if(setuid(getuid())) exit(1); ++ for(x = 3; x < 1024; x++) { ++ if(x == pfdi[0]) continue; ++ close(x); ++ } ++ execve("/bin/gpg", &a[0], &e[0]); ++ execve("/usr/bin/gpg", &a[0], &e[0]); ++ execve("/usr/local/bin/gpg", &a[0], &e[0]); ++ exit(1); ++ } ++ free(e[0]); ++ close(x); ++ close(pfdi[0]); ++ close(pfdo[1]); ++ if(gpid == -1) { ++ close(pfdi[1]); ++ close(pfdo[0]); ++ goto nomem1; ++ } ++ ++ x = strlen(pass); ++ ++ /* ignore possible SIGPIPE signal while writing to gpg */ ++ oldSigPipeHandler = signal(SIGPIPE, SIG_IGN); ++ loDev_rd_wr_retry(pfdi[1], pass, x, 1); ++ loDev_rd_wr_retry(pfdi[1], "\n", 1, 1); ++ if(oldSigPipeHandler != SIG_ERR) signal(SIGPIPE, oldSigPipeHandler); ++ ++ close(pfdi[1]); ++ memset(pass, 0, x); ++ x = 0; ++ while(x < 66) { ++ if(pi->multiKeyPass[x]) { ++ free(pi->multiKeyPass[x]); ++ pi->multiKeyPass[x] = NULL; ++ } ++ x++; ++ } ++ x = 0; ++ while(x < 66) { ++ pi->multiKeyPass[x] = loDev_get_FD_pass(pfdo[0]); ++ if(!pi->multiKeyPass[x]) { ++ /* mem alloc failed - abort */ ++ failed = 1; ++ break; ++ } ++ if(strlen(pi->multiKeyPass[x]) < LOOP_PASSWORD_MIN_LENGTH) break; ++ x++; ++ } ++ loDev_warnAboutBadKeyData(cxt, x); ++ if(x >= 65) ++ pi->multiKeyMode = 65; ++ if(x == 64) ++ pi->multiKeyMode = 64; ++ close(pfdo[0]); ++ waitpid(gpid, &x, 0); ++ if(failed || !pi->multiKeyPass[0]) goto nomem1; ++ return pi->multiKeyPass[0]; ++} ++ ++/* password returned by this function must not be free()ed directly, because it ++ came from either cxt->pwd_get_cb() or is a duplicate of pi->multiKeyPass[0]. ++ cxt->pwd_release_cb() free()s the one that came from cxt->pwd_get_cb() and ++ pi->multiKeyPass[0] gets free()d with rest of pi->multiKeyPass[] pointers. ++ If this function actually malloc()s a pointer, a copy is at pi->extraPtrToFree */ ++static char *loDev_sGetPass(struct libmnt_context *cxt, loDev_passInfo *pi, int minLen, int warnLen) ++{ ++ char *p, *s, *seed; ++ int i, x; ++ ++ if(pi->clearTextKeyFile) { ++ if((i = open(pi->clearTextKeyFile, O_RDONLY)) == -1) { ++ DBG(CXT, ul_debugobj(cxt, "Error: unable to open cleartext key file for reading")); ++ return NULL; ++ } ++ x = 0; ++ while(x < 66) { ++ pi->multiKeyPass[x] = loDev_get_FD_pass(i); ++ if(!pi->multiKeyPass[x]) { ++ close(i); ++ goto nomem; ++ } ++ if(strlen(pi->multiKeyPass[x]) < LOOP_PASSWORD_MIN_LENGTH) break; ++ x++; ++ } ++ close(i); ++ loDev_warnAboutBadKeyData(cxt, x); ++ if(x >= 65) { ++ pi->multiKeyMode = 65; ++ return pi->multiKeyPass[0]; ++ } ++ if(x == 64) { ++ pi->multiKeyMode = 64; ++ return pi->multiKeyPass[0]; ++ } ++ p = pi->multiKeyPass[0]; ++ } else { ++ if(!cxt->pwd_get_cb) ++ return NULL; ++ DBG(CXT, ul_debugobj(cxt, "asking for pass")); ++ p = pi->pass_cb_string = cxt->pwd_get_cb(cxt); ++ } ++ ++ if(!p) goto nomem; ++ if(pi->gpgKeyFile && pi->gpgKeyFile[0]) { ++ p = loDev_do_GPG_pipe(cxt, pi, p); ++ if(!p) return NULL; ++ if(!p[0]) { ++ DBG(CXT, ul_debugobj(cxt, "Error: gpg key file decryption failed")); ++ return NULL; ++ } ++ if(pi->multiKeyMode) return p; ++ } ++ i = strlen(p); ++ if(i < minLen) { ++ DBG(CXT, ul_debugobj(cxt, "Error: Password is too short")); ++ return NULL; ++ } ++ seed = pi->passSeedString; ++ if(!seed) seed = ""; ++ s = pi->extraPtrToFree = malloc(i + strlen(seed) + 1); ++ if(!s) { ++ memset(p, 0, i); ++ nomem: ++ DBG(CXT, ul_debugobj(cxt, "Error: Unable to allocate memory")); ++ return NULL; ++ } ++ strcpy(s, p); ++ memset(p, 0, i); ++ if(i < warnLen) { ++ DBG(CXT, ul_debugobj(cxt, "WARNING - Please use longer password")); ++ } ++ strcat(s, seed); ++ return(s); ++} ++ ++/* this is for compatibility with historic loop-AES version */ ++static void loDev_unhashed1_key_setup(unsigned char *keyStr, int ile, unsigned char *keyBuf, int bufSize) ++{ ++ register int x, y, z, cnt = ile; ++ unsigned char *kp; ++ ++ memset(keyBuf, 0, bufSize); ++ kp = keyStr; ++ for(x = 0; x < (bufSize * 8); x += 6) { ++ y = *kp++; ++ if(--cnt <= 0) { ++ kp = keyStr; ++ cnt = ile; ++ } ++ if((y >= '0') && (y <= '9')) y -= '0'; ++ else if((y >= 'A') && (y <= 'Z')) y -= ('A' - 10); ++ else if((y >= 'a') && (y <= 'z')) y -= ('a' - 36); ++ else if((y == '.') || (y == '/')) y += (62 - '.'); ++ else y &= 63; ++ z = x >> 3; ++ if(z < bufSize) { ++ keyBuf[z] |= y << (x & 7); ++ } ++ z++; ++ if(z < bufSize) { ++ keyBuf[z] |= y >> (8 - (x & 7)); ++ } ++ } ++} ++ ++/* this is for compatibility with mainline mount */ ++static void loDev_unhashed2_key_setup(unsigned char *keyStr, int ile, unsigned char *keyBuf, int bufSize) ++{ ++ memset(keyBuf, 0, bufSize); ++ strncpy((char *)keyBuf, (char *)keyStr, bufSize - 1); ++ keyBuf[bufSize - 1] = 0; ++} ++ ++static void loDev_rmd160HashTwiceWithA(unsigned char *ib, int ile, unsigned char *ob, int ole) ++{ ++ char tmpBuf[20 + 20]; ++ char pwdCopy[130]; ++ ++ if(ole < 1) return; ++ memset(ob, 0, ole); ++ if(ole > 40) ole = 40; ++ __loDev_rmd160_hash_buffer(&tmpBuf[0], (char *)ib, ile); ++ pwdCopy[0] = 'A'; ++ if(ile > sizeof(pwdCopy) - 1) ile = sizeof(pwdCopy) - 1; ++ memcpy(pwdCopy + 1, ib, ile); ++ __loDev_rmd160_hash_buffer(&tmpBuf[20], pwdCopy, ile + 1); ++ memcpy(ob, tmpBuf, ole); ++ memset(tmpBuf, 0, sizeof(tmpBuf)); ++ memset(pwdCopy, 0, sizeof(pwdCopy)); ++} ++ ++extern long long llseek(int, long long, int); ++ ++static long long loDev_xx_lseek(int fd, long long offset, int whence) ++{ ++ if(sizeof(off_t) >= 8) { ++ return lseek(fd, offset, whence); ++ } else { ++ return llseek(fd, offset, whence); ++ } ++} ++ ++static int loDev_create_random_keys(struct libmnt_context *cxt, char *partition, long long offset, long long sizelimit, int loopro, unsigned char *k) ++{ ++ int x, y, fd; ++ sha512_context s; ++ unsigned char b[4096]; ++ ++ if(loopro) { ++ DBG(CXT, ul_debugobj(cxt, "Error: read-only device")); ++ return 1; ++ } ++ ++ /* ++ * Compute SHA-512 over first 40 KB of old fs data. SHA-512 hash ++ * output is then used as entropy for new fs encryption key. ++ */ ++ if((fd = open(partition, O_RDWR)) == -1) { ++ seekFailed: ++ DBG(CXT, ul_debugobj(cxt, "Error: unable to open/seek device")); ++ return 1; ++ } ++ if(offset < 0) offset = -offset; ++ if(loDev_xx_lseek(fd, offset, SEEK_SET) == -1) { ++ close(fd); ++ goto seekFailed; ++ } ++ __loDev_sha512_init(&s); ++ for(x = 1; x <= 10; x++) { ++ if((sizelimit > 0) && ((sizeof(b) * x) > sizelimit)) break; ++ if(loDev_rd_wr_retry(fd, (char *) &b[0], sizeof(b), 0) != sizeof(b)) break; ++ __loDev_sha512_write(&s, &b[0], sizeof(b)); ++ } ++ __loDev_sha512_final(&s); ++ ++ /* ++ * Overwrite 40 KB of old fs data 20 times so that recovering ++ * SHA-512 output beyond this point is difficult and expensive. ++ */ ++ for(y = 0; y < 20; y++) { ++ int z; ++ struct { ++ struct timeval tv; ++ unsigned char h[64]; ++ int x,y,z; ++ } j; ++ if(loDev_xx_lseek(fd, offset, SEEK_SET) == -1) break; ++ memcpy(&j.h[0], &s.sha_out[0], 64); ++ gettimeofday(&j.tv, NULL); ++ j.y = y; ++ for(x = 1; x <= 10; x++) { ++ j.x = x; ++ for(z = 0; z < sizeof(b); z += 64) { ++ j.z = z; ++ __loDev_sha512_hash_buffer((unsigned char *)&j, sizeof(j), &b[z], 64); ++ } ++ if((sizelimit > 0) && ((sizeof(b) * x) > sizelimit)) break; ++ if(loDev_rd_wr_retry(fd, (char *) &b[0], sizeof(b), 1) != sizeof(b)) break; ++ } ++ memset(&j, 0, sizeof(j)); ++ if(fsync(fd)) break; ++ } ++ close(fd); ++ ++ /* ++ * Use all 512 bits of hash output ++ */ ++ memcpy(&b[0], &s.sha_out[0], 64); ++ memset(&s, 0, sizeof(s)); ++ ++ /* ++ * Read 32 bytes of random entropy from kernel's random ++ * number generator. This code may be executed early on startup ++ * scripts and amount of random entropy may be non-existent. ++ * SHA-512 of old fs data is used as workaround for missing ++ * entropy in kernel's random number generator. ++ */ ++ if((fd = open("/dev/urandom", O_RDONLY)) == -1) { ++ DBG(CXT, ul_debugobj(cxt, "Error: unable to open /dev/urandom")); ++ return 1; ++ } ++ loDev_rd_wr_retry(fd, (char *) &b[64], 32, 0); ++ ++ /* generate multi-key hashes */ ++ x = 0; ++ while(x < 65) { ++ loDev_rd_wr_retry(fd, (char *) &b[64+32], 16, 0); ++ __loDev_sha512_hash_buffer(&b[0], 64+32+16, k, 32); ++ k += 32; ++ x++; ++ } ++ ++ close(fd); ++ memset(&b[0], 0, sizeof(b)); ++ return 0; ++} ++ ++static int loDev_fork_mkfs_command(struct libmnt_context *cxt, char *device, char *fstype) ++{ ++ int x, y = 0; ++ char *a[10], *e[1]; ++ ++ sync(); ++ if(!(x = fork())) { ++ if((x = open("/dev/null", O_WRONLY)) >= 0) { ++ dup2(x, 0); ++ dup2(x, 1); ++ dup2(x, 2); ++ close(x); ++ } ++ x = 0; ++ a[x++] = "mkfs"; ++ a[x++] = "-t"; ++ a[x++] = fstype; ++ /* mkfs.reiserfs and mkfs.xfs need -f option */ ++ if(!strcmp(fstype, "reiserfs") || !strcmp(fstype, "xfs")) { ++ a[x++] = "-f"; ++ } ++ a[x++] = device; ++ a[x] = 0; ++ e[0] = 0; ++ if(setgid(getgid())) exit(1); ++ if(setuid(getuid())) exit(1); ++ for(x = 3; x < 1024; x++) { ++ close(x); ++ } ++ execve("/sbin/mkfs", &a[0], &e[0]); ++ exit(1); ++ } ++ if(x == -1) { ++ DBG(CXT, ul_debugobj(cxt, "Error: fork failed")); ++ return 1; ++ } ++ waitpid(x, &y, 0); ++ sync(); ++ if(!WIFEXITED(y) || (WEXITSTATUS(y) != 0)) { ++ DBG(CXT, ul_debugobj(cxt, "Error: encrypted file system mkfs failed")); ++ return 1; ++ } ++ return 0; ++} ++ ++static void loDev_convert_info_to_info64(struct loop_info *info, struct loop_info64 *info64) ++{ ++ memset(info64, 0, sizeof(*info64)); ++ info64->lo_number = info->lo_number; ++ info64->lo_device = info->lo_device; ++ info64->lo_inode = info->lo_inode; ++ info64->lo_rdevice = info->lo_rdevice; ++ info64->lo_offset = info->lo_offset; ++ info64->lo_encrypt_type = info->lo_encrypt_type; ++ info64->lo_encrypt_key_size = info->lo_encrypt_key_size; ++ info64->lo_flags = info->lo_flags; ++ info64->lo_init[0] = info->lo_init[0]; ++ info64->lo_init[1] = info->lo_init[1]; ++ info64->lo_sizelimit = 0; ++ if (info->lo_encrypt_type == 18) /* LO_CRYPT_CRYPTOAPI */ ++ memcpy(info64->lo_crypt_name, info->lo_name, sizeof(info64->lo_crypt_name)); ++ else ++ memcpy(info64->lo_file_name, info->lo_name, sizeof(info64->lo_file_name)); ++ memcpy(info64->lo_encrypt_key, info->lo_encrypt_key, sizeof(info64->lo_encrypt_key)); ++} ++ ++static int loDev_convert_info64_to_info(struct loop_info64 *info64, struct loop_info *info) ++{ ++ memset(info, 0, sizeof(*info)); ++ info->lo_number = info64->lo_number; ++ info->lo_device = info64->lo_device; ++ info->lo_inode = info64->lo_inode; ++ info->lo_rdevice = info64->lo_rdevice; ++ info->lo_offset = info64->lo_offset; ++ info->lo_encrypt_type = info64->lo_encrypt_type; ++ info->lo_encrypt_key_size = info64->lo_encrypt_key_size; ++ info->lo_flags = info64->lo_flags; ++ info->lo_init[0] = info64->lo_init[0]; ++ info->lo_init[1] = info64->lo_init[1]; ++ if (info->lo_encrypt_type == 18) /* LO_CRYPT_CRYPTOAPI */ ++ memcpy(info->lo_name, info64->lo_crypt_name, sizeof(info->lo_name)); ++ else ++ memcpy(info->lo_name, info64->lo_file_name, sizeof(info->lo_name)); ++ memcpy(info->lo_encrypt_key, info64->lo_encrypt_key, sizeof(info->lo_encrypt_key)); ++ ++ /* error in case values were truncated */ ++ if (info->lo_device != info64->lo_device || ++ info->lo_rdevice != info64->lo_rdevice || ++ info->lo_inode != info64->lo_inode || ++ info->lo_offset != info64->lo_offset || ++ info64->lo_sizelimit) { ++ return -1; ++ } ++ return 0; ++} ++ ++static int loDev_set_status64_ioctl(int fd, struct loop_info64 *info64) ++{ ++ struct loop_info info; ++ struct loop_info64 tmp; ++ int r; ++ ++ /* ++ * This ugly work around is needed because some ++ * Red Hat kernels are using same ioctl code: ++ * #define LOOP_CHANGE_FD 0x4C04 ++ * vs. ++ * #define LOOP_SET_STATUS64 0x4C04 ++ * that is used by modern loop driver. ++ * ++ * Attempt to detect presense of LOOP_GET_STATUS64 ++ * ioctl before issuing LOOP_SET_STATUS64 ioctl. ++ * Red Hat kernels with above LOOP_CHANGE_FD damage ++ * should return -1 and set errno to EINVAL. ++ */ ++ r = ioctl(fd, LOOP_GET_STATUS64, &tmp); ++ memset(&tmp, 0, sizeof(tmp)); ++ if ((r == 0) || (errno != EINVAL)) { ++ r = ioctl(fd, LOOP_SET_STATUS64, info64); ++ if (!r) ++ return 0; ++ } ++ r = loDev_convert_info64_to_info(info64, &info); ++ if (!r) ++ r = ioctl(fd, LOOP_SET_STATUS, &info); ++ ++ /* don't leave copies of encryption key on stack */ ++ memset(&info, 0, sizeof(info)); ++ return r; ++} ++ ++static int loDev_get_status64_ioctl(int fd, struct loop_info64 *info64) ++{ ++ struct loop_info info; ++ int r; ++ ++ memset(info64, 0, sizeof(*info64)); ++ r = ioctl(fd, LOOP_GET_STATUS64, info64); ++ if (!r) ++ return 0; ++ r = ioctl(fd, LOOP_GET_STATUS, &info); ++ if (!r) ++ loDev_convert_info_to_info64(&info, info64); ++ ++ /* don't leave copies of encryption key on stack */ ++ memset(&info, 0, sizeof(info)); ++ return r; ++} ++ ++/* returns: 1=unused 0=busy */ ++static int loDev_is_unused_loop_device(int fd) ++{ ++ struct loop_info64 info64; ++ struct loop_info info; ++ int r; ++ ++ r = ioctl(fd, LOOP_GET_STATUS64, &info64); ++ memset(&info64, 0, sizeof(info64)); ++ if (!r) ++ return 0; ++ if (errno == ENXIO) ++ return 1; ++ ++ r = ioctl(fd, LOOP_GET_STATUS, &info); ++ memset(&info, 0, sizeof(info)); ++ if (!r) ++ return 0; ++ if (errno == ENXIO) ++ return 1; ++ if (errno == EOVERFLOW) ++ return 0; ++ return 1; ++} ++ ++struct loDev_crypt_type_struct { ++ short int id; ++ unsigned char flags; /* bit0 = show keybits, bit1 = add '-' before keybits */ ++ unsigned char keyBytes; ++ char *name; ++}; ++ ++static struct loDev_crypt_type_struct loDev_crypt_type_tbl[] = { ++ { 0, 0, 0, "no" }, ++ { 0, 0, 0, "none" }, ++ { 1, 0, 0, "xor" }, ++ { 3, 1, 16, "twofish" }, ++ { 4, 1, 16, "blowfish" }, ++ { 7, 1, 16, "serpent" }, ++ { 8, 1, 16, "mars" }, ++ { 11, 3, 16, "rc6" }, ++ { 12, 0, 21, "tripleDES" }, ++ { 12, 0, 24, "3des" }, ++ { 12, 0, 24, "des3_ede" }, ++ { 16, 1, 16, "AES" }, ++ { -1, 0, 0, NULL } ++}; ++ ++static char *loDev_getApiName(char *e, int *len) ++{ ++ int x, y, z = 1, q = -1; ++ unsigned char *s; ++ ++ *len = y = 0; ++ s = (unsigned char *)strdup(e); ++ if(!s) ++ return NULL; ++ x = strlen((char *)s); ++ while(x > 0) { ++ x--; ++ if(!isdigit(s[x])) ++ break; ++ y += (s[x] - '0') * z; ++ z *= 10; ++ q = x; ++ } ++ while(x >= 0) { ++ s[x] = tolower(s[x]); ++ if(s[x] == '-') ++ s[x] = 0; ++ x--; ++ } ++ if(y >= 40) { ++ if(q >= 0) ++ s[q] = 0; ++ *len = y; ++ } ++ return((char *)s); ++} ++ ++static int loDev_crypt_type_fn(const char *name, u_int32_t *kbyp, char **apiName) ++{ ++ int i, k; ++ char *s; ++ ++ *apiName = s = loDev_getApiName((char *)name, &k); ++ if(!s) s = ""; ++ if(k < 0) ++ k = 0; ++ if(k > 256) ++ k = 256; ++ for (i = 0; loDev_crypt_type_tbl[i].id != -1; i++) { ++ if (!strcasecmp (s , loDev_crypt_type_tbl[i].name)) { ++ *kbyp = k ? k >> 3 : loDev_crypt_type_tbl[i].keyBytes; ++ return loDev_crypt_type_tbl[i].id; ++ } ++ } ++ *kbyp = 16; /* 128 bits */ ++ return 18; /* LO_CRYPT_CRYPTOAPI */ ++} ++ ++static int loDev_try_cryptoapi_interface(int fd, struct loop_info64 *loopinfo, char *apiName) ++{ ++ if(!apiName) apiName = ""; ++ snprintf((char *)loopinfo->lo_crypt_name, sizeof(loopinfo->lo_crypt_name), "%s-cbc", apiName); ++ loopinfo->lo_crypt_name[LO_NAME_SIZE - 1] = 0; ++ loopinfo->lo_encrypt_type = 18; /* LO_CRYPT_CRYPTOAPI */ ++ return(loDev_set_status64_ioctl(fd, loopinfo)); ++} ++ ++static int loDev_is_loop_device(const char *device) ++{ ++ struct stat statbuf; ++ ++ return (stat(device, &statbuf) == 0 && ++ S_ISBLK(statbuf.st_mode) && ++ major(statbuf.st_rdev) == 7); ++} ++ ++int __loDev_is_loop_active_same_back(char *dev, char *backdev, char *offsetStr, char *sizelimitStr) ++{ ++ int fd; ++ int ret = 0; ++ struct stat statbuf; ++ struct loop_info64 loopinfo; ++ uint64_t offset = 0, sizelimit = 0; ++ ++ if(offsetStr) ++ offset = loDev_mystrtoull(offsetStr, 1); ++ if(sizelimitStr) ++ sizelimit = loDev_mystrtoull(sizelimitStr, 0); ++ ++ if (stat (dev, &statbuf) == 0 && S_ISBLK(statbuf.st_mode) && major(statbuf.st_rdev) == 7) { ++ if(stat (backdev, &statbuf) != 0) ++ return 0; ++ fd = open (dev, O_RDONLY); ++ if (fd < 0) ++ return 0; ++ if ((loDev_get_status64_ioctl(fd, &loopinfo) == 0) ++ && (loopinfo.lo_offset == offset) ++ && (loopinfo.lo_sizelimit == sizelimit) ++ && (statbuf.st_dev == loopinfo.lo_device) ++ && (statbuf.st_ino == loopinfo.lo_inode)) ++ ret = 1; /* backing device matches */ ++ memset(&loopinfo, 0, sizeof(loopinfo)); ++ close(fd); ++ } ++ return ret; ++} ++ ++#define SIZE(a) (sizeof(a)/sizeof(a[0])) ++ ++static char * loDev_find_unused_loop_device(void) ++{ ++ /* Just creating a device, say in /tmp, is probably a bad idea - ++ people might have problems with backup or so. ++ So, we just try /dev/loop[0-7]. */ ++ char dev[20]; ++ char *loop_formats[] = { "/dev/loop%d", "/dev/loop/%d" }; ++ int i, j, fd, somedev = 0, someloop = 0; ++ struct stat statbuf; ++ ++ for (j = 0; j < SIZE(loop_formats); j++) { ++ for(i = 0; i < 256; i++) { ++ sprintf(dev, loop_formats[j], i); ++ if (stat (dev, &statbuf) == 0 && S_ISBLK(statbuf.st_mode)) { ++ somedev++; ++ fd = open (dev, O_RDONLY); ++ if (fd >= 0) { ++ if (loDev_is_unused_loop_device(fd) == 0) ++ someloop++; /* in use */ ++ else if (errno == ENXIO) { ++ close (fd); ++ return strdup(dev);/* probably free */ ++ } ++ close (fd); ++ } ++ continue;/* continue trying as long as devices exist */ ++ } ++ break; ++ } ++ } ++ return 0; ++} ++ ++int mnt_context_is_loopdev(struct libmnt_context *cxt) ++{ ++ const char *type, *src; ++ ++ assert(cxt); ++ ++ /* The mount flags have to be merged, otherwise we have to use ++ * expensive mnt_context_get_user_mflags() instead of cxt->user_mountflags. */ ++ assert((cxt->flags & MNT_FL_MOUNTFLAGS_MERGED)); ++ ++ if (!cxt->fs) ++ return 0; ++ src = mnt_fs_get_srcpath(cxt->fs); ++ if (!src) ++ return 0; /* backing file not set */ ++ ++ if (cxt->user_mountflags & (MNT_MS_LOOP | ++ MNT_MS_OFFSET | ++ MNT_MS_SIZELIMIT)) { ++ ++ DBG(CXT, ul_debugobj(cxt, "loopdev specific options detected")); ++ return 1; ++ } ++ ++ if (cxt->mountflags & (MS_BIND | MS_MOVE | MS_PROPAGATION)) ++ return 0; ++ ++ /* Automatically create a loop device from a regular file if a ++ * filesystem is not specified or the filesystem is known for libblkid ++ * (these filesystems work with block devices only). The file size ++ * should be at least 1KiB otherwise we will create empty loopdev where ++ * is no mountable filesystem... ++ * ++ * Note that there is not a restriction (on kernel side) that prevents regular ++ * file as a mount(2) source argument. A filesystem that is able to mount ++ * regular files could be implemented. ++ */ ++ type = mnt_fs_get_fstype(cxt->fs); ++ ++ if (mnt_fs_is_regular(cxt->fs) && ++ (!type || strcmp(type, "auto") == 0 || blkid_known_fstype(type))) { ++ struct stat st; ++ ++ if (stat(src, &st) == 0 && S_ISREG(st.st_mode) && ++ st.st_size > 1024) ++ return 1; ++ } ++ ++ return 0; ++} ++ ++ ++/* Check, if there already exists a mounted loop device on the mountpoint node ++ * with the same parameters. ++ */ ++static int is_mounted_same_loopfile(struct libmnt_context *cxt, ++ const char *target, ++ char *backing_file, ++ char *offsetStr, char *sizelimitStr) ++{ ++ struct libmnt_table *tb; ++ struct libmnt_iter itr; ++ struct libmnt_fs *fs; ++ struct libmnt_cache *cache; ++ ++ assert(cxt); ++ assert(cxt->fs); ++ assert((cxt->flags & MNT_FL_MOUNTFLAGS_MERGED)); ++ ++ if (!target || !backing_file || mnt_context_get_mtab(cxt, &tb)) ++ return 0; ++ ++ DBG(CXT, ul_debugobj(cxt, "checking if %s mounted on %s", ++ backing_file, target)); ++ ++ cache = mnt_context_get_cache(cxt); ++ mnt_reset_iter(&itr, MNT_ITER_BACKWARD); ++ ++ /* Search for mountpoint node in mtab, procceed if any of these has the ++ * loop option set or the device is a loop device ++ */ ++ while (mnt_table_next_fs(tb, &itr, &fs) == 0) { ++ const char *src = mnt_fs_get_source(fs); ++ const char *opts = mnt_fs_get_user_options(fs); ++ char *val; ++ size_t len; ++ int res = 0; ++ ++ if (!src || !mnt_fs_match_target(fs, target, cache)) ++ continue; ++ ++ if (strncmp(src, "/dev/loop", 9) == 0) { ++ res = __loDev_is_loop_active_same_back((char *) src, backing_file, offsetStr, sizelimitStr); ++ ++ } else if (opts && (cxt->user_mountflags & MNT_MS_LOOP) && ++ mnt_optstr_get_option(opts, "loop", &val, &len) == 0 && val) { ++ ++ val = strndup(val, len); ++ res = __loDev_is_loop_active_same_back((char *) val, backing_file, offsetStr, sizelimitStr); ++ free(val); ++ } ++ ++ if (res) { ++ DBG(CXT, ul_debugobj(cxt, "%s already mounted", backing_file)); ++ return 1; ++ } ++ } ++ ++ return 0; ++} ++ ++int mnt_context_setup_loopdev(struct libmnt_context *cxt) ++{ ++ int loop_dev_fd = -1, backing_fi_fd = -1; ++ loDev_passInfo pi; ++ struct loop_info64 loopinfo; ++ int i; ++ char *pass = NULL, *apiName = NULL; ++ void (*hashFunc)(unsigned char *, int, unsigned char *, int); ++ unsigned char multiKeyBits[65][32]; ++ int minPassLen = LOOP_PASSWORD_MIN_LENGTH; ++ int run_mkfs_command = 0; ++ int mode = O_RDWR; ++ int fixedLoopName = 0; ++ unsigned int chmodVal = 0; ++ const char *optstr; ++ char *val = NULL; ++ size_t len = 0; ++ int rc = 0, myErrno = 0; ++ uint64_t offset = 0, sizelimit = 0; ++ ++ ++ memset(&pi, 0, sizeof(pi)); ++ assert(cxt); ++ assert(cxt->fs); ++ assert((cxt->flags & MNT_FL_MOUNTFLAGS_MERGED)); ++ cxt->loopdev_fd = -1; ++ ++ pi.loopFileName = (char *) mnt_fs_get_srcpath(cxt->fs); ++ if (!pi.loopFileName) ++ return -EINVAL; ++ ++ DBG(CXT, ul_debugobj(cxt, "trying to setup loopdev for %s", pi.loopFileName)); ++ ++ if (cxt->mountflags & MS_RDONLY) { ++ DBG(CXT, ul_debugobj(cxt, "enabling READ-ONLY flag")); ++ mode = O_RDONLY; ++ } ++ ++ optstr = mnt_fs_get_user_options(cxt->fs); ++ ++#define MM(a,b) if(mnt_optstr_get_option(optstr, a, &val, &len) == 0 && val && len) { \ ++ if(!(b = strndup(val, len))) rc = -ENOMEM; \ ++ } ++ ++ MM("loop", pi.loopDevName); ++ MM("offset", pi.loopOffsetBytes); ++ MM("sizelimit", pi.loopSizeBytes); ++ MM("encryption", pi.loopEncryptionType); ++ MM("pseed", pi.passSeedString); ++ MM("phash", pi.passHashFuncName); ++ MM("itercountk", pi.passIterThousands); ++ MM("loinit", pi.loInitValue); ++ MM("gpgkey", pi.gpgKeyFile); ++ MM("gpghome", pi.gpgHomeDir); ++ MM("cleartextkey", pi.clearTextKeyFile); ++ ++#undef MM ++ ++ if(pi.loopOffsetBytes) ++ offset = loDev_mystrtoull(pi.loopOffsetBytes, 1); ++ if(pi.loopSizeBytes) ++ sizelimit = loDev_mystrtoull(pi.loopSizeBytes, 0); ++ ++ if (rc == 0 && is_mounted_same_loopfile(cxt, mnt_context_get_target(cxt), pi.loopFileName, pi.loopOffsetBytes, pi.loopSizeBytes)) ++ rc = -EBUSY; ++ if (rc) ++ goto clean_up_out; ++ if(pi.loopDevName) { ++ fixedLoopName = 1; ++ if(__loDev_is_loop_active_same_back(pi.loopDevName, pi.loopFileName, pi.loopOffsetBytes, pi.loopSizeBytes)) { ++ /* loop device appears to be already set up to same backing file, so skip most of loop setup */ ++ /* this is useful for encrypted losetup -> fsck -> mount, where passphrase needs to be typed only once */ ++ rc = mnt_fs_set_source(cxt->fs, pi.loopDevName); ++ if(rc) goto clean_up_out; ++ goto skip_setup_ok_out; ++ } ++ } else if(cxt->fs && mnt_optstr_get_option(optstr, "loop", &val, &len) != 0) { ++ /* Looks like no "loop" option at all. Add one so it gets cleaned up by umount */ ++ mnt_optstr_append_option(&cxt->fs->user_optstr, "loop", NULL); ++ } ++ if((backing_fi_fd = open(pi.loopFileName, mode)) < 0) { ++ DBG(CXT, ul_debugobj(cxt, "can't open backing device/file")); ++ myErrno = ENODEV; ++ rc = -MNT_ERR_LOOPDEV; ++ goto clean_up_out; ++ } ++ ++try_again_another_loopdev: ++ sync(); ++ if(!pi.loopDevName) { ++ pi.loopDevName = loDev_find_unused_loop_device(); ++ if(!pi.loopDevName) { ++ DBG(CXT, ul_debugobj(cxt, "can't find free loop device")); ++ myErrno = ENODEV; ++ rc = -MNT_ERR_LOOPDEV; ++ goto clean_up_out; ++ } ++ } ++ if((loop_dev_fd = open(pi.loopDevName, mode)) < 0) { ++ DBG(CXT, ul_debugobj(cxt, "can't open loop device")); ++ myErrno = ENODEV; ++ rc = -MNT_ERR_LOOPDEV; ++ goto clean_up_out; ++ } ++ if(ioctl(loop_dev_fd, LOOP_SET_FD, backing_fi_fd) < 0) { ++ if(errno == EBUSY && !fixedLoopName) { ++ close(loop_dev_fd); ++ loop_dev_fd = -1; ++ free(pi.loopDevName); ++ pi.loopDevName = NULL; ++ DBG(CXT, ul_debugobj(cxt, "loopdev stolen...trying again")); ++ goto try_again_another_loopdev; ++ } ++ close(loop_dev_fd); ++ loop_dev_fd = -1; ++ DBG(CXT, ul_debugobj(cxt, "loop set-fd ioctl failed")); ++ myErrno = EBUSY; ++ rc = -MNT_ERR_LOOPDEV; ++ goto clean_up_out; ++ } ++ ++ memset(&loopinfo, 0, sizeof (loopinfo)); ++ strncpy((char *)loopinfo.lo_file_name, pi.loopFileName, LO_NAME_SIZE - 1); ++ loopinfo.lo_file_name[LO_NAME_SIZE - 1] = 0; ++ if(pi.loopEncryptionType) ++ loopinfo.lo_encrypt_type = loDev_crypt_type_fn(pi.loopEncryptionType, &loopinfo.lo_encrypt_key_size, &apiName); ++ loopinfo.lo_offset = offset; ++ loopinfo.lo_sizelimit = sizelimit; ++ ++ switch(loopinfo.lo_encrypt_type) { ++ case 0: /* LO_CRYPT_NONE */ ++ loopinfo.lo_encrypt_key_size = 0; ++ break; ++ case 1: /* LO_CRYPT_XOR */ ++ pass = loDev_sGetPass(cxt, &pi, 1, 0); ++ if(!pass) { ++ myErrno = ENOKEY; ++ goto loop_clr_fd_out; ++ } ++ strncpy((char *)loopinfo.lo_encrypt_key, pass, LO_KEY_SIZE - 1); ++ loopinfo.lo_encrypt_key[LO_KEY_SIZE - 1] = 0; ++ loopinfo.lo_encrypt_key_size = strlen((char*)loopinfo.lo_encrypt_key); ++ break; ++ case 3: /* LO_CRYPT_FISH2 */ ++ case 4: /* LO_CRYPT_BLOW */ ++ case 7: /* LO_CRYPT_SERPENT */ ++ case 8: /* LO_CRYPT_MARS */ ++ case 11: /* LO_CRYPT_RC6 */ ++ case 12: /* LO_CRYPT_DES_EDE3 */ ++ case 16: /* LO_CRYPT_AES */ ++ case 18: /* LO_CRYPT_CRYPTOAPI */ ++ /* set default hash function */ ++ hashFunc = __loDev_sha256_hash_buffer; ++ if(loopinfo.lo_encrypt_key_size == 24) hashFunc = __loDev_sha384_hash_buffer; ++ if(loopinfo.lo_encrypt_key_size == 32) hashFunc = __loDev_sha512_hash_buffer; ++ /* possibly override default hash function */ ++ if(pi.passHashFuncName) { ++ if(!strcasecmp(pi.passHashFuncName, "sha256")) { ++ hashFunc = __loDev_sha256_hash_buffer; ++ } else if(!strcasecmp(pi.passHashFuncName, "sha384")) { ++ hashFunc = __loDev_sha384_hash_buffer; ++ } else if(!strcasecmp(pi.passHashFuncName, "sha512")) { ++ hashFunc = __loDev_sha512_hash_buffer; ++ } else if(!strcasecmp(pi.passHashFuncName, "rmd160")) { ++ hashFunc = loDev_rmd160HashTwiceWithA; ++ minPassLen = 1; ++ } else if(!strcasecmp(pi.passHashFuncName, "unhashed1")) { ++ hashFunc = loDev_unhashed1_key_setup; ++ } else if(!strcasecmp(pi.passHashFuncName, "unhashed2")) { ++ hashFunc = loDev_unhashed2_key_setup; ++ minPassLen = 1; ++ } else if(!strncasecmp(pi.passHashFuncName, "random", 6) && ((pi.passHashFuncName[6] == 0) || (pi.passHashFuncName[6] == '/'))) { ++ /* random hash type sets up 65 random keys */ ++ /* WARNING! DO NOT USE RANDOM HASH TYPE ON PARTITION WITH EXISTING */ ++ /* IMPORTANT DATA ON IT. RANDOM HASH TYPE WILL DESTROY YOUR DATA. */ ++ if(loDev_create_random_keys(cxt, pi.loopFileName, loopinfo.lo_offset, loopinfo.lo_sizelimit, cxt->mountflags & MS_RDONLY, &multiKeyBits[0][0])) { ++ myErrno = ENOKEY; ++ goto loop_clr_fd_out; ++ } ++ memcpy(&loopinfo.lo_encrypt_key[0], &multiKeyBits[0][0], sizeof(loopinfo.lo_encrypt_key)); ++ run_mkfs_command = pi.multiKeyMode = 1000; ++ break; /* out of switch(loopinfo.lo_encrypt_type) */ ++ } ++ } ++ pass = loDev_sGetPass(cxt, &pi, minPassLen, LOOP_PASSWORD_MIN_LENGTH); ++ if(!pass) { ++ myErrno = ENOKEY; ++ goto loop_clr_fd_out; ++ } ++ i = strlen(pass); ++ if(hashFunc == loDev_unhashed1_key_setup) { ++ /* this is for compatibility with historic loop-AES version */ ++ loopinfo.lo_encrypt_key_size = 16; /* 128 bits */ ++ if(i >= 32) loopinfo.lo_encrypt_key_size = 24; /* 192 bits */ ++ if(i >= 43) loopinfo.lo_encrypt_key_size = 32; /* 256 bits */ ++ } ++ (*hashFunc)((unsigned char *)pass, i, &loopinfo.lo_encrypt_key[0], sizeof(loopinfo.lo_encrypt_key)); ++ if(pi.multiKeyMode) { ++ int r = 0, t; ++ while(r < pi.multiKeyMode) { ++ t = strlen(pi.multiKeyPass[r]); ++ (*hashFunc)((unsigned char *)pi.multiKeyPass[r], t, &multiKeyBits[r][0], 32); ++ memset(pi.multiKeyPass[r], 0, t); ++ /* ++ * MultiKeyMode uses md5 IV. One key mode uses sector IV. Sector IV ++ * and md5 IV v2 and v3 are all computed differently. This first key ++ * byte XOR with 0x55/0xF4 is needed to cause complete decrypt failure ++ * in cases where data is encrypted with one type of IV and decrypted ++ * with another type IV. If identical key was used but only IV was ++ * computed differently, only first plaintext block of 512 byte CBC ++ * chain would decrypt incorrectly and rest would decrypt correctly. ++ * Partially correct decryption is dangerous. Decrypting all blocks ++ * incorrectly is safer because file system mount will simply fail. ++ */ ++ if(pi.multiKeyMode == 65) { ++ multiKeyBits[r][0] ^= 0xF4; /* version 3 */ ++ } else { ++ multiKeyBits[r][0] ^= 0x55; /* version 2 */ ++ } ++ r++; ++ } ++ } else if(pi.passIterThousands) { ++ aes_context ctx; ++ unsigned long iter = 0; ++ unsigned char tempkey[32]; ++ /* ++ * Set up AES-256 encryption key using same password and hash function ++ * as before but with password bit 0 flipped before hashing. That key ++ * is then used to encrypt actual loop key 'itercountk' thousand times. ++ */ ++ pass[0] ^= 1; ++ (*hashFunc)((unsigned char *)pass, i, &tempkey[0], 32); ++ __loDev_aes_set_key(&ctx, &tempkey[0], 32, 0); ++ sscanf(pi.passIterThousands, "%lu", &iter); ++ iter *= 1000; ++ while(iter > 0) { ++ /* encrypt both 128bit blocks with AES-256 */ ++ __loDev_aes_encrypt(&ctx, &loopinfo.lo_encrypt_key[ 0], &loopinfo.lo_encrypt_key[ 0]); ++ __loDev_aes_encrypt(&ctx, &loopinfo.lo_encrypt_key[16], &loopinfo.lo_encrypt_key[16]); ++ /* exchange upper half of first block with lower half of second block */ ++ memcpy(&tempkey[0], &loopinfo.lo_encrypt_key[8], 8); ++ memcpy(&loopinfo.lo_encrypt_key[8], &loopinfo.lo_encrypt_key[16], 8); ++ memcpy(&loopinfo.lo_encrypt_key[16], &tempkey[0], 8); ++ iter--; ++ } ++ memset(&ctx, 0, sizeof(ctx)); ++ memset(&tempkey[0], 0, sizeof(tempkey)); ++ } ++ memset(pass, 0, i); /* erase original password */ ++ break; ++ default: ++ DBG(CXT, ul_debugobj(cxt, "don't know how to set up this type encryption")); ++ myErrno = ENOKEY; ++ goto loop_clr_fd_out; ++ } ++ ++ if(pi.loInitValue) { ++ /* cipher modules are free to do whatever they want with this value */ ++ i = 0; ++ sscanf(pi.loInitValue, "%d", &i); ++ loopinfo.lo_init[0] = i; ++ } ++ ++ /* type 18 == LO_CRYPT_CRYPTOAPI */ ++ if ((loopinfo.lo_encrypt_type == 18) || (loDev_set_status64_ioctl(loop_dev_fd, &loopinfo) < 0)) { ++ /* direct cipher interface failed - try CryptoAPI interface now */ ++ if(!apiName || (loDev_try_cryptoapi_interface(loop_dev_fd, &loopinfo, apiName) < 0)) { ++ DBG(CXT, ul_debugobj(cxt, "loop set-status ioctl failed")); ++ myErrno = ENOTSUP; ++ loop_clr_fd_out: ++ (void) ioctl(loop_dev_fd, LOOP_CLR_FD, 0); ++ rc = -MNT_ERR_LOOPDEV; ++ goto clean_up_out; ++ } ++ } ++ if(pi.multiKeyMode >= 65) { ++ if(ioctl(loop_dev_fd, LOOP_MULTI_KEY_SETUP_V3, &multiKeyBits[0][0]) < 0) { ++ if(pi.multiKeyMode == 1000) goto try_v2_setup; ++ DBG(CXT, ul_debugobj(cxt, "loop multi-key-v3 ioctl failed")); ++ myErrno = ENOTSUP; ++ goto loop_clr_fd_out; ++ } ++ } else if(pi.multiKeyMode == 64) { ++ try_v2_setup: ++ if((ioctl(loop_dev_fd, LOOP_MULTI_KEY_SETUP, &multiKeyBits[0][0]) < 0) && (pi.multiKeyMode != 1000)) { ++ DBG(CXT, ul_debugobj(cxt, "loop multi-key-v2 ioctl failed")); ++ myErrno = ENOTSUP; ++ goto loop_clr_fd_out; ++ } ++ } ++ ++ if(run_mkfs_command && cxt->fs && cxt->fs->fstype && cxt->fs->fstype[0] && (getuid() == 0)) { ++ if(!loDev_fork_mkfs_command(cxt, pi.loopDevName, cxt->fs->fstype)) { ++ /* !strncasecmp(pi.passHashFuncName, "random", 6) test matched */ ++ /* This reads octal mode for newly created file system root */ ++ /* directory node from '-o phash=random/1777' mount option. */ ++ /* octal mode--^^^^ */ ++ if(sscanf(pi.passHashFuncName + 6, "/%o", &chmodVal) == 1) { ++ /* bits 31...24 set to magic value, so that if something */ ++ /* interprets cxt->loopdev_fd as a file descriptor, it will fail */ ++ chmodVal &= 0x00FFFFFF; ++ chmodVal |= 0x77000000; ++ } ++ ++ } else { ++ myErrno = ENOMEM; ++ goto loop_clr_fd_out; ++ } ++ } ++ ++ rc = mnt_fs_set_source(cxt->fs, pi.loopDevName); ++ if(rc) { ++ myErrno = ENOMEM; ++ goto loop_clr_fd_out; ++ } ++ ++skip_setup_ok_out: ++ /* success */ ++ cxt->flags |= MNT_FL_LOOPDEV_READY; ++ if(chmodVal) { ++ cxt->loopdev_fd = (int)chmodVal; ++ } ++ ++clean_up_out: ++ if(loop_dev_fd != -1) close(loop_dev_fd); ++ if(backing_fi_fd != -1) close(backing_fi_fd); ++ ++ memset(loopinfo.lo_encrypt_key, 0, sizeof(loopinfo.lo_encrypt_key)); ++ memset(&multiKeyBits[0][0], 0, sizeof(multiKeyBits)); ++ ++ for(i = 0; i < 66; i++) { ++ if(pi.multiKeyPass[i]) free(pi.multiKeyPass[i]); ++ } ++ if(pi.loopDevName) free(pi.loopDevName); ++ if(pi.loopOffsetBytes) free(pi.loopOffsetBytes); ++ if(pi.loopSizeBytes) free(pi.loopSizeBytes); ++ if(pi.loopEncryptionType) free(pi.loopEncryptionType); ++ if(pi.passSeedString) free(pi.passSeedString); ++ if(pi.passHashFuncName) free(pi.passHashFuncName); ++ if(pi.passIterThousands) free(pi.passIterThousands); ++ if(pi.loInitValue) free(pi.loInitValue); ++ if(pi.gpgKeyFile) free(pi.gpgKeyFile); ++ if(pi.gpgHomeDir) free(pi.gpgHomeDir); ++ if(pi.clearTextKeyFile) free(pi.clearTextKeyFile); ++ ++ if(apiName) free(apiName); ++ if(pi.extraPtrToFree) free(pi.extraPtrToFree); ++ ++ if(pi.pass_cb_string && cxt->pwd_release_cb) { ++ DBG(CXT, ul_debugobj(cxt, "release pass")); ++ cxt->pwd_release_cb(cxt, pi.pass_cb_string); ++ } ++ if(myErrno) errno = myErrno; ++ return rc; ++} ++ ++/* ++ * Deletes loop device ++ */ ++int mnt_context_delete_loopdev(struct libmnt_context *cxt) ++{ ++ const char *src; ++ int rc = 0, fd; ++ ++ assert(cxt); ++ assert(cxt->fs); ++ ++ src = mnt_fs_get_srcpath(cxt->fs); ++ if (!src) ++ return -EINVAL; ++ ++ if(!loDev_is_loop_device(src)) ++ return -EINVAL; ++ ++ sync(); ++ if((fd = open(src, O_RDONLY)) < 0) { ++ DBG(CXT, ul_debugobj(cxt, "can't open loop device")); ++ rc = -ENODEV; ++ } else { ++ if(ioctl(fd, LOOP_CLR_FD, 0) < 0) { ++ DBG(CXT, ul_debugobj(cxt, "loop crl-fd ioctl failed")); ++ rc = -EINVAL; ++ } ++ close(fd); ++ } ++ cxt->flags &= ~MNT_FL_LOOPDEV_READY; ++ cxt->loopdev_fd = -1; ++ ++ DBG(CXT, ul_debugobj(cxt, "loopdev deleted [rc=%d]", rc)); ++ return rc; ++} ++ ++/* ++ * Clears loopdev stuff in context, should be called after ++ * failed or successful mount(2). ++ */ ++int mnt_context_clear_loopdev(struct libmnt_context *cxt) ++{ ++ unsigned int chmodVal; ++ ++ assert(cxt); ++ ++ if(mnt_context_get_status(cxt) == 0 && (cxt->flags & MNT_FL_LOOPDEV_READY)) { ++ /* mount(2) failed, delete loopdev */ ++ mnt_context_delete_loopdev(cxt); ++ } else if(cxt->loopdev_fd != -1) { ++ chmodVal = (unsigned int) cxt->loopdev_fd; ++ if((chmodVal & 0xFF000000) == 0x77000000) { /* check magic value */ ++ chmodVal &= 0x00FFFFFF; ++ if(cxt->fs && cxt->fs->target && cxt->fs->target[0]) { ++ /* ++ * If loop was set up using random keys and new file system ++ * was created on the loop device, initial permissions for ++ * file system root directory need to be set here. ++ */ ++ DBG(CXT, ul_debugobj(cxt, "doing chmod() on mountpoint")); ++ if(chmod(cxt->fs->target, chmodVal)) { ++ DBG(CXT, ul_debugobj(cxt, "chmod() on mountpoint failed")); ++ } ++ } ++ } ++ } ++ cxt->loopdev_fd = -1; ++ return 0; ++} +diff -urN util-linux-2.26.2/libmount/src/context_umount.c util-linux-2.26.2-AES/libmount/src/context_umount.c +--- util-linux-2.26.2/libmount/src/context_umount.c 2015-04-29 10:52:21.000000000 +0300 ++++ util-linux-2.26.2-AES/libmount/src/context_umount.c 2015-05-23 13:08:09.000000000 +0300 +@@ -299,11 +299,12 @@ + */ + static int is_associated_fs(const char *devname, struct libmnt_fs *fs) + { +- uintmax_t offset = 0; ++ int r; + const char *src; + char *val, *optstr; + size_t valsz; +- int flags = 0; ++ char *offsetStr = NULL, *sizelimitStr = NULL; ++ extern int __loDev_is_loop_active_same_back(char *, char *, char *, char *); + + /* check if it begins with /dev/loop */ + if (strncmp(devname, _PATH_DEV_LOOP, sizeof(_PATH_DEV_LOOP) - 1)) +@@ -315,16 +316,16 @@ + + /* check for the offset option in @fs */ + optstr = (char *) mnt_fs_get_user_options(fs); +- +- if (optstr && +- mnt_optstr_get_option(optstr, "offset", &val, &valsz) == 0) { +- flags |= LOOPDEV_FL_OFFSET; +- +- if (mnt_parse_offset(val, valsz, &offset) != 0) +- return 0; +- } +- +- return loopdev_is_used(devname, src, offset, flags); ++ if (optstr) { ++ if(mnt_optstr_get_option(optstr, "offset", &val, &valsz) == 0 && val && valsz) ++ offsetStr = strndup(val, valsz); ++ if(mnt_optstr_get_option(optstr, "sizelimit", &val, &valsz) == 0 && val && valsz) ++ sizelimitStr = strndup(val, valsz); ++ } ++ r = __loDev_is_loop_active_same_back((char *) devname, (char *) src, offsetStr, sizelimitStr); ++ if(offsetStr) free(offsetStr); ++ if(sizelimitStr) free(sizelimitStr); ++ return r; + } + + static int prepare_helper_from_options(struct libmnt_context *cxt, +@@ -783,7 +784,7 @@ + if (!rc && mnt_context_is_loopdel(cxt) && cxt->fs) { + const char *src = mnt_fs_get_srcpath(cxt->fs); + +- if (src && (!is_loopdev(src) || loopdev_is_autoclear(src))) ++ if (src && !is_loopdev(src)) + mnt_context_enable_loopdel(cxt, FALSE); + } + +diff -urN util-linux-2.26.2/libmount/src/optmap.c util-linux-2.26.2-AES/libmount/src/optmap.c +--- util-linux-2.26.2/libmount/src/optmap.c 2015-04-29 13:27:49.000000000 +0300 ++++ util-linux-2.26.2-AES/libmount/src/optmap.c 2015-05-23 13:08:09.000000000 +0300 +@@ -161,10 +161,19 @@ + { "comment=", MNT_MS_COMMENT, MNT_NOHLPS | MNT_NOMTAB },/* fstab comment only */ + { "x-", MNT_MS_XCOMMENT, MNT_NOHLPS | MNT_NOMTAB | MNT_PREFIX }, /* x- options */ + +- { "loop[=]", MNT_MS_LOOP, MNT_NOHLPS }, /* use the loop device */ ++ { "loop[=]", MNT_MS_LOOP, MNT_NOHLPS }, /* use the loop device (no MNT_NOMTAB flag) */ + { "offset=", MNT_MS_OFFSET, MNT_NOHLPS | MNT_NOMTAB }, /* loop device offset */ + { "sizelimit=", MNT_MS_SIZELIMIT, MNT_NOHLPS | MNT_NOMTAB }, /* loop device size limit */ +- { "encryption=", MNT_MS_ENCRYPTION, MNT_NOHLPS | MNT_NOMTAB }, /* loop device encryption */ ++/* IMPORTANT - make sure that bit numbers below do not conflict with other MNT_MS_* bit numbers in libmount.h.in */ ++ { "encryption=", (1 << 23), MNT_NOHLPS | MNT_NOMTAB }, /* loop device encryption */ ++ { "pseed=", (1 << 24), MNT_NOHLPS | MNT_NOMTAB }, /* loop device passphrase seed */ ++ { "phash=", (1 << 25), MNT_NOHLPS | MNT_NOMTAB }, /* loop device passphrase hash function */ ++ { "itercountk=", (1 << 26), MNT_NOHLPS | MNT_NOMTAB }, /* loop device passphrase iteration count */ ++ { "loinit=", (1 << 27), MNT_NOHLPS | MNT_NOMTAB }, /* loop device initialization code */ ++ { "gpgkey=", (1 << 28), MNT_NOHLPS | MNT_NOMTAB }, /* loop device GnuPG key file */ ++ { "gpghome=", (1 << 29), MNT_NOHLPS | MNT_NOMTAB }, /* loop device GnuPG home directory */ ++ { "cleartextkey=", (1 << 30), MNT_NOHLPS | MNT_NOMTAB }, /* loop device clear text key file */ ++/* end IMPORTANT */ + + { "nofail", MNT_MS_NOFAIL, MNT_NOMTAB }, /* Do not fail if ENOENT on dev */ + +diff -urN util-linux-2.26.2/libmount/src/rmd160.c util-linux-2.26.2-AES/libmount/src/rmd160.c +--- util-linux-2.26.2/libmount/src/rmd160.c 1970-01-01 02:00:00.000000000 +0200 ++++ util-linux-2.26.2-AES/libmount/src/rmd160.c 2015-05-23 13:08:09.000000000 +0300 +@@ -0,0 +1,532 @@ ++/* rmd160.c - RIPE-MD160 ++ * Copyright (C) 1998 Free Software Foundation, Inc. ++ */ ++ ++/* This file was part of GnuPG. Modified for use within the Linux ++ * mount utility by Marc Mutz <Marc@Mutz.com>. None of this code is ++ * by myself. I just removed everything that you don't need when all ++ * you want to do is to use rmd160_hash_buffer(). ++ * My comments are marked with (mm). */ ++ ++/* GnuPG is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 2 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuPG is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with this program; if not, write to the Free Software ++ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ ++ ++#include <string.h> /* (mm) for memcpy */ ++#include <endian.h> /* (mm) for BIG_ENDIAN and BYTE_ORDER */ ++#include "rmd160.h" ++ ++/* (mm) these are used by the original GnuPG file. In order to modify ++ * that file not too much, we keep the notations. maybe it would be ++ * better to include linux/types.h and typedef __u32 to u32 and __u8 ++ * to byte? */ ++typedef unsigned int u32; /* taken from e.g. util-linux's minix.h */ ++typedef unsigned char byte; ++ ++typedef struct { ++ u32 h0,h1,h2,h3,h4; ++ u32 nblocks; ++ byte buf[64]; ++ int count; ++} RMD160_CONTEXT; ++ ++/**************** ++ * Rotate a 32 bit integer by n bytes ++ */ ++#if defined(__GNUC__) && defined(__i386__) ++static inline u32 ++rol( u32 x, int n) ++{ ++ __asm__("roll %%cl,%0" ++ :"=r" (x) ++ :"0" (x),"c" (n)); ++ return x; ++} ++#else ++ #define rol(x,n) ( ((x) << (n)) | ((x) >> (32-(n))) ) ++#endif ++ ++/********************************* ++ * RIPEMD-160 is not patented, see (as of 25.10.97) ++ * http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html ++ * Note that the code uses Little Endian byteorder, which is good for ++ * 386 etc, but we must add some conversion when used on a big endian box. ++ * ++ * ++ * Pseudo-code for RIPEMD-160 ++ * ++ * RIPEMD-160 is an iterative hash function that operates on 32-bit words. ++ * The round function takes as input a 5-word chaining variable and a 16-word ++ * message block and maps this to a new chaining variable. All operations are ++ * defined on 32-bit words. Padding is identical to that of MD4. ++ * ++ * ++ * RIPEMD-160: definitions ++ * ++ * ++ * nonlinear functions at bit level: exor, mux, -, mux, - ++ * ++ * f(j, x, y, z) = x XOR y XOR z (0 <= j <= 15) ++ * f(j, x, y, z) = (x AND y) OR (NOT(x) AND z) (16 <= j <= 31) ++ * f(j, x, y, z) = (x OR NOT(y)) XOR z (32 <= j <= 47) ++ * f(j, x, y, z) = (x AND z) OR (y AND NOT(z)) (48 <= j <= 63) ++ * f(j, x, y, z) = x XOR (y OR NOT(z)) (64 <= j <= 79) ++ * ++ * ++ * added constants (hexadecimal) ++ * ++ * K(j) = 0x00000000 (0 <= j <= 15) ++ * K(j) = 0x5A827999 (16 <= j <= 31) int(2**30 x sqrt(2)) ++ * K(j) = 0x6ED9EBA1 (32 <= j <= 47) int(2**30 x sqrt(3)) ++ * K(j) = 0x8F1BBCDC (48 <= j <= 63) int(2**30 x sqrt(5)) ++ * K(j) = 0xA953FD4E (64 <= j <= 79) int(2**30 x sqrt(7)) ++ * K'(j) = 0x50A28BE6 (0 <= j <= 15) int(2**30 x cbrt(2)) ++ * K'(j) = 0x5C4DD124 (16 <= j <= 31) int(2**30 x cbrt(3)) ++ * K'(j) = 0x6D703EF3 (32 <= j <= 47) int(2**30 x cbrt(5)) ++ * K'(j) = 0x7A6D76E9 (48 <= j <= 63) int(2**30 x cbrt(7)) ++ * K'(j) = 0x00000000 (64 <= j <= 79) ++ * ++ * ++ * selection of message word ++ * ++ * r(j) = j (0 <= j <= 15) ++ * r(16..31) = 7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8 ++ * r(32..47) = 3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12 ++ * r(48..63) = 1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2 ++ * r(64..79) = 4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13 ++ * r0(0..15) = 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12 ++ * r0(16..31)= 6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2 ++ * r0(32..47)= 15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13 ++ * r0(48..63)= 8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14 ++ * r0(64..79)= 12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11 ++ * ++ * ++ * amount for rotate left (rol) ++ * ++ * s(0..15) = 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8 ++ * s(16..31) = 7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12 ++ * s(32..47) = 11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5 ++ * s(48..63) = 11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12 ++ * s(64..79) = 9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6 ++ * s'(0..15) = 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6 ++ * s'(16..31)= 9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11 ++ * s'(32..47)= 9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5 ++ * s'(48..63)= 15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8 ++ * s'(64..79)= 8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11 ++ * ++ * ++ * initial value (hexadecimal) ++ * ++ * h0 = 0x67452301; h1 = 0xEFCDAB89; h2 = 0x98BADCFE; h3 = 0x10325476; ++ * h4 = 0xC3D2E1F0; ++ * ++ * ++ * RIPEMD-160: pseudo-code ++ * ++ * It is assumed that the message after padding consists of t 16-word blocks ++ * that will be denoted with X[i][j], with 0 <= i <= t-1 and 0 <= j <= 15. ++ * The symbol [+] denotes addition modulo 2**32 and rol_s denotes cyclic left ++ * shift (rotate) over s positions. ++ * ++ * ++ * for i := 0 to t-1 { ++ * A := h0; B := h1; C := h2; D = h3; E = h4; ++ * A' := h0; B' := h1; C' := h2; D' = h3; E' = h4; ++ * for j := 0 to 79 { ++ * T := rol_s(j)(A [+] f(j, B, C, D) [+] X[i][r(j)] [+] K(j)) [+] E; ++ * A := E; E := D; D := rol_10(C); C := B; B := T; ++ * T := rol_s'(j)(A' [+] f(79-j, B', C', D') [+] X[i][r'(j)] ++ [+] K'(j)) [+] E'; ++ * A' := E'; E' := D'; D' := rol_10(C'); C' := B'; B' := T; ++ * } ++ * T := h1 [+] C [+] D'; h1 := h2 [+] D [+] E'; h2 := h3 [+] E [+] A'; ++ * h3 := h4 [+] A [+] B'; h4 := h0 [+] B [+] C'; h0 := T; ++ * } ++ */ ++ ++/* Some examples: ++ * "" 9c1185a5c5e9fc54612808977ee8f548b2258d31 ++ * "a" 0bdc9d2d256b3ee9daae347be6f4dc835a467ffe ++ * "abc" 8eb208f7e05d987a9b044a8e98c6b087f15a0bfc ++ * "message digest" 5d0689ef49d2fae572b881b123a85ffa21595f36 ++ * "a...z" f71c27109c692c1b56bbdceb5b9d2865b3708dbc ++ * "abcdbcde...nopq" 12a053384a9c0c88e405a06c27dcf49ada62eb2b ++ * "A...Za...z0...9" b0e20b6e3116640286ed3a87a5713079b21f5189 ++ * 8 times "1234567890" 9b752e45573d4b39f4dbd3323cab82bf63326bfb ++ * 1 million times "a" 52783243c1697bdbe16d37f97f68f08325dc1528 ++ */ ++ ++ ++static void ++rmd160_init( RMD160_CONTEXT *hd ) ++{ ++ hd->h0 = 0x67452301; ++ hd->h1 = 0xEFCDAB89; ++ hd->h2 = 0x98BADCFE; ++ hd->h3 = 0x10325476; ++ hd->h4 = 0xC3D2E1F0; ++ hd->nblocks = 0; ++ hd->count = 0; ++} ++ ++ ++ ++/**************** ++ * Transform the message X which consists of 16 32-bit-words ++ */ ++static void ++transform( RMD160_CONTEXT *hd, byte *data ) ++{ ++ u32 a,b,c,d,e,aa,bb,cc,dd,ee,t; ++ #if BYTE_ORDER == BIG_ENDIAN ++ u32 x[16]; ++ { int i; ++ byte *p2, *p1; ++ for(i=0, p1=data, p2=(byte*)x; i < 16; i++, p2 += 4 ) { ++ p2[3] = *p1++; ++ p2[2] = *p1++; ++ p2[1] = *p1++; ++ p2[0] = *p1++; ++ } ++ } ++ #else ++ #if 0 ++ u32 *x =(u32*)data; ++ #else ++ /* this version is better because it is always aligned; ++ * The performance penalty on a 586-100 is about 6% which ++ * is acceptable - because the data is more local it might ++ * also be possible that this is faster on some machines. ++ * This function (when compiled with -02 on gcc 2.7.2) ++ * executes on a 586-100 (39.73 bogomips) at about 1900kb/sec; ++ * [measured with a 4MB data and "gpgm --print-md rmd160"] */ ++ u32 x[16]; ++ memcpy( x, data, 64 ); ++ #endif ++ #endif ++ ++ ++#define K0 0x00000000 ++#define K1 0x5A827999 ++#define K2 0x6ED9EBA1 ++#define K3 0x8F1BBCDC ++#define K4 0xA953FD4E ++#define KK0 0x50A28BE6 ++#define KK1 0x5C4DD124 ++#define KK2 0x6D703EF3 ++#define KK3 0x7A6D76E9 ++#define KK4 0x00000000 ++#define F0(x,y,z) ( (x) ^ (y) ^ (z) ) ++#define F1(x,y,z) ( ((x) & (y)) | (~(x) & (z)) ) ++#define F2(x,y,z) ( ((x) | ~(y)) ^ (z) ) ++#define F3(x,y,z) ( ((x) & (z)) | ((y) & ~(z)) ) ++#define F4(x,y,z) ( (x) ^ ((y) | ~(z)) ) ++#define R(a,b,c,d,e,f,k,r,s) do { t = a + f(b,c,d) + k + x[r]; \ ++ a = rol(t,s) + e; \ ++ c = rol(c,10); \ ++ } while(0) ++ ++ /* left lane */ ++ a = hd->h0; ++ b = hd->h1; ++ c = hd->h2; ++ d = hd->h3; ++ e = hd->h4; ++ R( a, b, c, d, e, F0, K0, 0, 11 ); ++ R( e, a, b, c, d, F0, K0, 1, 14 ); ++ R( d, e, a, b, c, F0, K0, 2, 15 ); ++ R( c, d, e, a, b, F0, K0, 3, 12 ); ++ R( b, c, d, e, a, F0, K0, 4, 5 ); ++ R( a, b, c, d, e, F0, K0, 5, 8 ); ++ R( e, a, b, c, d, F0, K0, 6, 7 ); ++ R( d, e, a, b, c, F0, K0, 7, 9 ); ++ R( c, d, e, a, b, F0, K0, 8, 11 ); ++ R( b, c, d, e, a, F0, K0, 9, 13 ); ++ R( a, b, c, d, e, F0, K0, 10, 14 ); ++ R( e, a, b, c, d, F0, K0, 11, 15 ); ++ R( d, e, a, b, c, F0, K0, 12, 6 ); ++ R( c, d, e, a, b, F0, K0, 13, 7 ); ++ R( b, c, d, e, a, F0, K0, 14, 9 ); ++ R( a, b, c, d, e, F0, K0, 15, 8 ); ++ R( e, a, b, c, d, F1, K1, 7, 7 ); ++ R( d, e, a, b, c, F1, K1, 4, 6 ); ++ R( c, d, e, a, b, F1, K1, 13, 8 ); ++ R( b, c, d, e, a, F1, K1, 1, 13 ); ++ R( a, b, c, d, e, F1, K1, 10, 11 ); ++ R( e, a, b, c, d, F1, K1, 6, 9 ); ++ R( d, e, a, b, c, F1, K1, 15, 7 ); ++ R( c, d, e, a, b, F1, K1, 3, 15 ); ++ R( b, c, d, e, a, F1, K1, 12, 7 ); ++ R( a, b, c, d, e, F1, K1, 0, 12 ); ++ R( e, a, b, c, d, F1, K1, 9, 15 ); ++ R( d, e, a, b, c, F1, K1, 5, 9 ); ++ R( c, d, e, a, b, F1, K1, 2, 11 ); ++ R( b, c, d, e, a, F1, K1, 14, 7 ); ++ R( a, b, c, d, e, F1, K1, 11, 13 ); ++ R( e, a, b, c, d, F1, K1, 8, 12 ); ++ R( d, e, a, b, c, F2, K2, 3, 11 ); ++ R( c, d, e, a, b, F2, K2, 10, 13 ); ++ R( b, c, d, e, a, F2, K2, 14, 6 ); ++ R( a, b, c, d, e, F2, K2, 4, 7 ); ++ R( e, a, b, c, d, F2, K2, 9, 14 ); ++ R( d, e, a, b, c, F2, K2, 15, 9 ); ++ R( c, d, e, a, b, F2, K2, 8, 13 ); ++ R( b, c, d, e, a, F2, K2, 1, 15 ); ++ R( a, b, c, d, e, F2, K2, 2, 14 ); ++ R( e, a, b, c, d, F2, K2, 7, 8 ); ++ R( d, e, a, b, c, F2, K2, 0, 13 ); ++ R( c, d, e, a, b, F2, K2, 6, 6 ); ++ R( b, c, d, e, a, F2, K2, 13, 5 ); ++ R( a, b, c, d, e, F2, K2, 11, 12 ); ++ R( e, a, b, c, d, F2, K2, 5, 7 ); ++ R( d, e, a, b, c, F2, K2, 12, 5 ); ++ R( c, d, e, a, b, F3, K3, 1, 11 ); ++ R( b, c, d, e, a, F3, K3, 9, 12 ); ++ R( a, b, c, d, e, F3, K3, 11, 14 ); ++ R( e, a, b, c, d, F3, K3, 10, 15 ); ++ R( d, e, a, b, c, F3, K3, 0, 14 ); ++ R( c, d, e, a, b, F3, K3, 8, 15 ); ++ R( b, c, d, e, a, F3, K3, 12, 9 ); ++ R( a, b, c, d, e, F3, K3, 4, 8 ); ++ R( e, a, b, c, d, F3, K3, 13, 9 ); ++ R( d, e, a, b, c, F3, K3, 3, 14 ); ++ R( c, d, e, a, b, F3, K3, 7, 5 ); ++ R( b, c, d, e, a, F3, K3, 15, 6 ); ++ R( a, b, c, d, e, F3, K3, 14, 8 ); ++ R( e, a, b, c, d, F3, K3, 5, 6 ); ++ R( d, e, a, b, c, F3, K3, 6, 5 ); ++ R( c, d, e, a, b, F3, K3, 2, 12 ); ++ R( b, c, d, e, a, F4, K4, 4, 9 ); ++ R( a, b, c, d, e, F4, K4, 0, 15 ); ++ R( e, a, b, c, d, F4, K4, 5, 5 ); ++ R( d, e, a, b, c, F4, K4, 9, 11 ); ++ R( c, d, e, a, b, F4, K4, 7, 6 ); ++ R( b, c, d, e, a, F4, K4, 12, 8 ); ++ R( a, b, c, d, e, F4, K4, 2, 13 ); ++ R( e, a, b, c, d, F4, K4, 10, 12 ); ++ R( d, e, a, b, c, F4, K4, 14, 5 ); ++ R( c, d, e, a, b, F4, K4, 1, 12 ); ++ R( b, c, d, e, a, F4, K4, 3, 13 ); ++ R( a, b, c, d, e, F4, K4, 8, 14 ); ++ R( e, a, b, c, d, F4, K4, 11, 11 ); ++ R( d, e, a, b, c, F4, K4, 6, 8 ); ++ R( c, d, e, a, b, F4, K4, 15, 5 ); ++ R( b, c, d, e, a, F4, K4, 13, 6 ); ++ ++ aa = a; bb = b; cc = c; dd = d; ee = e; ++ ++ /* right lane */ ++ a = hd->h0; ++ b = hd->h1; ++ c = hd->h2; ++ d = hd->h3; ++ e = hd->h4; ++ R( a, b, c, d, e, F4, KK0, 5, 8); ++ R( e, a, b, c, d, F4, KK0, 14, 9); ++ R( d, e, a, b, c, F4, KK0, 7, 9); ++ R( c, d, e, a, b, F4, KK0, 0, 11); ++ R( b, c, d, e, a, F4, KK0, 9, 13); ++ R( a, b, c, d, e, F4, KK0, 2, 15); ++ R( e, a, b, c, d, F4, KK0, 11, 15); ++ R( d, e, a, b, c, F4, KK0, 4, 5); ++ R( c, d, e, a, b, F4, KK0, 13, 7); ++ R( b, c, d, e, a, F4, KK0, 6, 7); ++ R( a, b, c, d, e, F4, KK0, 15, 8); ++ R( e, a, b, c, d, F4, KK0, 8, 11); ++ R( d, e, a, b, c, F4, KK0, 1, 14); ++ R( c, d, e, a, b, F4, KK0, 10, 14); ++ R( b, c, d, e, a, F4, KK0, 3, 12); ++ R( a, b, c, d, e, F4, KK0, 12, 6); ++ R( e, a, b, c, d, F3, KK1, 6, 9); ++ R( d, e, a, b, c, F3, KK1, 11, 13); ++ R( c, d, e, a, b, F3, KK1, 3, 15); ++ R( b, c, d, e, a, F3, KK1, 7, 7); ++ R( a, b, c, d, e, F3, KK1, 0, 12); ++ R( e, a, b, c, d, F3, KK1, 13, 8); ++ R( d, e, a, b, c, F3, KK1, 5, 9); ++ R( c, d, e, a, b, F3, KK1, 10, 11); ++ R( b, c, d, e, a, F3, KK1, 14, 7); ++ R( a, b, c, d, e, F3, KK1, 15, 7); ++ R( e, a, b, c, d, F3, KK1, 8, 12); ++ R( d, e, a, b, c, F3, KK1, 12, 7); ++ R( c, d, e, a, b, F3, KK1, 4, 6); ++ R( b, c, d, e, a, F3, KK1, 9, 15); ++ R( a, b, c, d, e, F3, KK1, 1, 13); ++ R( e, a, b, c, d, F3, KK1, 2, 11); ++ R( d, e, a, b, c, F2, KK2, 15, 9); ++ R( c, d, e, a, b, F2, KK2, 5, 7); ++ R( b, c, d, e, a, F2, KK2, 1, 15); ++ R( a, b, c, d, e, F2, KK2, 3, 11); ++ R( e, a, b, c, d, F2, KK2, 7, 8); ++ R( d, e, a, b, c, F2, KK2, 14, 6); ++ R( c, d, e, a, b, F2, KK2, 6, 6); ++ R( b, c, d, e, a, F2, KK2, 9, 14); ++ R( a, b, c, d, e, F2, KK2, 11, 12); ++ R( e, a, b, c, d, F2, KK2, 8, 13); ++ R( d, e, a, b, c, F2, KK2, 12, 5); ++ R( c, d, e, a, b, F2, KK2, 2, 14); ++ R( b, c, d, e, a, F2, KK2, 10, 13); ++ R( a, b, c, d, e, F2, KK2, 0, 13); ++ R( e, a, b, c, d, F2, KK2, 4, 7); ++ R( d, e, a, b, c, F2, KK2, 13, 5); ++ R( c, d, e, a, b, F1, KK3, 8, 15); ++ R( b, c, d, e, a, F1, KK3, 6, 5); ++ R( a, b, c, d, e, F1, KK3, 4, 8); ++ R( e, a, b, c, d, F1, KK3, 1, 11); ++ R( d, e, a, b, c, F1, KK3, 3, 14); ++ R( c, d, e, a, b, F1, KK3, 11, 14); ++ R( b, c, d, e, a, F1, KK3, 15, 6); ++ R( a, b, c, d, e, F1, KK3, 0, 14); ++ R( e, a, b, c, d, F1, KK3, 5, 6); ++ R( d, e, a, b, c, F1, KK3, 12, 9); ++ R( c, d, e, a, b, F1, KK3, 2, 12); ++ R( b, c, d, e, a, F1, KK3, 13, 9); ++ R( a, b, c, d, e, F1, KK3, 9, 12); ++ R( e, a, b, c, d, F1, KK3, 7, 5); ++ R( d, e, a, b, c, F1, KK3, 10, 15); ++ R( c, d, e, a, b, F1, KK3, 14, 8); ++ R( b, c, d, e, a, F0, KK4, 12, 8); ++ R( a, b, c, d, e, F0, KK4, 15, 5); ++ R( e, a, b, c, d, F0, KK4, 10, 12); ++ R( d, e, a, b, c, F0, KK4, 4, 9); ++ R( c, d, e, a, b, F0, KK4, 1, 12); ++ R( b, c, d, e, a, F0, KK4, 5, 5); ++ R( a, b, c, d, e, F0, KK4, 8, 14); ++ R( e, a, b, c, d, F0, KK4, 7, 6); ++ R( d, e, a, b, c, F0, KK4, 6, 8); ++ R( c, d, e, a, b, F0, KK4, 2, 13); ++ R( b, c, d, e, a, F0, KK4, 13, 6); ++ R( a, b, c, d, e, F0, KK4, 14, 5); ++ R( e, a, b, c, d, F0, KK4, 0, 15); ++ R( d, e, a, b, c, F0, KK4, 3, 13); ++ R( c, d, e, a, b, F0, KK4, 9, 11); ++ R( b, c, d, e, a, F0, KK4, 11, 11); ++ ++ ++ t = hd->h1 + d + cc; ++ hd->h1 = hd->h2 + e + dd; ++ hd->h2 = hd->h3 + a + ee; ++ hd->h3 = hd->h4 + b + aa; ++ hd->h4 = hd->h0 + c + bb; ++ hd->h0 = t; ++} ++ ++ ++/* Update the message digest with the contents ++ * of INBUF with length INLEN. ++ */ ++static void ++rmd160_write( RMD160_CONTEXT *hd, byte *inbuf, size_t inlen) ++{ ++ if( hd->count == 64 ) { /* flush the buffer */ ++ transform( hd, hd->buf ); ++ hd->count = 0; ++ hd->nblocks++; ++ } ++ if( !inbuf ) ++ return; ++ if( hd->count ) { ++ for( ; inlen && hd->count < 64; inlen-- ) ++ hd->buf[hd->count++] = *inbuf++; ++ rmd160_write( hd, NULL, 0 ); ++ if( !inlen ) ++ return; ++ } ++ ++ while( inlen >= 64 ) { ++ transform( hd, inbuf ); ++ hd->count = 0; ++ hd->nblocks++; ++ inlen -= 64; ++ inbuf += 64; ++ } ++ for( ; inlen && hd->count < 64; inlen-- ) ++ hd->buf[hd->count++] = *inbuf++; ++} ++ ++/* The routine terminates the computation ++ */ ++ ++static void ++rmd160_final( RMD160_CONTEXT *hd ) ++{ ++ u32 t, msb, lsb; ++ byte *p; ++ ++ rmd160_write(hd, NULL, 0); /* flush */; ++ ++ msb = 0; ++ t = hd->nblocks; ++ if( (lsb = t << 6) < t ) /* multiply by 64 to make a byte count */ ++ msb++; ++ msb += t >> 26; ++ t = lsb; ++ if( (lsb = t + hd->count) < t ) /* add the count */ ++ msb++; ++ t = lsb; ++ if( (lsb = t << 3) < t ) /* multiply by 8 to make a bit count */ ++ msb++; ++ msb += t >> 29; ++ ++ if( hd->count < 56 ) { /* enough room */ ++ hd->buf[hd->count++] = 0x80; /* pad */ ++ while( hd->count < 56 ) ++ hd->buf[hd->count++] = 0; /* pad */ ++ } ++ else { /* need one extra block */ ++ hd->buf[hd->count++] = 0x80; /* pad character */ ++ while( hd->count < 64 ) ++ hd->buf[hd->count++] = 0; ++ rmd160_write(hd, NULL, 0); /* flush */; ++ memset(hd->buf, 0, 56 ); /* fill next block with zeroes */ ++ } ++ /* append the 64 bit count */ ++ hd->buf[56] = lsb ; ++ hd->buf[57] = lsb >> 8; ++ hd->buf[58] = lsb >> 16; ++ hd->buf[59] = lsb >> 24; ++ hd->buf[60] = msb ; ++ hd->buf[61] = msb >> 8; ++ hd->buf[62] = msb >> 16; ++ hd->buf[63] = msb >> 24; ++ transform( hd, hd->buf ); ++ ++ p = hd->buf; ++ #if BYTE_ORDER == BIG_ENDIAN ++ #define X(a) do { *p++ = hd->h##a ; *p++ = hd->h##a >> 8; \ ++ *p++ = hd->h##a >> 16; *p++ = hd->h##a >> 24; } while(0) ++ #else /* little endian */ ++ #define X(a) do { *(u32*)p = hd->h##a ; p += 4; } while(0) ++ #endif ++ X(0); ++ X(1); ++ X(2); ++ X(3); ++ X(4); ++ #undef X ++} ++ ++/**************** ++ * Shortcut functions which puts the hash value of the supplied buffer ++ * into outbuf which must have a size of 20 bytes. ++ */ ++void ++__loDev_rmd160_hash_buffer( char *outbuf, const char *buffer, size_t length ) ++{ ++ RMD160_CONTEXT hd; ++ ++ rmd160_init( &hd ); ++ rmd160_write( &hd, (byte*)buffer, length ); ++ rmd160_final( &hd ); ++ memcpy( outbuf, hd.buf, 20 ); ++} +diff -urN util-linux-2.26.2/libmount/src/rmd160.h util-linux-2.26.2-AES/libmount/src/rmd160.h +--- util-linux-2.26.2/libmount/src/rmd160.h 1970-01-01 02:00:00.000000000 +0200 ++++ util-linux-2.26.2-AES/libmount/src/rmd160.h 2015-05-23 13:08:09.000000000 +0300 +@@ -0,0 +1,9 @@ ++#ifndef RMD160_H ++#define RMD160_H ++ ++void ++__loDev_rmd160_hash_buffer( char *outbuf, const char *buffer, size_t length ); ++ ++#endif /*RMD160_H*/ ++ ++ +diff -urN util-linux-2.26.2/libmount/src/sha512.c util-linux-2.26.2-AES/libmount/src/sha512.c +--- util-linux-2.26.2/libmount/src/sha512.c 1970-01-01 02:00:00.000000000 +0200 ++++ util-linux-2.26.2-AES/libmount/src/sha512.c 2015-05-23 13:08:09.000000000 +0300 +@@ -0,0 +1,432 @@ ++/* ++ * sha512.c ++ * ++ * Written by Jari Ruusu, April 16 2001 ++ * ++ * Copyright 2001 by Jari Ruusu. ++ * Redistribution of this file is permitted under the GNU Public License. ++ */ ++ ++#include <string.h> ++#include <sys/types.h> ++#include "sha512.h" ++ ++/* Define one or more of these. If none is defined, you get all of them */ ++#if !defined(SHA256_NEEDED)&&!defined(SHA512_NEEDED)&&!defined(SHA384_NEEDED) ++# define SHA256_NEEDED 1 ++# define SHA512_NEEDED 1 ++# define SHA384_NEEDED 1 ++#endif ++ ++#if defined(SHA256_NEEDED) ++static const u_int32_t sha256_hashInit[8] = { ++ 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, ++ 0x1f83d9ab, 0x5be0cd19 ++}; ++static const u_int32_t sha256_K[64] = { ++ 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, ++ 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, ++ 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786, ++ 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, ++ 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, ++ 0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, ++ 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b, ++ 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, ++ 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, ++ 0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, ++ 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 ++}; ++#endif ++ ++#if defined(SHA512_NEEDED) ++static const u_int64_t sha512_hashInit[8] = { ++ 0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL, 0x3c6ef372fe94f82bULL, ++ 0xa54ff53a5f1d36f1ULL, 0x510e527fade682d1ULL, 0x9b05688c2b3e6c1fULL, ++ 0x1f83d9abfb41bd6bULL, 0x5be0cd19137e2179ULL ++}; ++#endif ++ ++#if defined(SHA384_NEEDED) ++static const u_int64_t sha384_hashInit[8] = { ++ 0xcbbb9d5dc1059ed8ULL, 0x629a292a367cd507ULL, 0x9159015a3070dd17ULL, ++ 0x152fecd8f70e5939ULL, 0x67332667ffc00b31ULL, 0x8eb44a8768581511ULL, ++ 0xdb0c2e0d64f98fa7ULL, 0x47b5481dbefa4fa4ULL ++}; ++#endif ++ ++#if defined(SHA512_NEEDED) || defined(SHA384_NEEDED) ++static const u_int64_t sha512_K[80] = { ++ 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL, ++ 0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL, ++ 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, 0xd807aa98a3030242ULL, ++ 0x12835b0145706fbeULL, 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL, ++ 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, 0x9bdc06a725c71235ULL, ++ 0xc19bf174cf692694ULL, 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL, ++ 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, 0x2de92c6f592b0275ULL, ++ 0x4a7484aa6ea6e483ULL, 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL, ++ 0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL, 0xb00327c898fb213fULL, ++ 0xbf597fc7beef0ee4ULL, 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL, ++ 0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, 0x27b70a8546d22ffcULL, ++ 0x2e1b21385c26c926ULL, 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL, ++ 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, 0x81c2c92e47edaee6ULL, ++ 0x92722c851482353bULL, 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL, ++ 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, 0xd192e819d6ef5218ULL, ++ 0xd69906245565a910ULL, 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL, ++ 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, 0x2748774cdf8eeb99ULL, ++ 0x34b0bcb5e19b48a8ULL, 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL, ++ 0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL, 0x748f82ee5defb2fcULL, ++ 0x78a5636f43172f60ULL, 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL, ++ 0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, 0xbef9a3f7b2c67915ULL, ++ 0xc67178f2e372532bULL, 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL, ++ 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, 0x06f067aa72176fbaULL, ++ 0x0a637dc5a2c898a6ULL, 0x113f9804bef90daeULL, 0x1b710b35131c471bULL, ++ 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, 0x3c9ebe0a15c9bebcULL, ++ 0x431d67c49c100d4cULL, 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, ++ 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL ++}; ++#endif ++ ++#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) ++#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) ++#define R(x,y) ((y) >> (x)) ++ ++#if defined(SHA256_NEEDED) ++void __loDev_sha256_init(sha256_context *ctx) ++{ ++ memcpy(&ctx->sha_H[0], &sha256_hashInit[0], sizeof(ctx->sha_H)); ++ ctx->sha_blocks = 0; ++ ctx->sha_bufCnt = 0; ++} ++ ++#define S(x,y) (((y) >> (x)) | ((y) << (32 - (x)))) ++#define uSig0(x) ((S(2,(x))) ^ (S(13,(x))) ^ (S(22,(x)))) ++#define uSig1(x) ((S(6,(x))) ^ (S(11,(x))) ^ (S(25,(x)))) ++#define lSig0(x) ((S(7,(x))) ^ (S(18,(x))) ^ (R(3,(x)))) ++#define lSig1(x) ((S(17,(x))) ^ (S(19,(x))) ^ (R(10,(x)))) ++ ++static void sha256_transform(sha256_context *ctx, unsigned char *datap) ++{ ++ register int j; ++ u_int32_t a, b, c, d, e, f, g, h; ++ u_int32_t T1, T2, W[64], Wm2, Wm15; ++ ++ /* read the data, big endian byte order */ ++ j = 0; ++ do { ++ W[j] = (((u_int32_t)(datap[0]))<<24) | (((u_int32_t)(datap[1]))<<16) | ++ (((u_int32_t)(datap[2]))<<8 ) | ((u_int32_t)(datap[3])); ++ datap += 4; ++ } while(++j < 16); ++ ++ /* initialize variables a...h */ ++ a = ctx->sha_H[0]; ++ b = ctx->sha_H[1]; ++ c = ctx->sha_H[2]; ++ d = ctx->sha_H[3]; ++ e = ctx->sha_H[4]; ++ f = ctx->sha_H[5]; ++ g = ctx->sha_H[6]; ++ h = ctx->sha_H[7]; ++ ++ /* apply compression function */ ++ j = 0; ++ do { ++ if(j >= 16) { ++ Wm2 = W[j - 2]; ++ Wm15 = W[j - 15]; ++ W[j] = lSig1(Wm2) + W[j - 7] + lSig0(Wm15) + W[j - 16]; ++ } ++ T1 = h + uSig1(e) + Ch(e,f,g) + sha256_K[j] + W[j]; ++ T2 = uSig0(a) + Maj(a,b,c); ++ h = g; g = f; f = e; ++ e = d + T1; ++ d = c; c = b; b = a; ++ a = T1 + T2; ++ } while(++j < 64); ++ ++ /* compute intermediate hash value */ ++ ctx->sha_H[0] += a; ++ ctx->sha_H[1] += b; ++ ctx->sha_H[2] += c; ++ ctx->sha_H[3] += d; ++ ctx->sha_H[4] += e; ++ ctx->sha_H[5] += f; ++ ctx->sha_H[6] += g; ++ ctx->sha_H[7] += h; ++ ++ ctx->sha_blocks++; ++} ++ ++void __loDev_sha256_write(sha256_context *ctx, unsigned char *datap, int length) ++{ ++ while(length > 0) { ++ if(!ctx->sha_bufCnt) { ++ while(length >= (int) sizeof(ctx->sha_out)) { ++ sha256_transform(ctx, datap); ++ datap += sizeof(ctx->sha_out); ++ length -= sizeof(ctx->sha_out); ++ } ++ if(!length) return; ++ } ++ ctx->sha_out[ctx->sha_bufCnt] = *datap++; ++ length--; ++ if(++ctx->sha_bufCnt == sizeof(ctx->sha_out)) { ++ sha256_transform(ctx, &ctx->sha_out[0]); ++ ctx->sha_bufCnt = 0; ++ } ++ } ++} ++ ++void __loDev_sha256_final(sha256_context *ctx) ++{ ++ register int j; ++ u_int64_t bitLength; ++ u_int32_t i; ++ unsigned char padByte, *datap; ++ ++ bitLength = (ctx->sha_blocks << 9) | (ctx->sha_bufCnt << 3); ++ padByte = 0x80; ++ __loDev_sha256_write(ctx, &padByte, 1); ++ ++ /* pad extra space with zeroes */ ++ padByte = 0; ++ while(ctx->sha_bufCnt != 56) { ++ __loDev_sha256_write(ctx, &padByte, 1); ++ } ++ ++ /* write bit length, big endian byte order */ ++ ctx->sha_out[56] = bitLength >> 56; ++ ctx->sha_out[57] = bitLength >> 48; ++ ctx->sha_out[58] = bitLength >> 40; ++ ctx->sha_out[59] = bitLength >> 32; ++ ctx->sha_out[60] = bitLength >> 24; ++ ctx->sha_out[61] = bitLength >> 16; ++ ctx->sha_out[62] = bitLength >> 8; ++ ctx->sha_out[63] = bitLength; ++ sha256_transform(ctx, &ctx->sha_out[0]); ++ ++ /* return results in ctx->sha_out[0...31] */ ++ datap = &ctx->sha_out[0]; ++ j = 0; ++ do { ++ i = ctx->sha_H[j]; ++ datap[0] = i >> 24; ++ datap[1] = i >> 16; ++ datap[2] = i >> 8; ++ datap[3] = i; ++ datap += 4; ++ } while(++j < 8); ++ ++ /* clear sensitive information */ ++ memset(&ctx->sha_out[32], 0, sizeof(sha256_context) - 32); ++} ++ ++void __loDev_sha256_hash_buffer(unsigned char *ib, int ile, unsigned char *ob, int ole) ++{ ++ sha256_context ctx; ++ ++ if(ole < 1) return; ++ memset(ob, 0, ole); ++ if(ole > 32) ole = 32; ++ __loDev_sha256_init(&ctx); ++ __loDev_sha256_write(&ctx, ib, ile); ++ __loDev_sha256_final(&ctx); ++ memcpy(ob, &ctx.sha_out[0], ole); ++ memset(&ctx, 0, sizeof(ctx)); ++} ++ ++#endif ++ ++#if defined(SHA512_NEEDED) ++void __loDev_sha512_init(sha512_context *ctx) ++{ ++ memcpy(&ctx->sha_H[0], &sha512_hashInit[0], sizeof(ctx->sha_H)); ++ ctx->sha_blocks = 0; ++ ctx->sha_blocksMSB = 0; ++ ctx->sha_bufCnt = 0; ++} ++#endif ++ ++#if defined(SHA512_NEEDED) || defined(SHA384_NEEDED) ++#undef S ++#undef uSig0 ++#undef uSig1 ++#undef lSig0 ++#undef lSig1 ++#define S(x,y) (((y) >> (x)) | ((y) << (64 - (x)))) ++#define uSig0(x) ((S(28,(x))) ^ (S(34,(x))) ^ (S(39,(x)))) ++#define uSig1(x) ((S(14,(x))) ^ (S(18,(x))) ^ (S(41,(x)))) ++#define lSig0(x) ((S(1,(x))) ^ (S(8,(x))) ^ (R(7,(x)))) ++#define lSig1(x) ((S(19,(x))) ^ (S(61,(x))) ^ (R(6,(x)))) ++ ++static void sha512_transform(sha512_context *ctx, unsigned char *datap) ++{ ++ register int j; ++ u_int64_t a, b, c, d, e, f, g, h; ++ u_int64_t T1, T2, W[80], Wm2, Wm15; ++ ++ /* read the data, big endian byte order */ ++ j = 0; ++ do { ++ W[j] = (((u_int64_t)(datap[0]))<<56) | (((u_int64_t)(datap[1]))<<48) | ++ (((u_int64_t)(datap[2]))<<40) | (((u_int64_t)(datap[3]))<<32) | ++ (((u_int64_t)(datap[4]))<<24) | (((u_int64_t)(datap[5]))<<16) | ++ (((u_int64_t)(datap[6]))<<8 ) | ((u_int64_t)(datap[7])); ++ datap += 8; ++ } while(++j < 16); ++ ++ /* initialize variables a...h */ ++ a = ctx->sha_H[0]; ++ b = ctx->sha_H[1]; ++ c = ctx->sha_H[2]; ++ d = ctx->sha_H[3]; ++ e = ctx->sha_H[4]; ++ f = ctx->sha_H[5]; ++ g = ctx->sha_H[6]; ++ h = ctx->sha_H[7]; ++ ++ /* apply compression function */ ++ j = 0; ++ do { ++ if(j >= 16) { ++ Wm2 = W[j - 2]; ++ Wm15 = W[j - 15]; ++ W[j] = lSig1(Wm2) + W[j - 7] + lSig0(Wm15) + W[j - 16]; ++ } ++ T1 = h + uSig1(e) + Ch(e,f,g) + sha512_K[j] + W[j]; ++ T2 = uSig0(a) + Maj(a,b,c); ++ h = g; g = f; f = e; ++ e = d + T1; ++ d = c; c = b; b = a; ++ a = T1 + T2; ++ } while(++j < 80); ++ ++ /* compute intermediate hash value */ ++ ctx->sha_H[0] += a; ++ ctx->sha_H[1] += b; ++ ctx->sha_H[2] += c; ++ ctx->sha_H[3] += d; ++ ctx->sha_H[4] += e; ++ ctx->sha_H[5] += f; ++ ctx->sha_H[6] += g; ++ ctx->sha_H[7] += h; ++ ++ ctx->sha_blocks++; ++ if(!ctx->sha_blocks) ctx->sha_blocksMSB++; ++} ++ ++void __loDev_sha512_write(sha512_context *ctx, unsigned char *datap, int length) ++{ ++ while(length > 0) { ++ if(!ctx->sha_bufCnt) { ++ while(length >= (int) sizeof(ctx->sha_out)) { ++ sha512_transform(ctx, datap); ++ datap += sizeof(ctx->sha_out); ++ length -= sizeof(ctx->sha_out); ++ } ++ if(!length) return; ++ } ++ ctx->sha_out[ctx->sha_bufCnt] = *datap++; ++ length--; ++ if(++ctx->sha_bufCnt == sizeof(ctx->sha_out)) { ++ sha512_transform(ctx, &ctx->sha_out[0]); ++ ctx->sha_bufCnt = 0; ++ } ++ } ++} ++ ++void __loDev_sha512_final(sha512_context *ctx) ++{ ++ register int j; ++ u_int64_t bitLength, bitLengthMSB; ++ u_int64_t i; ++ unsigned char padByte, *datap; ++ ++ bitLength = (ctx->sha_blocks << 10) | (ctx->sha_bufCnt << 3); ++ bitLengthMSB = (ctx->sha_blocksMSB << 10) | (ctx->sha_blocks >> 54); ++ padByte = 0x80; ++ __loDev_sha512_write(ctx, &padByte, 1); ++ ++ /* pad extra space with zeroes */ ++ padByte = 0; ++ while(ctx->sha_bufCnt != 112) { ++ __loDev_sha512_write(ctx, &padByte, 1); ++ } ++ ++ /* write bit length, big endian byte order */ ++ ctx->sha_out[112] = bitLengthMSB >> 56; ++ ctx->sha_out[113] = bitLengthMSB >> 48; ++ ctx->sha_out[114] = bitLengthMSB >> 40; ++ ctx->sha_out[115] = bitLengthMSB >> 32; ++ ctx->sha_out[116] = bitLengthMSB >> 24; ++ ctx->sha_out[117] = bitLengthMSB >> 16; ++ ctx->sha_out[118] = bitLengthMSB >> 8; ++ ctx->sha_out[119] = bitLengthMSB; ++ ctx->sha_out[120] = bitLength >> 56; ++ ctx->sha_out[121] = bitLength >> 48; ++ ctx->sha_out[122] = bitLength >> 40; ++ ctx->sha_out[123] = bitLength >> 32; ++ ctx->sha_out[124] = bitLength >> 24; ++ ctx->sha_out[125] = bitLength >> 16; ++ ctx->sha_out[126] = bitLength >> 8; ++ ctx->sha_out[127] = bitLength; ++ sha512_transform(ctx, &ctx->sha_out[0]); ++ ++ /* return results in ctx->sha_out[0...63] */ ++ datap = &ctx->sha_out[0]; ++ j = 0; ++ do { ++ i = ctx->sha_H[j]; ++ datap[0] = i >> 56; ++ datap[1] = i >> 48; ++ datap[2] = i >> 40; ++ datap[3] = i >> 32; ++ datap[4] = i >> 24; ++ datap[5] = i >> 16; ++ datap[6] = i >> 8; ++ datap[7] = i; ++ datap += 8; ++ } while(++j < 8); ++ ++ /* clear sensitive information */ ++ memset(&ctx->sha_out[64], 0, sizeof(sha512_context) - 64); ++} ++ ++void __loDev_sha512_hash_buffer(unsigned char *ib, int ile, unsigned char *ob, int ole) ++{ ++ sha512_context ctx; ++ ++ if(ole < 1) return; ++ memset(ob, 0, ole); ++ if(ole > 64) ole = 64; ++ __loDev_sha512_init(&ctx); ++ __loDev_sha512_write(&ctx, ib, ile); ++ __loDev_sha512_final(&ctx); ++ memcpy(ob, &ctx.sha_out[0], ole); ++ memset(&ctx, 0, sizeof(ctx)); ++} ++#endif ++ ++#if defined(SHA384_NEEDED) ++void __loDev_sha384_init(sha512_context *ctx) ++{ ++ memcpy(&ctx->sha_H[0], &sha384_hashInit[0], sizeof(ctx->sha_H)); ++ ctx->sha_blocks = 0; ++ ctx->sha_blocksMSB = 0; ++ ctx->sha_bufCnt = 0; ++} ++ ++void __loDev_sha384_hash_buffer(unsigned char *ib, int ile, unsigned char *ob, int ole) ++{ ++ sha512_context ctx; ++ ++ if(ole < 1) return; ++ memset(ob, 0, ole); ++ if(ole > 48) ole = 48; ++ __loDev_sha384_init(&ctx); ++ __loDev_sha512_write(&ctx, ib, ile); ++ __loDev_sha512_final(&ctx); ++ memcpy(ob, &ctx.sha_out[0], ole); ++ memset(&ctx, 0, sizeof(ctx)); ++} ++#endif +diff -urN util-linux-2.26.2/libmount/src/sha512.h util-linux-2.26.2-AES/libmount/src/sha512.h +--- util-linux-2.26.2/libmount/src/sha512.h 1970-01-01 02:00:00.000000000 +0200 ++++ util-linux-2.26.2-AES/libmount/src/sha512.h 2015-05-23 13:08:09.000000000 +0300 +@@ -0,0 +1,45 @@ ++/* ++ * sha512.h ++ * ++ * Written by Jari Ruusu, April 16 2001 ++ * ++ * Copyright 2001 by Jari Ruusu. ++ * Redistribution of this file is permitted under the GNU Public License. ++ */ ++ ++#include <sys/types.h> ++ ++typedef struct { ++ unsigned char sha_out[64]; /* results are here, bytes 0...31 */ ++ u_int32_t sha_H[8]; ++ u_int64_t sha_blocks; ++ int sha_bufCnt; ++} sha256_context; ++ ++typedef struct { ++ unsigned char sha_out[128]; /* results are here, bytes 0...63 */ ++ u_int64_t sha_H[8]; ++ u_int64_t sha_blocks; ++ u_int64_t sha_blocksMSB; ++ int sha_bufCnt; ++} sha512_context; ++ ++/* no sha384_context, use sha512_context */ ++ ++/* 256 bit hash, provides 128 bits of security against collision attacks */ ++extern void __loDev_sha256_init(sha256_context *); ++extern void __loDev_sha256_write(sha256_context *, unsigned char *, int); ++extern void __loDev_sha256_final(sha256_context *); ++extern void __loDev_sha256_hash_buffer(unsigned char *, int, unsigned char *, int); ++ ++/* 512 bit hash, provides 256 bits of security against collision attacks */ ++extern void __loDev_sha512_init(sha512_context *); ++extern void __loDev_sha512_write(sha512_context *, unsigned char *, int); ++extern void __loDev_sha512_final(sha512_context *); ++extern void __loDev_sha512_hash_buffer(unsigned char *, int, unsigned char *, int); ++ ++/* 384 bit hash, provides 192 bits of security against collision attacks */ ++extern void __loDev_sha384_init(sha512_context *); ++/* no sha384_write(), use sha512_write() */ ++/* no sha384_final(), use sha512_final(), result in ctx->sha_out[0...47] */ ++extern void __loDev_sha384_hash_buffer(unsigned char *, int, unsigned char *, int); +diff -urN util-linux-2.26.2/sys-utils/Makemodule.am util-linux-2.26.2-AES/sys-utils/Makemodule.am +--- util-linux-2.26.2/sys-utils/Makemodule.am 2015-04-29 13:11:51.000000000 +0300 ++++ util-linux-2.26.2-AES/sys-utils/Makemodule.am 2015-05-23 13:08:09.000000000 +0300 +@@ -176,7 +176,7 @@ + if BUILD_LOSETUP + sbin_PROGRAMS += losetup + dist_man_MANS += sys-utils/losetup.8 +-losetup_SOURCES = sys-utils/losetup.c ++losetup_SOURCES = sys-utils/losetup1.c sys-utils/loop.c libmount/src/sha512.c libmount/src/rmd160.c libmount/src/aes.c + losetup_LDADD = $(LDADD) libcommon.la libsmartcols.la + losetup_CFLAGS = $(AM_CFLAGS) -I$(ul_libsmartcols_incdir) + +@@ -262,6 +262,8 @@ + + swapon_SOURCES = \ + sys-utils/swapon.c \ ++ sys-utils/loop.c \ ++ libmount/src/sha512.c \ + sys-utils/swapon-common.c \ + sys-utils/swapon-common.h \ + lib/swapprober.c \ +@@ -278,6 +280,7 @@ + + swapoff_SOURCES = \ + sys-utils/swapoff.c \ ++ sys-utils/loop.c \ + sys-utils/swapon-common.c \ + sys-utils/swapon-common.h \ + lib/swapprober.c \ +diff -urN util-linux-2.26.2/sys-utils/loop.c util-linux-2.26.2-AES/sys-utils/loop.c +--- util-linux-2.26.2/sys-utils/loop.c 1970-01-01 02:00:00.000000000 +0200 ++++ util-linux-2.26.2-AES/sys-utils/loop.c 2015-05-23 13:08:09.000000000 +0300 +@@ -0,0 +1,221 @@ ++/* ++ * loop.c ++ * ++ * Copyright 2003 by Jari Ruusu. ++ * Redistribution of this file is permitted under the GNU GPL ++ */ ++ ++/* collection of loop helper functions used by losetup, mount and swapon */ ++ ++#include <stdio.h> ++#include <string.h> ++#include <ctype.h> ++#include <sys/ioctl.h> ++#include <sys/types.h> ++#include <errno.h> ++#include "loop.h" ++ ++static void convert_info_to_info64(struct loop_info *info, struct loop_info64 *info64) ++{ ++ memset(info64, 0, sizeof(*info64)); ++ info64->lo_number = info->lo_number; ++ info64->lo_device = info->lo_device; ++ info64->lo_inode = info->lo_inode; ++ info64->lo_rdevice = info->lo_rdevice; ++ info64->lo_offset = info->lo_offset; ++ info64->lo_encrypt_type = info->lo_encrypt_type; ++ info64->lo_encrypt_key_size = info->lo_encrypt_key_size; ++ info64->lo_flags = info->lo_flags; ++ info64->lo_init[0] = info->lo_init[0]; ++ info64->lo_init[1] = info->lo_init[1]; ++ info64->lo_sizelimit = 0; ++ if (info->lo_encrypt_type == 18) /* LO_CRYPT_CRYPTOAPI */ ++ memcpy(info64->lo_crypt_name, info->lo_name, sizeof(info64->lo_crypt_name)); ++ else ++ memcpy(info64->lo_file_name, info->lo_name, sizeof(info64->lo_file_name)); ++ memcpy(info64->lo_encrypt_key, info->lo_encrypt_key, sizeof(info64->lo_encrypt_key)); ++} ++ ++static int convert_info64_to_info(struct loop_info64 *info64, struct loop_info *info) ++{ ++ memset(info, 0, sizeof(*info)); ++ info->lo_number = info64->lo_number; ++ info->lo_device = info64->lo_device; ++ info->lo_inode = info64->lo_inode; ++ info->lo_rdevice = info64->lo_rdevice; ++ info->lo_offset = info64->lo_offset; ++ info->lo_encrypt_type = info64->lo_encrypt_type; ++ info->lo_encrypt_key_size = info64->lo_encrypt_key_size; ++ info->lo_flags = info64->lo_flags; ++ info->lo_init[0] = info64->lo_init[0]; ++ info->lo_init[1] = info64->lo_init[1]; ++ if (info->lo_encrypt_type == 18) /* LO_CRYPT_CRYPTOAPI */ ++ memcpy(info->lo_name, info64->lo_crypt_name, sizeof(info->lo_name)); ++ else ++ memcpy(info->lo_name, info64->lo_file_name, sizeof(info->lo_name)); ++ memcpy(info->lo_encrypt_key, info64->lo_encrypt_key, sizeof(info->lo_encrypt_key)); ++ ++ /* error in case values were truncated */ ++ if (info->lo_device != info64->lo_device || ++ info->lo_rdevice != info64->lo_rdevice || ++ info->lo_inode != info64->lo_inode || ++ (u_int64_t) info->lo_offset != info64->lo_offset || ++ info64->lo_sizelimit) { ++ errno = EOVERFLOW; ++ return -1; ++ } ++ return 0; ++} ++ ++int loop_set_status64_ioctl(int fd, struct loop_info64 *info64) ++{ ++ struct loop_info info; ++ struct loop_info64 tmp; ++ int r; ++ ++ /* ++ * This ugly work around is needed because some ++ * Red Hat kernels are using same ioctl code: ++ * #define LOOP_CHANGE_FD 0x4C04 ++ * vs. ++ * #define LOOP_SET_STATUS64 0x4C04 ++ * that is used by modern loop driver. ++ * ++ * Attempt to detect presense of LOOP_GET_STATUS64 ++ * ioctl before issuing LOOP_SET_STATUS64 ioctl. ++ * Red Hat kernels with above LOOP_CHANGE_FD damage ++ * should return -1 and set errno to EINVAL. ++ */ ++ r = ioctl(fd, LOOP_GET_STATUS64, &tmp); ++ memset(&tmp, 0, sizeof(tmp)); ++ if ((r == 0) || (errno != EINVAL)) { ++ r = ioctl(fd, LOOP_SET_STATUS64, info64); ++ if (!r) ++ return 0; ++ } ++ r = convert_info64_to_info(info64, &info); ++ if (!r) ++ r = ioctl(fd, LOOP_SET_STATUS, &info); ++ ++ /* don't leave copies of encryption key on stack */ ++ memset(&info, 0, sizeof(info)); ++ return r; ++} ++ ++int loop_get_status64_ioctl(int fd, struct loop_info64 *info64) ++{ ++ struct loop_info info; ++ int r; ++ ++ memset(info64, 0, sizeof(*info64)); ++ r = ioctl(fd, LOOP_GET_STATUS64, info64); ++ if (!r) ++ return 0; ++ r = ioctl(fd, LOOP_GET_STATUS, &info); ++ if (!r) ++ convert_info_to_info64(&info, info64); ++ ++ /* don't leave copies of encryption key on stack */ ++ memset(&info, 0, sizeof(info)); ++ return r; ++} ++ ++/* returns: 1=unused 0=busy */ ++int is_unused_loop_device(int fd) ++{ ++ struct loop_info64 info64; ++ struct loop_info info; ++ int r; ++ ++ r = ioctl(fd, LOOP_GET_STATUS64, &info64); ++ memset(&info64, 0, sizeof(info64)); ++ if (!r) ++ return 0; ++ if (errno == ENXIO) ++ return 1; ++ ++ r = ioctl(fd, LOOP_GET_STATUS, &info); ++ memset(&info, 0, sizeof(info)); ++ if (!r) ++ return 0; ++ if (errno == ENXIO) ++ return 1; ++ if (errno == EOVERFLOW) ++ return 0; ++ return 1; ++} ++ ++struct loop_crypt_type_struct loop_crypt_type_tbl[] = { ++ { 0, 0, 0, "no" }, ++ { 0, 0, 0, "none" }, ++ { 1, 0, 0, "xor" }, ++ { 3, 1, 16, "twofish" }, ++ { 4, 1, 16, "blowfish" }, ++ { 7, 1, 16, "serpent" }, ++ { 8, 1, 16, "mars" }, ++ { 11, 3, 16, "rc6" }, ++ { 12, 0, 21, "tripleDES" }, ++ { 12, 0, 24, "3des" }, ++ { 12, 0, 24, "des3_ede" }, ++ { 16, 1, 16, "AES" }, ++ { -1, 0, 0, NULL } ++}; ++ ++static char *getApiName(char *e, int *len) ++{ ++ int x, y, z = 1, q = -1; ++ unsigned char *s; ++ ++ *len = y = 0; ++ s = (unsigned char *)strdup(e); ++ if(!s) ++ return ""; ++ x = strlen((char *)s); ++ while(x > 0) { ++ x--; ++ if(!isdigit(s[x])) ++ break; ++ y += (s[x] - '0') * z; ++ z *= 10; ++ q = x; ++ } ++ while(x >= 0) { ++ s[x] = tolower(s[x]); ++ if(s[x] == '-') ++ s[x] = 0; ++ x--; ++ } ++ if(y >= 40) { ++ if(q >= 0) ++ s[q] = 0; ++ *len = y; ++ } ++ return((char *)s); ++} ++ ++int loop_crypt_type(const char *name, u_int32_t *kbyp, char **apiName) ++{ ++ int i, k; ++ ++ *apiName = getApiName((char *)name, &k); ++ if(k < 0) ++ k = 0; ++ if(k > 256) ++ k = 256; ++ for (i = 0; loop_crypt_type_tbl[i].id != -1; i++) { ++ if (!strcasecmp (*apiName , loop_crypt_type_tbl[i].name)) { ++ *kbyp = k ? k >> 3 : loop_crypt_type_tbl[i].keyBytes; ++ return loop_crypt_type_tbl[i].id; ++ } ++ } ++ *kbyp = 16; /* 128 bits */ ++ return 18; /* LO_CRYPT_CRYPTOAPI */ ++} ++ ++int try_cryptoapi_loop_interface(int fd, struct loop_info64 *loopinfo, char *apiName) ++{ ++ snprintf((char *)loopinfo->lo_crypt_name, sizeof(loopinfo->lo_crypt_name), "%s-cbc", apiName); ++ loopinfo->lo_crypt_name[LO_NAME_SIZE - 1] = 0; ++ loopinfo->lo_encrypt_type = 18; /* LO_CRYPT_CRYPTOAPI */ ++ return(loop_set_status64_ioctl(fd, loopinfo)); ++} +diff -urN util-linux-2.26.2/sys-utils/loop.h util-linux-2.26.2-AES/sys-utils/loop.h +--- util-linux-2.26.2/sys-utils/loop.h 1970-01-01 02:00:00.000000000 +0200 ++++ util-linux-2.26.2-AES/sys-utils/loop.h 2015-05-23 13:08:09.000000000 +0300 +@@ -0,0 +1,87 @@ ++/* ++ * loop.h ++ * ++ * Copyright 2003 by Jari Ruusu. ++ * Redistribution of this file is permitted under the GNU GPL ++ */ ++ ++#ifndef _LOOP_H ++#define _LOOP_H 1 ++ ++#include <sys/types.h> ++#include <linux/version.h> ++#include <linux/posix_types.h> ++ ++#define LO_CRYPT_NONE 0 ++#define LO_CRYPT_XOR 1 ++#define LO_CRYPT_DES 2 ++#define LO_CRYPT_CRYPTOAPI 18 ++ ++#define LOOP_SET_FD 0x4C00 ++#define LOOP_CLR_FD 0x4C01 ++#define LOOP_SET_STATUS 0x4C02 ++#define LOOP_GET_STATUS 0x4C03 ++#define LOOP_SET_STATUS64 0x4C04 ++#define LOOP_GET_STATUS64 0x4C05 ++#define LOOP_MULTI_KEY_SETUP 0x4C4D ++#define LOOP_MULTI_KEY_SETUP_V3 0x4C4E ++#define LOOP_RECOMPUTE_DEV_SIZE 0x4C52 ++ ++#define LO_NAME_SIZE 64 ++#define LO_KEY_SIZE 32 ++ ++struct loop_info { ++ int lo_number; ++#if LINUX_VERSION_CODE >= 0x20600 ++ __kernel_old_dev_t lo_device; ++#else ++ __kernel_dev_t lo_device; ++#endif ++ unsigned long lo_inode; ++#if LINUX_VERSION_CODE >= 0x20600 ++ __kernel_old_dev_t lo_rdevice; ++#else ++ __kernel_dev_t lo_rdevice; ++#endif ++ int lo_offset; ++ int lo_encrypt_type; ++ int lo_encrypt_key_size; ++ int lo_flags; ++ char lo_name[LO_NAME_SIZE]; ++ unsigned char lo_encrypt_key[LO_KEY_SIZE]; ++ unsigned long lo_init[2]; ++ char reserved[4]; ++}; ++ ++struct loop_info64 { ++ u_int64_t lo_device; /* ioctl r/o */ ++ u_int64_t lo_inode; /* ioctl r/o */ ++ u_int64_t lo_rdevice; /* ioctl r/o */ ++ u_int64_t lo_offset; /* bytes */ ++ u_int64_t lo_sizelimit; /* bytes, 0 == max available */ ++ u_int32_t lo_number; /* ioctl r/o */ ++ u_int32_t lo_encrypt_type; ++ u_int32_t lo_encrypt_key_size; /* ioctl w/o */ ++ u_int32_t lo_flags; /* ioctl r/o */ ++ unsigned char lo_file_name[LO_NAME_SIZE]; ++ unsigned char lo_crypt_name[LO_NAME_SIZE]; ++ unsigned char lo_encrypt_key[LO_KEY_SIZE]; /* ioctl w/o */ ++ u_int64_t lo_init[2]; ++}; ++ ++extern int loop_set_status64_ioctl(int, struct loop_info64 *); ++extern int loop_get_status64_ioctl(int, struct loop_info64 *); ++extern int is_unused_loop_device(int); ++ ++struct loop_crypt_type_struct { ++ short int id; ++ unsigned char flags; /* bit0 = show keybits, bit1 = add '-' before keybits */ ++ unsigned char keyBytes; ++ char *name; ++}; ++ ++extern struct loop_crypt_type_struct loop_crypt_type_tbl[]; ++extern int loop_crypt_type(const char *, u_int32_t *, char **); ++extern int try_cryptoapi_loop_interface(int, struct loop_info64 *, char *); ++ ++#endif +diff -urN util-linux-2.26.2/sys-utils/losetup.8 util-linux-2.26.2-AES/sys-utils/losetup.8 +--- util-linux-2.26.2/sys-utils/losetup.8 2015-04-29 10:52:22.000000000 +0300 ++++ util-linux-2.26.2-AES/sys-utils/losetup.8 2015-05-23 13:08:09.000000000 +0300 +@@ -1,184 +1,200 @@ +-.TH LOSETUP 8 "July 2014" "util-linux" "System Administration" ++.TH LOSETUP 8 "2012-09-24" "Linux" "MAINTENANCE COMMANDS" + .SH NAME + losetup \- set up and control loop devices + .SH SYNOPSIS + .ad l +-Get info: +-.sp +-.in +5 +-.B losetup +-.I loopdev +-.sp +-.B losetup -l +-.RB [ \-a ] +-.sp +-.B losetup -j +-.I file +-.RB [ \-o +-.IR offset ] +-.sp +-.in -5 +-Detach a loop device: +-.sp +-.in +5 +-.B "losetup \-d" +-.IR loopdev ... +-.sp +-.in -5 +-Detach all associated loop devices: +-.sp +-.in +5 +-.B "losetup \-D" +-.sp +-.in -5 +-Print the name of the first unused loop device: +-.sp +-.in +5 +-.B "losetup \-f" +-.sp +-.in -5 +-Set up a loop device: +-.sp +-.in +5 +-.B losetup +-.RB [ \-o +-.IR offset ] +-.RB [ \-\-sizelimit +-.IR size ] +-.in +8 +-.RB [ \-Pr ] +-.RB [ \-\-show ] " \-f" | \fIloopdev\fP +-.I file +-.sp +-.in -13 +-Resize a loop device: +-.sp +-.in +5 +-.B "losetup \-c" +-.I loopdev +-.in -5 ++.B losetup ++[options] ++.I loop_device ++file ++.br ++.B losetup -F ++[options] ++.I loop_device ++[file] ++.br ++.B losetup ++[ ++.B \-d ++] ++.I loop_device ++.br ++.B losetup -a ++.br ++.B losetup -f ++.br ++.B losetup ++.B \-R ++.I loop_device + .ad b + .SH DESCRIPTION + .B losetup + is used to associate loop devices with regular files or block devices, +-to detach loop devices, and to query the status of a loop device. If only the +-\fIloopdev\fP argument is given, the status of the corresponding loop +-device is shown. If no option is given, all loop devices are shown. +-.sp +-Note that the old output format (i.e. \fBlosetup -a\fR) with comma-delimited +-strings is deprecated in favour of the \fB--list\fR output format. +- ++to detach loop devices and to query the status of a loop device. If only the ++\fIloop_device\fP argument is given, the status of the corresponding loop ++device is shown. + .SH OPTIONS +-The \fIsize\fR and \fIoffset\fR +-arguments may be followed by the multiplicative suffixes KiB (=1024), +-MiB (=1024*1024), and so on for GiB, TiB, PiB, EiB, ZiB and YiB (the "iB" is +-optional, e.g., "K" has the same meaning as "KiB") or the suffixes +-KB (=1000), MB (=1000*1000), and so on for GB, TB, PB, EB, ZB and YB. +- +-.TP +-.BR \-a , " \-\-all" +-Show the status of all loop devices. Note that not all information is accessible +-for non-root users. See also \fB\-\-list\fR. The old output format (as printed +-without \fB--list)\fR is deprecated. +-.TP +-.BR \-c , " \-\-set\-capacity " \fIloopdev +-Force the loop driver to reread the size of the file associated with the +-specified loop device. +-.TP +-.BR \-d , " \-\-detach " \fIloopdev\fR... +-Detach the file or device associated with the specified loop device(s). +-.TP +-.BR \-D , " \-\-detach\-all" +-Detach all associated loop devices. +-.TP +-.BR \-f , " \-\-find" +-Find the first unused loop device. If a +-.I file +-argument is present, use the found device as loop device. +-Otherwise, just print its name. +-.IP "\fB\-j, \-\-associated \fIfile\fP" +-Show the status of all loop devices associated with the given +-.IR file . +-.TP +-.BR \-l , " \-\-list" +-If a loop device or the \fB-a\fR option is specified, print the default columns +-for either the specified loop device or all loop devices; the default is to +-print info about all devices. See also \fB\-\-output\fP, \fB\-\-noheadings\fP +-and \fB\-\-raw\fP. +-.TP +-.BR \-n , " \-\-noheadings" +-Don't print headings for \fB\-\-list\fP output format. +-.TP +-.BR \-o , " \-\-offset " \fIoffset +-The data start is moved \fIoffset\fP bytes into the specified file or device. +-.TP +-.BR \-O , " \-\-output " \fIcolumns +-Specify the columns that are to be printed for the \fB\-\-list\fP output. +-.TP +-.BR \-P , " \-\-partscan" +-Force the kernel to scan the partition table on a newly created loop device. +-.IP "\fB\-\-raw\fP" +-Use the raw \fB\-\-list\fP output format. +-.TP +-.BR \-r , " \-\-read\-only" +-Set up a read-only loop device. +-.IP "\fB\-\-sizelimit \fIsize\fP" +-The data end is set to no more than \fIsize\fP bytes after the data start. +-.IP "\fB\-\-show\fP" +-Display the name of the assigned loop device if the +-.B \-f +-option and a +-.I file +-argument are present. +-.TP +-.BR \-v , " \-\-verbose" ++.IP \fB\-a\fP ++Show status of all loop devices. ++.IP "\fB\-C \fIitercountk\fP" ++Runs hashed passphrase through \fIitercountk\fP thousand iterations of AES-256 ++before using it for loop encryption. This consumes lots of CPU cycles at ++loop setup/mount time but not thereafter. In combination with passphrase seed ++this slows down dictionary attacks. Iteration is not done in multi-key mode. ++.IP "\fB\-d\fP" ++Detach the file or device associated with the specified loop device. ++.IP "\fB\-e \fIencryption\fP" ++.RS ++Enable data encryption. Following encryption types are recognized: ++.IP \fBNONE\fP ++Use no encryption (default). ++.PD 0 ++.IP \fBXOR\fP ++Use a simple XOR encryption. ++.IP "\fBAES128 AES\fP" ++Use 128 bit AES encryption. Passphrase is hashed with SHA-256 by default. ++.IP \fBAES192\fP ++Use 192 bit AES encryption. Passphrase is hashed with SHA-384 by default. ++.IP \fBAES256\fP ++Use 256 bit AES encryption. Passphrase is hashed with SHA-512 by default. ++ ++.IP "\fBtwofish128 twofish160 twofish192 twofish256\fP" ++.IP "\fBblowfish128 blowfish160 blowfish192 blowfish256\fP" ++.IP "\fBserpent128 serpent192 serpent256 mars128 mars192\fP" ++.IP "\fBmars256 rc6-128 rc6-192 rc6-256 tripleDES\fP" ++These encryption types are available if they are enabled in kernel ++configuration or corresponding modules have been loaded to kernel. ++.PD ++.RE ++.IP "\fB\-f\fP" ++Find and show next unused loop device. ++.IP "\fB\-F\fP" ++Reads and uses mount options from /etc/fstab that match specified loop ++device, including offset= sizelimit= encryption= pseed= phash= loinit= ++gpgkey= gpghome= cleartextkey= itercountk= and looped to device/file name. ++loop= option in /etc/fstab must match specified loop device name. Command ++line options take precedence in case of conflict. ++.IP "\fB\-G \fIgpghome\fP" ++Set gpg home directory to \fIgpghome\fP, so that gpg uses public/private ++keys on \fIgpghome\fP directory. This is only used when gpgkey file needs to ++be decrypted using public/private keys. If gpgkey file is encrypted with ++symmetric cipher only, public/private keys are not required and this option ++has no effect. ++.IP "\fB\-H \fIphash\fP" ++Uses \fIphash\fP function to hash passphrase. Available hash functions are ++sha256, sha384, sha512 and rmd160. unhashed1 and unhashed2 ++functions also exist for compatibility with some obsolete implementations. ++ ++Hash function random does not ask for passphrase but sets up random keys and ++attempts to put loop to multi-key mode. When random/1777 hash type is used ++as mount option for mount program, mount program will create new file system ++on the loop device and construct initial permissions of file system root ++directory from octal digits that follow the slash character. ++ ++WARNING! DO NOT USE RANDOM HASH TYPE ON PARTITION WITH EXISTING IMPORTANT ++DATA ON IT. RANDOM HASH TYPE WILL DESTROY YOUR DATA. ++.IP "\fB\-I \fIloinit\fP" ++Passes a numeric value of \fIloinit\fP as a parameter to cipher transfer ++function. Cipher transfer functions are free to interpret value as they ++want. ++.IP "\fB\-K \fIgpgkey\fP" ++Passphrase is piped to gpg so that gpg can decrypt file \fIgpgkey\fP which ++contains the real keys that are used to encrypt loop device. If decryption ++requires public/private keys and gpghome is not specified, all users use ++their own gpg public/private keys to decrypt \fIgpgkey\fP. Decrypted ++\fIgpgkey\fP should contain 1 or 64 or 65 keys, each key at least 20 ++characters and separated by newline. If decrypted \fIgpgkey\fP contains 64 ++or 65 keys, then loop device is put to multi-key mode. In multi-key mode ++first key is used for first sector, second key for second sector, and so on. ++65th key, if present, is used as additional input to MD5 IV computation. ++.IP "\fB\-o \fIoffset\fP" ++The data start is moved \fIoffset\fP bytes into the specified file or ++device. Normally offset is included in IV (initialization vector) ++computations. If offset is prefixed with @ character, then offset is not ++included in IV computations. @ prefix functionality may not be supported on ++some older kernels and/or loop drivers. ++.IP "\fB\-p \fIpasswdfd\fP" ++Read the passphrase from file descriptor \fIpasswdfd\fP instead of the ++terminal. If -K option is not being used (no gpg key file), then losetup ++attempts to read 65 keys from \fIpasswdfd\fP, each key at least 20 ++characters and separated by newline. If losetup successfully reads 64 or 65 ++keys, then loop device is put to multi-key mode. If losetup encounters ++end-of-file before 64 keys are read, then only first key is used in ++single-key mode. ++ ++echo SecretPassphraseHere | losetup -p0 -K foo.gpg -e AES128 ... ++ ++In above example, losetup reads passphrase from file descriptor 0 (stdin). ++.IP "\fB\-P \fIcleartextkey\fP" ++Read the passphrase from file \fIcleartextkey\fP instead of the ++terminal. If -K option is not being used (no gpg key file), then losetup ++attempts to read 65 keys from \fIcleartextkey\fP, each key at least 20 ++characters and separated by newline. If losetup successfully reads 64 or 65 ++keys, then loop device is put to multi-key mode. If losetup encounters ++end-of-file before 64 keys are read, then only first key is used in ++single-key mode. If both -p and -P options are used, then -p option takes ++precedence. These are equivalent: ++ ++losetup -p3 -K foo.gpg -e AES128 ... 3<someFileName ++ ++losetup -P someFileName -K foo.gpg -e AES128 ... ++ ++In first line of above example, in addition to normal open file descriptors ++(0==stdin 1==stdout 2==stderr), shell opens the file and passes open file ++descriptor to started losetup program. In second line of above example, ++losetup opens the file itself. ++.IP "\fB\-r\fP" ++Read-only mode. ++.IP "\fB\-R\fP" ++Resize existing, already set up loop device, to new changed underlying ++device size. This option is for changing mounted live file system size on ++LVM volume. This functionality may not be supported on some older kernels ++and/or loop drivers. ++.IP "\fB\-s \fIsizelimit\fP" ++Size of loop device is limited to \fIsizelimit\fP bytes. If unspecified or ++set to zero, loop device size is set to maximum available (file size minus ++offset). This option may not be supported on some older kernels and/or loop ++drivers. ++.IP "\fB\-S \fIpseed\fP" ++Sets encryption passphrase seed \fIpseed\fP which is appended to user supplied ++passphrase before hashing. Using different seeds for different partitions ++makes dictionary attacks slower but does not prevent them if user supplied ++passphrase is guessable. Seed is not used in multi-key mode. ++.IP "\fB\-T\fP" ++Asks passphrase twice. ++.IP "\fB\-v\fP" + Verbose mode. +-.TP +-.BR \-V , " \-\-version" +-Display version information and exit. +-.TP +-.BR \-h , " \-\-help" +-Display help text and exit. +- +-.SH ENCRYPTION +-.B Cryptoloop is no longer supported in favor of dm-crypt. +-.B For more details see cryptsetup (8). +- + .SH RETURN VALUE + .B losetup +-returns 0 on success, nonzero on failure. When ++returns 0 on success, nonzero on failure. When + .B losetup + displays the status of a loop device, it returns 1 if the device + is not configured and 2 if an error occurred which prevented +-determining the status of the device. ++.B losetup ++from determining the status of the device. + + .SH FILES +-.TP +-.I /dev/loop[0..N] +-loop block devices +-.TP +-.I /dev/loop-control +-loop control device +- ++.nf ++/dev/loop0,/dev/loop1,... loop devices (major=7) ++.fi + .SH EXAMPLE + The following commands can be used as an example of using the loop device. + .nf +-.IP +-# dd if=/dev/zero of=~/file.img bs=1MiB count=10 +-# losetup --find --show ~/file.img +-/dev/loop0 +-# mkfs -t ext2 /dev/loop0 +-# mount /dev/loop0 /mnt ++ ++dd if=/dev/zero of=/file bs=1k count=500 ++head -c 3705 /dev/random | uuencode -m - | head -n 66 \\ ++ | tail -n 65 | gpg --symmetric -a >/etc/fskey9.gpg ++losetup -e AES128 -K /etc/fskey9.gpg /dev/loop0 /file ++mkfs -t ext2 /dev/loop0 ++mount -t ext2 /dev/loop0 /mnt + ... +-# umount /dev/loop0 +-# losetup --detach /dev/loop0 ++umount /dev/loop0 ++losetup -d /dev/loop0 + .fi +-.SH ENVIRONMENT +-.IP LOOPDEV_DEBUG=all +-enables debug output. ++.SH RESTRICTION ++XOR encryption is terribly weak. + .SH AUTHORS +-Karel Zak <kzak@redhat.com>, based on the original version from +-Theodore Ts'o <tytso@athena.mit.edu> +-.SH AVAILABILITY +-The losetup command is part of the util-linux package and is available from +-ftp://ftp.kernel.org/pub/linux/utils/util-linux/. ++.nf ++Original version: Theodore Ts'o <tytso@athena.mit.edu> ++AES support: Jari Ruusu ++.fi +diff -urN util-linux-2.26.2/sys-utils/losetup1.c util-linux-2.26.2-AES/sys-utils/losetup1.c +--- util-linux-2.26.2/sys-utils/losetup1.c 1970-01-01 02:00:00.000000000 +0200 ++++ util-linux-2.26.2-AES/sys-utils/losetup1.c 2015-05-23 13:08:09.000000000 +0300 +@@ -0,0 +1,1281 @@ ++/* Taken from Ted's losetup.c - Mitch <m.dsouza@mrc-apu.cam.ac.uk> */ ++/* Added vfs mount options - aeb - 960223 */ ++/* Removed lomount - aeb - 960224 */ ++ ++/* ++ * 1999-02-22 Arkadiusz Mi¶kiewicz <misiek@pld.ORG.PL> ++ * - added Native Language Support ++ * 1999-03-21 Arnaldo Carvalho de Melo <acme@conectiva.com.br> ++ * - fixed strerr(errno) in gettext calls ++ * 2001-04-11 Jari Ruusu ++ * - added AES support ++ */ ++ ++#define LOOPMAJOR 7 ++ ++/* ++ * losetup.c - setup and control loop devices ++ */ ++ ++#include <stdio.h> ++#include <string.h> ++#include <ctype.h> ++#include <fcntl.h> ++#include <errno.h> ++#include <stdlib.h> ++#include <unistd.h> ++#include <pwd.h> ++#include <sys/types.h> ++#include <sys/ioctl.h> ++#include <sys/stat.h> ++#include <sys/mman.h> ++#include <sys/sysmacros.h> ++#include <sys/wait.h> ++#include <limits.h> ++#include <fcntl.h> ++#include <mntent.h> ++#include <locale.h> ++#include <sys/time.h> ++#include <sys/utsname.h> ++#include <signal.h> ++ ++#include "loop.h" ++#include "nls.h" ++#include "../libmount/src/sha512.h" ++#include "../libmount/src/rmd160.h" ++#include "../libmount/src/aes.h" ++ ++#if !defined(BLKGETSIZE64) ++# define BLKGETSIZE64 _IOR(0x12,114,size_t) ++#endif ++ ++int verbose = 0; ++ ++#if !defined(LOOP_PASSWORD_MIN_LENGTH) ++# define LOOP_PASSWORD_MIN_LENGTH 20 ++#endif ++ ++char *passFDnumber = (char *)0; ++char *passAskTwice = (char *)0; ++char *passSeedString = (char *)0; ++char *passHashFuncName = (char *)0; ++char *passIterThousands = (char *)0; ++char *loInitValue = (char *)0; ++char *gpgKeyFile = (char *)0; ++char *gpgHomeDir = (char *)0; ++char *clearTextKeyFile = (char *)0; ++char *loopOffsetBytes = (char *)0; ++char *loopSizeBytes = (char *)0; ++char *loopEncryptionType = (char *)0; ++ ++static int multiKeyMode = 0; /* 0=single-key 64=multi-key-v2 65=multi-key-v3 1000=any */ ++static char *multiKeyPass[66]; ++static char *loopFileName; ++ ++static char *xstrdup(const char *s) ++{ ++ char *t; ++ if(!s) return NULL; ++ t = strdup(s); ++ if(!t) { ++ fprintf(stderr, "not enough memory\n"); ++ exit(2); /* EX_SYSERR */ ++ } ++ return t; ++} ++ ++static char * ++crypt_name (int id, int *flags) { ++ int i; ++ ++ for (i = 0; loop_crypt_type_tbl[i].id != -1; i++) ++ if(id == loop_crypt_type_tbl[i].id) { ++ *flags = loop_crypt_type_tbl[i].flags; ++ return loop_crypt_type_tbl[i].name; ++ } ++ *flags = 0; ++ if(id == 18) ++ return "CryptoAPI"; ++ return "undefined"; ++} ++ ++static int ++show_loop(char *device) { ++ struct loop_info64 loopinfo; ++ int fd; ++ ++ if ((fd = open(device, O_RDONLY)) < 0) { ++ int errsv = errno; ++ fprintf(stderr, _("loop: can't open device %s: %s\n"), ++ device, strerror (errsv)); ++ return 2; ++ } ++ if (loop_get_status64_ioctl(fd, &loopinfo) < 0) { ++ int errsv = errno; ++ close (fd); ++ fprintf(stderr, _("loop: can't get info on device %s: %s\n"), ++ device, strerror (errsv)); ++ return 1; ++ } ++ close (fd); ++ loopinfo.lo_file_name[LO_NAME_SIZE-1] = 0; ++ loopinfo.lo_crypt_name[LO_NAME_SIZE-1] = 0; ++ printf("%s: [%04llx]:%llu (%s)", device, (unsigned long long)loopinfo.lo_device, ++ (unsigned long long)loopinfo.lo_inode, loopinfo.lo_file_name); ++ if (loopinfo.lo_offset) { ++ if ((long long)loopinfo.lo_offset < 0) { ++ printf(_(" offset=@%llu"), -((unsigned long long)loopinfo.lo_offset)); ++ } else { ++ printf(_(" offset=%llu"), (unsigned long long)loopinfo.lo_offset); ++ } ++ } ++ if (loopinfo.lo_sizelimit) ++ printf(_(" sizelimit=%llu"), (unsigned long long)loopinfo.lo_sizelimit); ++ if (loopinfo.lo_encrypt_type) { ++ int flags; ++ char *s = crypt_name (loopinfo.lo_encrypt_type, &flags); ++ ++ printf(_(" encryption=%s"), s); ++ /* type 18 == LO_CRYPT_CRYPTOAPI */ ++ if (loopinfo.lo_encrypt_type == 18) { ++ printf("/%s", loopinfo.lo_crypt_name); ++ } else { ++ if(flags & 2) ++ printf("-"); ++ if(flags & 1) ++ printf("%u", (unsigned int)loopinfo.lo_encrypt_key_size << 3); ++ } ++ } ++ switch(loopinfo.lo_flags & 0x180000) { ++ case 0x180000: ++ printf(_(" multi-key-v3")); ++ break; ++ case 0x100000: ++ printf(_(" multi-key-v2")); ++ break; ++ } ++ /* type 2 == LO_CRYPT_DES */ ++ if (loopinfo.lo_init[0] && (loopinfo.lo_encrypt_type != 2)) ++ printf(_(" loinit=%llu"), (unsigned long long)loopinfo.lo_init[0]); ++ if (loopinfo.lo_flags & 0x200000) ++ printf(_(" read-only")); ++ printf("\n"); ++ ++ return 0; ++} ++ ++#define SIZE(a) (sizeof(a)/sizeof(a[0])) ++ ++static char * ++find_unused_loop_device (void) { ++ /* Just creating a device, say in /tmp, is probably a bad idea - ++ people might have problems with backup or so. ++ So, we just try /dev/loop[0-7]. */ ++ char dev[20]; ++ char *loop_formats[] = { "/dev/loop%d", "/dev/loop/%d" }; ++ int i, j, fd, somedev = 0, someloop = 0; ++ struct stat statbuf; ++ ++ for (j = 0; j < (int)SIZE(loop_formats); j++) { ++ for(i = 0; i < 256; i++) { ++ sprintf(dev, loop_formats[j], i); ++ if (stat (dev, &statbuf) == 0 && S_ISBLK(statbuf.st_mode)) { ++ somedev++; ++ fd = open (dev, O_RDONLY); ++ if (fd >= 0) { ++ if (is_unused_loop_device(fd) == 0) ++ someloop++; /* in use */ ++ else if (errno == ENXIO) { ++ close (fd); ++ return xstrdup(dev);/* probably free */ ++ } ++ close (fd); ++ } ++ continue;/* continue trying as long as devices exist */ ++ } ++ break; ++ } ++ } ++ ++ if (!somedev) ++ fprintf(stderr, _("Error: could not find any loop device\n")); ++ else if (!someloop) ++ fprintf(stderr, _("Error: could not open any loop device\n")); ++ else ++ fprintf(stderr, _("Error: could not find any free loop device\n")); ++ return 0; ++} ++ ++static int rd_wr_retry(int fd, char *buf, int cnt, int w) ++{ ++ int x, y, z; ++ ++ x = 0; ++ while(x < cnt) { ++ y = cnt - x; ++ if(w) { ++ z = write(fd, buf + x, y); ++ } else { ++ z = read(fd, buf + x, y); ++ if (!z) return x; ++ } ++ if(z < 0) { ++ if ((errno == EAGAIN) || (errno == ENOMEM) || (errno == ERESTART) || (errno == EINTR)) { ++ continue; ++ } ++ return x; ++ } ++ x += z; ++ } ++ return x; ++} ++ ++static char *get_FD_pass(int fd) ++{ ++ char *p = NULL, *n; ++ int x = 0, y = 0; ++ ++ do { ++ if(y >= (x - 1)) { ++ x += 128; ++ /* Must enforce some max limit here -- this code */ ++ /* runs as part of mount, and mount is setuid root */ ++ /* and has used mlockall(MCL_CURRENT | MCL_FUTURE) */ ++ if(x > (4*1024)) return(NULL); ++ n = malloc(x); ++ if(!n) return(NULL); ++ if(p) { ++ memcpy(n, p, y); ++ memset(p, 0, y); ++ free(p); ++ } ++ p = n; ++ } ++ if(rd_wr_retry(fd, p + y, 1, 0) != 1) break; ++ if((p[y] == '\n') || !p[y]) break; ++ y++; ++ } while(1); ++ if(p) p[y] = 0; ++ return p; ++} ++ ++static unsigned long long mystrtoull(char *s, int acceptAT) ++{ ++ unsigned long long v = 0; ++ int negative = 0; ++ ++ while ((*s == ' ') || (*s == '\t')) ++ s++; ++ if (acceptAT && (*s == '@')) { ++ s++; ++ negative = 1; ++ } ++ if (*s == '0') { ++ s++; ++ if ((*s == 'x') || (*s == 'X')) { ++ s++; ++ sscanf(s, "%llx", &v); ++ } else { ++ sscanf(s, "%llo", &v); ++ } ++ } else { ++ sscanf(s, "%llu", &v); ++ } ++ return negative ? -v : v; ++} ++ ++static void warnAboutBadKeyData(int x) ++{ ++ if((x > 1) && (x != 64) && (x != 65)) { ++ fprintf(stderr, _("Warning: Unknown key data format - using it anyway\n")); ++ } ++} ++ ++static int are_these_files_same(const char *name1, const char *name2) ++{ ++ struct stat statbuf1; ++ struct stat statbuf2; ++ ++ if(!name1 || !*name1 || !name2 || !*name2) return 0; ++ if(stat(name1, &statbuf1)) return 0; ++ if(stat(name2, &statbuf2)) return 0; ++ if(statbuf1.st_dev != statbuf2.st_dev) return 0; ++ if(statbuf1.st_ino != statbuf2.st_ino) return 0; ++ return 1; /* are same */ ++} ++ ++static char *do_GPG_pipe(char *pass) ++{ ++ int x, pfdi[2], pfdo[2]; ++ char str[10], *a[16], *e[2], *h; ++ pid_t gpid; ++ struct passwd *p; ++ void *oldSigPipeHandler; ++ ++ if((getuid() == 0) && gpgHomeDir && gpgHomeDir[0]) { ++ h = gpgHomeDir; ++ } else { ++ if(!(p = getpwuid(getuid()))) { ++ fprintf(stderr, _("Error: Unable to detect home directory for uid %d\n"), (int)getuid()); ++ return NULL; ++ } ++ h = p->pw_dir; ++ } ++ if(!(e[0] = malloc(strlen(h) + 6))) { ++ nomem1: ++ fprintf(stderr, _("Error: Unable to allocate memory\n")); ++ return NULL; ++ } ++ sprintf(e[0], "HOME=%s", h); ++ e[1] = 0; ++ ++ if(pipe(&pfdi[0])) { ++ nomem2: ++ free(e[0]); ++ goto nomem1; ++ } ++ if(pipe(&pfdo[0])) { ++ close(pfdi[0]); ++ close(pfdi[1]); ++ goto nomem2; ++ } ++ ++ /* ++ * When this code is run as part of losetup, normal read permissions ++ * affect the open() below because losetup is not setuid-root. ++ * ++ * When this code is run as part of mount, only root can set ++ * 'gpgKeyFile' and as such, only root can decide what file is opened ++ * below. However, since mount is usually setuid-root all non-root ++ * users can also open() the file too, but that file's contents are ++ * only piped to gpg. This readable-for-all is intended behaviour, ++ * and is very useful in situations where non-root users mount loop ++ * devices with their own gpg private key, and yet don't have access ++ * to the actual key used to encrypt loop device. ++ */ ++ if((x = open(gpgKeyFile, O_RDONLY)) == -1) { ++ fprintf(stderr, _("Error: unable to open %s for reading\n"), gpgKeyFile); ++ nomem3: ++ free(e[0]); ++ close(pfdo[0]); ++ close(pfdo[1]); ++ close(pfdi[0]); ++ close(pfdi[1]); ++ return NULL; ++ } ++ ++ /* ++ * If someone puts a gpg key file at beginning of device and ++ * puts the real file system at some offset into the device, ++ * this code extracts that gpg key file into a temp file so gpg ++ * won't end up reading whole device when decrypting the key file. ++ * ++ * Example of encrypted cdrom mount with 8192 bytes reserved for gpg key file: ++ * mount -t iso9660 /dev/cdrom /cdrom -o loop=/dev/loop0,encryption=AES128,gpgkey=/dev/cdrom,offset=8192 ++ * ^^^^^^^^^^ ^^^^^^^^^^ ^^^^ ++ */ ++ if(loopOffsetBytes && are_these_files_same(loopFileName, gpgKeyFile)) { ++ FILE *f; ++ char b[1024]; ++ long long cnt; ++ int cnt2, cnt3; ++ ++ cnt = mystrtoull(loopOffsetBytes, 1); ++ if(cnt < 0) cnt = -cnt; ++ if(cnt > (1024 * 1024)) cnt = 1024 * 1024; /* sanity check */ ++ f = tmpfile(); ++ if(!f) { ++ fprintf(stderr, _("Error: unable to create temp file\n")); ++ close(x); ++ goto nomem3; ++ } ++ while(cnt > 0) { ++ cnt2 = sizeof(b); ++ if(cnt < cnt2) cnt2 = cnt; ++ cnt3 = rd_wr_retry(x, b, cnt2, 0); ++ if(cnt3 && (fwrite(b, cnt3, 1, f) != 1)) { ++ tmpWrErr: ++ fprintf(stderr, _("Error: unable to write to temp file\n")); ++ fclose(f); ++ close(x); ++ goto nomem3; ++ } ++ if(cnt2 != cnt3) break; ++ cnt -= cnt3; ++ } ++ if(fflush(f)) goto tmpWrErr; ++ close(x); ++ x = dup(fileno(f)); ++ fclose(f); ++ lseek(x, 0L, SEEK_SET); ++ } ++ ++ sprintf(str, "%d", pfdi[0]); ++ if(!(gpid = fork())) { ++ dup2(x, 0); ++ dup2(pfdo[1], 1); ++ close(x); ++ close(pfdi[1]); ++ close(pfdo[0]); ++ close(pfdo[1]); ++ if((x = open("/dev/null", O_WRONLY)) >= 0) { ++ dup2(x, 2); ++ close(x); ++ } ++ x = 0; ++ a[x++] = "gpg"; ++ if(gpgHomeDir && gpgHomeDir[0]) { ++ a[x++] = "--homedir"; ++ a[x++] = gpgHomeDir; ++ } ++ a[x++] = "--no-options"; ++ a[x++] = "--quiet"; ++ a[x++] = "--batch"; ++ a[x++] = "--no-tty"; ++ a[x++] = "--passphrase-fd"; ++ a[x++] = str; ++ a[x++] = "--decrypt"; ++ a[x] = 0; ++ if(setgid(getgid())) exit(1); ++ if(setuid(getuid())) exit(1); ++ for(x = 3; x < 1024; x++) { ++ if(x == pfdi[0]) continue; ++ close(x); ++ } ++ execve("/bin/gpg", &a[0], &e[0]); ++ execve("/usr/bin/gpg", &a[0], &e[0]); ++ execve("/usr/local/bin/gpg", &a[0], &e[0]); ++ exit(1); ++ } ++ free(e[0]); ++ close(x); ++ close(pfdi[0]); ++ close(pfdo[1]); ++ if(gpid == -1) { ++ close(pfdi[1]); ++ close(pfdo[0]); ++ goto nomem1; ++ } ++ ++ x = strlen(pass); ++ ++ /* ignore possible SIGPIPE signal while writing to gpg */ ++ oldSigPipeHandler = signal(SIGPIPE, SIG_IGN); ++ rd_wr_retry(pfdi[1], pass, x, 1); ++ rd_wr_retry(pfdi[1], "\n", 1, 1); ++ if(oldSigPipeHandler != SIG_ERR) signal(SIGPIPE, oldSigPipeHandler); ++ ++ close(pfdi[1]); ++ memset(pass, 0, x); ++ x = 0; ++ while(x < 66) { ++ multiKeyPass[x] = get_FD_pass(pfdo[0]); ++ if(!multiKeyPass[x]) { ++ /* mem alloc failed - abort */ ++ multiKeyPass[0] = 0; ++ break; ++ } ++ if(strlen(multiKeyPass[x]) < LOOP_PASSWORD_MIN_LENGTH) break; ++ x++; ++ } ++ warnAboutBadKeyData(x); ++ if(x >= 65) ++ multiKeyMode = 65; ++ if(x == 64) ++ multiKeyMode = 64; ++ close(pfdo[0]); ++ waitpid(gpid, &x, 0); ++ if(!multiKeyPass[0]) goto nomem1; ++ return multiKeyPass[0]; ++} ++ ++static char *sGetPass(int minLen, int warnLen) ++{ ++ char *p, *s, *seed; ++ int i, ask2, close_i_fd = 0; ++ ++ if(!passFDnumber) { ++ if(clearTextKeyFile) { ++ if((i = open(clearTextKeyFile, O_RDONLY)) == -1) { ++ fprintf(stderr, _("Error: unable to open %s for reading\n"), clearTextKeyFile); ++ return NULL; ++ } ++ close_i_fd = 1; ++ goto contReadFrom_i; ++ } ++ p = getpass(_("Password: ")); ++ ask2 = passAskTwice ? 1 : 0; ++ } else { ++ i = atoi(passFDnumber); ++ contReadFrom_i: ++ if(gpgKeyFile && gpgKeyFile[0]) { ++ p = get_FD_pass(i); ++ if(close_i_fd) close(i); ++ } else { ++ int x = 0; ++ while(x < 66) { ++ multiKeyPass[x] = get_FD_pass(i); ++ if(!multiKeyPass[x]) goto nomem; ++ if(strlen(multiKeyPass[x]) < LOOP_PASSWORD_MIN_LENGTH) break; ++ x++; ++ } ++ if(close_i_fd) close(i); ++ warnAboutBadKeyData(x); ++ if(x >= 65) { ++ multiKeyMode = 65; ++ return multiKeyPass[0]; ++ } ++ if(x == 64) { ++ multiKeyMode = 64; ++ return multiKeyPass[0]; ++ } ++ p = multiKeyPass[0]; ++ } ++ ask2 = 0; ++ } ++ if(!p) goto nomem; ++ if(gpgKeyFile && gpgKeyFile[0]) { ++ if(ask2) { ++ i = strlen(p); ++ s = malloc(i + 1); ++ if(!s) goto nomem; ++ strcpy(s, p); ++ p = getpass(_("Retype password: ")); ++ if(!p) goto nomem; ++ if(strcmp(s, p)) goto compareErr; ++ memset(s, 0, i); ++ free(s); ++ ask2 = 0; ++ } ++ p = do_GPG_pipe(p); ++ if(!p) return(NULL); ++ if(!p[0]) { ++ fprintf(stderr, _("Error: gpg key file decryption failed\n")); ++ return(NULL); ++ } ++ if(multiKeyMode) return(p); ++ } ++ i = strlen(p); ++ if(i < minLen) { ++ fprintf(stderr, _("Error: Password must be at least %d characters.\n"), minLen); ++ return(NULL); ++ } ++ seed = passSeedString; ++ if(!seed) seed = ""; ++ s = malloc(i + strlen(seed) + 1); ++ if(!s) { ++ nomem: ++ fprintf(stderr, _("Error: Unable to allocate memory\n")); ++ return(NULL); ++ } ++ strcpy(s, p); ++ memset(p, 0, i); ++ if(ask2) { ++ p = getpass(_("Retype password: ")); ++ if(!p) goto nomem; ++ if(strcmp(s, p)) { ++ compareErr: ++ fprintf(stderr, _("Error: Passwords are not identical\n")); ++ return(NULL); ++ } ++ memset(p, 0, i); ++ } ++ if(i < warnLen) { ++ fprintf(stderr, _("WARNING - Please use longer password (%d or more characters)\n"), LOOP_PASSWORD_MIN_LENGTH); ++ } ++ strcat(s, seed); ++ return(s); ++} ++ ++/* this is for compatibility with historic loop-AES version */ ++static void unhashed1_key_setup(unsigned char *keyStr, int ile, unsigned char *keyBuf, int bufSize) ++{ ++ register int x, y, z, cnt = ile; ++ unsigned char *kp; ++ ++ memset(keyBuf, 0, bufSize); ++ kp = keyStr; ++ for(x = 0; x < (bufSize * 8); x += 6) { ++ y = *kp++; ++ if(--cnt <= 0) { ++ kp = keyStr; ++ cnt = ile; ++ } ++ if((y >= '0') && (y <= '9')) y -= '0'; ++ else if((y >= 'A') && (y <= 'Z')) y -= ('A' - 10); ++ else if((y >= 'a') && (y <= 'z')) y -= ('a' - 36); ++ else if((y == '.') || (y == '/')) y += (62 - '.'); ++ else y &= 63; ++ z = x >> 3; ++ if(z < bufSize) { ++ keyBuf[z] |= y << (x & 7); ++ } ++ z++; ++ if(z < bufSize) { ++ keyBuf[z] |= y >> (8 - (x & 7)); ++ } ++ } ++} ++ ++/* this is for compatibility with mainline mount */ ++static void unhashed2_key_setup(unsigned char *keyStr, int ile, unsigned char *keyBuf, int bufSize) ++{ ++ memset(keyBuf, 0, bufSize); ++ strncpy((char *)keyBuf, (char *)keyStr, bufSize - 1); ++ keyBuf[bufSize - 1] = 0; ++} ++ ++static void rmd160HashTwiceWithA(unsigned char *ib, int ile, unsigned char *ob, int ole) ++{ ++ char tmpBuf[20 + 20]; ++ char pwdCopy[130]; ++ ++ if(ole < 1) return; ++ memset(ob, 0, ole); ++ if(ole > 40) ole = 40; ++ __loDev_rmd160_hash_buffer(&tmpBuf[0], (char *)ib, ile); ++ pwdCopy[0] = 'A'; ++ if(ile > (int)sizeof(pwdCopy) - 1) ile = sizeof(pwdCopy) - 1; ++ memcpy(pwdCopy + 1, ib, ile); ++ __loDev_rmd160_hash_buffer(&tmpBuf[20], pwdCopy, ile + 1); ++ memcpy(ob, tmpBuf, ole); ++ memset(tmpBuf, 0, sizeof(tmpBuf)); ++ memset(pwdCopy, 0, sizeof(pwdCopy)); ++} ++ ++extern long long llseek(int, long long, int); ++ ++static long long xx_lseek(int fd, long long offset, int whence) ++{ ++ if(sizeof(off_t) >= 8) { ++ return lseek(fd, offset, whence); ++ } else { ++ return llseek(fd, offset, whence); ++ } ++} ++ ++static int loop_create_random_keys(char *partition, long long offset, long long sizelimit, int loopro, unsigned char *k) ++{ ++ int x, y, fd; ++ sha512_context s; ++ unsigned char b[4096]; ++ ++ if(loopro) { ++ fprintf(stderr, _("Error: read-only device %s\n"), partition); ++ return 1; ++ } ++ ++ /* ++ * Compute SHA-512 over first 40 KB of old fs data. SHA-512 hash ++ * output is then used as entropy for new fs encryption key. ++ */ ++ if((fd = open(partition, O_RDWR)) == -1) { ++ seekFailed: ++ fprintf(stderr, _("Error: unable to open/seek device %s\n"), partition); ++ return 1; ++ } ++ if(offset < 0) offset = -offset; ++ if(xx_lseek(fd, offset, SEEK_SET) == -1) { ++ close(fd); ++ goto seekFailed; ++ } ++ __loDev_sha512_init(&s); ++ for(x = 1; x <= 10; x++) { ++ if((sizelimit > 0) && ((long long)(sizeof(b) * x) > sizelimit)) break; ++ if(rd_wr_retry(fd, (char *) &b[0], sizeof(b), 0) != sizeof(b)) break; ++ __loDev_sha512_write(&s, &b[0], sizeof(b)); ++ } ++ __loDev_sha512_final(&s); ++ ++ /* ++ * Overwrite 40 KB of old fs data 20 times so that recovering ++ * SHA-512 output beyond this point is difficult and expensive. ++ */ ++ for(y = 0; y < 20; y++) { ++ int z; ++ struct { ++ struct timeval tv; ++ unsigned char h[64]; ++ int x,y,z; ++ } j; ++ if(xx_lseek(fd, offset, SEEK_SET) == -1) break; ++ memcpy(&j.h[0], &s.sha_out[0], 64); ++ gettimeofday(&j.tv, NULL); ++ j.y = y; ++ for(x = 1; x <= 10; x++) { ++ j.x = x; ++ for(z = 0; z < (int)sizeof(b); z += 64) { ++ j.z = z; ++ __loDev_sha512_hash_buffer((unsigned char *)&j, sizeof(j), &b[z], 64); ++ } ++ if((sizelimit > 0) && ((long long)(sizeof(b) * x) > sizelimit)) break; ++ if(rd_wr_retry(fd, (char *) &b[0], sizeof(b), 1) != sizeof(b)) break; ++ } ++ memset(&j, 0, sizeof(j)); ++ if(fsync(fd)) break; ++ } ++ close(fd); ++ ++ /* ++ * Use all 512 bits of hash output ++ */ ++ memcpy(&b[0], &s.sha_out[0], 64); ++ memset(&s, 0, sizeof(s)); ++ ++ /* ++ * Read 32 bytes of random entropy from kernel's random ++ * number generator. This code may be executed early on startup ++ * scripts and amount of random entropy may be non-existent. ++ * SHA-512 of old fs data is used as workaround for missing ++ * entropy in kernel's random number generator. ++ */ ++ if((fd = open("/dev/urandom", O_RDONLY)) == -1) { ++ fprintf(stderr, _("Error: unable to open /dev/urandom\n")); ++ return 1; ++ } ++ rd_wr_retry(fd, (char *) &b[64], 32, 0); ++ ++ /* generate multi-key hashes */ ++ x = 0; ++ while(x < 65) { ++ rd_wr_retry(fd, (char *) &b[64+32], 16, 0); ++ __loDev_sha512_hash_buffer(&b[0], 64+32+16, k, 32); ++ k += 32; ++ x++; ++ } ++ ++ close(fd); ++ memset(&b[0], 0, sizeof(b)); ++ return 0; ++} ++ ++static int ++set_loop(const char *device, const char *file, int *loopro, int busyRetVal) { ++ struct loop_info64 loopinfo; ++ int fd, ffd, mode, i, errRetVal = 1; ++ char *pass, *apiName = NULL; ++ void (*hashFunc)(unsigned char *, int, unsigned char *, int); ++ unsigned char multiKeyBits[65][32]; ++ int minPassLen = LOOP_PASSWORD_MIN_LENGTH; ++ ++ sync(); ++ loopFileName = (char *)file; ++ multiKeyMode = 0; ++ mode = (*loopro ? O_RDONLY : O_RDWR); ++ if ((ffd = open(file, mode)) < 0) { ++ if (!*loopro && errno == EROFS) ++ ffd = open(file, mode = O_RDONLY); ++ if (ffd < 0) { ++ perror(file); ++ return 1; ++ } ++ } ++ if ((fd = open(device, mode)) < 0) { ++ perror (device); ++ goto close_ffd_return1; ++ } ++ *loopro = (mode == O_RDONLY); ++ ++ if (ioctl(fd, LOOP_SET_FD, ffd) < 0) { ++ if(errno == EBUSY) ++ errRetVal = busyRetVal; ++ if((errRetVal != 2) || verbose) ++ perror("ioctl: LOOP_SET_FD"); ++keyclean_close_fd_ffd_return1: ++ memset(loopinfo.lo_encrypt_key, 0, sizeof(loopinfo.lo_encrypt_key)); ++ memset(&multiKeyBits[0][0], 0, sizeof(multiKeyBits)); ++ close (fd); ++close_ffd_return1: ++ close (ffd); ++ return errRetVal; ++ } ++ ++ memset (&loopinfo, 0, sizeof (loopinfo)); ++ strncpy ((char *)loopinfo.lo_file_name, file, LO_NAME_SIZE - 1); ++ loopinfo.lo_file_name[LO_NAME_SIZE - 1] = 0; ++ if (loopEncryptionType) ++ loopinfo.lo_encrypt_type = loop_crypt_type (loopEncryptionType, &loopinfo.lo_encrypt_key_size, &apiName); ++ if (loopOffsetBytes) ++ loopinfo.lo_offset = mystrtoull(loopOffsetBytes, 1); ++ if (loopSizeBytes) ++ loopinfo.lo_sizelimit = mystrtoull(loopSizeBytes, 0); ++ ++#ifdef MCL_FUTURE ++ /* ++ * Oh-oh, sensitive data coming up. Better lock into memory to prevent ++ * passwd etc being swapped out and left somewhere on disk. ++ */ ++ ++ if(loopinfo.lo_encrypt_type && mlockall(MCL_CURRENT | MCL_FUTURE)) { ++ perror("memlock"); ++ ioctl (fd, LOOP_CLR_FD, 0); ++ fprintf(stderr, _("Couldn't lock into memory, exiting.\n")); ++ exit(1); ++ } ++#endif ++ ++ switch (loopinfo.lo_encrypt_type) { ++ case LO_CRYPT_NONE: ++ loopinfo.lo_encrypt_key_size = 0; ++ break; ++ case LO_CRYPT_XOR: ++ pass = sGetPass (1, 0); ++ if(!pass) goto loop_clr_fd_out; ++ strncpy ((char *)loopinfo.lo_encrypt_key, pass, LO_KEY_SIZE - 1); ++ loopinfo.lo_encrypt_key[LO_KEY_SIZE - 1] = 0; ++ loopinfo.lo_encrypt_key_size = strlen((char*)loopinfo.lo_encrypt_key); ++ break; ++ case 3: /* LO_CRYPT_FISH2 */ ++ case 4: /* LO_CRYPT_BLOW */ ++ case 7: /* LO_CRYPT_SERPENT */ ++ case 8: /* LO_CRYPT_MARS */ ++ case 11: /* LO_CRYPT_RC6 */ ++ case 12: /* LO_CRYPT_DES_EDE3 */ ++ case 16: /* LO_CRYPT_AES */ ++ case 18: /* LO_CRYPT_CRYPTOAPI */ ++ /* set default hash function */ ++ hashFunc = __loDev_sha256_hash_buffer; ++ if(loopinfo.lo_encrypt_key_size == 24) hashFunc = __loDev_sha384_hash_buffer; ++ if(loopinfo.lo_encrypt_key_size == 32) hashFunc = __loDev_sha512_hash_buffer; ++ /* possibly override default hash function */ ++ if(passHashFuncName) { ++ if(!strcasecmp(passHashFuncName, "sha256")) { ++ hashFunc = __loDev_sha256_hash_buffer; ++ } else if(!strcasecmp(passHashFuncName, "sha384")) { ++ hashFunc = __loDev_sha384_hash_buffer; ++ } else if(!strcasecmp(passHashFuncName, "sha512")) { ++ hashFunc = __loDev_sha512_hash_buffer; ++ } else if(!strcasecmp(passHashFuncName, "rmd160")) { ++ hashFunc = rmd160HashTwiceWithA; ++ minPassLen = 1; ++ } else if(!strcasecmp(passHashFuncName, "unhashed1")) { ++ hashFunc = unhashed1_key_setup; ++ } else if(!strcasecmp(passHashFuncName, "unhashed2")) { ++ hashFunc = unhashed2_key_setup; ++ minPassLen = 1; ++ } else if(!strncasecmp(passHashFuncName, "random", 6) && ((passHashFuncName[6] == 0) || (passHashFuncName[6] == '/'))) { ++ /* random hash type sets up 65 random keys */ ++ /* WARNING! DO NOT USE RANDOM HASH TYPE ON PARTITION WITH EXISTING */ ++ /* IMPORTANT DATA ON IT. RANDOM HASH TYPE WILL DESTROY YOUR DATA. */ ++ if(loop_create_random_keys((char*)file, loopinfo.lo_offset, loopinfo.lo_sizelimit, *loopro, &multiKeyBits[0][0])) { ++ goto loop_clr_fd_out; ++ } ++ memcpy(&loopinfo.lo_encrypt_key[0], &multiKeyBits[0][0], sizeof(loopinfo.lo_encrypt_key)); ++ multiKeyMode = 1000; ++ break; /* out of switch(loopinfo.lo_encrypt_type) */ ++ } ++ } ++ pass = sGetPass (minPassLen, LOOP_PASSWORD_MIN_LENGTH); ++ if(!pass) goto loop_clr_fd_out; ++ i = strlen(pass); ++ if(hashFunc == unhashed1_key_setup) { ++ /* this is for compatibility with historic loop-AES version */ ++ loopinfo.lo_encrypt_key_size = 16; /* 128 bits */ ++ if(i >= 32) loopinfo.lo_encrypt_key_size = 24; /* 192 bits */ ++ if(i >= 43) loopinfo.lo_encrypt_key_size = 32; /* 256 bits */ ++ } ++ (*hashFunc)((unsigned char *)pass, i, &loopinfo.lo_encrypt_key[0], sizeof(loopinfo.lo_encrypt_key)); ++ if(multiKeyMode) { ++ int r = 0, t; ++ while(r < multiKeyMode) { ++ t = strlen(multiKeyPass[r]); ++ (*hashFunc)((unsigned char *)multiKeyPass[r], t, &multiKeyBits[r][0], 32); ++ memset(multiKeyPass[r], 0, t); ++ /* ++ * MultiKeyMode uses md5 IV. One key mode uses sector IV. Sector IV ++ * and md5 IV v2 and v3 are all computed differently. This first key ++ * byte XOR with 0x55/0xF4 is needed to cause complete decrypt failure ++ * in cases where data is encrypted with one type of IV and decrypted ++ * with another type IV. If identical key was used but only IV was ++ * computed differently, only first plaintext block of 512 byte CBC ++ * chain would decrypt incorrectly and rest would decrypt correctly. ++ * Partially correct decryption is dangerous. Decrypting all blocks ++ * incorrectly is safer because file system mount will simply fail. ++ */ ++ if(multiKeyMode == 65) { ++ multiKeyBits[r][0] ^= 0xF4; /* version 3 */ ++ } else { ++ multiKeyBits[r][0] ^= 0x55; /* version 2 */ ++ } ++ r++; ++ } ++ } else if(passIterThousands) { ++ aes_context ctx; ++ unsigned long iter = 0; ++ unsigned char tempkey[32]; ++ /* ++ * Set up AES-256 encryption key using same password and hash function ++ * as before but with password bit 0 flipped before hashing. That key ++ * is then used to encrypt actual loop key 'itercountk' thousand times. ++ */ ++ pass[0] ^= 1; ++ (*hashFunc)((unsigned char *)pass, i, &tempkey[0], 32); ++ __loDev_aes_set_key(&ctx, &tempkey[0], 32, 0); ++ sscanf(passIterThousands, "%lu", &iter); ++ iter *= 1000; ++ while(iter > 0) { ++ /* encrypt both 128bit blocks with AES-256 */ ++ __loDev_aes_encrypt(&ctx, &loopinfo.lo_encrypt_key[ 0], &loopinfo.lo_encrypt_key[ 0]); ++ __loDev_aes_encrypt(&ctx, &loopinfo.lo_encrypt_key[16], &loopinfo.lo_encrypt_key[16]); ++ /* exchange upper half of first block with lower half of second block */ ++ memcpy(&tempkey[0], &loopinfo.lo_encrypt_key[8], 8); ++ memcpy(&loopinfo.lo_encrypt_key[8], &loopinfo.lo_encrypt_key[16], 8); ++ memcpy(&loopinfo.lo_encrypt_key[16], &tempkey[0], 8); ++ iter--; ++ } ++ memset(&ctx, 0, sizeof(ctx)); ++ memset(&tempkey[0], 0, sizeof(tempkey)); ++ } ++ memset(pass, 0, i); /* erase original password */ ++ break; ++ default: ++ fprintf (stderr, _("Error: don't know how to get key for encryption system %d\n"), loopinfo.lo_encrypt_type); ++ goto loop_clr_fd_out; ++ } ++ ++ if(loInitValue) { ++ /* cipher modules are free to do whatever they want with this value */ ++ i = 0; ++ sscanf(loInitValue, "%d", &i); ++ loopinfo.lo_init[0] = i; ++ } ++ ++ /* type 18 == LO_CRYPT_CRYPTOAPI */ ++ if ((loopinfo.lo_encrypt_type == 18) || (loop_set_status64_ioctl(fd, &loopinfo) < 0)) { ++ /* direct cipher interface failed - try CryptoAPI interface now */ ++ if(!apiName || (try_cryptoapi_loop_interface(fd, &loopinfo, apiName) < 0)) { ++ fprintf(stderr, _("ioctl: LOOP_SET_STATUS: %s, requested cipher or key length (%d bits) not supported by kernel\n"), strerror(errno), loopinfo.lo_encrypt_key_size << 3); ++ loop_clr_fd_out: ++ (void) ioctl (fd, LOOP_CLR_FD, 0); ++ goto keyclean_close_fd_ffd_return1; ++ } ++ } ++ if(multiKeyMode >= 65) { ++ if(ioctl(fd, LOOP_MULTI_KEY_SETUP_V3, &multiKeyBits[0][0]) < 0) { ++ if(multiKeyMode == 1000) goto try_v2_setup; ++ perror("ioctl: LOOP_MULTI_KEY_SETUP_V3"); ++ goto loop_clr_fd_out; ++ } ++ } else if(multiKeyMode == 64) { ++ try_v2_setup: ++ if((ioctl(fd, LOOP_MULTI_KEY_SETUP, &multiKeyBits[0][0]) < 0) && (multiKeyMode != 1000)) { ++ perror("ioctl: LOOP_MULTI_KEY_SETUP"); ++ goto loop_clr_fd_out; ++ } ++ } ++ ++ memset(loopinfo.lo_encrypt_key, 0, sizeof(loopinfo.lo_encrypt_key)); ++ memset(&multiKeyBits[0][0], 0, sizeof(multiKeyBits)); ++ close (fd); ++ close (ffd); ++ ++ if (verbose > 1) ++ printf(_("set_loop(%s,%s): success\n"), device, file); ++ return 0; ++} ++ ++#include <getopt.h> ++#include <stdarg.h> ++ ++static char *progname; ++ ++static void ++usage(void) { ++ fprintf(stderr, _("usage:\n\ ++ %s [options] loop_device file # setup\n\ ++ %s -F [options] loop_device [file] # setup, read /etc/fstab\n\ ++ %s loop_device # give info\n\ ++ %s -a # give info of all loops\n\ ++ %s -f # show next free loop device\n\ ++ %s -d loop_device # delete\n\ ++ %s -R loop_device # resize\n\ ++options: -e encryption -o offset -s sizelimit -p passwdfd -T -S pseed\n\ ++ -H phash -I loinit -K gpgkey -G gpghome -C itercountk -v -r\n\ ++ -P cleartextkey\n"), ++ progname, progname, progname, progname, progname, progname, progname); ++ exit(1); ++} ++ ++static void ++show_all_loops(void) ++{ ++ char dev[20]; ++ char *lfmt[] = { "/dev/loop%d", "/dev/loop/%d" }; ++ int i, j, fd, x; ++ struct stat statbuf; ++ ++ for(i = 0; i < 256; i++) { ++ for(j = (sizeof(lfmt) / sizeof(lfmt[0])) - 1; j >= 0; j--) { ++ sprintf(dev, lfmt[j], i); ++ if(stat(dev, &statbuf) == 0 && S_ISBLK(statbuf.st_mode)) { ++ fd = open(dev, O_RDONLY); ++ if(fd >= 0) { ++ x = is_unused_loop_device(fd); ++ close(fd); ++ if(x == 0) { ++ show_loop(dev); ++ j = 0; ++ } ++ } ++ } ++ } ++ } ++} ++ ++static int ++read_options_from_fstab(char *loopToFind, char **partitionPtr) ++{ ++ FILE *f; ++ struct mntent *m; ++ int y, foundMatch = 0; ++ char *opt, *fr1, *fr2; ++ struct options { ++ char *name; /* name of /etc/fstab option */ ++ char **dest; /* destination where it is written to */ ++ char *line; /* temp */ ++ }; ++ struct options tbl[] = { ++ { "device/file name ", partitionPtr }, /* must be index 0 */ ++ { "loop=", &loopToFind }, /* must be index 1 */ ++ { "offset=", &loopOffsetBytes }, ++ { "sizelimit=", &loopSizeBytes }, ++ { "encryption=", &loopEncryptionType }, ++ { "pseed=", &passSeedString }, ++ { "phash=", &passHashFuncName }, ++ { "loinit=", &loInitValue }, ++ { "gpgkey=", &gpgKeyFile }, ++ { "gpghome=", &gpgHomeDir }, ++ { "cleartextkey=", &clearTextKeyFile }, ++ { "itercountk=", &passIterThousands }, ++ }; ++ struct options *p; ++ ++ if (!(f = setmntent("/etc/fstab", "r"))) { ++ fprintf(stderr, _("Error: unable to open /etc/fstab for reading\n")); ++ return 0; ++ } ++ while ((m = getmntent(f)) != NULL) { ++ tbl[0].line = fr1 = xstrdup(m->mnt_fsname); ++ p = &tbl[1]; ++ do { ++ p->line = NULL; ++ } while (++p < &tbl[sizeof(tbl) / sizeof(struct options)]); ++ opt = fr2 = xstrdup(m->mnt_opts); ++ for (opt = strtok(opt, ","); opt != NULL; opt = strtok(NULL, ",")) { ++ p = &tbl[1]; ++ do { ++ y = strlen(p->name); ++ if (!strncmp(opt, p->name, y)) ++ p->line = opt + y; ++ } while (++p < &tbl[sizeof(tbl) / sizeof(struct options)]); ++ } ++ if (tbl[1].line && !strcmp(loopToFind, tbl[1].line)) { ++ if (++foundMatch > 1) { ++ fprintf(stderr, _("Error: multiple loop=%s options found in /etc/fstab\n"), loopToFind); ++ endmntent(f); ++ return 0; ++ } ++ p = &tbl[0]; ++ do { ++ if (!*p->dest && p->line) { ++ *p->dest = p->line; ++ if (verbose) ++ printf(_("using %s%s from /etc/fstab\n"), p->name, p->line); ++ } ++ } while (++p < &tbl[sizeof(tbl) / sizeof(struct options)]); ++ fr1 = fr2 = NULL; ++ } ++ if(fr1) free(fr1); ++ if(fr2) free(fr2); ++ } ++ endmntent(f); ++ if (foundMatch == 0) { ++ fprintf(stderr, _("Error: loop=%s option not found in /etc/fstab\n"), loopToFind); ++ } ++ return foundMatch; ++} ++ ++static int ++recompute_loop_dev_size(char *device) ++{ ++ int fd, err1 = 0, err2, err3; ++ long long oldBytes = -1, newBytes = -1; ++ ++ fd = open(device, O_RDONLY); ++ if(fd < 0) { ++ perror(device); ++ return 1; ++ } ++ if(verbose) { ++ err1 = ioctl(fd, BLKGETSIZE64, &oldBytes); ++ } ++ err2 = ioctl(fd, LOOP_RECOMPUTE_DEV_SIZE, 0); ++ if(err2) { ++ perror(device); ++ goto done1; ++ } ++ if(verbose) { ++ err3 = ioctl(fd, BLKGETSIZE64, &newBytes); ++ if(!err1 && (oldBytes >= 0)) { ++ printf("%s: old size %lld bytes\n", device, oldBytes); ++ } ++ if(!err3 && (newBytes >= 0)) { ++ printf("%s: new size %lld bytes\n", device, newBytes); ++ } ++ } ++done1: ++ close(fd); ++ return err2; ++} ++ ++static int ++del_loop (const char *device) { ++ int fd; ++ ++ sync(); ++ if ((fd = open (device, O_RDONLY)) < 0) { ++ int errsv = errno; ++ fprintf(stderr, _("loop: can't delete device %s: %s\n"), ++ device, strerror (errsv)); ++ return 1; ++ } ++ if (ioctl (fd, LOOP_CLR_FD, 0) < 0) { ++ perror ("ioctl: LOOP_CLR_FD"); ++ return 1; ++ } ++ close (fd); ++ if (verbose > 1) ++ printf(_("del_loop(%s): success\n"), device); ++ return 0; ++} ++ ++int ++main(int argc, char **argv) { ++ char *partitionName = NULL; ++ char *device = NULL; ++ int delete,find,c,option_a=0,option_F=0,option_R=0,setup_o=0; ++ int res = 0; ++ int ro = 0; ++ ++ setlocale(LC_ALL, ""); ++ bindtextdomain(PACKAGE, LOCALEDIR); ++ textdomain(PACKAGE); ++ ++ delete = find = 0; ++ progname = argv[0]; ++ while ((c = getopt(argc,argv,"aC:de:fFG:H:I:K:o:p:P:rRs:S:Tv")) != -1) { ++ switch (c) { ++ case 'a': /* show status of all loops */ ++ option_a = 1; ++ break; ++ case 'C': ++ passIterThousands = optarg; ++ setup_o = 1; ++ break; ++ case 'd': ++ delete = 1; ++ break; ++ case 'e': ++ loopEncryptionType = optarg; ++ setup_o = 1; ++ break; ++ case 'f': /* find free loop */ ++ find = 1; ++ break; ++ case 'F': /* read loop related options from /etc/fstab */ ++ option_F = 1; ++ setup_o = 1; ++ break; ++ case 'G': /* GnuPG home dir */ ++ gpgHomeDir = optarg; ++ setup_o = 1; ++ break; ++ case 'H': /* passphrase hash function name */ ++ passHashFuncName = optarg; ++ setup_o = 1; ++ break; ++ case 'I': /* lo_init[0] value (in string form) */ ++ loInitValue = optarg; ++ setup_o = 1; ++ break; ++ case 'K': /* GnuPG key file name */ ++ gpgKeyFile = optarg; ++ setup_o = 1; ++ break; ++ case 'o': ++ loopOffsetBytes = optarg; ++ setup_o = 1; ++ break; ++ case 'p': /* read passphrase from given fd */ ++ passFDnumber = optarg; ++ setup_o = 1; ++ break; ++ case 'P': /* read passphrase from given file */ ++ clearTextKeyFile = optarg; ++ setup_o = 1; ++ break; ++ case 'r': /* read-only */ ++ ro = 1; ++ setup_o = 1; ++ break; ++ case 'R': /* recompute loop dev size */ ++ option_R = 1; ++ break; ++ case 's': ++ loopSizeBytes = optarg; ++ setup_o = 1; ++ break; ++ case 'S': /* optional seed for passphrase */ ++ passSeedString = optarg; ++ setup_o = 1; ++ break; ++ case 'T': /* ask passphrase _twice_ */ ++ passAskTwice = "T"; ++ setup_o = 1; ++ break; ++ case 'v': ++ verbose++; ++ break; ++ default: ++ usage(); ++ } ++ } ++ if (option_a + delete + option_R + setup_o + find > 1) usage(); ++ if (option_a) { ++ /* show all loops */ ++ if (argc != optind) usage(); ++ show_all_loops(); ++ res = 0; ++ } else if (find) { ++ if (argc != optind) ++ usage(); ++ device = find_unused_loop_device(); ++ if (device == NULL) ++ return -1; ++ if (verbose) ++ printf("Loop device is %s\n", device); ++ printf("%s\n", device); ++ res = 0; ++ } else if (delete) { ++ /* delete loop */ ++ if (argc != optind+1) usage(); ++ res = del_loop(argv[optind]); ++ } else if (option_R) { ++ /* resize existing loop */ ++ if (argc != optind+1) usage(); ++ res = recompute_loop_dev_size(argv[optind]); ++ } else if ((argc == optind+1) && !setup_o) { ++ /* show one loop */ ++ res = show_loop(argv[optind]); ++ } else { ++ /* set up new loop */ ++ if ((argc < optind+1) || ((argc == optind+1) && !option_F) || (argc > optind+2)) ++ usage(); ++ if (argc > optind+1) ++ partitionName = argv[optind+1]; ++ if (option_F && (read_options_from_fstab(argv[optind], &partitionName) != 1)) ++ exit(1); ++ res = set_loop(argv[optind],partitionName,&ro, 1); ++ } ++ return res; ++} +diff -urN util-linux-2.26.2/sys-utils/mount.8 util-linux-2.26.2-AES/sys-utils/mount.8 +--- util-linux-2.26.2/sys-utils/mount.8 2015-04-29 13:27:59.000000000 +0300 ++++ util-linux-2.26.2-AES/sys-utils/mount.8 2015-05-23 13:08:09.000000000 +0300 +@@ -665,6 +665,11 @@ + sections. + .RE + ++.IP "\fB\-p, \-\-pass\-fd \fInum\fP" ++In case of a loop mount with encryption, read the passphrase from ++file descriptor ++.I num ++instead of from the terminal. + .TP + .BR \-R , " \-\-rbind" + Remount a subtree and all possible submounts somewhere else (so that its +@@ -3086,13 +3091,19 @@ + .B "mount \-t ext3 /tmp/disk.img /mnt" + .sp + .RE +-This type of mount knows about three options, namely +-.BR loop ", " offset " and " sizelimit , ++This type of mount knows about 11 options, namely ++.BR loop ", " offset ", " sizelimit ", " encryption ", " pseed ", " phash ", " loinit ", " gpgkey ", " gpghome ", " cleartextkey " and " itercountk + that are really options to + .BR \%losetup (8). + (These options can be used in addition to those specific + to the filesystem type.) + ++If the mount requires a passphrase, you will be prompted for one unless you ++specify a file descriptor to read from instead with the ++.BR \-p ++command line option, or specify a file name with ++.BR cleartextkey ++mount option. + Since Linux 2.6.25 auto-destruction of loop devices is supported, + meaning that any loop device allocated by + .B mount +diff -urN util-linux-2.26.2/sys-utils/mount.c util-linux-2.26.2-AES/sys-utils/mount.c +--- util-linux-2.26.2/sys-utils/mount.c 2015-04-29 13:21:50.000000000 +0300 ++++ util-linux-2.26.2-AES/sys-utils/mount.c 2015-05-23 13:08:09.000000000 +0300 +@@ -36,6 +36,7 @@ + #include "c.h" + #include "env.h" + #include "strutils.h" ++#include "xgetpass.h" + #include "exitcodes.h" + #include "xalloc.h" + #include "closestream.h" +@@ -51,6 +52,7 @@ + * --options-source-force MNT_OMODE_FORCE + */ + ++static int passfd = -1; + static int readwrite; + + static int mk_exit_code(struct libmnt_context *cxt, int rc); +@@ -104,6 +106,32 @@ + return 0; + } + ++static char *encrypt_pass_get(struct libmnt_context *cxt) ++{ ++ if (!cxt) ++ return 0; ++ ++#ifdef MCL_FUTURE ++ if (mlockall(MCL_CURRENT | MCL_FUTURE)) { ++ warn(_("couldn't lock into memory")); ++ return NULL; ++ } ++#endif ++ return xgetpass(passfd, _("Password: ")); ++} ++ ++static void encrypt_pass_release(struct libmnt_context *cxt ++ __attribute__((__unused__)), char *pwd) ++{ ++ char *p = pwd; ++ ++ while (p && *p) ++ *p++ = '\0'; ++ ++ free(pwd); ++ munlockall(); ++} ++ + /* + * Replace control chars with '?' to be compatible with coreutils. For more + * robust solution use findmnt(1) where we use \x?? hex encoding. +@@ -739,6 +767,7 @@ + fprintf(out, _( + " -o, --options <list> comma-separated list of mount options\n" + " -O, --test-opts <list> limit the set of filesystems (use with -a)\n" ++ " -p, --pass-fd <num> read the passphrase from file descriptor\n" + " -r, --read-only mount the filesystem read-only (same as -o ro)\n" + " -t, --types <list> limit the set of filesystem types\n")); + fprintf(out, _( +@@ -868,7 +897,7 @@ + + mnt_context_set_tables_errcb(cxt, table_parser_errcb); + +- while ((c = getopt_long(argc, argv, "aBcfFhilL:Mno:O:rRsU:vVwt:T:", ++ while ((c = getopt_long(argc, argv, "aBcfFhilL:Mno:O:p:rRsU:vVwt:T:", + longopts, NULL)) != -1) { + + /* only few options are allowed for non-root users */ +@@ -923,6 +952,10 @@ + if (mnt_context_set_options_pattern(cxt, optarg)) + err(MOUNT_EX_SYSERR, _("failed to set options pattern")); + break; ++ case 'p': ++ passfd = strtou32_or_err(optarg, ++ _("invalid passphrase file descriptor")); ++ break; + case 'L': + xasprintf(&srcbuf, "LABEL=\"%s\"", optarg); + mnt_context_disable_swapmatch(cxt, 1); +@@ -1038,6 +1071,8 @@ + else if (types) + mnt_context_set_fstype(cxt, types); + ++ mnt_context_set_passwd_cb(cxt, encrypt_pass_get, encrypt_pass_release); ++ + if (all) { + /* + * A) Mount all +diff -urN util-linux-2.26.2/sys-utils/swapoff.c util-linux-2.26.2-AES/sys-utils/swapoff.c +--- util-linux-2.26.2/sys-utils/swapoff.c 2015-04-29 10:52:22.000000000 +0300 ++++ util-linux-2.26.2-AES/sys-utils/swapoff.c 2015-05-23 13:08:09.000000000 +0300 +@@ -1,4 +1,9 @@ + #include <stdio.h> ++#include <sys/types.h> ++#include <sys/stat.h> ++#include <unistd.h> ++#include <fcntl.h> ++#include <sys/ioctl.h> + #include <errno.h> + #include <getopt.h> + +@@ -7,6 +12,7 @@ + #endif + + #include "nls.h" ++#include "loop.h" + #include "c.h" + #include "xalloc.h" + #include "closestream.h" +@@ -141,6 +147,45 @@ + exit(out == stderr ? EXIT_FAILURE : EXIT_SUCCESS); + } + ++static void ++shutdown_encrypted_swap(char *loop) ++{ ++ int fd; ++ struct stat statbuf; ++ struct loop_info64 loopinfo; ++ unsigned char b[32]; ++ FILE *f; ++ size_t ignoreThis = 0; ++ ++ if(stat(loop, &statbuf) == 0 && S_ISBLK(statbuf.st_mode)) { ++ if((fd = open(loop, O_RDWR)) >= 0) { ++ if(!loop_get_status64_ioctl(fd, &loopinfo)) { ++ /* ++ * Read 32 bytes of random data from kernel's random ++ * number generator and write that to loop device. ++ * This preserves some of kernel's random entropy ++ * to next activation of encrypted swap on this ++ * partition. ++ */ ++ if((f = fopen("/dev/urandom", "r")) != NULL) { ++ ignoreThis += fread(&b[0], 32, 1, f); ++ fclose(f); ++ ignoreThis += write(fd, &b[0], 32); ++ fsync(fd); ++ } ++ } ++ close(fd); ++ } ++ sync(); ++ if((fd = open(loop, O_RDONLY)) >= 0) { ++ if(!loop_get_status64_ioctl(fd, &loopinfo)) { ++ ioctl(fd, LOOP_CLR_FD, 0); ++ } ++ close(fd); ++ } ++ } ++} ++ + static int swapoff_all(void) + { + int status = 0; +@@ -171,8 +216,30 @@ + mnt_reset_iter(itr, MNT_ITER_FORWARD); + + while (tb && mnt_table_find_next_fs(tb, itr, match_swap, NULL, &fs) == 0) { +- if (!is_active_swap(mnt_fs_get_source(fs))) +- do_swapoff(mnt_fs_get_source(fs), QUIET, !CANONIC); ++ char *special; ++ char *loop = NULL, *encryption = NULL; ++ char *val = NULL; ++ size_t len = 0; ++ ++ special = (char *) mnt_fs_get_source(fs); ++ if(!special) continue; ++ if(mnt_fs_get_option(fs, "loop", &val, &len) == 0 && val && len) ++ loop = strndup(val, len); ++ if(mnt_fs_get_option(fs, "encryption", &val, &len) == 0 && val && len) ++ encryption = strndup(val, len); ++ if (loop && encryption) { ++ if (!is_active_swap(loop)) { /* do this only if it was not in /proc/swaps */ ++ do_swapoff(loop, QUIET, !CANONIC); ++ } ++ shutdown_encrypted_swap(loop); ++ goto do_free; ++ } ++ if (!is_active_swap(special)) { /* do this only if it was not in /proc/swaps */ ++ do_swapoff(special, QUIET, !CANONIC); ++ } ++ do_free: ++ if(loop) free(loop); ++ if(encryption) free(encryption); + } + + mnt_free_iter(itr); +diff -urN util-linux-2.26.2/sys-utils/swapon.8 util-linux-2.26.2-AES/sys-utils/swapon.8 +--- util-linux-2.26.2/sys-utils/swapon.8 2015-04-29 10:52:22.000000000 +0300 ++++ util-linux-2.26.2-AES/sys-utils/swapon.8 2015-05-23 13:08:09.000000000 +0300 +@@ -69,6 +69,22 @@ + .I /proc/swaps + or + .IR /etc/fstab ). ++.PP ++If ++.I loop=/dev/loop? ++and ++.I encryption=AES128 ++options are present in ++.I /etc/fstab ++then ++.BR "swapon -a" ++will set up loop devices using random keys, run ++.BR "mkswap" ++on them, and enable encrypted swap on specified loop devices. Encrypted loop ++devices are set up with page size offset so that unencrypted swap signatures ++on first page of swap devices are not touched. ++.BR "swapoff -a" ++will tear down such loop devices. + + .SH OPTIONS + .TP +diff -urN util-linux-2.26.2/sys-utils/swapon.c util-linux-2.26.2-AES/sys-utils/swapon.c +--- util-linux-2.26.2/sys-utils/swapon.c 2015-04-29 10:52:22.000000000 +0300 ++++ util-linux-2.26.2-AES/sys-utils/swapon.c 2015-05-23 13:08:09.000000000 +0300 +@@ -8,6 +8,8 @@ + #include <unistd.h> + #include <sys/types.h> + #include <sys/wait.h> ++#include <sys/time.h> ++#include <sys/ioctl.h> + #include <fcntl.h> + #include <stdint.h> + #include <ctype.h> +@@ -16,6 +18,8 @@ + + #include "c.h" + #include "nls.h" ++#include "loop.h" ++#include "../libmount/src/sha512.h" + #include "bitops.h" + #include "blkdev.h" + #include "pathnames.h" +@@ -677,6 +681,227 @@ + } + + ++static int ++prepare_encrypted_swap(char *partition, char *loop, char *encryption) ++{ ++ int x, y, fd, ffd; ++ int page_size; ++ sha512_context s; ++ unsigned char b[4096], multiKeyBits[65][32]; ++ char *a[10], *apiName; ++ struct loop_info64 loopinfo; ++ FILE *f; ++ size_t ignoreThis = 0; ++ ++ /* ++ * Some sanity checks ++ */ ++ if(strlen(partition) < 1) { ++ fprintf(stderr, _("swapon: invalid swap device name\n")); ++ return 0; ++ } ++ if(strlen(loop) < 1) { ++ fprintf(stderr, _("swapon: invalid loop device name\n")); ++ return 0; ++ } ++ if(strlen(encryption) < 1) { ++ fprintf(stderr, _("swapon: invalid encryption type\n")); ++ return 0; ++ } ++ ++ /* ++ * Abort if loop device does not exist or is already in use ++ */ ++ sync(); ++ if((fd = open(loop, O_RDWR)) == -1) { ++ fprintf(stderr, _("swapon: unable to open loop device %s\n"), loop); ++ return 0; ++ } ++ if(is_unused_loop_device(fd) == 0) { ++ fprintf(stderr, _("swapon: loop device %s already in use\n"), loop); ++ goto errout0; ++ } ++ ++ /* ++ * Compute SHA-512 over first 40 KB of old swap data. This data ++ * is mostly unknown data encrypted using unknown key. SHA-512 hash ++ * output is then used as entropy for new swap encryption key. ++ */ ++ if(!(f = fopen(partition, "r+"))) { ++ fprintf(stderr, _("swapon: unable to open swap device %s\n"), partition); ++ goto errout0; ++ } ++ page_size = getpagesize(); ++ fseek(f, (long)page_size, SEEK_SET); ++ __loDev_sha512_init(&s); ++ for(x = 0; x < 10; x++) { ++ if(fread(&b[0], sizeof(b), 1, f) != 1) break; ++ __loDev_sha512_write(&s, &b[0], sizeof(b)); ++ } ++ __loDev_sha512_final(&s); ++ ++ /* ++ * Overwrite 40 KB of old swap data 20 times so that recovering ++ * SHA-512 output beyond this point is difficult and expensive. ++ */ ++ for(y = 0; y < 20; y++) { ++ int z; ++ struct { ++ struct timeval tv; ++ unsigned char h[64]; ++ int x,y,z; ++ } j; ++ if(fseek(f, (long)page_size, SEEK_SET)) break; ++ memcpy(&j.h[0], &s.sha_out[0], 64); ++ gettimeofday(&j.tv, NULL); ++ j.y = y; ++ for(x = 0; x < 10; x++) { ++ j.x = x; ++ for(z = 0; z < (int) sizeof(b); z += 64) { ++ j.z = z; ++ __loDev_sha512_hash_buffer((unsigned char *)&j, sizeof(j), &b[z], 64); ++ } ++ if(fwrite(&b[0], sizeof(b), 1, f) != 1) break; ++ } ++ memset(&j, 0, sizeof(j)); ++ if(fflush(f)) break; ++ if(fsync(fileno(f))) break; ++ } ++ fclose(f); ++ ++ /* ++ * Use all 512 bits of hash output ++ */ ++ memcpy(&b[0], &s.sha_out[0], 64); ++ memset(&s, 0, sizeof(s)); ++ ++ /* ++ * Read 32 bytes of random entropy from kernel's random ++ * number generator. This code may be executed early on startup ++ * scripts and amount of random entropy may be non-existent. ++ * SHA-512 of old swap data is used as workaround for missing ++ * entropy in kernel's random number generator. ++ */ ++ if(!(f = fopen("/dev/urandom", "r"))) { ++ fprintf(stderr, _("swapon: unable to open /dev/urandom\n")); ++ goto errout0; ++ } ++ ignoreThis += fread(&b[64], 32, 1, f); ++ ++ /* ++ * Set up struct loop_info64 ++ */ ++ if((ffd = open(partition, O_RDWR)) < 0) { ++ fprintf(stderr, _("swapon: unable to open swap device %s\n"), partition); ++ goto errout1; ++ } ++ memset(&loopinfo, 0, sizeof(loopinfo)); ++ strncpy((char *)loopinfo.lo_file_name, partition, LO_NAME_SIZE - 1); ++ loopinfo.lo_file_name[LO_NAME_SIZE - 1] = 0; ++ loopinfo.lo_encrypt_type = loop_crypt_type(encryption, &loopinfo.lo_encrypt_key_size, &apiName); ++ if(loopinfo.lo_encrypt_type <= 1) { ++ fprintf(stderr, _("swapon: unsupported swap encryption type %s\n"), encryption); ++errout2: ++ close(ffd); ++errout1: ++ fclose(f); ++errout0: ++ close(fd); ++ memset(&loopinfo.lo_encrypt_key[0], 0, sizeof(loopinfo.lo_encrypt_key)); ++ memset(&multiKeyBits[0][0], 0, sizeof(multiKeyBits)); ++ return 0; ++ } ++ loopinfo.lo_offset = page_size; ++ /* single-key hash */ ++ __loDev_sha512_hash_buffer(&b[0], 64+32, &loopinfo.lo_encrypt_key[0], sizeof(loopinfo.lo_encrypt_key)); ++ /* multi-key hash */ ++ x = 0; ++ while(x < 65) { ++ ignoreThis += fread(&b[64+32], 16, 1, f); ++ __loDev_sha512_hash_buffer(&b[0], 64+32+16, &multiKeyBits[x][0], 32); ++ x++; ++ } ++ ++ /* ++ * Try to set up single-key loop ++ */ ++ if(ioctl(fd, LOOP_SET_FD, ffd) < 0) { ++ fprintf(stderr, _("swapon: LOOP_SET_FD failed\n")); ++ goto errout2; ++ } ++ if ((loopinfo.lo_encrypt_type == 18) || (loop_set_status64_ioctl(fd, &loopinfo) < 0)) { ++ if(try_cryptoapi_loop_interface(fd, &loopinfo, apiName) < 0) { ++ fprintf(stderr, _("swapon: LOOP_SET_STATUS failed\n")); ++ ioctl(fd, LOOP_CLR_FD, 0); ++ goto errout2; ++ } ++ } ++ ++ /* ++ * Try to put loop to multi-key v3 or v2 mode. ++ * If this fails, then let it operate in single-key mode. ++ */ ++ if(ioctl(fd, LOOP_MULTI_KEY_SETUP_V3, &multiKeyBits[0][0]) < 0) { ++ ioctl(fd, LOOP_MULTI_KEY_SETUP, &multiKeyBits[0][0]); ++ } ++ ++ /* ++ * Loop is now set up. Clean up the keys. ++ */ ++ memset(&loopinfo.lo_encrypt_key[0], 0, sizeof(loopinfo.lo_encrypt_key)); ++ memset(&multiKeyBits[0][0], 0, sizeof(multiKeyBits)); ++ close(ffd); ++ fclose(f); ++ close(fd); ++ ++ /* ++ * Write 40 KB of zeroes to loop device. That same data is written ++ * to underlying partition in encrypted form. This is done to guarantee ++ * that next time encrypted swap is initialized, the SHA-512 hash will ++ * be different. And, if encrypted swap data writes over this data, that's ++ * even better. ++ */ ++ if(!(f = fopen(loop, "r+"))) { ++ fprintf(stderr, _("swapon: unable to open loop device %s\n"), loop); ++ return 0; ++ } ++ memset(&b[0], 0, sizeof(b)); ++ for(x = 0; x < 10; x++) { ++ if(fwrite(&b[0], sizeof(b), 1, f) != 1) break; ++ } ++ fflush(f); ++ fsync(fileno(f)); ++ fclose(f); ++ sync(); ++ ++ /* ++ * Run mkswap on loop device so that kernel understands it as swap. ++ * Redirect stderr to /dev/null and ignore exit value. ++ */ ++ if(!(x = fork())) { ++ if((x = open("/dev/null", O_WRONLY)) >= 0) { ++ dup2(x, 2); ++ close(x); ++ } ++ a[0] = "mkswap"; ++ a[1] = loop; ++ a[2] = 0; ++ execvp(a[0], &a[0]); ++ execv("/sbin/mkswap", &a[0]); ++ /* error to stdout, stderr is directed to /dev/null */ ++ printf(_("swapon: unable to execute mkswap\n")); ++ exit(1); ++ } ++ if(x == -1) { ++ fprintf(stderr, _("swapon: fork failed\n")); ++ return 0; ++ } ++ waitpid(x, &y, 0); ++ sync(); ++ ++ return 1; ++} ++ + static int swapon_all(void) + { + struct libmnt_table *tb = get_fstab(); +@@ -695,9 +920,16 @@ + /* defaults */ + int pri = priority, dsc = discard, nofail = ifexists; + const char *opts, *src; ++ char *loop = NULL, *encryption = NULL; ++ char *val = NULL; ++ size_t len = 0; + + if (mnt_fs_get_option(fs, "noauto", NULL, NULL) == 0) + continue; ++ if(mnt_fs_get_option(fs, "loop", &val, &len) == 0 && val && len) ++ loop = strndup(val, len); ++ if(mnt_fs_get_option(fs, "encryption", &val, &len) == 0 && val && len) ++ encryption = strndup(val, len); + + opts = mnt_fs_get_options(fs); + if (opts) +@@ -707,12 +939,28 @@ + if (!src) { + if (!nofail) + status |= cannot_find(mnt_fs_get_source(fs)); +- continue; ++ goto do_free; + } + +- if (!is_active_swap(src) && +- (!nofail || !access(src, R_OK))) ++ if (loop && encryption) { ++ if (!is_active_swap(loop) && (!nofail || !access(src, R_OK))) { ++ if(!prepare_encrypted_swap((char*)src, loop, encryption)) { ++ status |= -1; ++ goto do_free; ++ } ++ status |= do_swapon(loop, pri, dsc, CANONIC); ++ ++ } ++ goto do_free; ++ } ++ ++ if (!is_active_swap(src) && (!nofail || !access(src, R_OK))) { + status |= do_swapon(src, pri, dsc, CANONIC); ++ } ++ ++ do_free: ++ if(loop) free(loop); ++ if(encryption) free(encryption); + } + + mnt_free_iter(itr); diff --git a/util-linux-aes.install b/util-linux-aes.install new file mode 100644 index 000000000000..cbe5556c6eb4 --- /dev/null +++ b/util-linux-aes.install @@ -0,0 +1,16 @@ +post_install() { + echo "===> You must also have a loop-AES patched kernel (loop.ko) for this" + echo "===> package to work properly, otherwise you may damage your system." + echo "===> If you do not; you need to reinstall util-linux from Core repo." + + # we don't want use systemd-tmpfiles here because + # the package dependency would create a circular dep. + if [[ ! -d run/uuidd ]]; then + # refer to uid/gid by number to avoid dependency on filesystem + install -o 68 -g 68 -dm755 run/uuidd + fi +} + +post_upgrade() { + post_install +}
\ No newline at end of file |