LogoopenSUSE Build Service > Projects
Sign Up | Log In

View File util-linux-2.21.2-noenc.diff of Package util-linux (Project Base:System)

From e1f7680ca45c5173f7853feb76dd093cec8d17ad Mon Sep 17 00:00:00 2001
From: Ludwig Nussel <ludwig.nussel@suse.de>
Date: Fri, 15 Jun 2012 09:38:36 +0200
Subject: [PATCH] remove obsolete encryption support from losetup

kernel cryptoloop is deprecated since ages and support for cryptoloop in
util-linux is incomplete/broken.
- no password hashing
- last 8 bit of key are always set to zero
- no binary keys possible (stops reading key at \n and \0)

In the past some Distros added the above features with patches. So
remove cryptoloop support from util-linux completely to make sure
people won't try using it.

Signed-off-by: Ludwig Nussel <ludwig.nussel@suse.de>
---
 include/loopdev.h              |    3 --
 lib/loopdev.c                  |   56 ----------------------------------------
 libmount/src/context_loopdev.c |   22 +++-------------
 mount/mount.8                  |    9 +-----
 mount/mount.c                  |   20 +++++---------
 sys-utils/losetup.8            |   29 ++------------------
 sys-utils/losetup.c            |   30 +++++----------------
 sys-utils/mount.8              |    7 +----
 sys-utils/mount.c              |   34 +-----------------------
 9 files changed, 25 insertions(+), 185 deletions(-)

diff --git a/include/loopdev.h b/include/loopdev.h
index 906bee0..030f215 100644
--- a/include/loopdev.h
+++ b/include/loopdev.h
@@ -165,9 +165,6 @@ int loopcxt_set_offset(struct loopdev_cxt *lc, uint64_t offset);
 int loopcxt_set_sizelimit(struct loopdev_cxt *lc, uint64_t sizelimit);
 int loopcxt_set_flags(struct loopdev_cxt *lc, uint32_t flags);
 int loopcxt_set_backing_file(struct loopdev_cxt *lc, const char *filename);
-int loopcxt_set_encryption(struct loopdev_cxt *lc,
-                           const char *encryption,
-                           const char *password);
 
 extern char *loopcxt_get_backing_file(struct loopdev_cxt *lc);
 extern int loopcxt_get_backing_devno(struct loopdev_cxt *lc, dev_t *devno);
diff --git a/lib/loopdev.c b/lib/loopdev.c
index fd3f9ba..807984e 100644
--- a/lib/loopdev.c
+++ b/lib/loopdev.c
@@ -963,62 +963,6 @@ int loopcxt_set_backing_file(struct loopdev_cxt *lc, const char *filename)
 	return 0;
 }
 
-static int digits_only(const char *s)
-{
-	while (*s)
-		if (!isdigit(*s++))
-			return 0;
-	return 1;
-}
-
-/*
- * @lc: context
- * @encryption: encryption name / type (see lopsetup man page)
- * @password
- *
- * Note that the encryption functionality is deprecated an unmaintained. Use
- * cryptsetup (it also supports AES-loops).
- *
- * The setting is removed by loopcxt_set_device() loopcxt_next()!
- *
- * Returns: 0 on success, <0 on error.
- */
-int loopcxt_set_encryption(struct loopdev_cxt *lc,
-			   const char *encryption,
-			   const char *password)
-{
-	if (!lc)
-		return -EINVAL;
-
-	DBG(lc, loopdev_debug("setting encryption '%s'", encryption));
-
-	if (encryption && *encryption) {
-		if (digits_only(encryption)) {
-			lc->info.lo_encrypt_type = atoi(encryption);
-		} else {
-			lc->info.lo_encrypt_type = LO_CRYPT_CRYPTOAPI;
-			snprintf((char *)lc->info.lo_crypt_name, LO_NAME_SIZE,
-				 "%s", encryption);
-		}
-	}
-
-	switch (lc->info.lo_encrypt_type) {
-	case LO_CRYPT_NONE:
-		lc->info.lo_encrypt_key_size = 0;
-		break;
-	default:
-		DBG(lc, loopdev_debug("setting encryption key"));
-		memset(lc->info.lo_encrypt_key, 0, LO_KEY_SIZE);
-		strncpy((char *)lc->info.lo_encrypt_key, password, LO_KEY_SIZE);
-		lc->info.lo_encrypt_key[LO_KEY_SIZE - 1] = '\0';
-		lc->info.lo_encrypt_key_size = LO_KEY_SIZE;
-		break;
-	}
-
-	DBG(lc, loopdev_debug("encryption successfully set"));
-	return 0;
-}
-
 /*
  * @cl: context
  *
diff --git a/libmount/src/context_loopdev.c b/libmount/src/context_loopdev.c
index 023c952..863ee3d 100644
--- a/libmount/src/context_loopdev.c
+++ b/libmount/src/context_loopdev.c
@@ -7,7 +7,6 @@
 
 /*
  * DOCS: - "lo@" prefix for fstype is unsupported
- *	 - encyption= mount option for loop device is unssuported
  */
 
 #include <blkid.h>
@@ -35,8 +34,7 @@ int mnt_context_is_loopdev(struct libmnt_context *cxt)
 
 	if (cxt->user_mountflags & (MNT_MS_LOOP |
 				    MNT_MS_OFFSET |
-				    MNT_MS_SIZELIMIT |
-				    MNT_MS_ENCRYPTION)) {
+				    MNT_MS_SIZELIMIT)) {
 
 		DBG(CXT, mnt_debug_h(cxt, "loopdev specific options detected"));
 		return 1;
@@ -134,7 +132,7 @@ static int is_mounted_same_loopfile(struct libmnt_context *cxt,
 int mnt_context_setup_loopdev(struct libmnt_context *cxt)
 {
 	const char *backing_file, *optstr, *loopdev = NULL;
-	char *val = NULL, *enc = NULL, *pwd = NULL;
+	char *val = NULL;
 	size_t len;
 	struct loopdev_cxt lc;
 	int rc = 0, lo_flags = 0;
@@ -200,13 +198,8 @@ int mnt_context_setup_loopdev(struct libmnt_context *cxt)
 	 */
 	if (rc == 0 && (cxt->user_mountflags & MNT_MS_ENCRYPTION) &&
 	    mnt_optstr_get_option(optstr, "encryption", &val, &len) == 0) {
-		enc = strndup(val, len);
-		if (val && !enc)
-			rc = -ENOMEM;
-		if (enc && cxt->pwd_get_cb) {
-			DBG(CXT, mnt_debug_h(cxt, "asking for pass"));
-			pwd = cxt->pwd_get_cb(cxt);
-		}
+		DBG(CXT, mnt_debug_h(cxt, "encryption no longer supported"));
+		rc = -EINVAL;
 	}
 
 	if (rc == 0 && is_mounted_same_loopfile(cxt,
@@ -245,8 +238,6 @@ int mnt_context_setup_loopdev(struct libmnt_context *cxt)
 			rc = loopcxt_set_offset(&lc, offset);
 		if (!rc && sizelimit)
 			rc = loopcxt_set_sizelimit(&lc, sizelimit);
-		if (!rc && enc && pwd)
-			loopcxt_set_encryption(&lc, enc, pwd);
 		if (!rc)
 			loopcxt_set_flags(&lc, lo_flags);
 		if (rc) {
@@ -298,11 +289,6 @@ int mnt_context_setup_loopdev(struct libmnt_context *cxt)
 		loopcxt_set_fd(&lc, -1, 0);
 	}
 done:
-	free(enc);
-	if (pwd && cxt->pwd_release_cb) {
-		DBG(CXT, mnt_debug_h(cxt, "release pass"));
-		cxt->pwd_release_cb(cxt, pwd);
-	}
 	loopcxt_deinit(&lc);
 	return rc;
 }
diff --git a/mount/mount.8 b/mount/mount.8
index 789d9fe..0644e8e 100644
--- a/mount/mount.8
+++ b/mount/mount.8
@@ -535,11 +535,6 @@ Don't canonicalize paths. The mount command canonicalizes all paths
 file. This option can be used together with the
 .B \-f
 flag for already canonicalized absolut paths.
-.IP "\fB\-p, \-\-pass\-fd \fInum\fP"
-In case of a loop mount with encryption, read the passphrase from
-file descriptor
-.I num
-instead of from the terminal.
 .IP "\fB\-s\fP"
 Tolerate sloppy mount options rather than failing. This will ignore
 mount options not supported by a filesystem type. Not all filesystems
@@ -2708,8 +2703,8 @@ not specified or the filesystem is known for libblkid, for example:
 .B "mount -t ext3 /tmp/disk.img /mnt"
 .sp
 .RE
-This type of mount knows about four options, namely
-.BR loop ", " offset ", " sizelimit " and " encryption ,
+This type of mount knows about three options, namely
+.BR loop ", " offset ", " sizelimit " ,
 that are really options to
 .BR \%losetup (8).
 (These options can be used in addition to those specific
diff --git a/mount/mount.c b/mount/mount.c
index 396f357..b69fd61 100644
--- a/mount/mount.c
+++ b/mount/mount.c
@@ -83,9 +83,6 @@ static int mounttype = 0;
 /* True if (ruid != euid) or (0 != ruid), i.e. only "user" mounts permitted.  */
 static int restricted = 1;
 
-/* Contains the fd to read the passphrase from, if any. */
-static int pfd = -1;
-
 #ifdef HAVE_LIBMOUNT_MOUNT
 static struct libmnt_update *mtab_update;
 static char *mtab_opts;
@@ -1262,7 +1259,7 @@ loop_check(const char **spec, const char **type, int *flags,
       *type = opt_vfstype;
   }
 
-  *loop = ((*flags & MS_LOOP) || *loopdev || opt_offset || opt_sizelimit || opt_encryption);
+  *loop = ((*flags & MS_LOOP) || *loopdev || opt_offset || opt_sizelimit);
   *loopfile = *spec;
 
   /* Automatically create a loop device from a regular file if a filesystem
@@ -1317,6 +1314,11 @@ loop_check(const char **spec, const char **type, int *flags,
         return EX_FAIL;
       }
 
+      if (opt_encryption) {
+        error("mount: %s", _("encryption not supported, use cryptsetup(8) instead"));
+        return EX_FAIL;
+      }
+
       loopcxt_init(&lc, 0);
       /* loopcxt_enable_debug(&lc, 1); */
 
@@ -1525,14 +1527,6 @@ update_mtab_entry(const char *spec, const char *node, const char *type,
 #endif /* !HAVE_LIBMOUNT_MOUNT */
 
 static void
-set_pfd(char *s) {
-	if (!isdigit(*s))
-		die(EX_USAGE,
-		    _("mount: argument to -p or --pass-fd must be a number"));
-	pfd = atoi(optarg);
-}
-
-static void
 cdrom_setspeed(const char *spec) {
 #define CDROM_SELECT_SPEED      0x5322  /* Set the CD-ROM speed */
 	if (opt_speed) {
@@ -2579,7 +2573,7 @@ main(int argc, char *argv[]) {
 			test_opts = append_opt(test_opts, optarg, NULL);
 			break;
 		case 'p':		/* fd on which to read passwd */
-			set_pfd(optarg);
+                        error("mount: %s", _("--pass-fd is no longer supported"));
 			break;
 		case 'r':		/* mount readonly */
 			readonly = 1;
diff --git a/sys-utils/losetup.8 b/sys-utils/losetup.8
index f50b072..8c69689 100644
--- a/sys-utils/losetup.8
+++ b/sys-utils/losetup.8
@@ -40,8 +40,6 @@ Setup loop device:
 .sp
 .in +5
 .B losetup
-.RB [{ \-e | \-E }
-.IR encryption ]
 .RB [ \-o
 .IR offset ]
 .RB [ \-\-sizelimit
@@ -82,8 +80,6 @@ force loop driver to reread size of the file associated with the specified loop
 detach the file or device associated with the specified loop device(s)
 .IP "\fB\-D, \-\-detach-all\fP"
 detach all associated loop devices
-.IP "\fB\-e, \-E, \-\-encryption \fIencryption_type\fP"
-enable data encryption with specified name or number
 .IP "\fB\-f, \-\-find\fP"
 find the first unused loop device. If a
 .I file
@@ -98,10 +94,6 @@ the data start is moved \fIoffset\fP bytes into the specified file or
 device
 .IP "\fB\-\-sizelimit \fIsize\fP"
 the data end is set to no more than \fIsize\fP bytes after the data start
-.IP "\fB\-p, \-\-pass-fd \fInum\fP"
-read the passphrase from file descriptor with number
-.I num
-instead of from the terminal
 .IP "\fB\-P, \-\-partscan\fP"
 force kernel to scan partition table on newly created loop device
 .IP "\fB\-r, \-\-read-only\fP"
@@ -116,25 +108,10 @@ argument are present.
 verbose mode
 
 .SH ENCRYPTION
-.B Cryptoloop is deprecated in favor of dm-crypt. For more details see
-.B cryptsetup (8). It is possible that all bug reports regarding to -E/-e
-.B options will be ignored.
-
-
-It is possible to specify transfer functions (for encryption/decryption
-or other purposes) using one of the
-.B \-E
+Cryptoloop is no longer supported in favor of dm-crypt. For more details see
+.B cryptsetup (8)
 and
-.B \-e
-options.
-There are two mechanisms to specify the desired encryption: by number
-and by name. If an encryption is specified by number then one
-has to make sure that the Linux kernel knows about the encryption with that
-number, probably by patching the kernel. Standard numbers that are
-always present are 0 (no encryption) and 1 (XOR encryption).
-When the cryptoloop module is loaded (or compiled in), it uses number 18.
-This cryptoloop module will take the name of an arbitrary encryption type
-and find the module that knows how to perform that encryption.
+.B crypttab (5).
 
 .SH RETURN VALUE
 .B losetup
diff --git a/sys-utils/losetup.c b/sys-utils/losetup.c
index 9f03151..2513253 100644
--- a/sys-utils/losetup.c
+++ b/sys-utils/losetup.c
@@ -18,7 +18,6 @@
 #include "nls.h"
 #include "strutils.h"
 #include "loopdev.h"
-#include "xgetpass.h"
 
 enum {
 	A_CREATE = 1,		/* setup a new device */
@@ -164,10 +163,8 @@ static void usage(FILE *out)
 		" -j, --associated <file>       list all devices associated with <file>\n"), out);
 	fputs(USAGE_SEPARATOR, out);
 
-	fputs(_(" -e, --encryption <type>       enable encryption with specified <name/num>\n"
-		" -o, --offset <num>            start at offset <num> into file\n"
+	fputs(_(" -o, --offset <num>            start at offset <num> into file\n"
 		"     --sizelimit <num>         device limited to <num> bytes of the file\n"
-		" -p, --pass-fd <num>           read passphrase from file descriptor <num>\n"
 		" -P, --partscan                create partitioned loop device\n"
 		" -r, --read-only               setup read-only loop device\n"
 		"     --show                    print device name after setup (with -f)\n"
@@ -185,8 +182,8 @@ static void usage(FILE *out)
 int main(int argc, char **argv)
 {
 	struct loopdev_cxt lc;
-	int act = 0, flags = 0, passfd = -1, c;
-	char *file = NULL, *encryption = NULL;
+	int act = 0, flags = 0, c;
+	char *file = NULL;
 	uint64_t offset = 0, sizelimit = 0;
 	int res = 0, showdev = 0, lo_flags = 0;
 
@@ -249,7 +246,7 @@ int main(int argc, char **argv)
 			break;
 		case 'E':
 		case 'e':
-			encryption = optarg;
+			errx(EXIT_FAILURE, _("encryption not supported, use cryptsetup(8) instead"));
 			break;
 		case 'f':
 			act = A_FIND_FREE;
@@ -268,8 +265,7 @@ int main(int argc, char **argv)
 			flags |= LOOPDEV_FL_OFFSET;
 			break;
 		case 'p':
-			passfd = strtol_or_err(optarg,
-					_("invalid passphrase file descriptor"));
+                        warn(_("--pass-fd is no longer supported"));
 			break;
 		case 'P':
 			lo_flags |= LO_FLAGS_PARTSCAN;
@@ -327,10 +323,10 @@ int main(int argc, char **argv)
 	}
 
 	if (act != A_CREATE &&
-	    (encryption || sizelimit || passfd != -1 || lo_flags || showdev))
+	    (sizelimit || lo_flags || showdev))
 		errx(EXIT_FAILURE,
 			_("the options %s are allowed to loop device setup only"),
-			"--{encryption,sizelimit,pass-fd,read-only,show}");
+			"--{sizelimit,read-only,show}");
 
 	if ((flags & LOOPDEV_FL_OFFSET) &&
 	    act != A_CREATE && (act != A_SHOW || !file))
@@ -339,16 +335,8 @@ int main(int argc, char **argv)
 	switch (act) {
 	case A_CREATE:
 	{
-		char *pass = NULL;
 		int hasdev = loopcxt_has_device(&lc);
 
-		if (encryption) {
-#ifdef MCL_FUTURE
-			if(mlockall(MCL_CURRENT | MCL_FUTURE))
-				err(EXIT_FAILURE, _("couldn't lock into memory"));
-#endif
-			pass = xgetpass(passfd, _("Password: "));
-		}
 		do {
 			/* Note that loopcxt_{find_unused,set_device}() resets
 			 * loopcxt struct.
@@ -357,8 +345,6 @@ int main(int argc, char **argv)
 				warnx(_("not found unused device"));
 				break;
 			}
-			if (encryption && pass)
-				loopcxt_set_encryption(&lc, encryption, pass);
 			if (flags & LOOPDEV_FL_OFFSET)
 				loopcxt_set_offset(&lc, offset);
 			if (flags & LOOPDEV_FL_SIZELIMIT)
@@ -379,8 +365,6 @@ int main(int argc, char **argv)
 			}
 		} while (hasdev == 0);
 
-		free(pass);
-
 		if (showdev && res == 0)
 			printf("%s\n", loopcxt_get_device(&lc));
 		break;
diff --git a/sys-utils/mount.8 b/sys-utils/mount.8
index 4f8af0a..73f5170 100644
--- a/sys-utils/mount.8
+++ b/sys-utils/mount.8
@@ -528,11 +528,6 @@ Don't canonicalize paths. The mount command canonicalizes all paths
 file. This option can be used together with the
 .B \-f
 flag for already canonicalized absolut paths.
-.IP "\fB\-p, \-\-pass\-fd \fInum\fP"
-In case of a loop mount with encryption, read the passphrase from
-file descriptor
-.I num
-instead of from the terminal.
 .IP "\fB\-s\fP"
 Tolerate sloppy mount options rather than failing. This will ignore
 mount options not supported by a filesystem type. Not all filesystems
@@ -2715,7 +2710,7 @@ not specified or the filesystem is known for libblkid, for example:
 .sp
 .RE
 This type of mount knows about four options, namely
-.BR loop ", " offset ", " sizelimit " and " encryption ,
+.BR loop ", " offset ", " sizelimit ",
 that are really options to
 .BR \%losetup (8).
 (These options can be used in addition to those specific
diff --git a/sys-utils/mount.c b/sys-utils/mount.c
index 7f2d5d8..031fd31 100644
--- a/sys-utils/mount.c
+++ b/sys-utils/mount.c
@@ -36,7 +36,6 @@
 #include "env.h"
 #include "optutils.h"
 #include "strutils.h"
-#include "xgetpass.h"
 #include "exitcodes.h"
 #include "xalloc.h"
 
@@ -49,7 +48,6 @@
  *  --options-source-force				MNT_OMODE_FORCE
  */
 
-static int passfd = -1;
 static int readwrite;
 
 static int mk_exit_code(struct libmnt_context *cxt, int rc);
@@ -103,32 +101,6 @@ static int table_parser_errcb(struct libmnt_table *tb __attribute__((__unused__)
 	return 0;
 }
 
-static char *encrypt_pass_get(struct libmnt_context *cxt)
-{
-	if (!cxt)
-		return 0;
-
-#ifdef MCL_FUTURE
-	if (mlockall(MCL_CURRENT | MCL_FUTURE)) {
-		warn(_("couldn't lock into memory"));
-		return NULL;
-	}
-#endif
-	return xgetpass(passfd, _("Password: "));
-}
-
-static void encrypt_pass_release(struct libmnt_context *cxt
-			__attribute__((__unused__)), char *pwd)
-{
-	char *p = pwd;
-
-	while (p && *p)
-		*p++ = '\0';
-
-	free(pwd);
-	munlockall();
-}
-
 static void print_all(struct libmnt_context *cxt, char *pattern, int show_label)
 {
 	struct libmnt_table *tb;
@@ -616,7 +588,6 @@ static void __attribute__((__noreturn__)) usage(FILE *out)
 	fprintf(out, _(
 	" -o, --options <list>    comma-separated list of mount options\n"
 	" -O, --test-opts <list>  limit the set of filesystems (use with -a)\n"
-	" -p, --pass-fd <num>     read the passphrase from file descriptor\n"
 	" -r, --read-only         mount the filesystem read-only (same as -o ro)\n"
 	" -t, --types <list>      limit the set of filesystem types\n"));
 	fprintf(out, _(
@@ -782,8 +753,7 @@ int main(int argc, char **argv)
 				err(MOUNT_EX_SYSERR, _("failed to set options pattern"));
 			break;
 		case 'p':
-			passfd = strtol_or_err(optarg,
-					_("invalid passphrase file descriptor"));
+                        warnx(_("--pass-fd is no longer supported"));
 			break;
 		case 'L':
 		case 'U':
@@ -864,8 +834,6 @@ int main(int argc, char **argv)
 	else if (types)
 		mnt_context_set_fstype(cxt, types);
 
-	mnt_context_set_passwd_cb(cxt, encrypt_pass_get, encrypt_pass_release);
-
 	if (all) {
 		/*
 		 * A) Mount all
-- 
1.7.7