systemd/src/cryptenroll/cryptenroll-list.c

/* SPDX-License-Identifier: LGPL-2.1-or-later */

#include "cryptenroll-list.h"
#include "cryptenroll.h"
#include "format-table.h"
#include "parse-util.h"

struct keyslot_metadata {
        int slot;
        const char *type;
};

int list_enrolled(struct crypt_device *cd) {
        _cleanup_free_ struct keyslot_metadata *keyslot_metadata = NULL;
        _cleanup_(table_unrefp) Table *t = NULL;
        size_t n_keyslot_metadata = 0;
        int slot_max, r;
        TableCell *cell;

        assert(cd);

        /* First step, find out all currently used slots */
        assert_se((slot_max = crypt_keyslot_max(CRYPT_LUKS2)) > 0);
        for (int slot = 0; slot < slot_max; slot++) {
                crypt_keyslot_info status;

                status = crypt_keyslot_status(cd, slot);
                if (!IN_SET(status, CRYPT_SLOT_ACTIVE, CRYPT_SLOT_ACTIVE_LAST))
                        continue;

                if (!GREEDY_REALLOC(keyslot_metadata, n_keyslot_metadata+1))
                        return log_oom();

                keyslot_metadata[n_keyslot_metadata++] = (struct keyslot_metadata) {
                        .slot = slot,
                };
        }

        /* Second step, enumerate through all tokens, and update the slot table, indicating what kind of
         * token they are assigned to */
        for (int token = 0; token < sym_crypt_token_max(CRYPT_LUKS2); token++) {
                _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
                const char *type;
                JsonVariant *w, *z;
                EnrollType et;

                r = cryptsetup_get_token_as_json(cd, token, NULL, &v);
                if (IN_SET(r, -ENOENT, -EINVAL))
                        continue;
                if (r < 0) {
                        log_warning_errno(r, "Failed to read JSON token data off disk, ignoring: %m");
                        continue;
                }

                w = json_variant_by_key(v, "type");
                if (!w || !json_variant_is_string(w)) {
                        log_warning("Token JSON data lacks type field, ignoring.");
                        continue;
                }

                et = luks2_token_type_from_string(json_variant_string(w));
                if (et < 0)
                        type = "other";
                else
                        type = enroll_type_to_string(et);

                w = json_variant_by_key(v, "keyslots");
                if (!w || !json_variant_is_array(w)) {
                        log_warning("Token JSON data lacks keyslots field, ignoring.");
                        continue;
                }

                JSON_VARIANT_ARRAY_FOREACH(z, w) {
                        unsigned u;

                        if (!json_variant_is_string(z)) {
                                log_warning("Token JSON data's keyslot field is not an array of strings, ignoring.");
                                continue;
                        }

                        r = safe_atou(json_variant_string(z), &u);
                        if (r < 0) {
                                log_warning_errno(r, "Token JSON data's keyslot field is not an integer formatted as string, ignoring.");
                                continue;
                        }

                        for (size_t i = 0; i < n_keyslot_metadata; i++) {
                                if ((unsigned) keyslot_metadata[i].slot != u)
                                        continue;

                                if (keyslot_metadata[i].type) /* Slot claimed multiple times? */
                                        keyslot_metadata[i].type = POINTER_MAX;
                                else
                                        keyslot_metadata[i].type = type;
                        }
                }
        }

        /* Finally, create a table out of it all */
        t = table_new("slot", "type");
        if (!t)
                return log_oom();

        assert_se(cell = table_get_cell(t, 0, 0));
        (void) table_set_align_percent(t, cell, 100);

        for (size_t i = 0; i < n_keyslot_metadata; i++) {
                r = table_add_many(
                                t,
                                TABLE_INT, keyslot_metadata[i].slot,
                                TABLE_STRING, keyslot_metadata[i].type == POINTER_MAX ? "conflict" :
                                              keyslot_metadata[i].type ?: "password");
                if (r < 0)
                        return table_log_add_error(r);
        }

        if (table_isempty(t)) {
                log_info("No slots found.");
                return 0;
        }

        r = table_print(t, stdout);
        if (r < 0)
                return log_error_errno(r, "Failed to show slot table: %m");

        return 0;
}
cryptenroll: support listing and wiping tokens 2020-11-29 00:59:21 +03:00			`/* SPDX-License-Identifier: LGPL-2.1-or-later */`

			`#include "cryptenroll-list.h"`
			`#include "cryptenroll.h"`
			`#include "format-table.h"`
			`#include "parse-util.h"`

cryptenroll: fix a memory leak $ dd if=/dev/zero of=luks.img bs=1M count=64 $ echo 1231dfsd234d \| cryptsetup luksFormat luks.img $ build-san/systemd-cryptenroll luks.img SLOT TYPE 0 password ================================================================= ==640364==ERROR: LeakSanitizer: detected memory leaks Direct leak of 64 byte(s) in 1 object(s) allocated from: #0 0x7f43ffeb95b5 in __interceptor_realloc.part.0 (/lib64/libasan.so.8+0xb95b5) #1 0x7f43ff0a4f2f in greedy_realloc ../src/basic/alloc-util.c:70 #2 0x404d9f in list_enrolled ../src/cryptenroll/cryptenroll-list.c:30 #3 0x40f149 in run ../src/cryptenroll/cryptenroll.c:673 #4 0x40f149 in main ../src/cryptenroll/cryptenroll.c:692 #5 0x7f43fd64a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f) SUMMARY: AddressSanitizer: 64 byte(s) leaked in 1 allocation(s). Aborted (core dumped) Reported in https://github.com/systemd/systemd/pull/27007. 2023-03-27 17:51:00 +03:00			`struct keyslot_metadata {`
			`int slot;`
			`const char *type;`
			`};`
cryptenroll: support listing and wiping tokens 2020-11-29 00:59:21 +03:00
cryptenroll: fix a memory leak $ dd if=/dev/zero of=luks.img bs=1M count=64 $ echo 1231dfsd234d \| cryptsetup luksFormat luks.img $ build-san/systemd-cryptenroll luks.img SLOT TYPE 0 password ================================================================= ==640364==ERROR: LeakSanitizer: detected memory leaks Direct leak of 64 byte(s) in 1 object(s) allocated from: #0 0x7f43ffeb95b5 in __interceptor_realloc.part.0 (/lib64/libasan.so.8+0xb95b5) #1 0x7f43ff0a4f2f in greedy_realloc ../src/basic/alloc-util.c:70 #2 0x404d9f in list_enrolled ../src/cryptenroll/cryptenroll-list.c:30 #3 0x40f149 in run ../src/cryptenroll/cryptenroll.c:673 #4 0x40f149 in main ../src/cryptenroll/cryptenroll.c:692 #5 0x7f43fd64a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f) SUMMARY: AddressSanitizer: 64 byte(s) leaked in 1 allocation(s). Aborted (core dumped) Reported in https://github.com/systemd/systemd/pull/27007. 2023-03-27 17:51:00 +03:00			`int list_enrolled(struct crypt_device *cd) {`
			`_cleanup_free_ struct keyslot_metadata *keyslot_metadata = NULL;`
cryptenroll: support listing and wiping tokens 2020-11-29 00:59:21 +03:00			`_cleanup_(table_unrefp) Table *t = NULL;`
alloc-util: simplify GREEDY_REALLOC() logic by relying on malloc_usable_size() We recently started making more use of malloc_usable_size() and rely on it (see the string_erase() story). Given that we don't really support sytems where malloc_usable_size() cannot be trusted beyond statistics anyway, let's go fully in and rework GREEDY_REALLOC() on top of it: instead of passing around and maintaining the currenly allocated size everywhere, let's just derive it automatically from malloc_usable_size(). I am mostly after this for the simplicity this brings. It also brings minor efficiency improvements I guess, but things become so much nicer to look at if we can avoid these allocation size variables everywhere. Note that the malloc_usable_size() man page says relying on it wasn't "good programming practice", but I think it does this for reasons that don't apply here: the greedy realloc logic specifically doesn't rely on the returned extra size, beyond the fact that it is equal or larger than what was requested. (This commit was supposed to be a quick patch btw, but apparently we use the greedy realloc stuff quite a bit across the codebase, so this ends up touching alot* of code.) 2021-05-19 00:01:32 +03:00			`size_t n_keyslot_metadata = 0;`
cryptenroll: support listing and wiping tokens 2020-11-29 00:59:21 +03:00			`int slot_max, r;`
			`TableCell *cell;`

			`assert(cd);`

			`/* First step, find out all currently used slots */`
			`assert_se((slot_max = crypt_keyslot_max(CRYPT_LUKS2)) > 0);`
			`for (int slot = 0; slot < slot_max; slot++) {`
			`crypt_keyslot_info status;`

			`status = crypt_keyslot_status(cd, slot);`
			`if (!IN_SET(status, CRYPT_SLOT_ACTIVE, CRYPT_SLOT_ACTIVE_LAST))`
			`continue;`

alloc-util: simplify GREEDY_REALLOC() logic by relying on malloc_usable_size() We recently started making more use of malloc_usable_size() and rely on it (see the string_erase() story). Given that we don't really support sytems where malloc_usable_size() cannot be trusted beyond statistics anyway, let's go fully in and rework GREEDY_REALLOC() on top of it: instead of passing around and maintaining the currenly allocated size everywhere, let's just derive it automatically from malloc_usable_size(). I am mostly after this for the simplicity this brings. It also brings minor efficiency improvements I guess, but things become so much nicer to look at if we can avoid these allocation size variables everywhere. Note that the malloc_usable_size() man page says relying on it wasn't "good programming practice", but I think it does this for reasons that don't apply here: the greedy realloc logic specifically doesn't rely on the returned extra size, beyond the fact that it is equal or larger than what was requested. (This commit was supposed to be a quick patch btw, but apparently we use the greedy realloc stuff quite a bit across the codebase, so this ends up touching alot* of code.) 2021-05-19 00:01:32 +03:00			`if (!GREEDY_REALLOC(keyslot_metadata, n_keyslot_metadata+1))`
cryptenroll: support listing and wiping tokens 2020-11-29 00:59:21 +03:00			`return log_oom();`

			`keyslot_metadata[n_keyslot_metadata++] = (struct keyslot_metadata) {`
			`.slot = slot,`
			`};`
			`}`

			`/* Second step, enumerate through all tokens, and update the slot table, indicating what kind of`
			`* token they are assigned to */`
cryptsetup: use crypt_token_max if available New API added upstream: https://gitlab.com/cryptsetup/cryptsetup/-/commit/8a12f6dc2c75f8fd0c4969fbdc421895eb418072 2020-12-29 02:50:16 +03:00			`for (int token = 0; token < sym_crypt_token_max(CRYPT_LUKS2); token++) {`
cryptenroll: support listing and wiping tokens 2020-11-29 00:59:21 +03:00			`_cleanup_(json_variant_unrefp) JsonVariant *v = NULL;`
			`const char *type;`
			`JsonVariant w, z;`
			`EnrollType et;`

			`r = cryptsetup_get_token_as_json(cd, token, NULL, &v);`
			`if (IN_SET(r, -ENOENT, -EINVAL))`
			`continue;`
			`if (r < 0) {`
			`log_warning_errno(r, "Failed to read JSON token data off disk, ignoring: %m");`
			`continue;`
			`}`

			`w = json_variant_by_key(v, "type");`
			`if (!w \|\| !json_variant_is_string(w)) {`
			`log_warning("Token JSON data lacks type field, ignoring.");`
			`continue;`
			`}`

			`et = luks2_token_type_from_string(json_variant_string(w));`
			`if (et < 0)`
			`type = "other";`
			`else`
			`type = enroll_type_to_string(et);`

			`w = json_variant_by_key(v, "keyslots");`
			`if (!w \|\| !json_variant_is_array(w)) {`
			`log_warning("Token JSON data lacks keyslots field, ignoring.");`
			`continue;`
			`}`

			`JSON_VARIANT_ARRAY_FOREACH(z, w) {`
			`unsigned u;`

			`if (!json_variant_is_string(z)) {`
			`log_warning("Token JSON data's keyslot field is not an array of strings, ignoring.");`
			`continue;`
			`}`

			`r = safe_atou(json_variant_string(z), &u);`
			`if (r < 0) {`
cryptenroll: fix typo 2022-06-03 18:09:23 +03:00			`log_warning_errno(r, "Token JSON data's keyslot field is not an integer formatted as string, ignoring.");`
cryptenroll: support listing and wiping tokens 2020-11-29 00:59:21 +03:00			`continue;`
			`}`

			`for (size_t i = 0; i < n_keyslot_metadata; i++) {`
			`if ((unsigned) keyslot_metadata[i].slot != u)`
			`continue;`

			`if (keyslot_metadata[i].type) /* Slot claimed multiple times? */`
			`keyslot_metadata[i].type = POINTER_MAX;`
			`else`
			`keyslot_metadata[i].type = type;`
			`}`
			`}`
			`}`

			`/* Finally, create a table out of it all */`
			`t = table_new("slot", "type");`
			`if (!t)`
			`return log_oom();`

			`assert_se(cell = table_get_cell(t, 0, 0));`
			`(void) table_set_align_percent(t, cell, 100);`

			`for (size_t i = 0; i < n_keyslot_metadata; i++) {`
			`r = table_add_many(`
			`t,`
			`TABLE_INT, keyslot_metadata[i].slot,`
			`TABLE_STRING, keyslot_metadata[i].type == POINTER_MAX ? "conflict" :`
			`keyslot_metadata[i].type ?: "password");`
			`if (r < 0)`
			`return table_log_add_error(r);`
			`}`

format-table: introduce table_isempty and use it where appropriate 2023-12-25 12:34:57 +03:00			`if (table_isempty(t)) {`
cryptenroll: support listing and wiping tokens 2020-11-29 00:59:21 +03:00			`log_info("No slots found.");`
			`return 0;`
			`}`

			`r = table_print(t, stdout);`
			`if (r < 0)`
			`return log_error_errno(r, "Failed to show slot table: %m");`

			`return 0;`
			`}`