/*
* Copyright (C) 2008 Karel Zak <kzak@redhat.com>
* Copyright (C) 2018 Milan Broz <gmazyland@gmail.com>
*
* Inspired by libvolume_id by
* Kay Sievers <kay.sievers@vrfy.org>
*
* This file may be redistributed under the terms of the
* GNU Lesser General Public License.
*/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <errno.h>
#include <ctype.h>
#include <stdint.h>
#include "superblocks.h"
#define LUKS_CIPHERNAME_L 32
#define LUKS_CIPHERMODE_L 32
#define LUKS_HASHSPEC_L 32
#define LUKS_DIGESTSIZE 20
#define LUKS_SALTSIZE 32
#define LUKS_MAGIC_L 6
#define UUID_STRING_L 40
#define LUKS2_LABEL_L 48
#define LUKS2_SALT_L 64
#define LUKS2_CHECKSUM_ALG_L 32
#define LUKS2_CHECKSUM_L 64
#define LUKS_MAGIC "LUKS\xba\xbe"
#define LUKS_MAGIC_2 "SKUL\xba\xbe"
/* Offsets for secondary header (for scan if primary header is corrupted). */
#define LUKS2_HDR2_OFFSETS { 0x04000, 0x008000, 0x010000, 0x020000, \
0x40000, 0x080000, 0x100000, 0x200000, 0x400000 }
static const uint64_t secondary_offsets[] = LUKS2_HDR2_OFFSETS;
struct luks_phdr {
uint8_t magic[LUKS_MAGIC_L];
uint16_t version;
uint8_t cipherName[LUKS_CIPHERNAME_L];
uint8_t cipherMode[LUKS_CIPHERMODE_L];
uint8_t hashSpec[LUKS_HASHSPEC_L];
uint32_t payloadOffset;
uint32_t keyBytes;
uint8_t mkDigest[LUKS_DIGESTSIZE];
uint8_t mkDigestSalt[LUKS_SALTSIZE];
uint32_t mkDigestIterations;
uint8_t uuid[UUID_STRING_L];
} __attribute__((packed));
struct luks2_phdr {
char magic[LUKS_MAGIC_L];
uint16_t version;
uint64_t hdr_size; /* in bytes, including JSON area */
uint64_t seqid; /* increased on every update */
char label[LUKS2_LABEL_L];
char checksum_alg[LUKS2_CHECKSUM_ALG_L];
uint8_t salt[LUKS2_SALT_L]; /* unique for every header/offset */
char uuid[UUID_STRING_L];
char subsystem[LUKS2_LABEL_L]; /* owner subsystem label */
uint64_t hdr_offset; /* offset from device start in bytes */
char _padding[184];
uint8_t csum[LUKS2_CHECKSUM_L];
/* Padding to 4k, then JSON area */
} __attribute__ ((packed));
static int luks_attributes(blkid_probe pr, struct luks2_phdr *header, uint64_t offset)
{
int version;
struct luks_phdr *header_v1;
if (blkid_probe_set_magic(pr, offset, LUKS_MAGIC_L, (unsigned char *) &header->magic))
return BLKID_PROBE_NONE;
version = be16_to_cpu(header->version);
blkid_probe_sprintf_version(pr, "%u", version);
if (version == 1) {
header_v1 = (struct luks_phdr *)header;
blkid_probe_strncpy_uuid(pr,
(unsigned char *) header_v1->uuid, UUID_STRING_L);
} else if (version == 2) {
blkid_probe_strncpy_uuid(pr,
(unsigned char *) header->uuid, UUID_STRING_L);
blkid_probe_set_label(pr,
(unsigned char *) header->label, LUKS2_LABEL_L);
blkid_probe_set_id_label(pr, "SUBSYSTEM",
(unsigned char *) header->subsystem, LUKS2_LABEL_L);
}
return BLKID_PROBE_OK;
}
static int probe_luks(blkid_probe pr, const struct blkid_idmag *mag __attribute__((__unused__)))
{
struct luks2_phdr *header;
size_t i;
header = (struct luks2_phdr *) blkid_probe_get_buffer(pr, 0, sizeof(struct luks2_phdr));
if (!header)
return errno ? -errno : BLKID_PROBE_NONE;
if (!memcmp(header->magic, LUKS_MAGIC, LUKS_MAGIC_L)) {
/* LUKS primary header was found. */
return luks_attributes(pr, header, 0);
} else {
/* No primary header, scan for known offsets of LUKS2 secondary header. */
for (i = 0; i < ARRAY_SIZE(secondary_offsets); i++) {
header = (struct luks2_phdr *) blkid_probe_get_buffer(pr,
secondary_offsets[i], sizeof(struct luks2_phdr));
if (!header)
return errno ? -errno : BLKID_PROBE_NONE;
if (!memcmp(header->magic, LUKS_MAGIC_2, LUKS_MAGIC_L))
return luks_attributes(pr, header, secondary_offsets[i]);
}
}
return BLKID_PROBE_NONE;
}
const struct blkid_idinfo luks_idinfo =
{
.name = "crypto_LUKS",
.usage = BLKID_USAGE_CRYPTO,
.probefunc = probe_luks,
.magics = BLKID_NONE_MAGIC
};
