mount: losetup: remove obsolete encryption support

kernel cryptoloop is deprecated since ages and support for cryptoloop
in util-linux is incomplete/broken.
- no password hashing
- last 8 bit of key are always set to zero
- no binary keys possible (stops reading key at \n and \0)

In the past some Distros added the above features with patches. So
remove cryptoloop support from util-linux completely to make sure
people won't try using it.

Signed-off-by: Ludwig Nussel <ludwig.nussel@suse.de>
Signed-off-by: Karel Zak <kzak@redhat.com>

4 files changed, 12 insertions, 96 deletions

diff --git a/sys-utils/losetup.8 b/sys-utils/losetup.8
index 9b5fe6109..6a006e1b8 100644
--- a/sys-utils/losetup.8
+++ b/sys-utils/losetup.8
@@ -40,8 +40,6 @@ Setup loop device:
 .sp
 .in +5
 .B losetup
-.RB [{ \-e | \-E }
-.IR encryption ]
 .RB [ \-o
 .IR offset ]
 .RB [ \-\-sizelimit
@@ -83,8 +81,6 @@ force loop driver to reread size of the file associated with the specified loop
 detach the file or device associated with the specified loop device(s)
 .IP "\fB\-D, \-\-detach-all\fP"
 detach all associated loop devices
-.IP "\fB\-e, \-E, \-\-encryption \fIencryption_type\fP"
-enable data encryption with specified name or number
 .IP "\fB\-f, \-\-find\fP"
 find the first unused loop device. If a
 .I file
@@ -99,10 +95,6 @@ the data start is moved \fIoffset\fP bytes into the specified file or
 device
 .IP "\fB\-\-sizelimit \fIsize\fP"
 the data end is set to no more than \fIsize\fP bytes after the data start
-.IP "\fB\-p, \-\-pass-fd \fInum\fP"
-read the passphrase from file descriptor with number
-.I num
-instead of from the terminal
 .IP "\fB\-P, \-\-partscan\fP"
 force kernel to scan partition table on newly created loop device
 .IP "\fB\-r, \-\-read-only\fP"
@@ -117,25 +109,8 @@ argument are present.
 verbose mode
 
 .SH ENCRYPTION
-.B Cryptoloop is deprecated in favor of dm-crypt. For more details see
-.B cryptsetup (8). It is possible that all bug reports regarding to -E/-e
-.B options will be ignored.
-
-
-It is possible to specify transfer functions (for encryption/decryption
-or other purposes) using one of the
-.B \-E
-and
-.B \-e
-options.
-There are two mechanisms to specify the desired encryption: by number
-and by name. If an encryption is specified by number then one
-has to make sure that the Linux kernel knows about the encryption with that
-number, probably by patching the kernel. Standard numbers that are
-always present are 0 (no encryption) and 1 (XOR encryption).
-When the cryptoloop module is loaded (or compiled in), it uses number 18.
-This cryptoloop module will take the name of an arbitrary encryption type
-and find the module that knows how to perform that encryption.
+.B Cryptoloop is no longer supported in favor of dm-crypt. For more details see
+.B cryptsetup (8).
 
 .SH RETURN VALUE
 .B losetup
diff --git a/sys-utils/losetup.c b/sys-utils/losetup.c
index 9aeb9ec8a..38ccc7d08 100644
--- a/sys-utils/losetup.c
+++ b/sys-utils/losetup.c
@@ -18,7 +18,6 @@
 #include "nls.h"
 #include "strutils.h"
 #include "loopdev.h"
-#include "xgetpass.h"
 #include "closestream.h"
 #include "optutils.h"
 
@@ -166,10 +165,8 @@ static void usage(FILE *out)
 		" -j, --associated <file>       list all devices associated with <file>\n"), out);
 	fputs(USAGE_SEPARATOR, out);
 
-	fputs(_(" -e, --encryption <type>       enable encryption with specified <name/num>\n"
-		" -o, --offset <num>            start at offset <num> into file\n"
+	fputs(_(" -o, --offset <num>            start at offset <num> into file\n"
 		"     --sizelimit <num>         device limited to <num> bytes of the file\n"
-		" -p, --pass-fd <num>           read passphrase from file descriptor <num>\n"
 		" -P, --partscan                create partitioned loop device\n"
 		" -r, --read-only               setup read-only loop device\n"
 		"     --show                    print device name after setup (with -f)\n"
@@ -207,8 +204,8 @@ static void warn_size(const char *filename, uint64_t size)
 int main(int argc, char **argv)
 {
 	struct loopdev_cxt lc;
-	int act = 0, flags = 0, passfd = -1, c;
-	char *file = NULL, *encryption = NULL;
+	int act = 0, flags = 0, c;
+	char *file = NULL;
 	uint64_t offset = 0, sizelimit = 0;
 	int res = 0, showdev = 0, lo_flags = 0;
 
@@ -281,7 +278,7 @@ int main(int argc, char **argv)
 			break;
 		case 'E':
 		case 'e':
-			encryption = optarg;
+			errx(EXIT_FAILURE, _("encryption not supported, use cryptsetup(8) instead"));
 			break;
 		case 'f':
 			act = A_FIND_FREE;
@@ -298,8 +295,7 @@ int main(int argc, char **argv)
 			flags |= LOOPDEV_FL_OFFSET;
 			break;
 		case 'p':
-			passfd = strtou32_or_err(optarg,
-					_("invalid passphrase file descriptor"));
+                        warn(_("--pass-fd is no longer supported"));
 			break;
 		case 'P':
 			lo_flags |= LO_FLAGS_PARTSCAN;
@@ -361,10 +357,10 @@ int main(int argc, char **argv)
 	}
 
 	if (act != A_CREATE &&
-	    (encryption || sizelimit || passfd != -1 || lo_flags || showdev))
+	    (sizelimit || lo_flags || showdev))
 		errx(EXIT_FAILURE,
 			_("the options %s are allowed to loop device setup only"),
-			"--{encryption,sizelimit,pass-fd,read-only,show}");
+			"--{sizelimit,read-only,show}");
 
 	if ((flags & LOOPDEV_FL_OFFSET) &&
 	    act != A_CREATE && (act != A_SHOW || !file))
@@ -373,16 +369,8 @@ int main(int argc, char **argv)
 	switch (act) {
 	case A_CREATE:
 	{
-		char *pass = NULL;
 		int hasdev = loopcxt_has_device(&lc);
 
-		if (encryption) {
-#ifdef MCL_FUTURE
-			if(mlockall(MCL_CURRENT | MCL_FUTURE))
-				err(EXIT_FAILURE, _("couldn't lock into memory"));
-#endif
-			pass = xgetpass(passfd, _("Password: "));
-		}
 		do {
 			/* Note that loopcxt_{find_unused,set_device}() resets
 			 * loopcxt struct.
@@ -391,8 +379,6 @@ int main(int argc, char **argv)
 				warnx(_("not found unused device"));
 				break;
 			}
-			if (encryption && pass)
-				loopcxt_set_encryption(&lc, encryption, pass);
 			if (flags & LOOPDEV_FL_OFFSET)
 				loopcxt_set_offset(&lc, offset);
 			if (flags & LOOPDEV_FL_SIZELIMIT)
@@ -415,8 +401,6 @@ int main(int argc, char **argv)
 			}
 		} while (hasdev == 0);
 
-		free(pass);
-
 		if (res == 0) {
 			if (showdev)
 				printf("%s\n", loopcxt_get_device(&lc));
diff --git a/sys-utils/mount.8 b/sys-utils/mount.8
index bac259b11..cbd7c1354 100644
--- a/sys-utils/mount.8
+++ b/sys-utils/mount.8
@@ -559,11 +559,6 @@ Don't canonicalize paths. The mount command canonicalizes all paths
 file. This option can be used together with the
 .B \-f
 flag for already canonicalized absolut paths.
-.IP "\fB\-p, \-\-pass\-fd \fInum\fP"
-In case of a loop mount with encryption, read the passphrase from
-file descriptor
-.I num
-instead of from the terminal.
 .IP "\fB\-s\fP"
 Tolerate sloppy mount options rather than failing. This will ignore
 mount options not supported by a filesystem type. Not all filesystems
@@ -2775,7 +2770,7 @@ not specified or the filesystem is known for libblkid, for example:
 .sp
 .RE
 This type of mount knows about four options, namely
-.BR loop ", " offset ", " sizelimit " and " encryption ,
+.BR loop ", " offset " and " sizelimit " ,
 that are really options to
 .BR \%losetup (8).
 (These options can be used in addition to those specific
diff --git a/sys-utils/mount.c b/sys-utils/mount.c
index 2d1d2cd41..0ac3d9083 100644
--- a/sys-utils/mount.c
+++ b/sys-utils/mount.c
@@ -36,7 +36,6 @@
 #include "c.h"
 #include "env.h"
 #include "strutils.h"
-#include "xgetpass.h"
 #include "exitcodes.h"
 #include "xalloc.h"
 #include "closestream.h"
@@ -51,7 +50,6 @@
  *  --options-source-force				MNT_OMODE_FORCE
  */
 
-static int passfd = -1;
 static int readwrite;
 
 static int mk_exit_code(struct libmnt_context *cxt, int rc);
@@ -105,32 +103,6 @@ static int table_parser_errcb(struct libmnt_table *tb __attribute__((__unused__)
 	return 0;
 }
 
-static char *encrypt_pass_get(struct libmnt_context *cxt)
-{
-	if (!cxt)
-		return 0;
-
-#ifdef MCL_FUTURE
-	if (mlockall(MCL_CURRENT | MCL_FUTURE)) {
-		warn(_("couldn't lock into memory"));
-		return NULL;
-	}
-#endif
-	return xgetpass(passfd, _("Password: "));
-}
-
-static void encrypt_pass_release(struct libmnt_context *cxt
-			__attribute__((__unused__)), char *pwd)
-{
-	char *p = pwd;
-
-	while (p && *p)
-		*p++ = '\0';
-
-	free(pwd);
-	munlockall();
-}
-
 /*
  * Replace control chars with '?' to be compatible with coreutils. For more
  * robust solution use findmnt(1) where we use \x?? hex encoding.
@@ -404,13 +376,7 @@ try_readonly:
 				warnx(_("failed to parse mount options"));
 			return MOUNT_EX_USAGE;
 		case -MNT_ERR_LOOPDEV:
-			if (errno == ENOENT
-			    && (uflags & MNT_MS_ENCRYPTION)
-			    && src && stat(src, &st) == 0)
-				warnx(_("%s: failed to setup loop device "
-					"(probably unknown encryption type)"), src);
-			else
-				warn(_("%s: failed to setup loop device"), src);
+			warn(_("%s: failed to setup loop device"), src);
 			return MOUNT_EX_FAIL;
 		default:
 			return handle_generic_errors(rc, _("%s: mount failed"),
@@ -641,7 +607,6 @@ static void __attribute__((__noreturn__)) usage(FILE *out)
 	fprintf(out, _(
 	" -o, --options <list>    comma-separated list of mount options\n"
 	" -O, --test-opts <list>  limit the set of filesystems (use with -a)\n"
-	" -p, --pass-fd <num>     read the passphrase from file descriptor\n"
 	" -r, --read-only         mount the filesystem read-only (same as -o ro)\n"
 	" -t, --types <list>      limit the set of filesystem types\n"));
 	fprintf(out, _(
@@ -835,8 +800,7 @@ int main(int argc, char **argv)
 				err(MOUNT_EX_SYSERR, _("failed to set options pattern"));
 			break;
 		case 'p':
-			passfd = strtou32_or_err(optarg,
-					_("invalid passphrase file descriptor"));
+                        warnx(_("--pass-fd is no longer supported"));
 			break;
 		case 'L':
 			xasprintf(&srcbuf, "LABEL=\"%s\"", optarg);
@@ -931,8 +895,6 @@ int main(int argc, char **argv)
 	else if (types)
 		mnt_context_set_fstype(cxt, types);
 
-	mnt_context_set_passwd_cb(cxt, encrypt_pass_get, encrypt_pass_release);
-
 	if (all) {
 		/*
 		 * A) Mount all