Index: head/stand/Makefile =================================================================== --- head/stand/Makefile (revision 335320) +++ head/stand/Makefile (revision 335321) @@ -1,44 +1,42 @@ # $FreeBSD$ .include # For amd64 we have to build 32 and 64 bit versions of things. For # others we don't. LIB32LIST is a list of libraries, which if # included, need to be built 32-bit as well. .if ${MACHINE_ARCH} == "amd64" LIB32LIST=libsa ficl liblua zfs .endif S.yes+= libsa S.${MK_FORTH}+= ficl S.${MK_FORTH}+= forth S.${MK_LOADER_LUA}+= liblua S.${MK_LOADER_LUA}+= lua S.${MK_FDT}+= fdt S.${MK_LOADER_OFW}+= ofw S.${MK_ZFS}+= zfs S.yes+= defaults S.yes+= man -S.${MK_LOADER_GELI}+= geli - .include S.${MK_EFI}+= efi S.${MK_LOADER_UBOOT}+= uboot .if exists(${.CURDIR}/${MACHINE}/.) S.yes+= ${MACHINE} .endif # Build the actual subdir list from S.yes, adding in the 32-bit # variant if necessary. .for _x in ${S.yes} SUBDIR+=${_x} .if defined(LIB32LIST) && ${LIB32LIST:M${_x}} SUBDIR+=${_x}32 .endif .endfor .include Index: head/stand/defs.mk =================================================================== --- head/stand/defs.mk (revision 335320) +++ head/stand/defs.mk (revision 335321) @@ -1,195 +1,194 @@ # $FreeBSD$ .include WARNS?=1 .if !defined(__BOOT_DEFS_MK__) __BOOT_DEFS_MK__=${MFILE} MK_CTF= no MK_SSP= no MK_PROFILE= no MAN= .if !defined(PIC) NO_PIC= INTERNALLIB= .endif BOOTSRC= ${SRCTOP}/stand EFISRC= ${BOOTSRC}/efi EFIINC= ${EFISRC}/include EFIINCMD= ${EFIINC}/${MACHINE} FDTSRC= ${BOOTSRC}/fdt FICLSRC= ${BOOTSRC}/ficl LDRSRC= ${BOOTSRC}/common LIBLUASRC= ${BOOTSRC}/liblua LUASRC= ${SRCTOP}/contrib/lua/src SASRC= ${BOOTSRC}/libsa SYSDIR= ${SRCTOP}/sys UBOOTSRC= ${BOOTSRC}/uboot ZFSSRC= ${BOOTSRC}/zfs BOOTOBJ= ${OBJTOP}/stand # BINDIR is where we install BINDIR?= /boot LIBSA= ${BOOTOBJ}/libsa/libsa.a .if ${MACHINE} == "i386" LIBSA32= ${LIBSA} .else LIBSA32= ${BOOTOBJ}/libsa32/libsa32.a .endif # Standard options: CFLAGS+= -nostdinc .if ${MACHINE_ARCH} == "amd64" && ${DO32:U0} == 1 CFLAGS+= -I${BOOTOBJ}/libsa32 .else CFLAGS+= -I${BOOTOBJ}/libsa .endif CFLAGS+= -I${SASRC} -D_STANDALONE CFLAGS+= -I${SYSDIR} # Spike the floating point interfaces CFLAGS+= -Ddouble=jagged-little-pill -Dfloat=floaty-mcfloatface # GELI Support, with backward compat hooks (mostly) .if defined(HAVE_GELI) .if defined(LOADER_NO_GELI_SUPPORT) MK_LOADER_GELI=no .warning "Please move from LOADER_NO_GELI_SUPPORT to WITHOUT_LOADER_GELI" .endif .if defined(LOADER_GELI_SUPPORT) MK_LOADER_GELI=yes .warning "Please move from LOADER_GELI_SUPPORT to WITH_LOADER_GELI" .endif .if ${MK_LOADER_GELI} == "yes" CFLAGS+= -DLOADER_GELI_SUPPORT -CFLAGS+= -I${BOOTSRC}/geli -LIBGELIBOOT= ${BOOTOBJ}/geli/libgeliboot.a +CFLAGS+= -I${SASRC}/geli .endif # MK_LOADER_GELI .endif # HAVE_GELI # These should be confined to loader.mk, but can't because uboot/lib # also uses it. It's part of loader, but isn't a loader so we can't # just include loader.mk .if ${LOADER_DISK_SUPPORT:Uyes} == "yes" CFLAGS+= -DLOADER_DISK_SUPPORT .endif # Machine specific flags for all builds here # All PowerPC builds are 32 bit. We have no 64-bit loaders on powerpc # or powerpc64. .if ${MACHINE_ARCH} == "powerpc64" CFLAGS+= -m32 -mcpu=powerpc .endif # For amd64, there's a bit of mixed bag. Some of the tree (i386, lib*32) is # build 32-bit and some 64-bit (lib*, efi). Centralize all the 32-bit magic here # and activate it when DO32 is explicitly defined to be 1. .if ${MACHINE_ARCH} == "amd64" && ${DO32:U0} == 1 CFLAGS+= -m32 # LD_FLAGS is passed directly to ${LD}, not via ${CC}: LD_FLAGS+= -m elf_i386_fbsd AFLAGS+= --32 .endif SSP_CFLAGS= # Add in the no float / no SIMD stuff and announce we're freestanding # aarch64 and riscv don't have -msoft-float, but all others do. riscv # currently has no /boot/loader, but may soon. CFLAGS+= -ffreestanding ${CFLAGS_NO_SIMD} .if ${MACHINE_CPUARCH} == "aarch64" CFLAGS+= -mgeneral-regs-only -fPIC .elif ${MACHINE_CPUARCH} == "riscv" CFLAGS+= -march=rv64imac -mabi=lp64 .else CFLAGS+= -msoft-float .endif .if ${MACHINE_CPUARCH} == "i386" || (${MACHINE_CPUARCH} == "amd64" && ${DO32:U0} == 1) CFLAGS+= -march=i386 CFLAGS.gcc+= -mpreferred-stack-boundary=2 .endif .if ${MACHINE_CPUARCH} == "amd64" && ${DO32:U0} == 0 CFLAGS+= -fPIC -mno-red-zone .endif .if ${MACHINE_CPUARCH} == "arm" # Do not generate movt/movw, because the relocation fixup for them does not # translate to the -Bsymbolic -pie format required by self_reloc() in loader(8). # Also, the fpu is not available in a standalone environment. .if ${COMPILER_VERSION} < 30800 CFLAGS.clang+= -mllvm -arm-use-movt=0 .else CFLAGS.clang+= -mno-movt .endif CFLAGS.clang+= -mfpu=none CFLAGS+= -fPIC .endif # The boot loader build uses dd status=none, where possible, for reproducible # build output (since performance varies from run to run). Trouble is that # option was recently (10.3) added to FreeBSD and is non-standard. Only use it # when this test succeeds rather than require dd to be a bootstrap tool. DD_NOSTATUS!=(dd status=none count=0 2> /dev/null && echo status=none) || true DD=dd ${DD_NOSTATUS} .if ${MACHINE_CPUARCH} == "mips" CFLAGS+= -G0 -fno-pic -mno-abicalls .endif .if ${MK_LOADER_FORCE_LE} != "no" .if ${MACHINE_ARCH} == "powerpc64" CFLAGS+= -mlittle-endian .endif .endif # Make sure we use the machine link we're about to create CFLAGS+=-I. all: ${PROG} .if !defined(NO_OBJ) _ILINKS=machine .if ${MACHINE} != ${MACHINE_CPUARCH} && ${MACHINE} != "arm64" _ILINKS+=${MACHINE_CPUARCH} .endif .if ${MACHINE_CPUARCH} == "i386" || ${MACHINE_CPUARCH} == "amd64" _ILINKS+=x86 .endif CLEANFILES+=${_ILINKS} beforedepend: ${_ILINKS} beforebuild: ${_ILINKS} # Ensure that the links exist without depending on it when it exists which # causes all the modules to be rebuilt when the directory pointed to changes. .for _link in ${_ILINKS} .if !exists(${.OBJDIR}/${_link}) ${OBJS}: ${_link} .endif # _link exists .endfor .NOPATH: ${_ILINKS} ${_ILINKS}: @case ${.TARGET} in \ machine) \ if [ ${DO32:U0} -eq 0 ]; then \ path=${SYSDIR}/${MACHINE}/include ; \ else \ path=${SYSDIR}/${MACHINE:C/amd64/i386/}/include ; \ fi ;; \ *) \ path=${SYSDIR}/${.TARGET:T}/include ;; \ esac ; \ path=`(cd $$path && /bin/pwd)` ; \ ${ECHO} ${.TARGET:T} "->" $$path ; \ ln -fhs $$path ${.TARGET:T} .endif # !NO_OBJ .endif # __BOOT_DEFS_MK__ Index: head/stand/geli/Makefile.depend =================================================================== --- head/stand/geli/Makefile.depend (revision 335320) +++ head/stand/geli/Makefile.depend (nonexistent) @@ -1,15 +0,0 @@ -# $FreeBSD$ -# Autogenerated - do NOT edit! - -DIRDEPS = \ - include \ - include/xlocale \ - lib/libmd \ - secure/lib/libcrypto \ - - -.include - -.if ${DEP_RELDIR} == ${_DEP_RELDIR} -# local dependencies - needed for -jN in clean tree -.endif Property changes on: head/stand/geli/Makefile.depend ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/stand/geli/geliboot.c =================================================================== --- head/stand/geli/geliboot.c (revision 335320) +++ head/stand/geli/geliboot.c (nonexistent) @@ -1,437 +0,0 @@ -/*- - * Copyright (c) 2015 Allan Jude - * Copyright (c) 2005-2011 Pawel Jakub Dawidek - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#include "geliboot_internal.h" -#include "geliboot.h" - -SLIST_HEAD(geli_list, geli_entry) geli_head = SLIST_HEAD_INITIALIZER(geli_head); -struct geli_list *geli_headp; - -typedef u_char geli_ukey[G_ELI_USERKEYLEN]; - -static geli_ukey saved_keys[GELI_MAX_KEYS]; -static unsigned int nsaved_keys = 0; - -/* - * Copy keys from local storage to the keybuf struct. - * Destroy the local storage when finished. - */ -void -geli_fill_keybuf(struct keybuf *fkeybuf) -{ - unsigned int i; - - for (i = 0; i < nsaved_keys; i++) { - fkeybuf->kb_ents[i].ke_type = KEYBUF_TYPE_GELI; - memcpy(fkeybuf->kb_ents[i].ke_data, saved_keys[i], - G_ELI_USERKEYLEN); - } - fkeybuf->kb_nents = nsaved_keys; - explicit_bzero(saved_keys, sizeof(saved_keys)); -} - -/* - * Copy keys from a keybuf struct into local storage. - * Zero out the keybuf. - */ -void -geli_save_keybuf(struct keybuf *skeybuf) -{ - unsigned int i; - - for (i = 0; i < skeybuf->kb_nents && i < GELI_MAX_KEYS; i++) { - memcpy(saved_keys[i], skeybuf->kb_ents[i].ke_data, - G_ELI_USERKEYLEN); - explicit_bzero(skeybuf->kb_ents[i].ke_data, - G_ELI_USERKEYLEN); - skeybuf->kb_ents[i].ke_type = KEYBUF_TYPE_NONE; - } - nsaved_keys = skeybuf->kb_nents; - skeybuf->kb_nents = 0; -} - -static void -save_key(geli_ukey key) -{ - - /* - * If we run out of key space, the worst that will happen is - * it will ask the user for the password again. - */ - if (nsaved_keys < GELI_MAX_KEYS) { - memcpy(saved_keys[nsaved_keys], key, G_ELI_USERKEYLEN); - nsaved_keys++; - } -} - -static int -geli_same_device(struct geli_entry *ge, struct dsk *dskp) -{ - - if (ge->dsk->drive == dskp->drive && - dskp->part == 255 && ge->dsk->part == dskp->slice) { - /* - * Sometimes slice = slice, and sometimes part = slice - * If the incoming struct dsk has part=255, it means look at - * the slice instead of the part number - */ - return (0); - } - - /* Is this the same device? */ - if (ge->dsk->drive != dskp->drive || - ge->dsk->slice != dskp->slice || - ge->dsk->part != dskp->part) { - return (1); - } - - return (0); -} - -static int -geli_findkey(struct geli_entry *ge, struct dsk *dskp, u_char *mkey) -{ - u_int keynum; - int i; - - if (ge->keybuf_slot >= 0) { - if (g_eli_mkey_decrypt_any(&ge->md, saved_keys[ge->keybuf_slot], - mkey, &keynum) == 0) { - return (0); - } - } - - for (i = 0; i < nsaved_keys; i++) { - if (g_eli_mkey_decrypt_any(&ge->md, saved_keys[i], mkey, - &keynum) == 0) { - ge->keybuf_slot = i; - return (0); - } - } - - return (1); -} - -void -geli_init(void) -{ - - geli_count = 0; - SLIST_INIT(&geli_head); -} - -/* - * Read the last sector of the drive or partition pointed to by dsk and see - * if it is GELI encrypted - */ -int -geli_taste(int read_func(void *vdev, void *priv, off_t off, void *buf, - size_t bytes), struct dsk *dskp, daddr_t lastsector) -{ - struct g_eli_metadata md; - u_char buf[DEV_GELIBOOT_BSIZE]; - int error; - off_t alignsector; - - alignsector = rounddown2(lastsector * DEV_BSIZE, DEV_GELIBOOT_BSIZE); - if (alignsector + DEV_GELIBOOT_BSIZE > ((lastsector + 1) * DEV_BSIZE)) { - /* Don't read past the end of the disk */ - alignsector = (lastsector * DEV_BSIZE) + DEV_BSIZE - - DEV_GELIBOOT_BSIZE; - } - error = read_func(NULL, dskp, alignsector, &buf, DEV_GELIBOOT_BSIZE); - if (error != 0) { - return (error); - } - /* Extract the last 4k sector of the disk. */ - error = eli_metadata_decode(buf, &md); - if (error != 0) { - /* Try the last 512 byte sector instead. */ - error = eli_metadata_decode(buf + - (DEV_GELIBOOT_BSIZE - DEV_BSIZE), &md); - if (error != 0) { - return (error); - } - } - - if (!(md.md_flags & G_ELI_FLAG_GELIBOOT)) { - /* The GELIBOOT feature is not activated */ - return (1); - } - if ((md.md_flags & G_ELI_FLAG_ONETIME)) { - /* Swap device, skip it. */ - return (1); - } - if (md.md_iterations < 0) { - /* XXX TODO: Support loading key files. */ - /* Disk does not have a passphrase, skip it. */ - return (1); - } - geli_e = malloc(sizeof(struct geli_entry)); - if (geli_e == NULL) - return (2); - - geli_e->dsk = malloc(sizeof(struct dsk)); - if (geli_e->dsk == NULL) - return (2); - memcpy(geli_e->dsk, dskp, sizeof(struct dsk)); - geli_e->part_end = lastsector; - if (dskp->part == 255) { - geli_e->dsk->part = dskp->slice; - } - geli_e->keybuf_slot = -1; - - geli_e->md = md; - eli_metadata_softc(&geli_e->sc, &md, DEV_BSIZE, - (lastsector + DEV_BSIZE) * DEV_BSIZE); - - SLIST_INSERT_HEAD(&geli_head, geli_e, entries); - geli_count++; - - return (0); -} - -/* - * Attempt to decrypt the device - */ -static int -geli_attach(struct geli_entry *ge, struct dsk *dskp, const char *passphrase, - u_char *mkeyp) -{ - u_char key[G_ELI_USERKEYLEN], mkey[G_ELI_DATAIVKEYLEN], *mkp; - u_int keynum; - struct hmac_ctx ctx; - int error; - - if (mkeyp != NULL) { - memcpy(&mkey, mkeyp, G_ELI_DATAIVKEYLEN); - explicit_bzero(mkeyp, G_ELI_DATAIVKEYLEN); - } - - if (mkeyp != NULL || geli_findkey(ge, dskp, mkey) == 0) { - goto found_key; - } - - g_eli_crypto_hmac_init(&ctx, NULL, 0); - /* - * Prepare Derived-Key from the user passphrase. - */ - if (geli_e->md.md_iterations < 0) { - /* XXX TODO: Support loading key files. */ - return (1); - } else if (geli_e->md.md_iterations == 0) { - g_eli_crypto_hmac_update(&ctx, geli_e->md.md_salt, - sizeof(geli_e->md.md_salt)); - g_eli_crypto_hmac_update(&ctx, (const uint8_t *)passphrase, - strlen(passphrase)); - } else if (geli_e->md.md_iterations > 0) { - printf("Calculating GELI Decryption Key disk%dp%d @ %d" - " iterations...\n", dskp->unit, - (dskp->slice > 0 ? dskp->slice : dskp->part), - geli_e->md.md_iterations); - u_char dkey[G_ELI_USERKEYLEN]; - - pkcs5v2_genkey(dkey, sizeof(dkey), geli_e->md.md_salt, - sizeof(geli_e->md.md_salt), passphrase, - geli_e->md.md_iterations); - g_eli_crypto_hmac_update(&ctx, dkey, sizeof(dkey)); - explicit_bzero(dkey, sizeof(dkey)); - } - - g_eli_crypto_hmac_final(&ctx, key, 0); - - error = g_eli_mkey_decrypt_any(&geli_e->md, key, mkey, &keynum); - if (error == -1) { - explicit_bzero(mkey, sizeof(mkey)); - explicit_bzero(key, sizeof(key)); - printf("Bad GELI key: bad password?\n"); - return (error); - } else if (error != 0) { - explicit_bzero(mkey, sizeof(mkey)); - explicit_bzero(key, sizeof(key)); - printf("Failed to decrypt GELI master key: %d\n", error); - return (error); - } else { - /* Add key to keychain */ - save_key(key); - explicit_bzero(&key, sizeof(key)); - } - -found_key: - /* Store the keys */ - bcopy(mkey, geli_e->sc.sc_mkey, sizeof(geli_e->sc.sc_mkey)); - bcopy(mkey, geli_e->sc.sc_ivkey, sizeof(geli_e->sc.sc_ivkey)); - mkp = mkey + sizeof(geli_e->sc.sc_ivkey); - if ((geli_e->sc.sc_flags & G_ELI_FLAG_AUTH) == 0) { - bcopy(mkp, geli_e->sc.sc_ekey, G_ELI_DATAKEYLEN); - } else { - /* - * The encryption key is: ekey = HMAC_SHA512(Data-Key, 0x10) - */ - g_eli_crypto_hmac(mkp, G_ELI_MAXKEYLEN, (const uint8_t *)"\x10", 1, - geli_e->sc.sc_ekey, 0); - } - explicit_bzero(mkey, sizeof(mkey)); - - /* Initialize the per-sector IV. */ - switch (geli_e->sc.sc_ealgo) { - case CRYPTO_AES_XTS: - break; - default: - SHA256_Init(&geli_e->sc.sc_ivctx); - SHA256_Update(&geli_e->sc.sc_ivctx, geli_e->sc.sc_ivkey, - sizeof(geli_e->sc.sc_ivkey)); - break; - } - - return (0); -} - -int -is_geli(struct dsk *dskp) -{ - SLIST_FOREACH_SAFE(geli_e, &geli_head, entries, geli_e_tmp) { - if (geli_same_device(geli_e, dskp) == 0) { - return (0); - } - } - - return (1); -} - -int -geli_read(struct dsk *dskp, off_t offset, u_char *buf, size_t bytes) -{ - u_char iv[G_ELI_IVKEYLEN]; - u_char *pbuf; - int error; - off_t dstoff; - uint64_t keyno; - size_t n, nsec, secsize; - struct g_eli_key gkey; - - pbuf = buf; - SLIST_FOREACH_SAFE(geli_e, &geli_head, entries, geli_e_tmp) { - if (geli_same_device(geli_e, dskp) != 0) { - continue; - } - - secsize = geli_e->sc.sc_sectorsize; - nsec = bytes / secsize; - if (nsec == 0) { - /* - * A read of less than the GELI sector size has been - * requested. The caller provided destination buffer may - * not be big enough to boost the read to a full sector, - * so just attempt to decrypt the truncated sector. - */ - secsize = bytes; - nsec = 1; - } - - for (n = 0, dstoff = offset; n < nsec; n++, dstoff += secsize) { - - g_eli_crypto_ivgen(&geli_e->sc, dstoff, iv, - G_ELI_IVKEYLEN); - - /* Get the key that corresponds to this offset. */ - keyno = (dstoff >> G_ELI_KEY_SHIFT) / secsize; - g_eli_key_fill(&geli_e->sc, &gkey, keyno); - - error = geliboot_crypt(geli_e->sc.sc_ealgo, 0, pbuf, - secsize, gkey.gek_key, - geli_e->sc.sc_ekeylen, iv); - - if (error != 0) { - explicit_bzero(&gkey, sizeof(gkey)); - printf("Failed to decrypt in geli_read()!"); - return (error); - } - pbuf += secsize; - } - explicit_bzero(&gkey, sizeof(gkey)); - return (0); - } - - printf("GELI provider not found\n"); - return (1); -} - -int -geli_havekey(struct dsk *dskp) -{ - u_char mkey[G_ELI_DATAIVKEYLEN]; - - SLIST_FOREACH_SAFE(geli_e, &geli_head, entries, geli_e_tmp) { - if (geli_same_device(geli_e, dskp) != 0) { - continue; - } - - if (geli_findkey(geli_e, dskp, mkey) == 0) { - if (geli_attach(geli_e, dskp, NULL, mkey) == 0) { - return (0); - } - } - } - explicit_bzero(mkey, sizeof(mkey)); - - return (1); -} - -int -geli_passphrase(char *pw, int disk, int parttype, int part, struct dsk *dskp) -{ - int i; - - SLIST_FOREACH_SAFE(geli_e, &geli_head, entries, geli_e_tmp) { - if (geli_same_device(geli_e, dskp) != 0) { - continue; - } - - /* TODO: Implement GELI keyfile(s) support */ - for (i = 0; i < 3; i++) { - /* Try cached passphrase */ - if (i == 0 && pw[0] != '\0') { - if (geli_attach(geli_e, dskp, pw, NULL) == 0) { - return (0); - } - } - printf("GELI Passphrase for disk%d%c%d: ", disk, - parttype, part); - pwgets(pw, GELI_PW_MAXLEN, - (geli_e->md.md_flags & G_ELI_FLAG_GELIDISPLAYPASS) == 0); - printf("\n"); - if (geli_attach(geli_e, dskp, pw, NULL) == 0) { - return (0); - } - } - } - - return (1); -} Property changes on: head/stand/geli/geliboot.c ___________________________________________________________________ Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/stand/geli/geliboot_crypto.c =================================================================== --- head/stand/geli/geliboot_crypto.c (revision 335320) +++ head/stand/geli/geliboot_crypto.c (nonexistent) @@ -1,140 +0,0 @@ -/*- - * Copyright (c) 2005-2010 Pawel Jakub Dawidek - * Copyright (c) 2015 Allan Jude - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#include -#include -#include - -#include "geliboot_internal.h" -#include "geliboot.h" - -int -geliboot_crypt(u_int algo, int enc, u_char *data, size_t datasize, - const u_char *key, size_t keysize, u_char *iv) -{ - keyInstance aeskey; - cipherInstance cipher; - struct aes_xts_ctx xtsctx, *ctxp; - size_t xts_len; - int err, blks, i; - - switch (algo) { - case CRYPTO_AES_CBC: - err = rijndael_makeKey(&aeskey, !enc, keysize, - (const char *)key); - if (err < 0) { - printf("Failed to setup decryption keys: %d\n", err); - return (err); - } - - err = rijndael_cipherInit(&cipher, MODE_CBC, iv); - if (err < 0) { - printf("Failed to setup IV: %d\n", err); - return (err); - } - - switch (enc) { - case 0: /* decrypt */ - blks = rijndael_blockDecrypt(&cipher, &aeskey, data, - datasize * 8, data); - break; - case 1: /* encrypt */ - blks = rijndael_blockEncrypt(&cipher, &aeskey, data, - datasize * 8, data); - break; - } - if (datasize != (blks / 8)) { - printf("Failed to decrypt the entire input: " - "%u != %u\n", blks, datasize); - return (1); - } - break; - case CRYPTO_AES_XTS: - xts_len = keysize << 1; - ctxp = &xtsctx; - - rijndael_set_key(&ctxp->key1, key, xts_len / 2); - rijndael_set_key(&ctxp->key2, key + (xts_len / 16), xts_len / 2); - - enc_xform_aes_xts.reinit((caddr_t)ctxp, iv); - - switch (enc) { - case 0: /* decrypt */ - for (i = 0; i < datasize; i += AES_XTS_BLOCKSIZE) { - enc_xform_aes_xts.decrypt((caddr_t)ctxp, data + i); - } - break; - case 1: /* encrypt */ - for (i = 0; i < datasize; i += AES_XTS_BLOCKSIZE) { - enc_xform_aes_xts.encrypt((caddr_t)ctxp, data + i); - } - break; - } - break; - default: - printf("Unsupported crypto algorithm #%d\n", algo); - return (1); - } - - return (0); -} - -static int -g_eli_crypto_cipher(u_int algo, int enc, u_char *data, size_t datasize, - const u_char *key, size_t keysize) -{ - u_char iv[keysize]; - - explicit_bzero(iv, sizeof(iv)); - return (geliboot_crypt(algo, enc, data, datasize, key, keysize, iv)); -} - -int -g_eli_crypto_encrypt(u_int algo, u_char *data, size_t datasize, - const u_char *key, size_t keysize) -{ - - /* We prefer AES-CBC for metadata protection. */ - if (algo == CRYPTO_AES_XTS) - algo = CRYPTO_AES_CBC; - - return (g_eli_crypto_cipher(algo, 1, data, datasize, key, keysize)); -} - -int -g_eli_crypto_decrypt(u_int algo, u_char *data, size_t datasize, - const u_char *key, size_t keysize) -{ - - /* We prefer AES-CBC for metadata protection. */ - if (algo == CRYPTO_AES_XTS) - algo = CRYPTO_AES_CBC; - - return (g_eli_crypto_cipher(algo, 0, data, datasize, key, keysize)); -} Property changes on: head/stand/geli/geliboot_crypto.c ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/stand/geli/geliboot_internal.h =================================================================== --- head/stand/geli/geliboot_internal.h (revision 335320) +++ head/stand/geli/geliboot_internal.h (nonexistent) @@ -1,69 +0,0 @@ -/*- - * Copyright (c) 2015 Allan Jude - * Copyright (c) 2005-2011 Pawel Jakub Dawidek - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef _GELIBOOT_INTERNAL_H_ -#define _GELIBOOT_INTERNAL_H_ - -#define _STRING_H_ -#define _STRINGS_H_ -#define _STDIO_H_ - -#include -#include - -#include -#include - -#include - -/* Pull in the md5, sha256, and sha512 implementations */ -#include -#include -#include - -/* Pull in AES implementation */ -#include - -/* AES-XTS implementation */ -#define _STAND 1 -#define STAND_H /* We don't want stand.h in {gpt,zfs,gptzfs}boot */ -#include - -struct geli_entry { - struct dsk *dsk; - off_t part_end; - struct g_eli_softc sc; - struct g_eli_metadata md; - int keybuf_slot; - SLIST_ENTRY(geli_entry) entries; -} *geli_e, *geli_e_tmp; - -static int geli_count; - -#endif /* _GELIBOOT_INTERNAL_H_ */ Property changes on: head/stand/geli/geliboot_internal.h ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/stand/geli/geliboot.h =================================================================== --- head/stand/geli/geliboot.h (revision 335320) +++ head/stand/geli/geliboot.h (nonexistent) @@ -1,69 +0,0 @@ -/*- - * Copyright (c) 2015 Allan Jude - * Copyright (c) 2005-2011 Pawel Jakub Dawidek - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#include - -#ifndef _GELIBOOT_H_ -#define _GELIBOOT_H_ - -#ifndef DEV_BSIZE -#define DEV_BSIZE 512 -#endif -#ifndef DEV_GELIBOOT_BSIZE -#define DEV_GELIBOOT_BSIZE 4096 -#endif - -#ifndef MIN -#define MIN(a,b) (((a) < (b)) ? (a) : (b)) -#endif - -#define GELI_MAX_KEYS 64 -#define GELI_PW_MAXLEN 256 - -extern void pwgets(char *buf, int n, int hide); - -struct dsk; - -void geli_init(void); -int geli_taste(int read_func(void *vdev, void *priv, off_t off, - void *buf, size_t bytes), struct dsk *dsk, daddr_t lastsector); -int is_geli(struct dsk *dsk); -int geli_read(struct dsk *dsk, off_t offset, u_char *buf, size_t bytes); -int geli_decrypt(u_int algo, u_char *data, size_t datasize, - const u_char *key, size_t keysize, const uint8_t* iv); -int geli_havekey(struct dsk *dskp); -int geli_passphrase(char *pw, int disk, int parttype, int part, struct dsk *dskp); - -int geliboot_crypt(u_int algo, int enc, u_char *data, size_t datasize, - const u_char *key, size_t keysize, u_char *iv); - -void geli_fill_keybuf(struct keybuf *keybuf); -void geli_save_keybuf(struct keybuf *keybuf); - -#endif /* _GELIBOOT_H_ */ Property changes on: head/stand/geli/geliboot.h ___________________________________________________________________ Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Index: head/stand/geli/Makefile =================================================================== --- head/stand/geli/Makefile (revision 335320) +++ head/stand/geli/Makefile (nonexistent) @@ -1,37 +0,0 @@ -# $FreeBSD$ -# libgeliboot - -DO32=1 - -.include - -LIB= geliboot - -# Our password input method -SRCS+= pwgets.c - -# sha256 and sha512 from sys/crypto -.PATH: ${SYSDIR}/crypto/sha2 -CFLAGS+= -DWEAK_REFS -SRCS+= sha256c.c sha512c.c - -# md5 from libmd -.PATH: ${SRCTOP}/lib/libmd -SRCS+= md5c.c - -# AES implementation from sys/crypto -.PATH: ${SYSDIR}/crypto/rijndael -CFLAGS+= -I${LDRSRC} -# Remove asserts -CFLAGS+= -DNDEBUG -SRCS+= rijndael-alg-fst.c rijndael-api-fst.c rijndael-api.c - -# local GELI Implementation -.PATH: ${SYSDIR}/geom/eli -SRCS+= geliboot_crypto.c g_eli_hmac.c g_eli_key.c g_eli_key_cache.c pkcs5v2.c - -# aes -.PATH: ${SYSDIR}/opencrypto -SRCS+= xform_aes_xts.c - -.include Property changes on: head/stand/geli/Makefile ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/stand/geli/pwgets.c =================================================================== --- head/stand/geli/pwgets.c (revision 335320) +++ head/stand/geli/pwgets.c (nonexistent) @@ -1,79 +0,0 @@ -/* $NetBSD: gets.c,v 1.6 1995/10/11 21:16:57 pk Exp $ */ - -/*- - * Copyright (c) 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)gets.c 8.1 (Berkeley) 6/11/93 - */ - -#include -__FBSDID("$FreeBSD$"); - -#include "stand.h" - -/* gets() with constrained input length, for passwords */ - -void -pwgets(char *buf, int n, int hide) -{ - int c; - char *lp; - - for (lp = buf;;) - switch (c = getchar() & 0177) { - case '\n': - case '\r': - *lp = '\0'; - putchar('\n'); - return; - case '\b': - case '\177': - if (lp > buf) { - lp--; - if (hide == 0) { - putchar('\b'); - putchar(' '); - putchar('\b'); - } - } - break; - case 'u'&037: - case 'w'&037: - lp = buf; - putchar('\n'); - break; - default: - if ((n < 1) || ((lp - buf) < n - 1)) { - *lp++ = c; - if (hide == 0) { - putchar('*'); - } - } - } - /*NOTREACHED*/ -} Property changes on: head/stand/geli/pwgets.c ___________________________________________________________________ Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/stand/i386/gptboot/Makefile =================================================================== --- head/stand/i386/gptboot/Makefile (revision 335320) +++ head/stand/i386/gptboot/Makefile (revision 335321) @@ -1,72 +1,72 @@ # $FreeBSD$ HAVE_GELI= yes .include .PATH: ${BOOTSRC}/i386/boot2 ${BOOTSRC}/i386/common ${SASRC} FILES= gptboot MAN= gptboot.8 NM?= nm BOOT_COMCONSOLE_PORT?= 0x3f8 BOOT_COMCONSOLE_SPEED?= 9600 B2SIOFMT?= 0x3 REL1= 0x700 ORG1= 0x7c00 ORG2= 0x0 # Decide level of UFS support. GPTBOOT_UFS?= UFS1_AND_UFS2 #GPTBOOT_UFS?= UFS2_ONLY #GPTBOOT_UFS?= UFS1_ONLY CFLAGS+=-DBOOTPROG=\"gptboot\" \ -O1 \ -DGPT \ -D${GPTBOOT_UFS} \ -DSIOPRT=${BOOT_COMCONSOLE_PORT} \ -DSIOFMT=${B2SIOFMT} \ -DSIOSPD=${BOOT_COMCONSOLE_SPEED} \ -I${LDRSRC} \ -I${BOOTSRC}/i386/common \ -I${BOOTSRC}/i386/boot2 \ -Wall -Waggregate-return -Wbad-function-cast -Wno-cast-align \ -Wmissing-declarations -Wmissing-prototypes -Wnested-externs \ -Wpointer-arith -Wshadow -Wstrict-prototypes -Wwrite-strings \ -Wno-pointer-sign CFLAGS.gcc+= --param max-inline-insns-single=100 LD_FLAGS+=${LD_FLAGS_BIN} CLEANFILES+= gptboot gptboot: gptldr.bin gptboot.bin ${BTXKERN} btxld -v -E ${ORG2} -f bin -b ${BTXKERN} -l gptldr.bin \ -o ${.TARGET} gptboot.bin CLEANFILES+= gptldr.bin gptldr.out gptldr.o gptldr.bin: gptldr.out ${OBJCOPY} -S -O binary gptldr.out ${.TARGET} gptldr.out: gptldr.o ${LD} ${LD_FLAGS} -e start -Ttext ${ORG1} -o ${.TARGET} gptldr.o CLEANFILES+= gptboot.bin gptboot.out gptboot.o sio.o crc32.o drv.o \ cons.o ${OPENCRYPTO_XTS} gptboot.bin: gptboot.out ${OBJCOPY} -S -O binary gptboot.out ${.TARGET} gptboot.out: ${BTXCRT} gptboot.o sio.o crc32.o drv.o cons.o ${OPENCRYPTO_XTS} - ${LD} ${LD_FLAGS} -Ttext ${ORG2} -o ${.TARGET} ${.ALLSRC} ${LIBGELIBOOT} ${LIBSA32} + ${LD} ${LD_FLAGS} -Ttext ${ORG2} -o ${.TARGET} ${.ALLSRC} ${LIBSA32} .include # XXX: clang integrated-as doesn't grok .codeNN directives yet CFLAGS.gptldr.S= ${CLANG_NO_IAS} Index: head/stand/i386/gptzfsboot/Makefile =================================================================== --- head/stand/i386/gptzfsboot/Makefile (revision 335320) +++ head/stand/i386/gptzfsboot/Makefile (revision 335321) @@ -1,85 +1,85 @@ # $FreeBSD$ HAVE_GELI= yes .include .PATH: ${BOOTSRC}/i386/boot2 ${BOOTSRC}/i386/gptboot \ ${BOOTSRC}/i386/zfsboot ${BOOTSRC}/i386/common \ ${SASRC} FILES= gptzfsboot MAN= gptzfsboot.8 NM?= nm BOOT_COMCONSOLE_PORT?= 0x3f8 BOOT_COMCONSOLE_SPEED?= 9600 B2SIOFMT?= 0x3 REL1= 0x700 ORG1= 0x7c00 ORG2= 0x0 CFLAGS+=-DBOOTPROG=\"gptzfsboot\" \ -O1 \ -DGPT -DZFS -DBOOT2 \ -DSIOPRT=${BOOT_COMCONSOLE_PORT} \ -DSIOFMT=${B2SIOFMT} \ -DSIOSPD=${BOOT_COMCONSOLE_SPEED} \ -I${LDRSRC} \ -I${BOOTSRC}/i386/common \ -I${ZFSSRC} \ -I${SYSDIR}/crypto/skein \ -I${SYSDIR}/cddl/boot/zfs \ -I${BOOTSRC}/i386/btx/lib \ -I${BOOTSRC}/i386/boot2 \ -Wall -Waggregate-return -Wbad-function-cast \ -Wmissing-declarations -Wmissing-prototypes -Wnested-externs \ -Wpointer-arith -Wshadow -Wstrict-prototypes -Wwrite-strings \ -Wno-pointer-sign CFLAGS.clang+= -Wno-tentative-definition-incomplete-type NO_WCAST_ALIGN= .if ${MACHINE} == "amd64" LIBZFSBOOT=${BOOTOBJ}/zfs32/libzfsboot.a .else LIBZFSBOOT=${BOOTOBJ}/zfs/libzfsboot.a .endif CFLAGS.gcc+= --param max-inline-insns-single=100 LD_FLAGS+=${LD_FLAGS_BIN} CLEANFILES+= gptzfsboot gptzfsboot: gptldr.bin gptzfsboot.bin ${BTXKERN} btxld -v -E ${ORG2} -f bin -b ${BTXKERN} -l gptldr.bin \ -o ${.TARGET} gptzfsboot.bin CLEANFILES+= gptldr.bin gptldr.out gptldr.o gptldr.bin: gptldr.out ${OBJCOPY} -S -O binary gptldr.out ${.TARGET} gptldr.out: gptldr.o ${LD} ${LD_FLAGS} -e start -Ttext ${ORG1} -o ${.TARGET} gptldr.o CLEANFILES+= gptzfsboot.bin gptzfsboot.out zfsboot.o sio.o cons.o \ drv.o gpt.o ${OPENCRYPTO_XTS} gptzfsboot.bin: gptzfsboot.out ${OBJCOPY} -S -O binary gptzfsboot.out ${.TARGET} gptzfsboot.out: ${BTXCRT} zfsboot.o sio.o gpt.o drv.o cons.o \ ${OPENCRYPTO_XTS} - ${LD} ${LD_FLAGS} -Ttext ${ORG2} -o ${.TARGET} ${.ALLSRC} ${LIBGELIBOOT} ${LIBZFSBOOT} ${LIBSA32} + ${LD} ${LD_FLAGS} -Ttext ${ORG2} -o ${.TARGET} ${.ALLSRC} ${LIBZFSBOOT} ${LIBSA32} zfsboot.o: ${ZFSSRC}/zfsimpl.c .include # XXX: clang integrated-as doesn't grok .codeNN directives yet CFLAGS.gptldr.S= ${CLANG_NO_IAS} Index: head/stand/i386/isoboot/Makefile =================================================================== --- head/stand/i386/isoboot/Makefile (revision 335320) +++ head/stand/i386/isoboot/Makefile (revision 335321) @@ -1,71 +1,71 @@ # $FreeBSD$ HAVE_GELI= yes .include .PATH: ${BOOTSRC}/i386/boot2 ${BOOTSRC}/i386/gptboot \ ${BOOTSRC}/i386/common ${SASRC} FILES= isoboot MAN= isoboot.8 NM?= nm BOOT_COMCONSOLE_PORT?= 0x3f8 BOOT_COMCONSOLE_SPEED?= 9600 B2SIOFMT?= 0x3 REL1= 0x700 ORG1= 0x7c00 ORG2= 0x0 ISOBOOTSIZE?= 30720 CFLAGS+=-DBOOTPROG=\"isoboot\" \ -O1 \ -DSIOPRT=${BOOT_COMCONSOLE_PORT} \ -DSIOFMT=${B2SIOFMT} \ -DSIOSPD=${BOOT_COMCONSOLE_SPEED} \ -I${LDRSRC} \ -I${BOOTSRC}/i386/common \ -I${BOOTSRC}/i386/boot2 \ -Wall -Waggregate-return -Wbad-function-cast -Wno-cast-align \ -Wmissing-declarations -Wmissing-prototypes -Wnested-externs \ -Wpointer-arith -Wshadow -Wstrict-prototypes -Wwrite-strings \ -Winline -Wno-pointer-sign CFLAGS.gcc+= --param max-inline-insns-single=100 .if ${COMPILER_TYPE} == "gcc" && ${COMPILER_VERSION} <= 40201 CFLAGS.gcc+= -Wno-uninitialized .endif CFLAGS.clang+= -Oz ${CLANG_OPT_SMALL} LD_FLAGS+=${LD_FLAGS_BIN} CLEANFILES+= isoboot isoboot: gptldr.bin isoboot.bin ${BTXKERN} btxld -v -E ${ORG2} -f bin -b ${BTXKERN} -l gptldr.bin \ -o ${.TARGET} isoboot.bin @set -- `ls -l ${.TARGET}`; x=$$((${ISOBOOTSIZE}-$$5)); \ echo "$$x bytes available"; test $$x -ge 0 CLEANFILES+= gptldr.bin gptldr.out gptldr.o gptldr.bin: gptldr.out ${OBJCOPY} -S -O binary gptldr.out ${.TARGET} gptldr.out: gptldr.o ${LD} ${LD_FLAGS} -e start -Ttext ${ORG1} -o ${.TARGET} gptldr.o CLEANFILES+= isoboot.bin isoboot.out isoboot.o sio.o crc32.o drv.o \ cons.o ${OPENCRYPTO_XTS} isoboot.bin: isoboot.out ${OBJCOPY} -S -O binary isoboot.out ${.TARGET} isoboot.out: ${BTXCRT} isoboot.o sio.o crc32.o drv.o cons.o ${OPENCRYPTO_XTS} - ${LD} ${LD_FLAGS} -Ttext ${ORG2} -o ${.TARGET} ${.ALLSRC} ${LIBGELIBOOT} ${LIBSA32} + ${LD} ${LD_FLAGS} -Ttext ${ORG2} -o ${.TARGET} ${.ALLSRC} ${LIBSA32} .include Index: head/stand/i386/loader/Makefile =================================================================== --- head/stand/i386/loader/Makefile (revision 335320) +++ head/stand/i386/loader/Makefile (revision 335321) @@ -1,81 +1,81 @@ # $FreeBSD$ HAVE_GELI= yes LOADER_NET_SUPPORT?= yes LOADER_NFS_SUPPORT?= yes LOADER_TFTP_SUPPORT?= yes LOADER_CD9660_SUPPORT?= yes LOADER_EXT2FS_SUPPORT?= yes LOADER_MSDOS_SUPPORT?= yes LOADER_UFS_SUPPORT?= yes LOADER_GZIP_SUPPORT?= yes LOADER_BZIP2_SUPPORT?= yes .include LOADER?= loader PROG= ${LOADER}.sym INTERNALPROG= NEWVERSWHAT?= "bootstrap loader" x86 VERSION_FILE= ${.CURDIR}/../loader/version .PATH: ${BOOTSRC}/i386/loader # architecture-specific loader code SRCS= main.c conf.c vers.c chain.c # Include bcache code. HAVE_BCACHE= yes # Enable PnP and ISA-PnP code. HAVE_PNP= yes HAVE_ISABUS= yes .if ${MK_LOADER_FIREWIRE} == "yes" CFLAGS+= -DLOADER_FIREWIRE_SUPPORT LIBFIREWIRE= ${BOOTOBJ}/i386/libfirewire/libfirewire.a .endif .if exists(${.CURDIR}/help.i386) HELP_FILES= ${.CURDIR}/help.i386 .endif # Always add MI sources .include "${BOOTSRC}/loader.mk" CLEANFILES+= ${LOADER} ${LOADER}.bin CFLAGS+= -Wall LDFLAGS+= -static -Ttext 0x0 # i386 standalone support library LIBI386= ${BOOTOBJ}/i386/libi386/libi386.a CFLAGS+= -I${BOOTSRC}/i386 # Debug me! #CFLAGS+= -g #LDFLAGS+= -g ${LOADER}: ${LOADER}.bin ${BTXLDR} ${BTXKERN} btxld -v -f aout -e ${LOADER_ADDRESS} -o ${.TARGET} -l ${BTXLDR} \ -b ${BTXKERN} ${LOADER}.bin ${LOADER}.bin: ${LOADER}.sym strip -R .comment -R .note -o ${.TARGET} ${.ALLSRC} FILES+= ${LOADER} # XXX INSTALLFLAGS_loader= -b FILESMODE_${LOADER}= ${BINMODE} -b # XXX crt0.o needs to be first for pxeboot(8) to work OBJS= ${BTXCRT} -DPADD= ${LDR_INTERP32} ${LIBFIREWIRE} ${LIBZFSBOOT} ${LIBI386} ${LIBGELIBOOT} ${LIBSA32} -LDADD= ${LDR_INTERP32} ${LIBFIREWIRE} ${LIBZFSBOOT} ${LIBI386} ${LIBGELIBOOT} ${LIBSA32} +DPADD= ${LDR_INTERP32} ${LIBFIREWIRE} ${LIBZFSBOOT} ${LIBI386} ${LIBSA32} +LDADD= ${LDR_INTERP32} ${LIBFIREWIRE} ${LIBZFSBOOT} ${LIBI386} ${LIBSA32} .if ${MACHINE_CPUARCH} == "amd64" CFLAGS+= -DLOADER_PREFER_AMD64 .endif .include Index: head/stand/i386/zfsboot/Makefile =================================================================== --- head/stand/i386/zfsboot/Makefile (revision 335320) +++ head/stand/i386/zfsboot/Makefile (revision 335321) @@ -1,92 +1,92 @@ # $FreeBSD$ HAVE_GELI=yes .include .PATH: ${BOOTSRC}/i386/boot2 ${BOOTSRC}/i386/common ${SASRC} FILES= zfsboot MAN= zfsboot.8 NM?= nm BOOT_COMCONSOLE_PORT?= 0x3f8 BOOT_COMCONSOLE_SPEED?= 9600 B2SIOFMT?= 0x3 REL1= 0x700 ORG1= 0x7c00 ORG2= 0x2000 CFLAGS+=-DBOOTPROG=\"zfsboot\" \ -O1 \ -DZFS -DBOOT2 \ -DSIOPRT=${BOOT_COMCONSOLE_PORT} \ -DSIOFMT=${B2SIOFMT} \ -DSIOSPD=${BOOT_COMCONSOLE_SPEED} \ -I${LDRSRC} \ -I${BOOTSRC}/i386/common \ -I${BOOTSRC}/i386 \ -I${ZFSSRC} \ -I${SYSDIR}/crypto/skein \ -I${SYSDIR}/cddl/boot/zfs \ -I${BOOTSRC}/i386/boot2 \ -Wall -Waggregate-return -Wbad-function-cast -Wno-cast-align \ -Wmissing-declarations -Wmissing-prototypes -Wnested-externs \ -Wpointer-arith -Wshadow -Wstrict-prototypes -Wwrite-strings CFLAGS.gcc+= --param max-inline-insns-single=100 .if ${MACHINE} == "amd64" LIBZFSBOOT=${BOOTOBJ}/zfs32/libzfsboot.a .else LIBZFSBOOT=${BOOTOBJ}/zfs/libzfsboot.a .endif LD_FLAGS+=${LD_FLAGS_BIN} CLEANFILES+= zfsboot zfsboot: zfsboot1 zfsboot2 cat zfsboot1 zfsboot2 > zfsboot CLEANFILES+= zfsboot1 zfsldr.out zfsldr.o zfsboot1: zfsldr.out ${OBJCOPY} -S -O binary zfsldr.out ${.TARGET} zfsldr.out: zfsldr.o ${LD} ${LD_FLAGS} -e start -Ttext ${ORG1} -o ${.TARGET} zfsldr.o CLEANFILES+= zfsboot2 zfsboot.ld zfsboot.ldr zfsboot.bin zfsboot.out \ zfsboot.o zfsboot.s zfsboot.s.tmp sio.o cons.o drv.o # We currently allow 256k bytes for zfsboot - in practice it could be # any size up to 3.5Mb but keeping it fixed size simplifies zfsldr. # BOOT2SIZE= 262144 zfsboot2: zfsboot.ld @set -- `ls -l ${.ALLSRC}`; x=$$((${BOOT2SIZE}-$$5)); \ echo "$$x bytes available"; test $$x -ge 0 ${DD} if=${.ALLSRC} of=${.TARGET} obs=${BOOT2SIZE} conv=osync zfsboot.ld: zfsboot.ldr zfsboot.bin ${BTXKERN} btxld -v -E ${ORG2} -f bin -b ${BTXKERN} -l zfsboot.ldr \ -o ${.TARGET} -P 1 zfsboot.bin zfsboot.ldr: cp /dev/null ${.TARGET} zfsboot.bin: zfsboot.out ${OBJCOPY} -S -O binary zfsboot.out ${.TARGET} zfsboot.out: ${BTXCRT} zfsboot.o sio.o drv.o cons.o - ${LD} ${LD_FLAGS} -Ttext ${ORG2} -o ${.TARGET} ${.ALLSRC} ${LIBZFSBOOT} ${LIBGELIBOOT} ${LIBSA32} + ${LD} ${LD_FLAGS} -Ttext ${ORG2} -o ${.TARGET} ${.ALLSRC} ${LIBZFSBOOT} ${LIBSA32} SRCS= zfsboot.c .include # XXX: clang integrated-as doesn't grok .codeNN directives yet CFLAGS.zfsldr.S= ${CLANG_NO_IAS} Index: head/stand/libsa/Makefile =================================================================== --- head/stand/libsa/Makefile (revision 335320) +++ head/stand/libsa/Makefile (revision 335321) @@ -1,154 +1,159 @@ # $FreeBSD$ # Originally from $NetBSD: Makefile,v 1.21 1997/10/26 22:08:38 lukem Exp $ # # Notes: # - We don't use the libc strerror/sys_errlist because the string table is # quite large. # .include LIBSA_CPUARCH?=${MACHINE_CPUARCH} LIBC_SRC= ${SRCTOP}/lib/libc LIB?= sa # standalone components and stuff we have modified locally SRCS+= gzguts.h zutil.h __main.c abort.c assert.c bcd.c environment.c getopt.c gets.c \ globals.c pager.c panic.c printf.c strdup.c strerror.c \ random.c sbrk.c twiddle.c zalloc.c zalloc_malloc.c # private (pruned) versions of libc string functions SRCS+= strcasecmp.c .PATH: ${LIBC_SRC}/net SRCS+= ntoh.c # string functions from libc .PATH: ${LIBC_SRC}/string SRCS+= bcmp.c bcopy.c bzero.c ffs.c fls.c \ memccpy.c memchr.c memcmp.c memcpy.c memmove.c memset.c \ qdivrem.c strcat.c strchr.c strcmp.c strcpy.c stpcpy.c stpncpy.c \ strcspn.c strlcat.c strlcpy.c strlen.c strncat.c strncmp.c strncpy.c \ strnlen.c strpbrk.c strrchr.c strsep.c strspn.c strstr.c strtok.c swab.c # stdlib functions from libc .PATH: ${LIBC_SRC}/stdlib SRCS+= abs.c strtol.c strtoll.c strtoul.c strtoull.c .if ${MACHINE_CPUARCH} == "arm" .PATH: ${LIBC_SRC}/arm/gen # Do not generate movt/movw, because the relocation fixup for them does not # translate to the -Bsymbolic -pie format required by self_reloc() in loader(8). # Also, the fpu is not available in a standalone environment. .if ${COMPILER_VERSION} < 30800 CFLAGS.clang+= -mllvm -arm-use-movt=0 .else CFLAGS.clang+= -mno-movt .endif CFLAGS.clang+= -mfpu=none # Compiler support functions .PATH: ${SRCTOP}/contrib/compiler-rt/lib/builtins/ # __clzsi2 and ctzsi2 for various builtin functions SRCS+= clzsi2.c ctzsi2.c # Divide and modulus functions called by the compiler SRCS+= divmoddi4.c divmodsi4.c divdi3.c divsi3.c moddi3.c modsi3.c SRCS+= udivmoddi4.c udivmodsi4.c udivdi3.c udivsi3.c umoddi3.c umodsi3.c .PATH: ${SRCTOP}/contrib/compiler-rt/lib/builtins/arm/ SRCS+= aeabi_idivmod.S aeabi_ldivmod.S aeabi_uidivmod.S aeabi_uldivmod.S SRCS+= aeabi_memcmp.S aeabi_memcpy.S aeabi_memmove.S aeabi_memset.S .endif .if ${MACHINE_CPUARCH} == "aarch64" || ${MACHINE_CPUARCH} == "riscv" .PATH: ${LIBC_SRC}/${MACHINE_CPUARCH}/gen .endif .if ${MACHINE_CPUARCH} == "powerpc" .PATH: ${LIBC_SRC}/quad SRCS+= ashldi3.c ashrdi3.c SRCS+= syncicache.c .endif # uuid functions from libc .PATH: ${LIBC_SRC}/uuid SRCS+= uuid_create_nil.c uuid_equal.c uuid_from_string.c uuid_is_nil.c uuid_to_string.c # _setjmp/_longjmp .PATH: ${SASRC}/${LIBSA_CPUARCH} SRCS+= _setjmp.S # decompression functionality from libbz2 # NOTE: to actually test this functionality after libbz2 upgrade compile # loader(8) with LOADER_BZIP2_SUPPORT defined .PATH: ${SRCTOP}/contrib/bzip2 CFLAGS+= -DBZ_NO_STDIO -DBZ_NO_COMPRESS SRCS+=bzlib.c crctable.c decompress.c huffman.c randtable.c # decompression functionality from zlib .PATH: ${SRCTOP}/contrib/zlib CFLAGS+=-DHAVE_MEMCPY -I${SRCTOP}/contrib/zlib SRCS+= adler32.c crc32.c SRCS+= infback.c inffast.c inflate.c inftrees.c zutil.c # Create a subset of includes that are safe, as well as adjusting those that aren't # The lists may drive people nuts, but they are explicitly opt-in FAKE_DIRS=xlocale arpa SAFE_INCS=a.out.h assert.h elf.h limits.h nlist.h setjmp.h stddef.h stdbool.h string.h strings.h time.h unistd.h uuid.h STAND_H_INC=ctype.h fcntl.h signal.h stdio.h stdlib.h OTHER_INC=stdarg.h errno.h stdint.h beforedepend: echo beforedepend; \ mkdir -p ${FAKE_DIRS}; \ for i in ${SAFE_INCS}; do \ ln -sf ${SRCTOP}/include/$$i $$i; \ done; \ ln -sf ${SYSDIR}/${MACHINE}/include/stdarg.h stdarg.h; \ ln -sf ${SYSDIR}/sys/errno.h errno.h; \ ln -sf ${SYSDIR}/sys/stdint.h stdint.h; \ ln -sf ${SRCTOP}/include/arpa/inet.h arpa/inet.h; \ ln -sf ${SRCTOP}/include/arpa/tftp.h arpa/tftp.h; \ for i in _time.h _strings.h _string.h; do \ [ -f xlocale/$$i ] || cp /dev/null xlocale/$$i; \ done; \ for i in ${STAND_H_INC}; do \ ln -sf ${SASRC}/stand.h $$i; \ done CLEANDIRS+=${FAKE_DIRS} CLEANFILES+= ${SAFE_INCS} ${STAND_H_INC} ${OTHER_INC} # io routines SRCS+= closeall.c dev.c ioctl.c nullfs.c stat.c \ fstat.c close.c lseek.c open.c read.c write.c readdir.c # network routines SRCS+= arp.c ether.c ip.c inet_ntoa.c in_cksum.c net.c udp.c netif.c rpc.c # network info services: SRCS+= bootp.c rarp.c bootparam.c # boot filesystems SRCS+= ufs.c nfs.c cd9660.c tftp.c gzipfs.c bzipfs.c SRCS+= dosfs.c ext2fs.c SRCS+= splitfs.c SRCS+= pkgfs.c .if ${MK_NAND} != "no" SRCS+= nandfs.c .endif # kernel ufs support .PATH: ${SRCTOP}/sys/ufs/ffs SRCS+=ffs_subr.c ffs_tables.c CFLAGS.bzipfs.c+= -I${SRCTOP}/contrib/bzip2 # explicit_bzero .PATH: ${SYSDIR}/libkern SRCS+= explicit_bzero.c +# Maybe GELI +.if ${MK_LOADER_GELI} == "yes" +.include "${SASRC}/geli/Makefile.inc" +.endif + .include Index: head/stand/libsa/geli/Makefile.inc =================================================================== --- head/stand/libsa/geli/Makefile.inc (nonexistent) +++ head/stand/libsa/geli/Makefile.inc (revision 335321) @@ -0,0 +1,34 @@ +# $FreeBSD$ +# Extra stuff for GELI + +.PATH: ${SASRC}/geli + +CFLAGS+= -I${LDRSRC} + +# Our password input method +SRCS+= pwgets.c + +# sha256 and sha512 from sys/crypto +.PATH: ${SYSDIR}/crypto/sha2 +CFLAGS+= -DWEAK_REFS +SRCS+= sha256c.c sha512c.c + +# md5 from libmd +.PATH: ${SRCTOP}/lib/libmd +SRCS+= md5c.c + +# AES implementation from sys/crypto +.PATH: ${SYSDIR}/crypto/rijndael +.for i in rijndael-alg-fst.c rijndael-api-fst.c rijndael-api.c +# Remove asserts XXX BAD +CFLAGS.${i}+= -DNDEBUG +SRCS+= ${i} +.endfor + +# local GELI Implementation +.PATH: ${SYSDIR}/geom/eli +SRCS+= geliboot_crypto.c g_eli_hmac.c g_eli_key.c g_eli_key_cache.c pkcs5v2.c + +# aes +.PATH: ${SYSDIR}/opencrypto +SRCS+= xform_aes_xts.c Property changes on: head/stand/libsa/geli/Makefile.inc ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/stand/libsa/geli/geliboot.c =================================================================== --- head/stand/libsa/geli/geliboot.c (nonexistent) +++ head/stand/libsa/geli/geliboot.c (revision 335321) @@ -0,0 +1,437 @@ +/*- + * Copyright (c) 2015 Allan Jude + * Copyright (c) 2005-2011 Pawel Jakub Dawidek + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include "geliboot_internal.h" +#include "geliboot.h" + +SLIST_HEAD(geli_list, geli_entry) geli_head = SLIST_HEAD_INITIALIZER(geli_head); +struct geli_list *geli_headp; + +typedef u_char geli_ukey[G_ELI_USERKEYLEN]; + +static geli_ukey saved_keys[GELI_MAX_KEYS]; +static unsigned int nsaved_keys = 0; + +/* + * Copy keys from local storage to the keybuf struct. + * Destroy the local storage when finished. + */ +void +geli_fill_keybuf(struct keybuf *fkeybuf) +{ + unsigned int i; + + for (i = 0; i < nsaved_keys; i++) { + fkeybuf->kb_ents[i].ke_type = KEYBUF_TYPE_GELI; + memcpy(fkeybuf->kb_ents[i].ke_data, saved_keys[i], + G_ELI_USERKEYLEN); + } + fkeybuf->kb_nents = nsaved_keys; + explicit_bzero(saved_keys, sizeof(saved_keys)); +} + +/* + * Copy keys from a keybuf struct into local storage. + * Zero out the keybuf. + */ +void +geli_save_keybuf(struct keybuf *skeybuf) +{ + unsigned int i; + + for (i = 0; i < skeybuf->kb_nents && i < GELI_MAX_KEYS; i++) { + memcpy(saved_keys[i], skeybuf->kb_ents[i].ke_data, + G_ELI_USERKEYLEN); + explicit_bzero(skeybuf->kb_ents[i].ke_data, + G_ELI_USERKEYLEN); + skeybuf->kb_ents[i].ke_type = KEYBUF_TYPE_NONE; + } + nsaved_keys = skeybuf->kb_nents; + skeybuf->kb_nents = 0; +} + +static void +save_key(geli_ukey key) +{ + + /* + * If we run out of key space, the worst that will happen is + * it will ask the user for the password again. + */ + if (nsaved_keys < GELI_MAX_KEYS) { + memcpy(saved_keys[nsaved_keys], key, G_ELI_USERKEYLEN); + nsaved_keys++; + } +} + +static int +geli_same_device(struct geli_entry *ge, struct dsk *dskp) +{ + + if (ge->dsk->drive == dskp->drive && + dskp->part == 255 && ge->dsk->part == dskp->slice) { + /* + * Sometimes slice = slice, and sometimes part = slice + * If the incoming struct dsk has part=255, it means look at + * the slice instead of the part number + */ + return (0); + } + + /* Is this the same device? */ + if (ge->dsk->drive != dskp->drive || + ge->dsk->slice != dskp->slice || + ge->dsk->part != dskp->part) { + return (1); + } + + return (0); +} + +static int +geli_findkey(struct geli_entry *ge, struct dsk *dskp, u_char *mkey) +{ + u_int keynum; + int i; + + if (ge->keybuf_slot >= 0) { + if (g_eli_mkey_decrypt_any(&ge->md, saved_keys[ge->keybuf_slot], + mkey, &keynum) == 0) { + return (0); + } + } + + for (i = 0; i < nsaved_keys; i++) { + if (g_eli_mkey_decrypt_any(&ge->md, saved_keys[i], mkey, + &keynum) == 0) { + ge->keybuf_slot = i; + return (0); + } + } + + return (1); +} + +void +geli_init(void) +{ + + geli_count = 0; + SLIST_INIT(&geli_head); +} + +/* + * Read the last sector of the drive or partition pointed to by dsk and see + * if it is GELI encrypted + */ +int +geli_taste(int read_func(void *vdev, void *priv, off_t off, void *buf, + size_t bytes), struct dsk *dskp, daddr_t lastsector) +{ + struct g_eli_metadata md; + u_char buf[DEV_GELIBOOT_BSIZE]; + int error; + off_t alignsector; + + alignsector = rounddown2(lastsector * DEV_BSIZE, DEV_GELIBOOT_BSIZE); + if (alignsector + DEV_GELIBOOT_BSIZE > ((lastsector + 1) * DEV_BSIZE)) { + /* Don't read past the end of the disk */ + alignsector = (lastsector * DEV_BSIZE) + DEV_BSIZE + - DEV_GELIBOOT_BSIZE; + } + error = read_func(NULL, dskp, alignsector, &buf, DEV_GELIBOOT_BSIZE); + if (error != 0) { + return (error); + } + /* Extract the last 4k sector of the disk. */ + error = eli_metadata_decode(buf, &md); + if (error != 0) { + /* Try the last 512 byte sector instead. */ + error = eli_metadata_decode(buf + + (DEV_GELIBOOT_BSIZE - DEV_BSIZE), &md); + if (error != 0) { + return (error); + } + } + + if (!(md.md_flags & G_ELI_FLAG_GELIBOOT)) { + /* The GELIBOOT feature is not activated */ + return (1); + } + if ((md.md_flags & G_ELI_FLAG_ONETIME)) { + /* Swap device, skip it. */ + return (1); + } + if (md.md_iterations < 0) { + /* XXX TODO: Support loading key files. */ + /* Disk does not have a passphrase, skip it. */ + return (1); + } + geli_e = malloc(sizeof(struct geli_entry)); + if (geli_e == NULL) + return (2); + + geli_e->dsk = malloc(sizeof(struct dsk)); + if (geli_e->dsk == NULL) + return (2); + memcpy(geli_e->dsk, dskp, sizeof(struct dsk)); + geli_e->part_end = lastsector; + if (dskp->part == 255) { + geli_e->dsk->part = dskp->slice; + } + geli_e->keybuf_slot = -1; + + geli_e->md = md; + eli_metadata_softc(&geli_e->sc, &md, DEV_BSIZE, + (lastsector + DEV_BSIZE) * DEV_BSIZE); + + SLIST_INSERT_HEAD(&geli_head, geli_e, entries); + geli_count++; + + return (0); +} + +/* + * Attempt to decrypt the device + */ +static int +geli_attach(struct geli_entry *ge, struct dsk *dskp, const char *passphrase, + u_char *mkeyp) +{ + u_char key[G_ELI_USERKEYLEN], mkey[G_ELI_DATAIVKEYLEN], *mkp; + u_int keynum; + struct hmac_ctx ctx; + int error; + + if (mkeyp != NULL) { + memcpy(&mkey, mkeyp, G_ELI_DATAIVKEYLEN); + explicit_bzero(mkeyp, G_ELI_DATAIVKEYLEN); + } + + if (mkeyp != NULL || geli_findkey(ge, dskp, mkey) == 0) { + goto found_key; + } + + g_eli_crypto_hmac_init(&ctx, NULL, 0); + /* + * Prepare Derived-Key from the user passphrase. + */ + if (geli_e->md.md_iterations < 0) { + /* XXX TODO: Support loading key files. */ + return (1); + } else if (geli_e->md.md_iterations == 0) { + g_eli_crypto_hmac_update(&ctx, geli_e->md.md_salt, + sizeof(geli_e->md.md_salt)); + g_eli_crypto_hmac_update(&ctx, (const uint8_t *)passphrase, + strlen(passphrase)); + } else if (geli_e->md.md_iterations > 0) { + printf("Calculating GELI Decryption Key disk%dp%d @ %d" + " iterations...\n", dskp->unit, + (dskp->slice > 0 ? dskp->slice : dskp->part), + geli_e->md.md_iterations); + u_char dkey[G_ELI_USERKEYLEN]; + + pkcs5v2_genkey(dkey, sizeof(dkey), geli_e->md.md_salt, + sizeof(geli_e->md.md_salt), passphrase, + geli_e->md.md_iterations); + g_eli_crypto_hmac_update(&ctx, dkey, sizeof(dkey)); + explicit_bzero(dkey, sizeof(dkey)); + } + + g_eli_crypto_hmac_final(&ctx, key, 0); + + error = g_eli_mkey_decrypt_any(&geli_e->md, key, mkey, &keynum); + if (error == -1) { + explicit_bzero(mkey, sizeof(mkey)); + explicit_bzero(key, sizeof(key)); + printf("Bad GELI key: bad password?\n"); + return (error); + } else if (error != 0) { + explicit_bzero(mkey, sizeof(mkey)); + explicit_bzero(key, sizeof(key)); + printf("Failed to decrypt GELI master key: %d\n", error); + return (error); + } else { + /* Add key to keychain */ + save_key(key); + explicit_bzero(&key, sizeof(key)); + } + +found_key: + /* Store the keys */ + bcopy(mkey, geli_e->sc.sc_mkey, sizeof(geli_e->sc.sc_mkey)); + bcopy(mkey, geli_e->sc.sc_ivkey, sizeof(geli_e->sc.sc_ivkey)); + mkp = mkey + sizeof(geli_e->sc.sc_ivkey); + if ((geli_e->sc.sc_flags & G_ELI_FLAG_AUTH) == 0) { + bcopy(mkp, geli_e->sc.sc_ekey, G_ELI_DATAKEYLEN); + } else { + /* + * The encryption key is: ekey = HMAC_SHA512(Data-Key, 0x10) + */ + g_eli_crypto_hmac(mkp, G_ELI_MAXKEYLEN, (const uint8_t *)"\x10", 1, + geli_e->sc.sc_ekey, 0); + } + explicit_bzero(mkey, sizeof(mkey)); + + /* Initialize the per-sector IV. */ + switch (geli_e->sc.sc_ealgo) { + case CRYPTO_AES_XTS: + break; + default: + SHA256_Init(&geli_e->sc.sc_ivctx); + SHA256_Update(&geli_e->sc.sc_ivctx, geli_e->sc.sc_ivkey, + sizeof(geli_e->sc.sc_ivkey)); + break; + } + + return (0); +} + +int +is_geli(struct dsk *dskp) +{ + SLIST_FOREACH_SAFE(geli_e, &geli_head, entries, geli_e_tmp) { + if (geli_same_device(geli_e, dskp) == 0) { + return (0); + } + } + + return (1); +} + +int +geli_read(struct dsk *dskp, off_t offset, u_char *buf, size_t bytes) +{ + u_char iv[G_ELI_IVKEYLEN]; + u_char *pbuf; + int error; + off_t dstoff; + uint64_t keyno; + size_t n, nsec, secsize; + struct g_eli_key gkey; + + pbuf = buf; + SLIST_FOREACH_SAFE(geli_e, &geli_head, entries, geli_e_tmp) { + if (geli_same_device(geli_e, dskp) != 0) { + continue; + } + + secsize = geli_e->sc.sc_sectorsize; + nsec = bytes / secsize; + if (nsec == 0) { + /* + * A read of less than the GELI sector size has been + * requested. The caller provided destination buffer may + * not be big enough to boost the read to a full sector, + * so just attempt to decrypt the truncated sector. + */ + secsize = bytes; + nsec = 1; + } + + for (n = 0, dstoff = offset; n < nsec; n++, dstoff += secsize) { + + g_eli_crypto_ivgen(&geli_e->sc, dstoff, iv, + G_ELI_IVKEYLEN); + + /* Get the key that corresponds to this offset. */ + keyno = (dstoff >> G_ELI_KEY_SHIFT) / secsize; + g_eli_key_fill(&geli_e->sc, &gkey, keyno); + + error = geliboot_crypt(geli_e->sc.sc_ealgo, 0, pbuf, + secsize, gkey.gek_key, + geli_e->sc.sc_ekeylen, iv); + + if (error != 0) { + explicit_bzero(&gkey, sizeof(gkey)); + printf("Failed to decrypt in geli_read()!"); + return (error); + } + pbuf += secsize; + } + explicit_bzero(&gkey, sizeof(gkey)); + return (0); + } + + printf("GELI provider not found\n"); + return (1); +} + +int +geli_havekey(struct dsk *dskp) +{ + u_char mkey[G_ELI_DATAIVKEYLEN]; + + SLIST_FOREACH_SAFE(geli_e, &geli_head, entries, geli_e_tmp) { + if (geli_same_device(geli_e, dskp) != 0) { + continue; + } + + if (geli_findkey(geli_e, dskp, mkey) == 0) { + if (geli_attach(geli_e, dskp, NULL, mkey) == 0) { + return (0); + } + } + } + explicit_bzero(mkey, sizeof(mkey)); + + return (1); +} + +int +geli_passphrase(char *pw, int disk, int parttype, int part, struct dsk *dskp) +{ + int i; + + SLIST_FOREACH_SAFE(geli_e, &geli_head, entries, geli_e_tmp) { + if (geli_same_device(geli_e, dskp) != 0) { + continue; + } + + /* TODO: Implement GELI keyfile(s) support */ + for (i = 0; i < 3; i++) { + /* Try cached passphrase */ + if (i == 0 && pw[0] != '\0') { + if (geli_attach(geli_e, dskp, pw, NULL) == 0) { + return (0); + } + } + printf("GELI Passphrase for disk%d%c%d: ", disk, + parttype, part); + pwgets(pw, GELI_PW_MAXLEN, + (geli_e->md.md_flags & G_ELI_FLAG_GELIDISPLAYPASS) == 0); + printf("\n"); + if (geli_attach(geli_e, dskp, pw, NULL) == 0) { + return (0); + } + } + } + + return (1); +} Property changes on: head/stand/libsa/geli/geliboot.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/stand/libsa/geli/geliboot.h =================================================================== --- head/stand/libsa/geli/geliboot.h (nonexistent) +++ head/stand/libsa/geli/geliboot.h (revision 335321) @@ -0,0 +1,69 @@ +/*- + * Copyright (c) 2015 Allan Jude + * Copyright (c) 2005-2011 Pawel Jakub Dawidek + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include + +#ifndef _GELIBOOT_H_ +#define _GELIBOOT_H_ + +#ifndef DEV_BSIZE +#define DEV_BSIZE 512 +#endif +#ifndef DEV_GELIBOOT_BSIZE +#define DEV_GELIBOOT_BSIZE 4096 +#endif + +#ifndef MIN +#define MIN(a,b) (((a) < (b)) ? (a) : (b)) +#endif + +#define GELI_MAX_KEYS 64 +#define GELI_PW_MAXLEN 256 + +extern void pwgets(char *buf, int n, int hide); + +struct dsk; + +void geli_init(void); +int geli_taste(int read_func(void *vdev, void *priv, off_t off, + void *buf, size_t bytes), struct dsk *dsk, daddr_t lastsector); +int is_geli(struct dsk *dsk); +int geli_read(struct dsk *dsk, off_t offset, u_char *buf, size_t bytes); +int geli_decrypt(u_int algo, u_char *data, size_t datasize, + const u_char *key, size_t keysize, const uint8_t* iv); +int geli_havekey(struct dsk *dskp); +int geli_passphrase(char *pw, int disk, int parttype, int part, struct dsk *dskp); + +int geliboot_crypt(u_int algo, int enc, u_char *data, size_t datasize, + const u_char *key, size_t keysize, u_char *iv); + +void geli_fill_keybuf(struct keybuf *keybuf); +void geli_save_keybuf(struct keybuf *keybuf); + +#endif /* _GELIBOOT_H_ */ Property changes on: head/stand/libsa/geli/geliboot.h ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/stand/libsa/geli/geliboot_crypto.c =================================================================== --- head/stand/libsa/geli/geliboot_crypto.c (nonexistent) +++ head/stand/libsa/geli/geliboot_crypto.c (revision 335321) @@ -0,0 +1,140 @@ +/*- + * Copyright (c) 2005-2010 Pawel Jakub Dawidek + * Copyright (c) 2015 Allan Jude + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include +#include +#include + +#include "geliboot_internal.h" +#include "geliboot.h" + +int +geliboot_crypt(u_int algo, int enc, u_char *data, size_t datasize, + const u_char *key, size_t keysize, u_char *iv) +{ + keyInstance aeskey; + cipherInstance cipher; + struct aes_xts_ctx xtsctx, *ctxp; + size_t xts_len; + int err, blks, i; + + switch (algo) { + case CRYPTO_AES_CBC: + err = rijndael_makeKey(&aeskey, !enc, keysize, + (const char *)key); + if (err < 0) { + printf("Failed to setup decryption keys: %d\n", err); + return (err); + } + + err = rijndael_cipherInit(&cipher, MODE_CBC, iv); + if (err < 0) { + printf("Failed to setup IV: %d\n", err); + return (err); + } + + switch (enc) { + case 0: /* decrypt */ + blks = rijndael_blockDecrypt(&cipher, &aeskey, data, + datasize * 8, data); + break; + case 1: /* encrypt */ + blks = rijndael_blockEncrypt(&cipher, &aeskey, data, + datasize * 8, data); + break; + } + if (datasize != (blks / 8)) { + printf("Failed to decrypt the entire input: " + "%u != %zu\n", blks, datasize); + return (1); + } + break; + case CRYPTO_AES_XTS: + xts_len = keysize << 1; + ctxp = &xtsctx; + + rijndael_set_key(&ctxp->key1, key, xts_len / 2); + rijndael_set_key(&ctxp->key2, key + (xts_len / 16), xts_len / 2); + + enc_xform_aes_xts.reinit((caddr_t)ctxp, iv); + + switch (enc) { + case 0: /* decrypt */ + for (i = 0; i < datasize; i += AES_XTS_BLOCKSIZE) { + enc_xform_aes_xts.decrypt((caddr_t)ctxp, data + i); + } + break; + case 1: /* encrypt */ + for (i = 0; i < datasize; i += AES_XTS_BLOCKSIZE) { + enc_xform_aes_xts.encrypt((caddr_t)ctxp, data + i); + } + break; + } + break; + default: + printf("Unsupported crypto algorithm #%d\n", algo); + return (1); + } + + return (0); +} + +static int +g_eli_crypto_cipher(u_int algo, int enc, u_char *data, size_t datasize, + const u_char *key, size_t keysize) +{ + u_char iv[keysize]; + + explicit_bzero(iv, sizeof(iv)); + return (geliboot_crypt(algo, enc, data, datasize, key, keysize, iv)); +} + +int +g_eli_crypto_encrypt(u_int algo, u_char *data, size_t datasize, + const u_char *key, size_t keysize) +{ + + /* We prefer AES-CBC for metadata protection. */ + if (algo == CRYPTO_AES_XTS) + algo = CRYPTO_AES_CBC; + + return (g_eli_crypto_cipher(algo, 1, data, datasize, key, keysize)); +} + +int +g_eli_crypto_decrypt(u_int algo, u_char *data, size_t datasize, + const u_char *key, size_t keysize) +{ + + /* We prefer AES-CBC for metadata protection. */ + if (algo == CRYPTO_AES_XTS) + algo = CRYPTO_AES_CBC; + + return (g_eli_crypto_cipher(algo, 0, data, datasize, key, keysize)); +} Property changes on: head/stand/libsa/geli/geliboot_crypto.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/stand/libsa/geli/geliboot_internal.h =================================================================== --- head/stand/libsa/geli/geliboot_internal.h (nonexistent) +++ head/stand/libsa/geli/geliboot_internal.h (revision 335321) @@ -0,0 +1,69 @@ +/*- + * Copyright (c) 2015 Allan Jude + * Copyright (c) 2005-2011 Pawel Jakub Dawidek + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#ifndef _GELIBOOT_INTERNAL_H_ +#define _GELIBOOT_INTERNAL_H_ + +#define _STRING_H_ +#define _STRINGS_H_ +#define _STDIO_H_ + +#include +#include + +#include +#include + +#include + +/* Pull in the md5, sha256, and sha512 implementations */ +#include +#include +#include + +/* Pull in AES implementation */ +#include + +/* AES-XTS implementation */ +#define _STAND 1 +#define STAND_H /* We don't want stand.h in {gpt,zfs,gptzfs}boot */ +#include + +struct geli_entry { + struct dsk *dsk; + off_t part_end; + struct g_eli_softc sc; + struct g_eli_metadata md; + int keybuf_slot; + SLIST_ENTRY(geli_entry) entries; +} *geli_e, *geli_e_tmp; + +static int geli_count; + +#endif /* _GELIBOOT_INTERNAL_H_ */ Property changes on: head/stand/libsa/geli/geliboot_internal.h ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/stand/libsa/geli/pwgets.c =================================================================== --- head/stand/libsa/geli/pwgets.c (nonexistent) +++ head/stand/libsa/geli/pwgets.c (revision 335321) @@ -0,0 +1,79 @@ +/* $NetBSD: gets.c,v 1.6 1995/10/11 21:16:57 pk Exp $ */ + +/*- + * Copyright (c) 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)gets.c 8.1 (Berkeley) 6/11/93 + */ + +#include +__FBSDID("$FreeBSD$"); + +#include "stand.h" + +/* gets() with constrained input length, for passwords */ + +void +pwgets(char *buf, int n, int hide) +{ + int c; + char *lp; + + for (lp = buf;;) + switch (c = getchar() & 0177) { + case '\n': + case '\r': + *lp = '\0'; + putchar('\n'); + return; + case '\b': + case '\177': + if (lp > buf) { + lp--; + if (hide == 0) { + putchar('\b'); + putchar(' '); + putchar('\b'); + } + } + break; + case 'u'&037: + case 'w'&037: + lp = buf; + putchar('\n'); + break; + default: + if ((n < 1) || ((lp - buf) < n - 1)) { + *lp++ = c; + if (hide == 0) { + putchar('*'); + } + } + } + /*NOTREACHED*/ +} Property changes on: head/stand/libsa/geli/pwgets.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property