From nobody Sun Feb 8 21:47:32 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1666892001; cv=none; d=zohomail.com; s=zohoarc; b=ngpL8hI/63bvATg5egfi1S6lwPGuOFpK+ZgWeiQuqDRUqS44TgzQImYfXdDB3READx/BzCW3W4zb3coosm0WxZWoEUqhZdF46SwOydII/izsn2lIoK8QV7zHfmWMidHZOm4OZ96EVmRytYriDivJ9ZHXKjCjF7qE44fFgpV3uQs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666892001; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=O1Zxp3RZOU1MCY76Fw63/rxm/fF4YDwZP1hI7Pfxzwg=; b=Tl9MA+T8pvHkpDY1cX06/NGNKP0vk4gQsSVZOQ12NYxbJ/tJrwqGHOYATFEFxA3ebDw0SxKWiNIXWNS3GsTL5iJCr6wqN85UG20qj5CfsSIw7GQBowpbyexIhWxZpLFo8sh2I8n5qYbe0ZnIXl3CkCFdeE1sqyGVz8ixrfmIHK8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1666892001603696.9250064381139; Thu, 27 Oct 2022 10:33:21 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oo6jN-0006Te-TW; Thu, 27 Oct 2022 13:31:49 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oo6jL-00069M-Vt for qemu-devel@nongnu.org; Thu, 27 Oct 2022 13:31:48 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oo6jK-0000xz-I0 for qemu-devel@nongnu.org; Thu, 27 Oct 2022 13:31:47 -0400 Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-301-Zkp6YKPIPHylVTYCJuAxnw-1; Thu, 27 Oct 2022 13:31:41 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 14CA08726BA for ; Thu, 27 Oct 2022 17:31:20 +0000 (UTC) Received: from localhost.localdomain.com (unknown [10.33.36.37]) by smtp.corp.redhat.com (Postfix) with ESMTP id 48E1240C6EC3; Thu, 27 Oct 2022 17:31:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1666891906; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=O1Zxp3RZOU1MCY76Fw63/rxm/fF4YDwZP1hI7Pfxzwg=; b=ffMx74rTnkTqhxNJbTKvvEzhwj/irMT0McCKSYYntCvKTxbJM7eXbrPY7GL4brVxWTT8/F avSIRIanK/zUelUfVpSEcfGbMHxPSxBOc7e8b7EAdDdYx2kHV4Z91QSLryUqpmdw11WSIa MEdNq0DA0wjQnsaS+reA6bTFBezsXuE= X-MC-Unique: Zkp6YKPIPHylVTYCJuAxnw-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Cc: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , "Richard W . M . Jones" Subject: [PULL 11/20] crypto: enforce that LUKS stripes is always a fixed value Date: Thu, 27 Oct 2022 18:30:54 +0100 Message-Id: <20221027173103.299479-12-berrange@redhat.com> In-Reply-To: <20221027173103.299479-1-berrange@redhat.com> References: <20221027173103.299479-1-berrange@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.129.124; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -32 X-Spam_score: -3.3 X-Spam_bar: --- X-Spam_report: (-3.3 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.515, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Qemu-devel" Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1666892002287100001 Although the LUKS stripes are encoded in the keyslot header and so potentially configurable, in pratice the cryptsetup impl mandates this has the fixed value 4000. To avoid incompatibility apply the same enforcement in QEMU too. This also caps the memory usage for key material when QEMU tries to open a LUKS volume. Reviewed-by: Richard W.M. Jones Signed-off-by: Daniel P. Berrang=C3=A9 --- crypto/block-luks.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/crypto/block-luks.c b/crypto/block-luks.c index 27d1b34c1d..81744e2a8e 100644 --- a/crypto/block-luks.c +++ b/crypto/block-luks.c @@ -582,8 +582,9 @@ qcrypto_block_luks_check_header(const QCryptoBlockLUKS = *luks, Error **errp) header_sectors, slot1->stripes); =20 - if (slot1->stripes =3D=3D 0) { - error_setg(errp, "Keyslot %zu is corrupted (stripes =3D=3D 0)"= , i); + if (slot1->stripes !=3D QCRYPTO_BLOCK_LUKS_STRIPES) { + error_setg(errp, "Keyslot %zu is corrupted (stripes %d !=3D %d= )", + i, slot1->stripes, QCRYPTO_BLOCK_LUKS_STRIPES); return -1; } =20 --=20 2.37.3