[thirdparty/systemd.git] / src / cryptsetup / cryptsetup.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2010 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <string.h>
#include <errno.h>
#include <sys/mman.h>
#include <mntent.h>

#include <libcryptsetup.h>
#include <libudev.h>

#include "fileio.h"
#include "log.h"
#include "util.h"
#include "path-util.h"
#include "strv.h"
#include "ask-password-api.h"
#include "def.h"

static const char *opt_type = NULL; /* CRYPT_LUKS1, CRYPT_TCRYPT or CRYPT_PLAIN */
static char *opt_cipher = NULL;
static unsigned opt_key_size = 0;
static unsigned opt_keyfile_size = 0;
static unsigned opt_keyfile_offset = 0;
static char *opt_hash = NULL;
static unsigned opt_tries = 0;
static bool opt_readonly = false;
static bool opt_verify = false;
static bool opt_discards = false;
static bool opt_tcrypt_hidden = false;
static bool opt_tcrypt_system = false;
static char **opt_tcrypt_keyfiles = NULL;
static usec_t opt_timeout = 0;

/* Options Debian's crypttab knows we don't:

    offset=
    skip=
    precheck=
    check=
    checkargs=
    noearly=
    loud=
    keyscript=
*/

static int parse_one_option(const char *option) {
        assert(option);

        /* Handled outside of this tool */
        if (streq(option, "noauto") || streq(option, "nofail"))
                return 0;

        if (startswith(option, "cipher=")) {
                char *t;

                t = strdup(option+7);
                if (!t)
                        return -ENOMEM;

                free(opt_cipher);
                opt_cipher = t;

        } else if (startswith(option, "size=")) {

                if (safe_atou(option+5, &opt_key_size) < 0) {
                        log_error("size= parse failure, ignoring.");
                        return 0;
                }

        } else if (startswith(option, "tcrypt-keyfile=")) {

                opt_type = CRYPT_TCRYPT;
                if (path_is_absolute(option+15))
                        opt_tcrypt_keyfiles = strv_append(opt_tcrypt_keyfiles, strdup(option+15));
                else
                        log_error("Key file path '%s' is not absolute. Ignoring.", option+15);

        } else if (startswith(option, "keyfile-size=")) {

                if (safe_atou(option+13, &opt_keyfile_size) < 0) {
                        log_error("keyfile-size= parse failure, ignoring.");
                        return 0;
                }

        } else if (startswith(option, "keyfile-offset=")) {

                if (safe_atou(option+15, &opt_keyfile_offset) < 0) {
                        log_error("keyfile-offset= parse failure, ignoring.");
                        return 0;
                }

        } else if (startswith(option, "hash=")) {
                char *t;

                t = strdup(option+5);
                if (!t)
                        return -ENOMEM;

                free(opt_hash);
                opt_hash = t;

        } else if (startswith(option, "tries=")) {

                if (safe_atou(option+6, &opt_tries) < 0) {
                        log_error("tries= parse failure, ignoring.");
                        return 0;
                }

        } else if (streq(option, "readonly") || streq(option, "read-only"))
                opt_readonly = true;
        else if (streq(option, "verify"))
                opt_verify = true;
        else if (streq(option, "allow-discards"))
                opt_discards = true;
        else if (streq(option, "luks"))
                opt_type = CRYPT_LUKS1;
        else if (streq(option, "tcrypt"))
                opt_type = CRYPT_TCRYPT;
        else if (streq(option, "tcrypt-hidden")) {
                opt_type = CRYPT_TCRYPT;
                opt_tcrypt_hidden = true;
        } else if (streq(option, "tcrypt-system")) {
                opt_type = CRYPT_TCRYPT;
                opt_tcrypt_system = true;
        } else if (streq(option, "plain") ||
                 streq(option, "swap") ||
                 streq(option, "tmp"))
                opt_type = CRYPT_PLAIN;
        else if (startswith(option, "timeout=")) {

                if (parse_sec(option+8, &opt_timeout) < 0) {
                        log_error("timeout= parse failure, ignoring.");
                        return 0;
                }

        } else if (!streq(option, "none"))
                log_error("Encountered unknown /etc/crypttab option '%s', ignoring.", option);

        return 0;
}

static int parse_options(const char *options) {
        char *state, *w;
        size_t l;
        int r;

        assert(options);

        FOREACH_WORD_SEPARATOR(w, l, options, ",", state) {
                _cleanup_free_ char *o;

                o = strndup(w, l);
                if (!o)
                        return -ENOMEM;
                r = parse_one_option(o);
                if (r < 0)
                        return r;
        }

        return 0;
}

static void log_glue(int level, const char *msg, void *usrptr) {
        log_debug("%s", msg);
}

static char *disk_description(const char *path) {

        static const char name_fields[] = {
                "ID_PART_ENTRY_NAME\0"
                "DM_NAME\0"
                "ID_MODEL_FROM_DATABASE\0"
                "ID_MODEL\0"
        };

        struct udev *udev = NULL;
        struct udev_device *device = NULL;
        struct stat st;
        char *description = NULL;
        const char *i;

        assert(path);

        if (stat(path, &st) < 0)
                return NULL;

        if (!S_ISBLK(st.st_mode))
                return NULL;

        udev = udev_new();
        if (!udev)
                return NULL;

        device = udev_device_new_from_devnum(udev, 'b', st.st_rdev);
        if (!device)
                goto finish;

        NULSTR_FOREACH(i, name_fields) {
                const char *name;

                name = udev_device_get_property_value(device, i);
                if (!isempty(name)) {
                        description = strdup(name);
                        break;
                }
        }

finish:
        if (device)
                udev_device_unref(device);

        if (udev)
                udev_unref(udev);

        return description;
}

static char *disk_mount_point(const char *label) {
        char *mp = NULL;
        _cleanup_free_ char *device = NULL;
        FILE *f = NULL;
        struct mntent *m;

        /* Yeah, we don't support native systemd unit files here for now */

        if (asprintf(&device, "/dev/mapper/%s", label) < 0)
                goto finish;

        f = setmntent("/etc/fstab", "r");
        if (!f)
                goto finish;

        while ((m = getmntent(f)))
                if (path_equal(m->mnt_fsname, device)) {
                        mp = strdup(m->mnt_dir);
                        break;
                }

finish:
        if (f)
                endmntent(f);

        return mp;
}

static int get_password(const char *name, usec_t until, bool accept_cached, char ***passwords) {
        int r;
        char **p;
        _cleanup_free_ char *text = NULL;

        assert(name);
        assert(passwords);

        if (asprintf(&text, "Please enter passphrase for disk %s!", name) < 0)
                return log_oom();

        r = ask_password_auto(text, "drive-harddisk", until, accept_cached, passwords);
        if (r < 0) {
                log_error("Failed to query password: %s", strerror(-r));
                return r;
        }

        if (opt_verify) {
                _cleanup_strv_free_ char **passwords2 = NULL;

                assert(strv_length(*passwords) == 1);

                if (asprintf(&text, "Please enter passphrase for disk %s! (verification)", name) < 0)
                        return log_oom();

                r = ask_password_auto(text, "drive-harddisk", until, false, &passwords2);
                if (r < 0) {
                        log_error("Failed to query verification password: %s", strerror(-r));
                        return r;
                }

                assert(strv_length(passwords2) == 1);

                if (!streq(*passwords[0], passwords2[0])) {
                        log_warning("Passwords did not match, retrying.");
                        return -EAGAIN;
                }
        }

        strv_uniq(*passwords);

        STRV_FOREACH(p, *passwords) {
                char *c;

                if (strlen(*p)+1 >= opt_key_size)
                        continue;

                /* Pad password if necessary */
                if (!(c = new(char, opt_key_size)))
                        return log_oom();

                strncpy(c, *p, opt_key_size);
                free(*p);
                *p = c;
        }

        return 0;
}

static int attach_tcrypt(struct crypt_device *cd,
                                const char *name,
                                const char *key_file,
                                char **passwords,
                                uint32_t flags) {
        int r = 0;
        _cleanup_free_ char *passphrase = NULL;
        struct crypt_params_tcrypt params = {
                .flags = CRYPT_TCRYPT_LEGACY_MODES,
                .keyfiles = (const char **)opt_tcrypt_keyfiles,
                .keyfiles_count = strv_length(opt_tcrypt_keyfiles)
        };

        assert(cd);
        assert(name);
        assert(key_file || passwords);

        if (opt_tcrypt_hidden)
                params.flags |= CRYPT_TCRYPT_HIDDEN_HEADER;

        if (opt_tcrypt_system)
                params.flags |= CRYPT_TCRYPT_SYSTEM_HEADER;

        if (key_file) {
                r = read_one_line_file(key_file, &passphrase);
                if (r < 0) {
                        log_error("Failed to read password file '%s': %s", key_file, strerror(-r));
                        return -EAGAIN;
                }

                params.passphrase = passphrase;
        } else
                params.passphrase = passwords[0];
        params.passphrase_size = strlen(params.passphrase);

        r = crypt_load(cd, CRYPT_TCRYPT, &params);
        if (r < 0) {
                if (key_file && r == -EPERM) {
                        log_error("Failed to activate using password file '%s'.", key_file);
                        return -EAGAIN;
                }
                return r;
        }

        return crypt_activate_by_volume_key(cd, name, NULL, 0, flags);;
}

static int attach_luks_or_plain(struct crypt_device *cd,
                                const char *name,
                                const char *key_file,
                                char **passwords,
                                uint32_t flags) {
        int r = 0;
        bool pass_volume_key = false;

        assert(cd);
        assert(name);
        assert(key_file || passwords);

        if (!opt_type || streq(opt_type, CRYPT_LUKS1))
                r = crypt_load(cd, CRYPT_LUKS1, NULL);

        if ((!opt_type && r < 0) || streq_ptr(opt_type, CRYPT_PLAIN)) {
                struct crypt_params_plain params = {};
                const char *cipher, *cipher_mode;
                _cleanup_free_ char *truncated_cipher = NULL;

                if (opt_hash) {
                        /* plain isn't a real hash type. it just means "use no hash" */
                        if (!streq(opt_hash, "plain"))
                                params.hash = opt_hash;
                } else
                        params.hash = "ripemd160";

                if (opt_cipher) {
                        size_t l;

                        l = strcspn(opt_cipher, "-");
                        truncated_cipher = strndup(opt_cipher, l);
                        if (!truncated_cipher)
                                return log_oom();

                        cipher = truncated_cipher;
                        cipher_mode = opt_cipher[l] ? opt_cipher+l+1 : "plain";
                } else {
                        cipher = "aes";
                        cipher_mode = "cbc-essiv:sha256";
                }

                /* for CRYPT_PLAIN limit reads
                 * from keyfile to key length, and
                 * ignore keyfile-size */
                opt_keyfile_size = opt_key_size / 8;

                /* In contrast to what the name
                 * crypt_setup() might suggest this
                 * doesn't actually format anything,
                 * it just configures encryption
                 * parameters when used for plain
                 * mode. */
                r = crypt_format(cd, CRYPT_PLAIN, cipher, cipher_mode,
                                 NULL, NULL, opt_keyfile_size, &params);

                /* hash == NULL implies the user passed "plain" */
                pass_volume_key = (params.hash == NULL);
        }

        if (r < 0) {
                log_error("Loading of cryptographic parameters failed: %s", strerror(-r));
                return r;
        }

        log_info("Set cipher %s, mode %s, key size %i bits for device %s.",
                 crypt_get_cipher(cd),
                 crypt_get_cipher_mode(cd),
                 crypt_get_volume_key_size(cd)*8,
                 crypt_get_device_name(cd));

        if (key_file) {
                r = crypt_activate_by_keyfile_offset(cd, name, CRYPT_ANY_SLOT,
                                                     key_file, opt_keyfile_size,
                                                     opt_keyfile_offset, flags);
                if (r < 0) {
                        log_error("Failed to activate with key file '%s': %s", key_file, strerror(-r));
                        return -EAGAIN;
                }
        } else {
                char **p;

                STRV_FOREACH(p, passwords) {
                        if (pass_volume_key)
                                r = crypt_activate_by_volume_key(cd, name, *p, opt_key_size, flags);
                        else
                                r = crypt_activate_by_passphrase(cd, name, CRYPT_ANY_SLOT, *p, strlen(*p), flags);

                        if (r >= 0)
                                break;
                }
        }

        return r;
}

static int help(void) {

        printf("%s attach VOLUME SOURCEDEVICE [PASSWORD] [OPTIONS]\n"
               "%s detach VOLUME\n\n"
               "Attaches or detaches an encrypted block device.\n",
               program_invocation_short_name,
               program_invocation_short_name);

        return 0;
}

int main(int argc, char *argv[]) {
        int r = EXIT_FAILURE;
        struct crypt_device *cd = NULL;

        if (argc <= 1) {
                help();
                return EXIT_SUCCESS;
        }

        if (argc < 3) {
                log_error("This program requires at least two arguments.");
                return EXIT_FAILURE;
        }

        log_set_target(LOG_TARGET_AUTO);
        log_parse_environment();
        log_open();

        umask(0022);

        if (streq(argv[1], "attach")) {
                uint32_t flags = 0;
                int k;
                unsigned tries;
                usec_t until;
                crypt_status_info status;
                const char *key_file = NULL, *name = NULL;
                _cleanup_free_ char *description = NULL, *name_buffer = NULL, *mount_point = NULL;

                /* Arguments: systemd-cryptsetup attach VOLUME SOURCE-DEVICE [PASSWORD] [OPTIONS] */

                if (argc < 4) {
                        log_error("attach requires at least two arguments.");
                        goto finish;
                }

                if (argc >= 5 &&
                    argv[4][0] &&
                    !streq(argv[4], "-") &&
                    !streq(argv[4], "none")) {

                        if (!path_is_absolute(argv[4]))
                                log_error("Password file path '%s' is not absolute. Ignoring.", argv[4]);
                        else
                                key_file = argv[4];
                }

                if (argc >= 6 && argv[5][0] && !streq(argv[5], "-")) {
                        if (parse_options(argv[5]) < 0)
                                goto finish;
                }

                /* A delicious drop of snake oil */
                mlockall(MCL_FUTURE);

                description = disk_description(argv[3]);
                mount_point = disk_mount_point(argv[2]);

                if (description && streq(argv[2], description)) {
                        /* If the description string is simply the
                         * volume name, then let's not show this
                         * twice */
                        free(description);
                        description = NULL;
                }

                if (mount_point && description)
                        asprintf(&name_buffer, "%s (%s) on %s", description, argv[2], mount_point);
                else if (mount_point)
                        asprintf(&name_buffer, "%s on %s", argv[2], mount_point);
                else if (description)
                        asprintf(&name_buffer, "%s (%s)", description, argv[2]);

                name = name_buffer ? name_buffer : argv[2];

                k = crypt_init(&cd, argv[3]);
                if (k) {
                        log_error("crypt_init() failed: %s", strerror(-k));
                        goto finish;
                }

                crypt_set_log_callback(cd, log_glue, NULL);

                status = crypt_status(cd, argv[2]);
                if (status == CRYPT_ACTIVE || status == CRYPT_BUSY) {
                        log_info("Volume %s already active.", argv[2]);
                        r = EXIT_SUCCESS;
                        goto finish;
                }

                if (opt_readonly)
                        flags |= CRYPT_ACTIVATE_READONLY;

                if (opt_discards)
                        flags |= CRYPT_ACTIVATE_ALLOW_DISCARDS;

                if (opt_timeout > 0)
                        until = now(CLOCK_MONOTONIC) + opt_timeout;
                else
                        until = 0;

                opt_tries = opt_tries > 0 ? opt_tries : 3;
                opt_key_size = (opt_key_size > 0 ? opt_key_size : 256);

                if (key_file) {
                        struct stat st;

                        /* Ideally we'd do this on the open fd, but since this is just a
                         * warning it's OK to do this in two steps. */
                        if (stat(key_file, &st) >= 0 && (st.st_mode & 0005))
                                log_warning("Key file %s is world-readable. This is not a good idea!", key_file);
                }

                for (tries = 0; tries < opt_tries; tries++) {
                        _cleanup_strv_free_ char **passwords = NULL;

                        if (!key_file) {
                                k = get_password(name, until, tries == 0 && !opt_verify, &passwords);
                                if (k == -EAGAIN)
                                        continue;
                                else if (k < 0)
                                        goto finish;
                        }

                        if (streq_ptr(opt_type, CRYPT_TCRYPT))
                                k = attach_tcrypt(cd, argv[2], key_file, passwords, flags);
                        else
                                k = attach_luks_or_plain(cd, argv[2], key_file, passwords, flags);
                        if (k >= 0)
                                break;
                        else if (k == -EAGAIN) {
                                key_file = NULL;
                                continue;
                        } else if (k != -EPERM) {
                                log_error("Failed to activate: %s", strerror(-k));
                                goto finish;
                        }

                        log_warning("Invalid passphrase.");
                }

                if (tries >= opt_tries) {
                        log_error("Too many attempts; giving up.");
                        r = EXIT_FAILURE;
                        goto finish;
                }

        } else if (streq(argv[1], "detach")) {
                int k;

                k = crypt_init_by_name(&cd, argv[2]);
                if (k) {
                        log_error("crypt_init() failed: %s", strerror(-k));
                        goto finish;
                }

                crypt_set_log_callback(cd, log_glue, NULL);

                k = crypt_deactivate(cd, argv[2]);
                if (k < 0) {
                        log_error("Failed to deactivate: %s", strerror(-k));
                        goto finish;
                }

        } else {
                log_error("Unknown verb %s.", argv[1]);
                goto finish;
        }

        r = EXIT_SUCCESS;

finish:

        if (cd)
                crypt_free(cd);

        free(opt_cipher);
        free(opt_hash);
        strv_free(opt_tcrypt_keyfiles);

        return r;
}
Commit	Line	Data
e23a0ce8 LP	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2010 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
5430f7f2 LP	9	under the terms of the GNU Lesser General Public License as published by
5430f7f2 LP	10	the Free Software Foundation; either version 2.1 of the License, or
e23a0ce8 LP	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2	16	Lesser General Public License for more details.
e23a0ce8	17
5430f7f2	18	You should have received a copy of the GNU Lesser General Public License
e23a0ce8 LP	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
	22	#include <string.h>
7f4e0805	23	#include <errno.h>
b853f6e9	24	#include <sys/mman.h>
b61e476f	25	#include <mntent.h>
7f4e0805 LP	26
7f4e0805 LP	27	#include <libcryptsetup.h>
b1a2da0a	28	#include <libudev.h>
e23a0ce8	29
8cf3ca80	30	#include "fileio.h"
e23a0ce8 LP	31	#include "log.h"
e23a0ce8 LP	32	#include "util.h"
9eb977db	33	#include "path-util.h"
21bc923a	34	#include "strv.h"
7f4e0805	35	#include "ask-password-api.h"
f6a6225e	36	#include "def.h"
7f4e0805	37
8cf3ca80	38	static const char opt_type = NULL; / CRYPT_LUKS1, CRYPT_TCRYPT or CRYPT_PLAIN */
7f4e0805	39	static char *opt_cipher = NULL;
260ab287	40	static unsigned opt_key_size = 0;
4271d823	41	static unsigned opt_keyfile_size = 0;
880a599e	42	static unsigned opt_keyfile_offset = 0;
7f4e0805	43	static char *opt_hash = NULL;
260ab287	44	static unsigned opt_tries = 0;
7f4e0805 LP	45	static bool opt_readonly = false;
7f4e0805 LP	46	static bool opt_verify = false;
2a2aab60	47	static bool opt_discards = false;
8cf3ca80 JJ	48	static bool opt_tcrypt_hidden = false;
	49	static bool opt_tcrypt_system = false;
	50	static char **opt_tcrypt_keyfiles = NULL;
49714341	51	static usec_t opt_timeout = 0;
7f4e0805	52
1fc76335 LP	53	/* Options Debian's crypttab knows we don't:
	54
	55	offset=
	56	skip=
	57	precheck=
	58	check=
	59	checkargs=
	60	noearly=
	61	loud=
	62	keyscript=
	63	*/
	64
7f4e0805 LP	65	static int parse_one_option(const char *option) {
	66	assert(option);
	67
	68	/* Handled outside of this tool */
adc40dc2	69	if (streq(option, "noauto") \|\| streq(option, "nofail"))
7f4e0805 LP	70	return 0;
	71
	72	if (startswith(option, "cipher=")) {
	73	char *t;
	74
74b1c371 LP	75	t = strdup(option+7);
74b1c371 LP	76	if (!t)
7f4e0805 LP	77	return -ENOMEM;
	78
	79	free(opt_cipher);
	80	opt_cipher = t;
	81
	82	} else if (startswith(option, "size=")) {
	83
260ab287	84	if (safe_atou(option+5, &opt_key_size) < 0) {
7f4e0805 LP	85	log_error("size= parse failure, ignoring.");
	86	return 0;
	87	}
	88
8cf3ca80 JJ	89	} else if (startswith(option, "tcrypt-keyfile=")) {
	90
	91	opt_type = CRYPT_TCRYPT;
	92	if (path_is_absolute(option+15))
	93	opt_tcrypt_keyfiles = strv_append(opt_tcrypt_keyfiles, strdup(option+15));
	94	else
	95	log_error("Key file path '%s' is not absolute. Ignoring.", option+15);
	96
4271d823 TG	97	} else if (startswith(option, "keyfile-size=")) {
	98
	99	if (safe_atou(option+13, &opt_keyfile_size) < 0) {
	100	log_error("keyfile-size= parse failure, ignoring.");
	101	return 0;
	102	}
	103
880a599e TG	104	} else if (startswith(option, "keyfile-offset=")) {
	105
	106	if (safe_atou(option+15, &opt_keyfile_offset) < 0) {
	107	log_error("keyfile-offset= parse failure, ignoring.");
	108	return 0;
	109	}
	110
7f4e0805 LP	111	} else if (startswith(option, "hash=")) {
	112	char *t;
	113
74b1c371 LP	114	t = strdup(option+5);
74b1c371 LP	115	if (!t)
7f4e0805 LP	116	return -ENOMEM;
	117
	118	free(opt_hash);
	119	opt_hash = t;
	120
	121	} else if (startswith(option, "tries=")) {
	122
	123	if (safe_atou(option+6, &opt_tries) < 0) {
	124	log_error("tries= parse failure, ignoring.");
	125	return 0;
	126	}
	127
18cf1a1b	128	} else if (streq(option, "readonly") \|\| streq(option, "read-only"))
7f4e0805 LP	129	opt_readonly = true;
	130	else if (streq(option, "verify"))
	131	opt_verify = true;
2a2aab60 MM	132	else if (streq(option, "allow-discards"))
2a2aab60 MM	133	opt_discards = true;
260ab287 LP	134	else if (streq(option, "luks"))
260ab287 LP	135	opt_type = CRYPT_LUKS1;
8cf3ca80 JJ	136	else if (streq(option, "tcrypt"))
	137	opt_type = CRYPT_TCRYPT;
	138	else if (streq(option, "tcrypt-hidden")) {
	139	opt_type = CRYPT_TCRYPT;
	140	opt_tcrypt_hidden = true;
	141	} else if (streq(option, "tcrypt-system")) {
	142	opt_type = CRYPT_TCRYPT;
	143	opt_tcrypt_system = true;
	144	} else if (streq(option, "plain") \|\|
260ab287 LP	145	streq(option, "swap") \|\|
	146	streq(option, "tmp"))
	147	opt_type = CRYPT_PLAIN;
7f4e0805 LP	148	else if (startswith(option, "timeout=")) {
7f4e0805 LP	149
7f602784	150	if (parse_sec(option+8, &opt_timeout) < 0) {
7f4e0805 LP	151	log_error("timeout= parse failure, ignoring.");
	152	return 0;
	153	}
	154
41e6f28a	155	} else if (!streq(option, "none"))
7f4e0805 LP	156	log_error("Encountered unknown /etc/crypttab option '%s', ignoring.", option);
	157
	158	return 0;
	159	}
	160
	161	static int parse_options(const char *options) {
74b1c371	162	char state, w;
7f4e0805	163	size_t l;
74b1c371	164	int r;
7f4e0805 LP	165
	166	assert(options);
	167
	168	FOREACH_WORD_SEPARATOR(w, l, options, ",", state) {
74b1c371	169	_cleanup_free_ char *o;
7f4e0805	170
74b1c371 LP	171	o = strndup(w, l);
74b1c371 LP	172	if (!o)
7f4e0805	173	return -ENOMEM;
7f4e0805	174	r = parse_one_option(o);
7f4e0805 LP	175	if (r < 0)
	176	return r;
	177	}
	178
	179	return 0;
	180	}
	181
	182	static void log_glue(int level, const char msg, void usrptr) {
260ab287	183	log_debug("%s", msg);
7f4e0805	184	}
e23a0ce8	185
b1a2da0a	186	static char disk_description(const char path) {
74b1c371 LP	187
	188	static const char name_fields[] = {
	189	"ID_PART_ENTRY_NAME\0"
	190	"DM_NAME\0"
	191	"ID_MODEL_FROM_DATABASE\0"
	192	"ID_MODEL\0"
	193	};
	194
b1a2da0a LP	195	struct udev *udev = NULL;
	196	struct udev_device *device = NULL;
	197	struct stat st;
	198	char *description = NULL;
74b1c371	199	const char *i;
b1a2da0a LP	200
	201	assert(path);
	202
	203	if (stat(path, &st) < 0)
	204	return NULL;
	205
	206	if (!S_ISBLK(st.st_mode))
	207	return NULL;
	208
74b1c371 LP	209	udev = udev_new();
74b1c371 LP	210	if (!udev)
b1a2da0a LP	211	return NULL;
b1a2da0a LP	212
74b1c371 LP	213	device = udev_device_new_from_devnum(udev, 'b', st.st_rdev);
74b1c371 LP	214	if (!device)
b1a2da0a LP	215	goto finish;
b1a2da0a LP	216
74b1c371 LP	217	NULSTR_FOREACH(i, name_fields) {
	218	const char *name;
	219
	220	name = udev_device_get_property_value(device, i);
	221	if (!isempty(name)) {
	222	description = strdup(name);
	223	break;
	224	}
	225	}
b1a2da0a LP	226
	227	finish:
	228	if (device)
	229	udev_device_unref(device);
	230
	231	if (udev)
	232	udev_unref(udev);
	233
	234	return description;
	235	}
	236
b61e476f	237	static char disk_mount_point(const char label) {
e7d90b71 JJ	238	char *mp = NULL;
e7d90b71 JJ	239	_cleanup_free_ char *device = NULL;
b61e476f LP	240	FILE *f = NULL;
	241	struct mntent *m;
	242
	243	/* Yeah, we don't support native systemd unit files here for now */
	244
	245	if (asprintf(&device, "/dev/mapper/%s", label) < 0)
	246	goto finish;
	247
e0295d26 LP	248	f = setmntent("/etc/fstab", "r");
e0295d26 LP	249	if (!f)
b61e476f LP	250	goto finish;
	251
	252	while ((m = getmntent(f)))
	253	if (path_equal(m->mnt_fsname, device)) {
	254	mp = strdup(m->mnt_dir);
	255	break;
	256	}
	257
	258	finish:
	259	if (f)
	260	endmntent(f);
	261
b61e476f LP	262	return mp;
	263	}
	264
e7d90b71 JJ	265	static int get_password(const char name, usec_t until, bool accept_cached, char **passwords) {
	266	int r;
	267	char **p;
	268	_cleanup_free_ char *text = NULL;
	269
	270	assert(name);
	271	assert(passwords);
	272
	273	if (asprintf(&text, "Please enter passphrase for disk %s!", name) < 0)
	274	return log_oom();
	275
	276	r = ask_password_auto(text, "drive-harddisk", until, accept_cached, passwords);
	277	if (r < 0) {
	278	log_error("Failed to query password: %s", strerror(-r));
	279	return r;
	280	}
	281
	282	if (opt_verify) {
	283	_cleanup_strv_free_ char **passwords2 = NULL;
	284
	285	assert(strv_length(*passwords) == 1);
	286
	287	if (asprintf(&text, "Please enter passphrase for disk %s! (verification)", name) < 0)
	288	return log_oom();
	289
	290	r = ask_password_auto(text, "drive-harddisk", until, false, &passwords2);
	291	if (r < 0) {
	292	log_error("Failed to query verification password: %s", strerror(-r));
	293	return r;
	294	}
	295
	296	assert(strv_length(passwords2) == 1);
	297
	298	if (!streq(*passwords[0], passwords2[0])) {
	299	log_warning("Passwords did not match, retrying.");
	300	return -EAGAIN;
	301	}
	302	}
	303
	304	strv_uniq(*passwords);
	305
	306	STRV_FOREACH(p, *passwords) {
	307	char *c;
	308
	309	if (strlen(*p)+1 >= opt_key_size)
	310	continue;
	311
	312	/* Pad password if necessary */
	313	if (!(c = new(char, opt_key_size)))
	314	return log_oom();
	315
	316	strncpy(c, *p, opt_key_size);
	317	free(*p);
	318	*p = c;
	319	}
	320
	321	return 0;
	322	}
	323
8cf3ca80 JJ	324	static int attach_tcrypt(struct crypt_device *cd,
	325	const char *name,
	326	const char *key_file,
	327	char **passwords,
	328	uint32_t flags) {
	329	int r = 0;
	330	_cleanup_free_ char *passphrase = NULL;
	331	struct crypt_params_tcrypt params = {
	332	.flags = CRYPT_TCRYPT_LEGACY_MODES,
	333	.keyfiles = (const char **)opt_tcrypt_keyfiles,
	334	.keyfiles_count = strv_length(opt_tcrypt_keyfiles)
	335	};
	336
	337	assert(cd);
	338	assert(name);
	339	assert(key_file \|\| passwords);
	340
	341	if (opt_tcrypt_hidden)
	342	params.flags \|= CRYPT_TCRYPT_HIDDEN_HEADER;
	343
	344	if (opt_tcrypt_system)
	345	params.flags \|= CRYPT_TCRYPT_SYSTEM_HEADER;
	346
	347	if (key_file) {
	348	r = read_one_line_file(key_file, &passphrase);
	349	if (r < 0) {
	350	log_error("Failed to read password file '%s': %s", key_file, strerror(-r));
	351	return -EAGAIN;
	352	}
	353
	354	params.passphrase = passphrase;
	355	} else
	356	params.passphrase = passwords[0];
	357	params.passphrase_size = strlen(params.passphrase);
	358
	359	r = crypt_load(cd, CRYPT_TCRYPT, &params);
	360	if (r < 0) {
	361	if (key_file && r == -EPERM) {
	362	log_error("Failed to activate using password file '%s'.", key_file);
	363	return -EAGAIN;
	364	}
	365	return r;
	366	}
	367
	368	return crypt_activate_by_volume_key(cd, name, NULL, 0, flags);;
	369	}
	370
10fb4e35 JJ	371	static int attach_luks_or_plain(struct crypt_device *cd,
	372	const char *name,
	373	const char *key_file,
	374	char **passwords,
	375	uint32_t flags) {
	376	int r = 0;
	377	bool pass_volume_key = false;
	378
	379	assert(cd);
	380	assert(name);
	381	assert(key_file \|\| passwords);
	382
	383	if (!opt_type \|\| streq(opt_type, CRYPT_LUKS1))
	384	r = crypt_load(cd, CRYPT_LUKS1, NULL);
	385
	386	if ((!opt_type && r < 0) \|\| streq_ptr(opt_type, CRYPT_PLAIN)) {
	387	struct crypt_params_plain params = {};
	388	const char cipher, cipher_mode;
	389	_cleanup_free_ char *truncated_cipher = NULL;
	390
	391	if (opt_hash) {
	392	/* plain isn't a real hash type. it just means "use no hash" */
	393	if (!streq(opt_hash, "plain"))
	394	params.hash = opt_hash;
	395	} else
	396	params.hash = "ripemd160";
	397
	398	if (opt_cipher) {
	399	size_t l;
	400
	401	l = strcspn(opt_cipher, "-");
	402	truncated_cipher = strndup(opt_cipher, l);
	403	if (!truncated_cipher)
	404	return log_oom();
	405
	406	cipher = truncated_cipher;
	407	cipher_mode = opt_cipher[l] ? opt_cipher+l+1 : "plain";
	408	} else {
	409	cipher = "aes";
	410	cipher_mode = "cbc-essiv:sha256";
	411	}
	412
	413	/* for CRYPT_PLAIN limit reads
	414	* from keyfile to key length, and
	415	* ignore keyfile-size */
	416	opt_keyfile_size = opt_key_size / 8;
	417
	418	/* In contrast to what the name
	419	* crypt_setup() might suggest this
	420	* doesn't actually format anything,
	421	* it just configures encryption
	422	* parameters when used for plain
	423	* mode. */
	424	r = crypt_format(cd, CRYPT_PLAIN, cipher, cipher_mode,
	425	NULL, NULL, opt_keyfile_size, &params);
	426
	427	/* hash == NULL implies the user passed "plain" */
	428	pass_volume_key = (params.hash == NULL);
	429	}
	430
	431	if (r < 0) {
	432	log_error("Loading of cryptographic parameters failed: %s", strerror(-r));
	433	return r;
	434	}
435
436	log_info("Set cipher %s, mode %s, key size %i bits for device %s.",
437	crypt_get_cipher(cd),
438	crypt_get_cipher_mode(cd),
439	crypt_get_volume_key_size(cd)*8,
440	crypt_get_device_name(cd));
441
442	if (key_file) {
443	r = crypt_activate_by_keyfile_offset(cd, name, CRYPT_ANY_SLOT,
444	key_file, opt_keyfile_size,
445	opt_keyfile_offset, flags);
446	if (r < 0) {
447	log_error("Failed to activate with key file '%s': %s", key_file, strerror(-r));
448	return -EAGAIN;
449	}
450	} else {
451	char **p;
452
453	STRV_FOREACH(p, passwords) {
454	if (pass_volume_key)
455	r = crypt_activate_by_volume_key(cd, name, *p, opt_key_size, flags);
456	else
457	r = crypt_activate_by_passphrase(cd, name, CRYPT_ANY_SLOT, p, strlen(p), flags);
458
459	if (r >= 0)
460	break;
461	}
462	}
463
464	return r;
465	}
466
dd5e696d LP	467	static int help(void) {
	468
	469	printf("%s attach VOLUME SOURCEDEVICE [PASSWORD] [OPTIONS]\n"
	470	"%s detach VOLUME\n\n"
	471	"Attaches or detaches an encrypted block device.\n",
	472	program_invocation_short_name,
	473	program_invocation_short_name);
	474
	475	return 0;
	476	}
	477
e23a0ce8	478	int main(int argc, char *argv[]) {
7f4e0805 LP	479	int r = EXIT_FAILURE;
7f4e0805 LP	480	struct crypt_device *cd = NULL;
e23a0ce8	481
dd5e696d LP	482	if (argc <= 1) {
	483	help();
	484	return EXIT_SUCCESS;
	485	}
	486
e23a0ce8 LP	487	if (argc < 3) {
	488	log_error("This program requires at least two arguments.");
	489	return EXIT_FAILURE;
	490	}
	491
bb7df0da	492	log_set_target(LOG_TARGET_AUTO);
e23a0ce8 LP	493	log_parse_environment();
	494	log_open();
	495
4c12626c LP	496	umask(0022);
4c12626c LP	497
260ab287	498	if (streq(argv[1], "attach")) {
7f4e0805 LP	499	uint32_t flags = 0;
7f4e0805 LP	500	int k;
10fb4e35	501	unsigned tries;
260ab287	502	usec_t until;
e2d480b9	503	crypt_status_info status;
10fb4e35 JJ	504	const char key_file = NULL, name = NULL;
10fb4e35 JJ	505	_cleanup_free_ char description = NULL, name_buffer = NULL, *mount_point = NULL;
7f4e0805	506
b61e476f LP	507	/* Arguments: systemd-cryptsetup attach VOLUME SOURCE-DEVICE [PASSWORD] [OPTIONS] */
b61e476f LP	508
7f4e0805 LP	509	if (argc < 4) {
	510	log_error("attach requires at least two arguments.");
	511	goto finish;
	512	}
	513
1fc76335 LP	514	if (argc >= 5 &&
	515	argv[4][0] &&
	516	!streq(argv[4], "-") &&
	517	!streq(argv[4], "none")) {
7f4e0805 LP	518
7f4e0805 LP	519	if (!path_is_absolute(argv[4]))
8cf3ca80	520	log_error("Password file path '%s' is not absolute. Ignoring.", argv[4]);
7f4e0805 LP	521	else
	522	key_file = argv[4];
	523	}
	524
74b1c371 LP	525	if (argc >= 6 && argv[5][0] && !streq(argv[5], "-")) {
	526	if (parse_options(argv[5]) < 0)
	527	goto finish;
	528	}
e23a0ce8	529
b853f6e9 LP	530	/* A delicious drop of snake oil */
	531	mlockall(MCL_FUTURE);
	532
b1a2da0a	533	description = disk_description(argv[3]);
b61e476f LP	534	mount_point = disk_mount_point(argv[2]);
	535
	536	if (description && streq(argv[2], description)) {
	537	/* If the description string is simply the
	538	* volume name, then let's not show this
	539	* twice */
	540	free(description);
	541	description = NULL;
	542	}
	543
	544	if (mount_point && description)
	545	asprintf(&name_buffer, "%s (%s) on %s", description, argv[2], mount_point);
	546	else if (mount_point)
	547	asprintf(&name_buffer, "%s on %s", argv[2], mount_point);
	548	else if (description)
	549	asprintf(&name_buffer, "%s (%s)", description, argv[2]);
	550
	551	name = name_buffer ? name_buffer : argv[2];
b1a2da0a	552
74b1c371 LP	553	k = crypt_init(&cd, argv[3]);
74b1c371 LP	554	if (k) {
7f4e0805 LP	555	log_error("crypt_init() failed: %s", strerror(-k));
	556	goto finish;
	557	}
e23a0ce8	558
7f4e0805	559	crypt_set_log_callback(cd, log_glue, NULL);
7f4e0805	560
260ab287 LP	561	status = crypt_status(cd, argv[2]);
	562	if (status == CRYPT_ACTIVE \|\| status == CRYPT_BUSY) {
	563	log_info("Volume %s already active.", argv[2]);
	564	r = EXIT_SUCCESS;
7f4e0805 LP	565	goto finish;
	566	}
	567
	568	if (opt_readonly)
	569	flags \|= CRYPT_ACTIVATE_READONLY;
	570
2a2aab60 MM	571	if (opt_discards)
	572	flags \|= CRYPT_ACTIVATE_ALLOW_DISCARDS;
	573
7dcda352 LP	574	if (opt_timeout > 0)
	575	until = now(CLOCK_MONOTONIC) + opt_timeout;
	576	else
	577	until = 0;
260ab287 LP	578
	579	opt_tries = opt_tries > 0 ? opt_tries : 3;
	580	opt_key_size = (opt_key_size > 0 ? opt_key_size : 256);
e2d480b9	581
10fb4e35 JJ	582	if (key_file) {
10fb4e35 JJ	583	struct stat st;
e2d480b9	584
10fb4e35 JJ	585	/* Ideally we'd do this on the open fd, but since this is just a
	586	* warning it's OK to do this in two steps. */
	587	if (stat(key_file, &st) >= 0 && (st.st_mode & 0005))
	588	log_warning("Key file %s is world-readable. This is not a good idea!", key_file);
e2d480b9 LP	589	}
e2d480b9 LP	590
10fb4e35	591	for (tries = 0; tries < opt_tries; tries++) {
e7d90b71	592	_cleanup_strv_free_ char **passwords = NULL;
260ab287 LP	593
260ab287 LP	594	if (!key_file) {
10fb4e35	595	k = get_password(name, until, tries == 0 && !opt_verify, &passwords);
e7d90b71 JJ	596	if (k == -EAGAIN)
	597	continue;
	598	else if (k < 0)
260ab287	599	goto finish;
260ab287 LP	600	}
260ab287 LP	601
8cf3ca80 JJ	602	if (streq_ptr(opt_type, CRYPT_TCRYPT))
	603	k = attach_tcrypt(cd, argv[2], key_file, passwords, flags);
	604	else
	605	k = attach_luks_or_plain(cd, argv[2], key_file, passwords, flags);
260ab287 LP	606	if (k >= 0)
260ab287 LP	607	break;
10fb4e35 JJ	608	else if (k == -EAGAIN) {
	609	key_file = NULL;
	610	continue;
	611	} else if (k != -EPERM) {
260ab287 LP	612	log_error("Failed to activate: %s", strerror(-k));
	613	goto finish;
	614	}
	615
	616	log_warning("Invalid passphrase.");
7f4e0805 LP	617	}
7f4e0805 LP	618
10fb4e35 JJ	619	if (tries >= opt_tries) {
10fb4e35 JJ	620	log_error("Too many attempts; giving up.");
260ab287	621	r = EXIT_FAILURE;
bd40a2d8	622	goto finish;
7f4e0805 LP	623	}
	624
	625	} else if (streq(argv[1], "detach")) {
	626	int k;
	627
74b1c371 LP	628	k = crypt_init_by_name(&cd, argv[2]);
74b1c371 LP	629	if (k) {
7f4e0805 LP	630	log_error("crypt_init() failed: %s", strerror(-k));
	631	goto finish;
	632	}
	633
	634	crypt_set_log_callback(cd, log_glue, NULL);
	635
74b1c371 LP	636	k = crypt_deactivate(cd, argv[2]);
74b1c371 LP	637	if (k < 0) {
7f4e0805 LP	638	log_error("Failed to deactivate: %s", strerror(-k));
	639	goto finish;
	640	}
e23a0ce8 LP	641
	642	} else {
	643	log_error("Unknown verb %s.", argv[1]);
	644	goto finish;
	645	}
	646
7f4e0805 LP	647	r = EXIT_SUCCESS;
7f4e0805 LP	648
e23a0ce8	649	finish:
7f4e0805 LP	650
	651	if (cd)
	652	crypt_free(cd);
	653
260ab287	654	free(opt_cipher);
260ab287	655	free(opt_hash);
8cf3ca80	656	strv_free(opt_tcrypt_keyfiles);
260ab287	657
e23a0ce8 LP	658	return r;
e23a0ce8 LP	659	}