diff options
author | Leah Rowe <leah@libreboot.org> | 2024-06-12 00:58:22 +0100 |
---|---|---|
committer | Leah Rowe <leah@libreboot.org> | 2024-06-12 00:58:22 +0100 |
commit | 0b37653ab908093a108cfe3cbcb4e8d378428d26 (patch) | |
tree | 4fd3b33c728b8c8aed5b6b3df7867c02b8887b71 /config/grub/nvme/patches/0002-luks2/0006-Error-on-missing-Argon2id-parameters.patch | |
parent | 1952db55540606b2fb00ddd4be9e358dbc99ef8b (diff) |
grub: only enable nvme if needed on a board
remove nvme support from the "default" grub tree
now there are three trees:
* default: no xhci or nvme patches
* nvme: contains nvme support
* xhci: contains xhci and nvme support
this is in case a bug like lbmk issue #216 ever occurs
again, as referenced before during lbmk audit 5
there is no indication that the nvme patch causes any
issues, but after previous experience i want to be sure
Signed-off-by: Leah Rowe <leah@libreboot.org>
Diffstat (limited to 'config/grub/nvme/patches/0002-luks2/0006-Error-on-missing-Argon2id-parameters.patch')
-rw-r--r-- | config/grub/nvme/patches/0002-luks2/0006-Error-on-missing-Argon2id-parameters.patch | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/config/grub/nvme/patches/0002-luks2/0006-Error-on-missing-Argon2id-parameters.patch b/config/grub/nvme/patches/0002-luks2/0006-Error-on-missing-Argon2id-parameters.patch new file mode 100644 index 00000000..5d56bd61 --- /dev/null +++ b/config/grub/nvme/patches/0002-luks2/0006-Error-on-missing-Argon2id-parameters.patch @@ -0,0 +1,58 @@ +From 0044d32121bf52c4547c6b3c78f12d7305f57e6b Mon Sep 17 00:00:00 2001 +From: Ax333l <main@axelen.xyz> +Date: Thu, 17 Aug 2023 00:00:00 +0000 +Subject: [PATCH 4/6] Error on missing Argon2id parameters + +Signed-off-by: Nicholas Johnson <nick@nicholasjohnson.ch> +--- + grub-core/disk/luks2.c | 13 ++++++++----- + 1 file changed, 8 insertions(+), 5 deletions(-) + +diff --git a/grub-core/disk/luks2.c b/grub-core/disk/luks2.c +index d5106402f..bc818ea69 100644 +--- a/grub-core/disk/luks2.c ++++ b/grub-core/disk/luks2.c +@@ -38,6 +38,7 @@ GRUB_MOD_LICENSE ("GPLv3+"); + enum grub_luks2_kdf_type + { + LUKS2_KDF_TYPE_ARGON2I, ++ LUKS2_KDF_TYPE_ARGON2ID, + LUKS2_KDF_TYPE_PBKDF2 + }; + typedef enum grub_luks2_kdf_type grub_luks2_kdf_type_t; +@@ -90,7 +91,7 @@ struct grub_luks2_keyslot + grub_int64_t time; + grub_int64_t memory; + grub_int64_t cpus; +- } argon2i; ++ } argon2; + struct + { + const char *hash; +@@ -160,10 +161,11 @@ luks2_parse_keyslot (grub_luks2_keyslot_t *out, const grub_json_t *keyslot) + return grub_error (GRUB_ERR_BAD_ARGUMENT, "Missing or invalid KDF"); + else if (!grub_strcmp (type, "argon2i") || !grub_strcmp (type, "argon2id")) + { +- out->kdf.type = LUKS2_KDF_TYPE_ARGON2I; +- if (grub_json_getint64 (&out->kdf.u.argon2i.time, &kdf, "time") || +- grub_json_getint64 (&out->kdf.u.argon2i.memory, &kdf, "memory") || +- grub_json_getint64 (&out->kdf.u.argon2i.cpus, &kdf, "cpus")) ++ out->kdf.type = !grub_strcmp (type, "argon2i") ++ ? LUKS2_KDF_TYPE_ARGON2I : LUKS2_KDF_TYPE_ARGON2ID; ++ if (grub_json_getint64 (&out->kdf.u.argon2.time, &kdf, "time") || ++ grub_json_getint64 (&out->kdf.u.argon2.memory, &kdf, "memory") || ++ grub_json_getint64 (&out->kdf.u.argon2.cpus, &kdf, "cpus")) + return grub_error (GRUB_ERR_BAD_ARGUMENT, "Missing Argon2i parameters"); + } + else if (!grub_strcmp (type, "pbkdf2")) +@@ -459,6 +461,7 @@ luks2_decrypt_key (grub_uint8_t *out_key, + switch (k->kdf.type) + { + case LUKS2_KDF_TYPE_ARGON2I: ++ case LUKS2_KDF_TYPE_ARGON2ID: + ret = grub_error (GRUB_ERR_BAD_ARGUMENT, "Argon2 not supported"); + goto err; + case LUKS2_KDF_TYPE_PBKDF2: +-- +2.39.2 + |