The branch main has been updated by phk:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=8d2d1d651678178aa7f24f0530347f860423fd9e

commit 8d2d1d651678178aa7f24f0530347f860423fd9e
Author:     Poul-Henning Kamp <p...@freebsd.org>
AuthorDate: 2024-05-07 07:31:09 +0000
Commit:     Poul-Henning Kamp <p...@freebsd.org>
CommitDate: 2024-05-07 07:31:09 +0000

    Remove GBDE source files
---
 sbin/gbde/Makefile         |   31 -
 sbin/gbde/Makefile.depend  |   18 -
 sbin/gbde/gbde.8           |  271 ----
 sbin/gbde/gbde.c           |  895 ------------
 sbin/gbde/image.uu         | 3304 --------------------------------------------
 sbin/gbde/template.txt     |   31 -
 sbin/gbde/test.sh          |   66 -
 sys/geom/bde/g_bde.c       |  296 ----
 sys/geom/bde/g_bde.h       |  215 ---
 sys/geom/bde/g_bde_crypt.c |  358 -----
 sys/geom/bde/g_bde_lock.c  |  478 -------
 sys/geom/bde/g_bde_work.c  |  778 -----------
 12 files changed, 6741 deletions(-)

diff --git a/sbin/gbde/Makefile b/sbin/gbde/Makefile
deleted file mode 100644
index 8c84781fc4ed..000000000000
--- a/sbin/gbde/Makefile
+++ /dev/null
@@ -1,31 +0,0 @@
-
-PACKAGE=geom
-PROG=  gbde
-SRCS=  gbde.c template.c
-SRCS+= rijndael-alg-fst.c
-SRCS+= rijndael-api-fst.c
-SRCS+= g_bde_lock.c
-
-# rijndael-fst.c does evil casting things which can results in warnings,
-# the test-vectors check out however, so it works right.
-NO_WCAST_ALIGN=
-NO_WMISSING_VARIABLE_DECLARATIONS=
-
-CFLAGS+= -I${SRCTOP}/sys
-.PATH: ${SRCTOP}/sys/geom/bde \
-       ${SRCTOP}/sys/crypto/rijndael \
-       ${SRCTOP}/sys/crypto/sha2
-
-CLEANFILES+= template.c
-
-MAN=   gbde.8
-LIBADD=        md util geom
-
-template.c: template.txt
-       file2c 'const char template[] = {' ',0};' \
-               < ${.CURDIR}/template.txt > template.c
-
-test: ${PROG}
-       sh ${.CURDIR}/test.sh ${.CURDIR}
-
-.include <bsd.prog.mk>
diff --git a/sbin/gbde/Makefile.depend b/sbin/gbde/Makefile.depend
deleted file mode 100644
index 2edf986e595a..000000000000
--- a/sbin/gbde/Makefile.depend
+++ /dev/null
@@ -1,18 +0,0 @@
-# Autogenerated - do NOT edit!
-
-DIRDEPS = \
-       include \
-       include/xlocale \
-       lib/${CSU_DIR} \
-       lib/libc \
-       lib/libcompiler_rt \
-       lib/libgeom \
-       lib/libmd \
-       lib/libutil \
-
-
-.include <dirdeps.mk>
-
-.if ${DEP_RELDIR} == ${_DEP_RELDIR}
-# local dependencies - needed for -jN in clean tree
-.endif
diff --git a/sbin/gbde/gbde.8 b/sbin/gbde/gbde.8
deleted file mode 100644
index 1f3d41017307..000000000000
--- a/sbin/gbde/gbde.8
+++ /dev/null
@@ -1,271 +0,0 @@
-.\"
-.\" Copyright (c) 2002 Poul-Henning Kamp
-.\" Copyright (c) 2002 Networks Associates Technology, Inc.
-.\" All rights reserved.
-.\"
-.\" This software was developed for the FreeBSD Project by Poul-Henning Kamp
-.\" and NAI Labs, the Security Research Division of Network Associates, Inc.
-.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
-.\" DARPA CHATS research program.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer.
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in the
-.\"    documentation and/or other materials provided with the distribution.
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
-.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-.\" SUCH DAMAGE.
-.\"
-.Dd October 3, 2016
-.Dt GBDE 8
-.Os
-.Sh NAME
-.Nm gbde
-.Nd operation and management utility for Geom Based Disk Encryption
-.Sh SYNOPSIS
-.Nm
-.Cm attach
-.Ar destination
-.Op Fl k Ar keyfile
-.Op Fl l Ar lockfile
-.Op Fl p Ar pass-phrase
-.Nm
-.Cm detach
-.Ar destination
-.Nm
-.Cm init
-.Ar destination
-.Op Fl i
-.Op Fl f Ar filename
-.Op Fl K Ar new-keyfile
-.Op Fl L Ar new-lockfile
-.Op Fl P Ar new-pass-phrase
-.Nm
-.Cm setkey
-.Ar destination
-.Op Fl n Ar key
-.Op Fl k Ar keyfile
-.Op Fl l Ar lockfile
-.Op Fl p Ar pass-phrase
-.Op Fl K Ar new-keyfile
-.Op Fl L Ar new-lockfile
-.Op Fl P Ar new-pass-phrase
-.Nm
-.Cm nuke
-.Ar destination
-.Op Fl n Ar key
-.Op Fl k Ar keyfile
-.Op Fl l Ar lockfile
-.Op Fl p Ar pass-phrase
-.Nm
-.Cm destroy
-.Ar destination
-.Op Fl k Ar keyfile
-.Op Fl l Ar lockfile
-.Op Fl p Ar pass-phrase
-.Sh DESCRIPTION
-.Bf -symbolic
-NOTICE:
-Please be aware that this code has not yet received much review
-and analysis by qualified cryptographers and therefore should be considered
-a slightly suspect experimental facility.
-.Pp
-We cannot at this point guarantee that the on-disk format will not change
-in response to reviews or bug-fixes, so potential users are advised to
-be prepared that
-.Xr dump 8 Ns / Ns
-.Xr restore 8
-based migrations may be called for in the future.
-.Ef
-.Pp
-The
-.Nm
-utility is the only official operation and management interface for the
-.Xr gbde 4
-.Tn GEOM
-based disk encryption kernel facility.
-The interaction between the
-.Nm
-utility and the kernel part is not a published interface.
-.Pp
-The operational aspect consists of two subcommands:
-one to open and attach
-a device to the in-kernel cryptographic
-.Nm
-module
-.Pq Cm attach ,
-and one to close and detach a device
-.Pq Cm detach .
-.Pp
-The management part allows initialization of the master key and lock sectors
-on a device
-.Pq Cm init ,
-initialization and replacement of pass-phrases
-.Pq Cm setkey ,
-and key invalidation
-.Pq Cm nuke
-and blackening
-.Pq Cm destroy
-functions.
-.Pp
-The
-.Fl l Ar lockfile
-argument is used to supply the lock selector data.
-If no
-.Fl l
-option is specified, the first sector is used for this purpose.
-.Pp
-The
-.Fl L Ar new-lockfile
-argument
-specifies the lock selector file for the key
-initialized with the
-.Cm init
-subcommand
-or modified with the
-.Cm setkey
-subcommand.
-.Pp
-The
-.Fl n Ar key
-argument can be used to specify to which of the four keys
-the operation applies.
-A value of 1 to 4 selects the specified key, a value of 0 (the default)
-means
-.Dq "this key"
-(i.e., the key used to gain access to the device)
-and a value of \-1 means
-.Dq "all keys" .
-.Pp
-The
-.Fl f Ar filename
-specifies an optional parameter file for use under initialization.
-.Pp
-Alternatively, the
-.Fl i
-option toggles an interactive mode where a template file with descriptions
-of the parameters can be interactively edited.
-.Pp
-The
-.Fl p Ar pass-phrase
-argument
-specifies the pass-phrase used for opening the device.
-If not specified, the controlling terminal will be used to prompt the user
-for the pass-phrase.
-Be aware that using this option may expose the pass-phrase to other
-users who happen to run
-.Xr ps 1
-or similar while the command is running.
-.Pp
-The
-.Fl P Ar new-pass-phrase
-argument
-can be used to specify the new pass-phrase to the
-.Cm init
-and
-.Cm setkey
-subcommands.
-If not specified, the user is prompted for the new pass-phrase on the
-controlling terminal.
-Be aware that using this option may expose the pass-phrase to other
-users who happen to run
-.Xr ps 1
-or similar while the command is running.
-.Pp
-The
-.Fl k Ar keyfile
-argument specifies a key file to be used in combination with the
-pass-phrase (whether the pass-phrase is specified on the command line
-or entered from the terminal) for opening the device.
-The device will only be opened if the contents of the key file and the
-pass-phrase are both correct.
-.Pp
-The
-.Fl K Ar new-keyfile
-argument can be used to specify a new key file to the
-.Cm init
-and
-.Cm setkey
-subcommands.
-If not specified, no key file will be used (even if one was previously
-used).
-.Sh EXAMPLES
-To initialize a device, using default parameters:
-.Pp
-.Dl "gbde init /dev/ada0s1f -L /etc/ada0s1f.lock"
-.Pp
-To attach an encrypted device:
-.Pp
-.Dl "gbde attach ada0s1f -l /etc/ada0s1f.lock"
-.Pp
-The encrypted device has the suffix
-.Pa .bde
-so a typical
-command to create and mount a file system would be:
-.Pp
-.Dl "newfs /dev/ada0s1f.bde"
-.Dl "mount /dev/ada0s1f.bde /secret"
-.Pp
-To detach an encrypted device:
-.Pp
-.Dl "gbde detach ada0s1f"
-.Pp
-Please notice that detaching an encrypted device corresponds to
-physically removing it, do not forget to unmount the file system first.
-.Pp
-To initialize the second key using a detached lockfile and a trivial
-pass-phrase:
-.Pp
-.Dl "gbde setkey ada0s1f -n 2 -P foo -L key2.lockfile"
-.Pp
-To invalidate your own masterkey:
-.Pp
-.Dl "gbde nuke ada0s1f"
-.Pp
-This will overwrite your masterkey sector with zeros, and results in
-a diagnostic if you try to use the key again.
-You can also destroy the other three copies of the masterkey with the
--n argument.
-.Pp
-You can also invalidate your masterkey without leaving a tell-tale sector
-full of zeros:
-.Pp
-.Dl "gbde destroy ada0s1f"
-.Pp
-This will overwrite the information fields in your masterkey sector,
-encrypt it and write it back.
-You get a (different) diagnostic if you try to use it.
-.Sh SEE ALSO
-.Xr gbde 4 ,
-.Xr geom 4
-.Sh HISTORY
-This software was developed for the
-.Fx
-Project by
-.An Poul-Henning Kamp
-and NAI Labs, the Security Research Division of Network Associates, Inc.\&
-under DARPA/SPAWAR contract N66001-01-C-8035
-.Pq Dq CBOSS ,
-as part of the
-DARPA CHATS research program.
-.Nm
-first appeared in
-.Fx 5.0 .
-.Sh AUTHORS
-.An Poul-Henning Kamp Aq Mt p...@freebsd.org
-.Sh BUGS
-The cryptographic algorithms and the overall design have not been
-attacked mercilessly for over 10 years by a gang of cryptoanalysts.
diff --git a/sbin/gbde/gbde.c b/sbin/gbde/gbde.c
deleted file mode 100644
index e173bb78ad90..000000000000
--- a/sbin/gbde/gbde.c
+++ /dev/null
@@ -1,895 +0,0 @@
-/*-
- * SPDX-License-Identifier: BSD-2-Clause
- *
- * Copyright (c) 2002 Poul-Henning Kamp
- * Copyright (c) 2002 Networks Associates Technology, Inc.
- * All rights reserved.
- *
- * This software was developed for the FreeBSD Project by Poul-Henning Kamp
- * and NAI Labs, the Security Research Division of Network Associates, Inc.
- * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
- * DARPA CHATS research program.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * XXX: Future stuff
- *
- * Replace the template file options (-i & -f) with command-line variables
- * "-v property=foo"
- *
- * Introduce -e, extra entropy source (XOR with /dev/random)
- *
- * Introduce -E, alternate entropy source (instead of /dev/random)
- *
- * Introduce -i take IV from keyboard or
- *
- * Introduce -I take IV from file/cmd
- *
- * Introduce -m/-M store encrypted+encoded masterkey in file
- *
- * Introduce -k/-K get pass-phrase part from file/cmd
- *
- * Introduce -d add more dest-devices to worklist.
- *
- * Add key-option: selfdestruct bit.
- *
- * New/changed verbs:
- *     "onetime"       attach with onetime nonstored locksector
- *     "key"/"unkey" to blast memory copy of key without orphaning
- *     "nuke" blow away everything attached, crash/halt/power-off if possible.
- *     "blast" destroy all copies of the masterkey
- *     "destroy" destroy one copy of the masterkey
- *     "backup"/"restore" of masterkey sectors.
- *
- * Make all verbs work on both attached/detached devices.
- *
- */
-
-#include <sys/types.h>
-#include <sys/queue.h>
-#include <sys/mutex.h>
-#include <md5.h>
-#include <readpassphrase.h>
-#include <string.h>
-#include <stdint.h>
-#include <unistd.h>
-#include <fcntl.h>
-#include <paths.h>
-#include <strings.h>
-#include <stdlib.h>
-#include <err.h>
-#include <stdio.h>
-#include <libutil.h>
-#include <libgeom.h>
-#include <sys/errno.h>
-#include <sys/disk.h>
-#include <sys/stat.h>
-#include <crypto/rijndael/rijndael-api-fst.h>
-#include <crypto/sha2/sha512.h>
-#include <sys/param.h>
-#include <sys/linker.h>
-
-#define GBDEMOD "geom_bde"
-#define KASSERT(foo, bar) do { if(!(foo)) { warn bar ; exit (1); } } while (0)
-
-#include <geom/geom.h>
-#include <geom/bde/g_bde.h>
-
-extern const char template[];
-
-
-#if 0
-static void
-g_hexdump(void *ptr, int length)
-{
-       int i, j, k;
-       unsigned char *cp;
-
-       cp = ptr;
-       for (i = 0; i < length; i+= 16) {
-               printf("%04x  ", i);
-               for (j = 0; j < 16; j++) {
-                       k = i + j;
-                       if (k < length)
-                               printf(" %02x", cp[k]);
-                       else
-                               printf("   ");
-               }
-               printf("  |");
-               for (j = 0; j < 16; j++) {
-                       k = i + j;
-                       if (k >= length)
-                               printf(" ");
-                       else if (cp[k] >= ' ' && cp[k] <= '~')
-                               printf("%c", cp[k]);
-                       else
-                               printf(".");
-               }
-               printf("|\n");
-       }
-}
-#endif
-
-static void __dead2
-usage(void)
-{
-
-       (void)fprintf(stderr,
-"usage: gbde attach destination [-k keyfile] [-l lockfile] [-p pass-phrase]\n"
-"       gbde detach destination\n"
-"       gbde init destination [-i] [-f filename] [-K new-keyfile]\n"
-"            [-L new-lockfile] [-P new-pass-phrase]\n"
-"       gbde setkey destination [-n key]\n"
-"            [-k keyfile] [-l lockfile] [-p pass-phrase]\n"
-"            [-K new-keyfile] [-L new-lockfile] [-P new-pass-phrase]\n"
-"       gbde nuke destination [-n key]\n"
-"            [-k keyfile] [-l lockfile] [-p pass-phrase]\n"
-"       gbde destroy destination [-k keyfile] [-l lockfile] [-p 
pass-phrase]\n");
-       exit(1);
-}
-
-void *
-g_read_data(struct g_consumer *cp, off_t offset, off_t length, int *error)
-{
-       void *p;
-       int fd, i;
-       off_t o2;
-
-       p = malloc(length);
-       if (p == NULL)
-               err(1, "malloc");
-       fd = *(int *)cp;
-       o2 = lseek(fd, offset, SEEK_SET);
-       if (o2 != offset)
-               err(1, "lseek");
-       i = read(fd, p, length);
-       if (i != length)
-               err(1, "read");
-       if (error != NULL)
-               error = 0;
-       return (p);
-}
-
-static void
-random_bits(void *p, u_int len)
-{
-       arc4random_buf(p, len);
-}
-
-/* XXX: not nice */
-static u_char sha2[SHA512_DIGEST_LENGTH];
-
-static void
-reset_passphrase(struct g_bde_softc *sc)
-{
-
-       memcpy(sc->sha2, sha2, SHA512_DIGEST_LENGTH);
-}
-
-static void
-setup_passphrase(struct g_bde_softc *sc, int sure, const char *input,
-    const char *keyfile)
-{
-       char buf1[BUFSIZ + SHA512_DIGEST_LENGTH];
-       char buf2[BUFSIZ + SHA512_DIGEST_LENGTH];
-       char *p;
-       int kfd, klen, bpos = 0;
-
-       if (keyfile != NULL) {
-               /* Read up to BUFSIZ bytes from keyfile */
-               kfd = open(keyfile, O_RDONLY, 0);
-               if (kfd < 0)
-                       err(1, "%s", keyfile);
-               klen = read(kfd, buf1, BUFSIZ);
-               if (klen == -1)
-                       err(1, "%s", keyfile);
-               close(kfd);
-
-               /* Prepend the passphrase with the hash of the key read */
-               g_bde_hash_pass(sc, buf1, klen);
-               memcpy(buf1, sc->sha2, SHA512_DIGEST_LENGTH);
-               memcpy(buf2, sc->sha2, SHA512_DIGEST_LENGTH);
-               bpos = SHA512_DIGEST_LENGTH;
-       }
-
-       if (input != NULL) {
-               if (strlen(input) >= BUFSIZ)
-                       errx(1, "Passphrase too long");
-               strcpy(buf1 + bpos, input);
-
-               g_bde_hash_pass(sc, buf1, strlen(buf1 + bpos) + bpos);
-               memcpy(sha2, sc->sha2, SHA512_DIGEST_LENGTH);
-               return;
-       }
-       for (;;) {
-               p = readpassphrase(
-                   sure ? "Enter new passphrase:" : "Enter passphrase: ",
-                   buf1 + bpos, sizeof buf1 - bpos,
-                   RPP_ECHO_OFF | RPP_REQUIRE_TTY);
-               if (p == NULL)
-                       err(1, "readpassphrase");
-
-               if (sure) {
-                       p = readpassphrase("Reenter new passphrase: ",
-                           buf2 + bpos, sizeof buf2 - bpos,
-                           RPP_ECHO_OFF | RPP_REQUIRE_TTY);
-                       if (p == NULL)
-                               err(1, "readpassphrase");
-
-                       if (strcmp(buf1 + bpos, buf2 + bpos)) {
-                               printf("They didn't match.\n");
-                               continue;
-                       }
-               }
-               if (strlen(buf1 + bpos) < 3) {
-                       printf("Too short passphrase.\n");
-                       continue;
-               }
-               break;
-       }
-       g_bde_hash_pass(sc, buf1, strlen(buf1 + bpos) + bpos);
-       memcpy(sha2, sc->sha2, SHA512_DIGEST_LENGTH);
-}
-
-static void
-encrypt_sector(void *d, int len, int klen, void *key)
-{
-       keyInstance ki;
-       cipherInstance ci;
-       int error;
-
-       error = rijndael_cipherInit(&ci, MODE_CBC, NULL);
-       if (error <= 0)
-               errx(1, "rijndael_cipherInit=%d", error);
-       error = rijndael_makeKey(&ki, DIR_ENCRYPT, klen, key);
-       if (error <= 0)
-               errx(1, "rijndael_makeKeY=%d", error);
-       error = rijndael_blockEncrypt(&ci, &ki, d, len * 8, d);
-       if (error <= 0)
-               errx(1, "rijndael_blockEncrypt=%d", error);
-}
-
-static void
-cmd_attach(const struct g_bde_softc *sc, const char *dest, const char *lfile)
-{
-       int ffd;
-       u_char buf[16];
-       struct gctl_req *r;
-       const char *errstr;
-
-       r = gctl_get_handle();
-       gctl_ro_param(r, "verb", -1, "create geom");
-       gctl_ro_param(r, "class", -1, "BDE");
-       gctl_ro_param(r, "provider", -1, dest);
-       gctl_ro_param(r, "pass", SHA512_DIGEST_LENGTH, sc->sha2);
-       if (lfile != NULL) {
-               ffd = open(lfile, O_RDONLY, 0);
-               if (ffd < 0)
-                       err(1, "%s", lfile);
-               read(ffd, buf, 16);
-               gctl_ro_param(r, "key", 16, buf);
-               close(ffd);
-       }
-       errstr = gctl_issue(r);
-       if (errstr != NULL)
-               errx(1, "Attach to %s failed: %s", dest, errstr);
-
-       exit (0);
-}
-
-static void
-cmd_detach(const char *dest)
-{
-       struct gctl_req *r;
-       const char *errstr;
-       char buf[BUFSIZ];
-
-       r = gctl_get_handle();
-       gctl_ro_param(r, "verb", -1, "destroy geom");
-       gctl_ro_param(r, "class", -1, "BDE");
-       sprintf(buf, "%s.bde", dest);
-       gctl_ro_param(r, "geom", -1, buf);
-       /* gctl_dump(r, stdout); */
-       errstr = gctl_issue(r);
-       if (errstr != NULL)
-               errx(1, "Detach of %s failed: %s", dest, errstr);
-       exit (0);
-}
-
-static void
-cmd_open(struct g_bde_softc *sc, int dfd , const char *l_opt, u_int *nkey)
-{
-       int error;
-       int ffd;
-       u_char keyloc[16];
-       u_int sectorsize;
-       off_t mediasize;
-       struct stat st;
-
-       error = ioctl(dfd, DIOCGSECTORSIZE, &sectorsize);
-       if (error)
-               sectorsize = 512;
-       error = ioctl(dfd, DIOCGMEDIASIZE, &mediasize);
-       if (error) {
-               error = fstat(dfd, &st);
-               if (error == 0 && S_ISREG(st.st_mode))
-                       mediasize = st.st_size;
-               else
-                       error = ENOENT;
-       }
-       if (error)
-               mediasize = (off_t)-1;
-       if (l_opt != NULL) {
-               ffd = open(l_opt, O_RDONLY, 0);
-               if (ffd < 0)
-                       err(1, "%s", l_opt);
-               read(ffd, keyloc, sizeof keyloc);
-               close(ffd);
-       } else {
-               memset(keyloc, 0, sizeof keyloc);
-       }
-
-       error = g_bde_decrypt_lock(sc, sc->sha2, keyloc, mediasize,
-           sectorsize, nkey);
-       if (error == ENOENT)
-               errx(1, "Lock was destroyed.");
-       if (error == ESRCH)
-               errx(1, "Lock was nuked.");
-       if (error == ENOTDIR)
-               errx(1, "Lock not found");
-       if (error != 0)
-               errx(1, "Error %d decrypting lock", error);
-       if (nkey)
-               printf("Opened with key %u\n", 1 + *nkey);
-       return;
-}
-
-static void
-cmd_nuke(struct g_bde_key *gl, int dfd , int key)
-{
-       int i;
-       u_char *sbuf;
-       off_t offset, offset2;
-
-       sbuf = malloc(gl->sectorsize);
-       memset(sbuf, 0, gl->sectorsize);
-       offset = (gl->lsector[key] & ~(gl->sectorsize - 1));
-       offset2 = lseek(dfd, offset, SEEK_SET);
-       if (offset2 != offset)
-               err(1, "lseek");
-       i = write(dfd, sbuf, gl->sectorsize);
-       free(sbuf);
-       if (i != (int)gl->sectorsize)
-               err(1, "write");
-       printf("Nuked key %d\n", 1 + key);
-}
-
-static void
-cmd_write(struct g_bde_key *gl, struct g_bde_softc *sc, int dfd , int key, 
const char *l_opt)
-{
-       int i, ffd;
-       uint64_t off[2];
-       u_char keyloc[16];
-       u_char *sbuf, *q;
-       off_t offset, offset2;
-
-       sbuf = malloc(gl->sectorsize);
-       /*
-        * Find the byte-offset in the lock sector where we will put the lock
-        * data structure.  We can put it any random place as long as the
-        * structure fits.
-        */
-       for(;;) {
-               random_bits(off, sizeof off);
-               off[0] &= (gl->sectorsize - 1);
-               if (off[0] + G_BDE_LOCKSIZE > gl->sectorsize)
-                       continue;
-               break;
-       }
-
-       /* Add the sector offset in bytes */
-       off[0] += (gl->lsector[key] & ~(gl->sectorsize - 1));
-       gl->lsector[key] = off[0];
-
-       i = g_bde_keyloc_encrypt(sc->sha2, off[0], off[1], keyloc);
-       if (i)
-               errx(1, "g_bde_keyloc_encrypt()");
-       if (l_opt != NULL) {
-               ffd = open(l_opt, O_WRONLY | O_CREAT | O_TRUNC, 0600);
-               if (ffd < 0)
-                       err(1, "%s", l_opt);
-               write(ffd, keyloc, sizeof keyloc);
-               close(ffd);
-       } else if (gl->flags & GBDE_F_SECT0) {
-               offset2 = lseek(dfd, 0, SEEK_SET);
-               if (offset2 != 0)
-                       err(1, "lseek");
-               i = read(dfd, sbuf, gl->sectorsize);
-               if (i != (int)gl->sectorsize)
-                       err(1, "read");
-               memcpy(sbuf + key * 16, keyloc, sizeof keyloc);
-               offset2 = lseek(dfd, 0, SEEK_SET);
-               if (offset2 != 0)
-                       err(1, "lseek");
-               i = write(dfd, sbuf, gl->sectorsize);
-               if (i != (int)gl->sectorsize)
-                       err(1, "write");
-       } else {
-               errx(1, "No -L option and no space in sector 0 for lockfile");
-       }
-
-       /* Allocate a sectorbuffer and fill it with random junk */
-       if (sbuf == NULL)
-               err(1, "malloc");
-       random_bits(sbuf, gl->sectorsize);
-
-       /* Fill random bits in the spare field */
-       random_bits(gl->spare, sizeof(gl->spare));
-
-       /* Encode the structure where we want it */
-       q = sbuf + (off[0] % gl->sectorsize);
-       i = g_bde_encode_lock(sc->sha2, gl, q);
-       if (i < 0)
-               errx(1, "programming error encoding lock");
-
-       encrypt_sector(q, G_BDE_LOCKSIZE, 256, sc->sha2 + 16);
-       offset = gl->lsector[key] & ~(gl->sectorsize - 1);
-       offset2 = lseek(dfd, offset, SEEK_SET);
-       if (offset2 != offset)
-               err(1, "lseek");
-       i = write(dfd, sbuf, gl->sectorsize);
-       if (i != (int)gl->sectorsize)
-               err(1, "write");
-       free(sbuf);
-#if 0
-       printf("Wrote key %d at %jd\n", key, (intmax_t)offset);
-       printf("s0 = %jd\n", (intmax_t)gl->sector0);
-       printf("sN = %jd\n", (intmax_t)gl->sectorN);
-       printf("l[0] = %jd\n", (intmax_t)gl->lsector[0]);
-       printf("l[1] = %jd\n", (intmax_t)gl->lsector[1]);
-       printf("l[2] = %jd\n", (intmax_t)gl->lsector[2]);
-       printf("l[3] = %jd\n", (intmax_t)gl->lsector[3]);
-       printf("k = %jd\n", (intmax_t)gl->keyoffset);
-       printf("ss = %jd\n", (intmax_t)gl->sectorsize);
-#endif
-}
-
-static void
-cmd_destroy(struct g_bde_key *gl, int nkey)
-{
-       int i;
-
-       bzero(&gl->sector0, sizeof gl->sector0);
-       bzero(&gl->sectorN, sizeof gl->sectorN);
-       bzero(&gl->keyoffset, sizeof gl->keyoffset);
-       gl->flags &= GBDE_F_SECT0;
-       bzero(gl->mkey, sizeof gl->mkey);
-       for (i = 0; i < G_BDE_MAXKEYS; i++)
-               if (i != nkey)
-                       gl->lsector[i] = ~0;
-}
-
-static int
-sorthelp(const void *a, const void *b)
-{
-       const uint64_t *oa, *ob;
-
-       oa = a;
-       ob = b;
-       if (*oa > *ob)
-               return 1;
-       if (*oa < *ob)
-               return -1;
-       return 0;
-}
-
-static void
-cmd_init(struct g_bde_key *gl, int dfd, const char *f_opt, int i_opt, const 
char *l_opt)
-{
-       int i;
-       u_char *buf;
-       unsigned sector_size;
-       uint64_t        first_sector;
-       uint64_t        last_sector;
-       uint64_t        total_sectors;
-       off_t   off, off2;
-       unsigned nkeys;
-       const char *p;
-       char *q, cbuf[BUFSIZ];
-       unsigned u, u2;
-       uint64_t o;
-       properties      params;
-
-       bzero(gl, sizeof *gl);
-       if (f_opt != NULL) {
-               i = open(f_opt, O_RDONLY);
-               if (i < 0)
-                       err(1, "%s", f_opt);
-               params = properties_read(i);
-               close (i);
-       } else if (i_opt) {
-               /* XXX: Polish */
-               asprintf(&q, "%stemp.XXXXXXXXXX", _PATH_TMP);
-               if (q == NULL)
-                       err(1, "asprintf");
-               i = mkstemp(q);
-               if (i < 0)
-                       err(1, "%s", q);
-               write(i, template, strlen(template));
-               close (i);
-               p = getenv("EDITOR");
-               if (p == NULL)
-                       p = "vi";
-               if (snprintf(cbuf, sizeof(cbuf), "%s %s\n", p, q) >=
-                   (ssize_t)sizeof(cbuf)) {
-                       unlink(q);
-                       errx(1, "EDITOR is too long");
-               }
-               system(cbuf);
-               i = open(q, O_RDONLY);
-               if (i < 0)
-                       err(1, "%s", f_opt);
-               params = properties_read(i);
-               close (i);
-               unlink(q);
-               free(q);
-       } else {
-               /* XXX: Hack */
-               i = open(_PATH_DEVNULL, O_RDONLY);
-               if (i < 0)
-                       err(1, "%s", _PATH_DEVNULL);
-               params = properties_read(i);
-               close (i);
-       }
-
-       /* <sector_size> */
-       p = property_find(params, "sector_size");
-       i = ioctl(dfd, DIOCGSECTORSIZE, &u);
-       if (p != NULL) {
-               sector_size = strtoul(p, &q, 0);
-               if (!*p || *q)
-                       errx(1, "sector_size not a proper number");
-       } else if (i == 0) {
-               sector_size = u;
-       } else {
-               errx(1, "Missing sector_size property");
-       }
-       if (sector_size & (sector_size - 1))
-               errx(1, "sector_size not a power of 2");
-       if (sector_size < 512)
-               errx(1, "sector_size is smaller than 512");
-       buf = malloc(sector_size);
-       if (buf == NULL)
-               err(1, "Failed to malloc sector buffer");
-       gl->sectorsize = sector_size;
-
-       i = ioctl(dfd, DIOCGMEDIASIZE, &off);
-       if (i == 0) {
-               first_sector = 0;
-               total_sectors = off / sector_size;
-               last_sector = total_sectors - 1;
-       } else {
-               first_sector = 0;
-               last_sector = 0;
-               total_sectors = 0;
-       }
-
-       /* <first_sector> */
-       p = property_find(params, "first_sector");
-       if (p != NULL) {
-               first_sector = strtoul(p, &q, 0);
-               if (!*p || *q)
-                       errx(1, "first_sector not a proper number");
-       }
-
-       /* <last_sector> */
-       p = property_find(params, "last_sector");
-       if (p != NULL) {
-               last_sector = strtoul(p, &q, 0);
-               if (!*p || *q)
-                       errx(1, "last_sector not a proper number");
-               if (last_sector <= first_sector)
-                       errx(1, "last_sector not larger than first_sector");
-               total_sectors = last_sector + 1;
-       }
-
-       /* <total_sectors> */
-       p = property_find(params, "total_sectors");
-       if (p != NULL) {
*** 5852 LINES SKIPPED ***

Reply via email to