napcok/calamares
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'calamares' of https://github.com/calamares/calamares into development

Browse Source
This commit is contained in:
Philip Müller 2021-09-21 12:43:27 +02:00
commit 03d8e5e68c
4 changed files with 45 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
CHANGES
View File

@ -7,6 +7,20 @@ contributors are listed. Note that Calamares does not have a historical
changelog -- this log starts with version 3.2.0. The release notes on the changelog -- this log starts with version 3.2.0. The release notes on the
website will have to do for older versions. website will have to do for older versions.
# 3.2.44 (unreleased) #
This release contains contributions from (alphabetically by first name):
- whorfin (new contributor, welcome!)
## Core ##
- No core changes yet
## Modules ##
- The *luksbootkeyfile* module was reported to be too quick to declare
a timeout when applying the keyfile. The timeout has been increased
to one minute. (Thanks whorfin)
# 3.2.43 (2021-09-17) # # 3.2.43 (2021-09-17) #
This release contains contributions from (alphabetically by first name): This release contains contributions from (alphabetically by first name):

4
CMakeLists.txt
View File

@ -41,11 +41,11 @@
# TODO:3.3: Require CMake 3.12 # TODO:3.3: Require CMake 3.12
cmake_minimum_required( VERSION 3.3 FATAL_ERROR ) cmake_minimum_required( VERSION 3.3 FATAL_ERROR )
project( CALAMARES project( CALAMARES
VERSION 3.2.43 VERSION 3.2.44
LANGUAGES C CXX LANGUAGES C CXX
) )
set( CALAMARES_VERSION_RC 0 ) # Set to 0 during release cycle, 1 during development set( CALAMARES_VERSION_RC 1 ) # Set to 0 during release cycle, 1 during development
### OPTIONS ### OPTIONS
# #

6
src/libcalamares/utils/Entropy.cpp
View File

@ -18,15 +18,17 @@
CalamaresUtils::EntropySource CalamaresUtils::EntropySource
CalamaresUtils::getEntropy( int size, QByteArray& b ) CalamaresUtils::getEntropy( int size, QByteArray& b )
{ {
constexpr const char filler = char( 0xcb );
b.fill( filler );
b.clear(); b.clear();
if ( size < 1 ) if ( size < 1 )
{ {
return EntropySource::None; return EntropySource::None;
} }
b.resize( size ); b.fill( filler, size );
char* buffer = b.data(); char* buffer = b.data();
std::fill( buffer, buffer + size, 0xcb );
qint64 readSize = 0; qint64 readSize = 0;
QFile urandom( "/dev/urandom" ); QFile urandom( "/dev/urandom" );

32
src/modules/luksbootkeyfile/LuksBootKeyFileJob.cpp
View File

@ -8,7 +8,9 @@
#include "LuksBootKeyFileJob.h" #include "LuksBootKeyFileJob.h"
#include "utils/CalamaresUtilsSystem.h" #include "utils/CalamaresUtilsSystem.h"
#include "utils/Entropy.h"
#include "utils/Logger.h" #include "utils/Logger.h"
#include "utils/NamedEnum.h"
#include "utils/UMask.h" #include "utils/UMask.h"
#include "utils/Variant.h" #include "utils/Variant.h"
@ -102,15 +104,29 @@ static bool
generateTargetKeyfile() generateTargetKeyfile()
{ {
CalamaresUtils::UMask m( CalamaresUtils::UMask::Safe ); CalamaresUtils::UMask m( CalamaresUtils::UMask::Safe );
auto r = CalamaresUtils::System::instance()->targetEnvCommand(
{ "dd", "bs=512", "count=4", "if=/dev/urandom", QString( "of=%1" ).arg( keyfile ) } ); // Get the data
if ( r.getExitCode() != 0 ) QByteArray entropy;
auto entropySource = CalamaresUtils::getEntropy( 2048, entropy );
if ( entropySource != CalamaresUtils::EntropySource::URandom )
{ {
cWarning() << "Could not create LUKS keyfile:" << r.getOutput() << "(exit code" << r.getExitCode() << ')'; cWarning() << "Could not get entropy from /dev/urandom for LUKS.";
return false; return false;
} }
// Give ample time to check that the file was created correctly
r = CalamaresUtils::System::instance()->targetEnvCommand( { "ls", "-la", "/" } ); auto fileResult = CalamaresUtils::System::instance()->createTargetFile(
keyfile, entropy, CalamaresUtils::System::WriteMode::Overwrite );
entropy.fill( 'A' );
if ( !fileResult )
{
cWarning() << "Could not create LUKS keyfile:" << smash( fileResult.code() );
return false;
}
// Give ample time to check that the file was created correctly;
// we actually expect ls to return pretty-much-instantly.
auto r = CalamaresUtils::System::instance()->targetEnvCommand(
{ "ls", "-la", "/" }, QString(), QString(), std::chrono::seconds( 5 ) );
cDebug() << "In target system after creating LUKS file" << r.getOutput(); cDebug() << "In target system after creating LUKS file" << r.getOutput();
return true; return true;
} }
@ -118,8 +134,10 @@ generateTargetKeyfile()
static bool static bool
setupLuks( const LuksDevice& d ) setupLuks( const LuksDevice& d )
{ {
// Adding the key can take some times, measured around 15 seconds with
// a HDD (spinning rust) and a slow-ish computer. Give it a minute.
auto r = CalamaresUtils::System::instance()->targetEnvCommand( auto r = CalamaresUtils::System::instance()->targetEnvCommand(
{ "cryptsetup", "luksAddKey", d.device, keyfile }, QString(), d.passphrase, std::chrono::seconds( 15 ) ); { "cryptsetup", "luksAddKey", d.device, keyfile }, QString(), d.passphrase, std::chrono::seconds( 60 ) );
if ( r.getExitCode() != 0 ) if ( r.getExitCode() != 0 )
{ {
cWarning() << "Could not configure LUKS keyfile on" << d.device << ':' << r.getOutput() << "(exit code" cWarning() << "Could not configure LUKS keyfile on" << d.device << ':' << r.getOutput() << "(exit code"