cryptsetup: handle more gracefully if "keyslots" LUKS2 JSON header field is invalid

The field is not owned by us (even though is in our JSON objects) but by the LUKS2 spec. Hence let's handle this a bit more gracefully: let's not get confused by it, just warn and skip over it. Fixes: #20847
author: Lennart Poettering <lennart@poettering.net> 2021-09-28 12:11:53 +0200
committer: Lennart Poettering <lennart@poettering.net> 2021-09-28 16:47:08 +0200
commit: 1641c2b1123617f7be249bb7f2b2c408defb3b96 (patch)
tree: ad86570a38da6ad0c3e821798d657da6e5ca6e68 /src/cryptsetup/cryptsetup-tpm2.c
parent: 5918a93355bc17a5ec79557c4555201d86b54266 (diff)
download: systemd-1641c2b1123617f7be249bb7f2b2c408defb3b96.tar.gz
1 files changed, 12 insertions, 5 deletions
diff --git a/src/cryptsetup/cryptsetup-tpm2.c b/src/cryptsetup/cryptsetup-tpm2.c
index 4d95dacca5..8757212969 100644
--- a/src/cryptsetup/cryptsetup-tpm2.c
+++ b/src/cryptsetup/cryptsetup-tpm2.c
@@ -93,6 +93,7 @@ int find_tpm2_auto_data(
         for (token = start_token; token < sym_crypt_token_max(CRYPT_LUKS2); token++) {
                 _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
                 JsonVariant *w, *e;
+                int ks;
 
                 r = cryptsetup_get_token_as_json(cd, token, "systemd-tpm2", &v);
                 if (IN_SET(r, -ENOENT, -EINVAL, -EMEDIUMTYPE))
@@ -100,6 +101,14 @@ int find_tpm2_auto_data(
                 if (r < 0)
                         return log_error_errno(r, "Failed to read JSON token data off disk: %m");
 
+                ks = cryptsetup_get_keyslot_from_token(v);
+                if (ks < 0) {
+                        /* Handle parsing errors of the keyslots field gracefully, since it's not 'owned' by
+                         * us, but by the LUKS2 spec */
+                        log_warning_errno(ks, "Failed to extract keyslot index from TPM2 JSON data token %i, skipping: %m", token);
+                        continue;
+                }
+
                 w = json_variant_by_key(v, "tpm2-pcrs");
                 if (!w || !json_variant_is_array(w))
                         return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
@@ -125,6 +134,9 @@ int find_tpm2_auto_data(
                     search_pcr_mask != pcr_mask) /* PCR mask doesn't match what is configured, ignore this entry */
                         continue;
 
+                assert(keyslot < 0);
+                keyslot = ks;
+
                 assert(pcr_bank == UINT16_MAX);
                 assert(primary_alg == TPM2_ALG_ECC);
 
@@ -184,11 +196,6 @@ int find_tpm2_auto_data(
                         return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
                                                "Invalid base64 data in 'tpm2-policy-hash' field.");
 
-                assert(keyslot < 0);
-                keyslot = cryptsetup_get_keyslot_from_token(v);
-                if (keyslot < 0)
-                        return log_error_errno(keyslot, "Failed to extract keyslot index from TPM2 JSON data: %m");
-
                 break;
         }
author	Lennart Poettering <lennart@poettering.net>	2021-09-28 12:11:53 +0200
committer	Lennart Poettering <lennart@poettering.net>	2021-09-28 16:47:08 +0200
commit	1641c2b1123617f7be249bb7f2b2c408defb3b96 (patch)
tree	ad86570a38da6ad0c3e821798d657da6e5ca6e68 /src/cryptsetup/cryptsetup-tpm2.c
parent	5918a93355bc17a5ec79557c4555201d86b54266 (diff)
download	systemd-1641c2b1123617f7be249bb7f2b2c408defb3b96.tar.gz