/src/cryptsetup/lib/luks2/luks2_keyslot.c
Line | Count | Source |
1 | | // SPDX-License-Identifier: GPL-2.0-or-later |
2 | | /* |
3 | | * LUKS - Linux Unified Key Setup v2, keyslot handling |
4 | | * |
5 | | * Copyright (C) 2015-2025 Red Hat, Inc. All rights reserved. |
6 | | * Copyright (C) 2015-2025 Milan Broz |
7 | | */ |
8 | | |
9 | | #include "luks2_internal.h" |
10 | | #include "keyslot_context.h" |
11 | | |
12 | | /* Internal implementations */ |
13 | | extern const keyslot_handler luks2_keyslot; |
14 | | extern const keyslot_handler reenc_keyslot; |
15 | | |
16 | | static const keyslot_handler *keyslot_handlers[LUKS2_KEYSLOTS_MAX] = { |
17 | | &luks2_keyslot, |
18 | | #if USE_LUKS2_REENCRYPTION |
19 | | &reenc_keyslot, |
20 | | #endif |
21 | | NULL |
22 | | }; |
23 | | |
24 | | static const keyslot_handler |
25 | | *LUKS2_keyslot_handler_type(const char *type) |
26 | 414 | { |
27 | 414 | int i; |
28 | | |
29 | 827 | for (i = 0; i < LUKS2_KEYSLOTS_MAX && keyslot_handlers[i]; i++) { |
30 | 643 | if (!strcmp(keyslot_handlers[i]->name, type)) |
31 | 230 | return keyslot_handlers[i]; |
32 | 643 | } |
33 | | |
34 | 184 | return NULL; |
35 | 414 | } |
36 | | |
37 | | static const keyslot_handler |
38 | | *LUKS2_keyslot_handler(struct crypt_device *cd, int keyslot) |
39 | 0 | { |
40 | 0 | struct luks2_hdr *hdr; |
41 | 0 | json_object *jobj1, *jobj2; |
42 | |
|
43 | 0 | if (keyslot < 0) |
44 | 0 | return NULL; |
45 | | |
46 | 0 | if (!(hdr = crypt_get_hdr(cd, CRYPT_LUKS2))) |
47 | 0 | return NULL; |
48 | | |
49 | 0 | if (!(jobj1 = LUKS2_get_keyslot_jobj(hdr, keyslot))) |
50 | 0 | return NULL; |
51 | | |
52 | 0 | if (!json_object_object_get_ex(jobj1, "type", &jobj2)) |
53 | 0 | return NULL; |
54 | | |
55 | 0 | return LUKS2_keyslot_handler_type(json_object_get_string(jobj2)); |
56 | 0 | } |
57 | | |
58 | | int LUKS2_keyslot_find_empty(struct crypt_device *cd, struct luks2_hdr *hdr, size_t keylength) |
59 | 0 | { |
60 | 0 | int i; |
61 | |
|
62 | 0 | for (i = 0; i < LUKS2_KEYSLOTS_MAX; i++) |
63 | 0 | if (!LUKS2_get_keyslot_jobj(hdr, i)) |
64 | 0 | break; |
65 | |
|
66 | 0 | if (i == LUKS2_KEYSLOTS_MAX) |
67 | 0 | return -EINVAL; |
68 | | |
69 | | /* Check also there is a space for the key in keyslots area */ |
70 | 0 | if (keylength && LUKS2_find_area_gap(cd, hdr, keylength, NULL, NULL) < 0) |
71 | 0 | return -ENOSPC; |
72 | | |
73 | 0 | return i; |
74 | 0 | } |
75 | | |
76 | | /* Check if a keyslot is assigned to specific segment */ |
77 | | static int _keyslot_for_segment(struct luks2_hdr *hdr, int keyslot, int segment) |
78 | 0 | { |
79 | 0 | json_object *jobj_keyslots, *jobj; |
80 | 0 | crypt_keyslot_priority slot_priority; |
81 | 0 | unsigned s; |
82 | 0 | int keyslot_digest, count = 0; |
83 | | |
84 | | /* |
85 | | * Must not be called with both keyslot == CRYPT_ANY_SLOT |
86 | | * and segment == CRYPT_ONE_SEGMENT. The CRYPT_DEFAULT_SEGMENT |
87 | | * and CRYPT_ANY_SEGMENT are handled properly in upper layer. |
88 | | */ |
89 | 0 | assert(keyslot >= 0 || segment >= 0); |
90 | |
|
91 | 0 | if (keyslot == CRYPT_ANY_SLOT) { |
92 | 0 | json_object_object_get_ex(hdr->jobj, "keyslots", &jobj_keyslots); |
93 | |
|
94 | 0 | json_object_object_foreach(jobj_keyslots, slot, val) { |
95 | 0 | if (!json_object_object_get_ex(val, "priority", &jobj)) |
96 | 0 | slot_priority = CRYPT_SLOT_PRIORITY_NORMAL; |
97 | 0 | else |
98 | 0 | slot_priority = json_object_get_int(jobj); |
99 | |
|
100 | 0 | if (slot_priority < CRYPT_SLOT_PRIORITY_NORMAL) |
101 | 0 | continue; |
102 | | |
103 | 0 | keyslot_digest = LUKS2_digest_by_keyslot(hdr, atoi(slot)); |
104 | 0 | if (keyslot_digest >= 0 && |
105 | 0 | keyslot_digest == LUKS2_digest_by_segment(hdr, segment)) |
106 | 0 | return 1; |
107 | 0 | } |
108 | | |
109 | 0 | return 0; |
110 | 0 | } |
111 | | |
112 | 0 | keyslot_digest = LUKS2_digest_by_keyslot(hdr, keyslot); |
113 | 0 | if (keyslot_digest < 0) |
114 | 0 | return keyslot_digest; |
115 | | |
116 | 0 | if (segment >= 0) |
117 | 0 | return keyslot_digest == LUKS2_digest_by_segment(hdr, segment); |
118 | | |
119 | 0 | for (s = 0; s < json_segments_count(LUKS2_get_segments_jobj(hdr)); s++) { |
120 | 0 | if (keyslot_digest == LUKS2_digest_by_segment(hdr, s)) |
121 | 0 | count++; |
122 | 0 | } |
123 | |
|
124 | 0 | return count; |
125 | 0 | } |
126 | | |
127 | | int LUKS2_keyslot_for_segment(struct luks2_hdr *hdr, int keyslot, int segment) |
128 | 0 | { |
129 | 0 | int r = -EINVAL; |
130 | | |
131 | | /* no need to check anything */ |
132 | 0 | if (segment == CRYPT_ANY_SEGMENT) |
133 | 0 | return 0; /* ok */ |
134 | 0 | if (segment == CRYPT_DEFAULT_SEGMENT) { |
135 | 0 | segment = LUKS2_get_default_segment(hdr); |
136 | 0 | if (segment < 0) |
137 | 0 | return segment; |
138 | 0 | } |
139 | | |
140 | 0 | r = _keyslot_for_segment(hdr, keyslot, segment); |
141 | 0 | if (r < 0) |
142 | 0 | return r; |
143 | | |
144 | 0 | return r >= 1 ? 0 : -ENOENT; |
145 | 0 | } |
146 | | |
147 | | /* Number of keyslots assigned to a segment or all keyslots for CRYPT_ANY_SEGMENT */ |
148 | | int LUKS2_keyslot_active_count(struct luks2_hdr *hdr, int segment) |
149 | 0 | { |
150 | 0 | int num = 0; |
151 | 0 | json_object *jobj_keyslots; |
152 | |
|
153 | 0 | json_object_object_get_ex(hdr->jobj, "keyslots", &jobj_keyslots); |
154 | |
|
155 | 0 | json_object_object_foreach(jobj_keyslots, slot, val) { |
156 | 0 | UNUSED(val); |
157 | 0 | if (!LUKS2_keyslot_for_segment(hdr, atoi(slot), segment)) |
158 | 0 | num++; |
159 | 0 | } |
160 | |
|
161 | 0 | return num; |
162 | 0 | } |
163 | | |
164 | | int LUKS2_keyslot_cipher_incompatible(struct crypt_device *cd, const char *cipher_spec) |
165 | 0 | { |
166 | 0 | char cipher[MAX_CIPHER_LEN], cipher_mode[MAX_CIPHER_LEN]; |
167 | |
|
168 | 0 | if (!cipher_spec) |
169 | 0 | return 1; |
170 | | |
171 | | /* |
172 | | * Do not allow capi format for keyslots |
173 | | * Note: It always failed in ivsize check later anyway. |
174 | | */ |
175 | 0 | if (!strncmp(cipher_spec, "capi:", 5)) |
176 | 0 | return 1; |
177 | | |
178 | 0 | if (crypt_is_cipher_null(cipher_spec)) |
179 | 0 | return 1; |
180 | | |
181 | 0 | if (crypt_parse_name_and_mode(cipher_spec, cipher, NULL, cipher_mode) < 0) |
182 | 0 | return 1; |
183 | | |
184 | | /* Keyslot is already authenticated; we cannot use integrity tags here */ |
185 | 0 | if (crypt_get_integrity_tag_size(cd)) |
186 | 0 | return 1; |
187 | | |
188 | | /* Wrapped key schemes cannot be used for keyslot encryption */ |
189 | 0 | if (crypt_cipher_wrapped_key(cipher, cipher_mode)) |
190 | 0 | return 1; |
191 | | |
192 | | /* Check if crypto backend can use the cipher */ |
193 | 0 | if (crypt_cipher_ivsize(cipher, cipher_mode) < 0) |
194 | 0 | return 1; |
195 | | |
196 | 0 | return 0; |
197 | 0 | } |
198 | | |
199 | | int LUKS2_keyslot_params_default(struct crypt_device *cd, struct luks2_hdr *hdr, |
200 | | struct luks2_keyslot_params *params) |
201 | 0 | { |
202 | 0 | const struct crypt_pbkdf_type *pbkdf = crypt_get_pbkdf_type(cd); |
203 | 0 | const char *cipher_spec; |
204 | 0 | size_t key_size; |
205 | 0 | int r; |
206 | |
|
207 | 0 | if (!hdr || !pbkdf || !params) |
208 | 0 | return -EINVAL; |
209 | | |
210 | | /* |
211 | | * set keyslot area encryption parameters |
212 | | */ |
213 | 0 | params->area_type = LUKS2_KEYSLOT_AREA_RAW; |
214 | 0 | cipher_spec = crypt_keyslot_get_encryption(cd, CRYPT_ANY_SLOT, &key_size); |
215 | 0 | if (!cipher_spec || !key_size) |
216 | 0 | return -EINVAL; |
217 | | |
218 | 0 | params->area.raw.key_size = key_size; |
219 | 0 | r = snprintf(params->area.raw.encryption, sizeof(params->area.raw.encryption), "%s", cipher_spec); |
220 | 0 | if (r < 0 || (size_t)r >= sizeof(params->area.raw.encryption)) |
221 | 0 | return -EINVAL; |
222 | | |
223 | | /* |
224 | | * set keyslot AF parameters |
225 | | */ |
226 | 0 | params->af_type = LUKS2_KEYSLOT_AF_LUKS1; |
227 | | /* currently we use hash for AF from pbkdf settings */ |
228 | 0 | r = snprintf(params->af.luks1.hash, sizeof(params->af.luks1.hash), "%s", pbkdf->hash ?: DEFAULT_LUKS1_HASH); |
229 | 0 | if (r < 0 || (size_t)r >= sizeof(params->af.luks1.hash)) |
230 | 0 | return -EINVAL; |
231 | 0 | params->af.luks1.stripes = 4000; |
232 | |
|
233 | 0 | return 0; |
234 | 0 | } |
235 | | |
236 | | int LUKS2_keyslot_pbkdf(struct luks2_hdr *hdr, int keyslot, struct crypt_pbkdf_type *pbkdf) |
237 | 0 | { |
238 | 0 | json_object *jobj_keyslot, *jobj_kdf, *jobj; |
239 | |
|
240 | 0 | if (!hdr || !pbkdf) |
241 | 0 | return -EINVAL; |
242 | | |
243 | 0 | if (LUKS2_keyslot_info(hdr, keyslot) == CRYPT_SLOT_INVALID) |
244 | 0 | return -EINVAL; |
245 | | |
246 | 0 | jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, keyslot); |
247 | 0 | if (!jobj_keyslot) |
248 | 0 | return -ENOENT; |
249 | | |
250 | 0 | if (!json_object_object_get_ex(jobj_keyslot, "kdf", &jobj_kdf)) |
251 | 0 | return -EINVAL; |
252 | | |
253 | 0 | if (!json_object_object_get_ex(jobj_kdf, "type", &jobj)) |
254 | 0 | return -EINVAL; |
255 | | |
256 | 0 | memset(pbkdf, 0, sizeof(*pbkdf)); |
257 | |
|
258 | 0 | pbkdf->type = json_object_get_string(jobj); |
259 | 0 | if (json_object_object_get_ex(jobj_kdf, "hash", &jobj)) |
260 | 0 | pbkdf->hash = json_object_get_string(jobj); |
261 | 0 | if (json_object_object_get_ex(jobj_kdf, "iterations", &jobj)) |
262 | 0 | pbkdf->iterations = json_object_get_int(jobj); |
263 | 0 | if (json_object_object_get_ex(jobj_kdf, "time", &jobj)) |
264 | 0 | pbkdf->iterations = json_object_get_int(jobj); |
265 | 0 | if (json_object_object_get_ex(jobj_kdf, "memory", &jobj)) |
266 | 0 | pbkdf->max_memory_kb = json_object_get_int(jobj); |
267 | 0 | if (json_object_object_get_ex(jobj_kdf, "cpus", &jobj)) |
268 | 0 | pbkdf->parallel_threads = json_object_get_int(jobj); |
269 | |
|
270 | 0 | return 0; |
271 | 0 | } |
272 | | |
273 | | static int LUKS2_keyslot_unbound(struct luks2_hdr *hdr, int keyslot) |
274 | 0 | { |
275 | 0 | json_object *jobj_digest, *jobj_segments; |
276 | 0 | int digest = LUKS2_digest_by_keyslot(hdr, keyslot); |
277 | |
|
278 | 0 | if (digest < 0) |
279 | 0 | return 0; |
280 | | |
281 | 0 | if (!(jobj_digest = LUKS2_get_digest_jobj(hdr, digest))) |
282 | 0 | return 0; |
283 | | |
284 | 0 | json_object_object_get_ex(jobj_digest, "segments", &jobj_segments); |
285 | 0 | if (!jobj_segments || !json_object_is_type(jobj_segments, json_type_array) || |
286 | 0 | json_object_array_length(jobj_segments) == 0) |
287 | 0 | return 1; |
288 | | |
289 | 0 | return 0; |
290 | 0 | } |
291 | | |
292 | | crypt_keyslot_info LUKS2_keyslot_info(struct luks2_hdr *hdr, int keyslot) |
293 | 0 | { |
294 | 0 | if(keyslot >= LUKS2_KEYSLOTS_MAX || keyslot < 0) |
295 | 0 | return CRYPT_SLOT_INVALID; |
296 | | |
297 | 0 | if (!LUKS2_get_keyslot_jobj(hdr, keyslot)) |
298 | 0 | return CRYPT_SLOT_INACTIVE; |
299 | | |
300 | 0 | if (LUKS2_digest_by_keyslot(hdr, keyslot) < 0 || |
301 | 0 | LUKS2_keyslot_unbound(hdr, keyslot)) |
302 | 0 | return CRYPT_SLOT_UNBOUND; |
303 | | |
304 | 0 | if (LUKS2_keyslot_active_count(hdr, CRYPT_DEFAULT_SEGMENT) == 1 && |
305 | 0 | !LUKS2_keyslot_for_segment(hdr, keyslot, CRYPT_DEFAULT_SEGMENT)) |
306 | 0 | return CRYPT_SLOT_ACTIVE_LAST; |
307 | | |
308 | 0 | return CRYPT_SLOT_ACTIVE; |
309 | 0 | } |
310 | | |
311 | | int LUKS2_keyslot_jobj_area(json_object *jobj_keyslot, uint64_t *offset, uint64_t *length) |
312 | 0 | { |
313 | 0 | json_object *jobj_area, *jobj; |
314 | |
|
315 | 0 | if (!json_object_object_get_ex(jobj_keyslot, "area", &jobj_area)) |
316 | 0 | return -EINVAL; |
317 | | |
318 | 0 | if (!json_object_object_get_ex(jobj_area, "offset", &jobj)) |
319 | 0 | return -EINVAL; |
320 | 0 | *offset = crypt_jobj_get_uint64(jobj); |
321 | |
|
322 | 0 | if (!json_object_object_get_ex(jobj_area, "size", &jobj)) |
323 | 0 | return -EINVAL; |
324 | 0 | *length = crypt_jobj_get_uint64(jobj); |
325 | |
|
326 | 0 | return 0; |
327 | 0 | } |
328 | | |
329 | | int LUKS2_keyslot_area(struct luks2_hdr *hdr, |
330 | | int keyslot, |
331 | | uint64_t *offset, |
332 | | uint64_t *length) |
333 | 0 | { |
334 | 0 | json_object *jobj_keyslot; |
335 | |
|
336 | 0 | if (LUKS2_keyslot_info(hdr, keyslot) == CRYPT_SLOT_INVALID) |
337 | 0 | return -EINVAL; |
338 | | |
339 | 0 | jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, keyslot); |
340 | 0 | if (!jobj_keyslot) |
341 | 0 | return -ENOENT; |
342 | | |
343 | 0 | return LUKS2_keyslot_jobj_area(jobj_keyslot, offset, length); |
344 | 0 | } |
345 | | |
346 | | static int _open_and_verify(struct crypt_device *cd, |
347 | | struct luks2_hdr *hdr, |
348 | | const keyslot_handler *h, |
349 | | int keyslot, |
350 | | const char *password, |
351 | | size_t password_len, |
352 | | struct volume_key **r_vk) |
353 | 0 | { |
354 | 0 | int r, key_size = LUKS2_get_keyslot_stored_key_size(hdr, keyslot); |
355 | 0 | struct volume_key *vk = NULL; |
356 | 0 | void *key = NULL; |
357 | |
|
358 | 0 | if (key_size < 0) |
359 | 0 | return -EINVAL; |
360 | | |
361 | 0 | key = crypt_safe_alloc(key_size); |
362 | 0 | if (!key) |
363 | 0 | return -ENOMEM; |
364 | | |
365 | 0 | r = h->open(cd, keyslot, password, password_len, key, key_size); |
366 | 0 | if (r < 0) { |
367 | 0 | log_dbg(cd, "Keyslot %d (%s) open failed with %d.", keyslot, h->name, r); |
368 | 0 | goto err; |
369 | 0 | } |
370 | | |
371 | 0 | vk = crypt_alloc_volume_key_by_safe_alloc(&key); |
372 | 0 | if (!vk) { |
373 | 0 | r = -ENOMEM; |
374 | 0 | goto err; |
375 | 0 | } |
376 | | |
377 | 0 | r = LUKS2_digest_verify(cd, hdr, vk, keyslot); |
378 | 0 | if (r < 0) |
379 | 0 | goto err; |
380 | | |
381 | 0 | crypt_volume_key_set_id(vk, r); |
382 | 0 | *r_vk = vk; |
383 | 0 | return keyslot; |
384 | 0 | err: |
385 | 0 | crypt_safe_free(key); |
386 | 0 | crypt_free_volume_key(vk); |
387 | |
|
388 | 0 | return r; |
389 | 0 | } |
390 | | |
391 | | static int LUKS2_open_and_verify(struct crypt_device *cd, |
392 | | struct luks2_hdr *hdr, |
393 | | int keyslot, |
394 | | int segment, |
395 | | const char *password, |
396 | | size_t password_len, |
397 | | struct volume_key **vk) |
398 | 0 | { |
399 | 0 | const keyslot_handler *h; |
400 | 0 | int r; |
401 | |
|
402 | 0 | if (!(h = LUKS2_keyslot_handler(cd, keyslot))) |
403 | 0 | return -ENOENT; |
404 | | |
405 | 0 | r = h->validate(cd, LUKS2_get_keyslot_jobj(hdr, keyslot)); |
406 | 0 | if (r) { |
407 | 0 | log_dbg(cd, "Keyslot %d validation failed.", keyslot); |
408 | 0 | return r; |
409 | 0 | } |
410 | | |
411 | 0 | r = LUKS2_keyslot_for_segment(hdr, keyslot, segment); |
412 | 0 | if (r) { |
413 | 0 | if (r == -ENOENT) |
414 | 0 | log_dbg(cd, "Keyslot %d unusable for segment %d.", keyslot, segment); |
415 | 0 | return r; |
416 | 0 | } |
417 | | |
418 | 0 | return _open_and_verify(cd, hdr, h, keyslot, password, password_len, vk); |
419 | 0 | } |
420 | | |
421 | | static int LUKS2_keyslot_open_priority(struct crypt_device *cd, |
422 | | struct luks2_hdr *hdr, |
423 | | crypt_keyslot_priority priority, |
424 | | const char *password, |
425 | | size_t password_len, |
426 | | int segment, |
427 | | struct volume_key **vk) |
428 | 0 | { |
429 | 0 | json_object *jobj_keyslots, *jobj; |
430 | 0 | crypt_keyslot_priority slot_priority; |
431 | 0 | int keyslot, r = -ENOENT, r_old; |
432 | |
|
433 | 0 | json_object_object_get_ex(hdr->jobj, "keyslots", &jobj_keyslots); |
434 | |
|
435 | 0 | json_object_object_foreach(jobj_keyslots, slot, val) { |
436 | 0 | r_old = r; |
437 | |
|
438 | 0 | if (!json_object_object_get_ex(val, "priority", &jobj)) |
439 | 0 | slot_priority = CRYPT_SLOT_PRIORITY_NORMAL; |
440 | 0 | else |
441 | 0 | slot_priority = json_object_get_int(jobj); |
442 | |
|
443 | 0 | keyslot = atoi(slot); |
444 | 0 | if (slot_priority != priority) { |
445 | 0 | log_dbg(cd, "Keyslot %d priority %d != %d (required), skipped.", |
446 | 0 | keyslot, slot_priority, priority); |
447 | 0 | continue; |
448 | 0 | } |
449 | | |
450 | 0 | r = LUKS2_open_and_verify(cd, hdr, keyslot, segment, password, password_len, vk); |
451 | | |
452 | | /* Do not retry for errors that are no -EPERM or -ENOENT, |
453 | | former meaning password wrong, latter key slot unusable for segment */ |
454 | 0 | if ((r != -EPERM) && (r != -ENOENT)) |
455 | 0 | break; |
456 | | /* If a previous keyslot failed with EPERM (bad password) prefer it */ |
457 | 0 | if (r_old == -EPERM && r == -ENOENT) |
458 | 0 | r = -EPERM; |
459 | 0 | } |
460 | |
|
461 | 0 | return r; |
462 | 0 | } |
463 | | |
464 | | static int keyslot_context_open_all_segments(struct crypt_device *cd, |
465 | | int keyslot_old, |
466 | | int keyslot_new, |
467 | | struct crypt_keyslot_context *kc_old, |
468 | | struct crypt_keyslot_context *kc_new, |
469 | | struct volume_key **r_vks) |
470 | 0 | { |
471 | 0 | int segment_old, segment_new, digest_old = -1, digest_new = -1, r = -ENOENT; |
472 | 0 | struct luks2_hdr *hdr; |
473 | 0 | struct volume_key *vk = NULL; |
474 | |
|
475 | 0 | assert(cd); |
476 | 0 | assert(!kc_old || kc_old->get_luks2_key); |
477 | 0 | assert(!kc_new || kc_new->get_luks2_key); |
478 | 0 | assert(r_vks); |
479 | |
|
480 | 0 | hdr = crypt_get_hdr(cd, CRYPT_LUKS2); |
481 | |
|
482 | 0 | segment_old = LUKS2_reencrypt_segment_old(hdr); |
483 | 0 | segment_new = LUKS2_reencrypt_segment_new(hdr); |
484 | |
|
485 | 0 | if (segment_old < 0 || segment_new < 0) |
486 | 0 | return -EINVAL; |
487 | | |
488 | 0 | digest_old = LUKS2_digest_by_segment(hdr, segment_old); |
489 | 0 | digest_new = LUKS2_digest_by_segment(hdr, segment_new); |
490 | |
|
491 | 0 | if (digest_old >= 0 && digest_new >= 0 && digest_old != digest_new && (!kc_old || !kc_new)) |
492 | 0 | return -ESRCH; |
493 | | |
494 | 0 | if (digest_old >= 0 && kc_old) { |
495 | 0 | log_dbg(cd, "Checking current volume key (digest %d, segment: %d) using keyslot %d.", |
496 | 0 | digest_old, segment_old, keyslot_old); |
497 | | |
498 | | /* key and key in keyring types do not have association with any keyslot */ |
499 | 0 | if (kc_old->type != CRYPT_KC_TYPE_KEY && kc_old->type != CRYPT_KC_TYPE_VK_KEYRING) { |
500 | 0 | r = LUKS2_keyslot_for_segment(hdr, keyslot_old, segment_old); |
501 | 0 | if (r < 0) |
502 | 0 | goto out; |
503 | 0 | } |
504 | | |
505 | 0 | r = kc_old->get_luks2_key(cd, kc_old, keyslot_old, segment_old, &vk); |
506 | 0 | if (r < 0) |
507 | 0 | goto out; |
508 | 0 | crypt_volume_key_add_next(r_vks, vk); |
509 | 0 | if (crypt_volume_key_get_id(vk) < 0 && LUKS2_digest_verify_by_digest(cd, digest_old, vk) == digest_old) |
510 | 0 | crypt_volume_key_set_id(vk, digest_old); |
511 | 0 | if (crypt_volume_key_get_id(vk) != digest_old) { |
512 | 0 | r = -EPERM; |
513 | 0 | goto out; |
514 | 0 | } |
515 | 0 | } |
516 | | |
517 | 0 | if (digest_new >= 0 && digest_old != digest_new && kc_new) { |
518 | 0 | log_dbg(cd, "Checking new volume key (digest %d, segment: %d) using keyslot %d.", |
519 | 0 | digest_new, segment_new, keyslot_new); |
520 | | |
521 | | /* key and key in keyring types do not have association with any keyslot */ |
522 | 0 | if (kc_new->type != CRYPT_KC_TYPE_KEY && kc_new->type != CRYPT_KC_TYPE_VK_KEYRING) { |
523 | 0 | r = LUKS2_keyslot_for_segment(hdr, keyslot_new, segment_new); |
524 | 0 | if (r < 0) |
525 | 0 | goto out; |
526 | 0 | } |
527 | | |
528 | 0 | r = kc_new->get_luks2_key(cd, kc_new, keyslot_new, segment_new, &vk); |
529 | 0 | if (r < 0) |
530 | 0 | goto out; |
531 | 0 | crypt_volume_key_add_next(r_vks, vk); |
532 | 0 | if (crypt_volume_key_get_id(vk) < 0 && LUKS2_digest_verify_by_digest(cd, digest_new, vk) == digest_new) |
533 | 0 | crypt_volume_key_set_id(vk, digest_new); |
534 | 0 | if (crypt_volume_key_get_id(vk) != digest_new) |
535 | 0 | r = -EPERM; |
536 | 0 | } |
537 | 0 | out: |
538 | 0 | if (r < 0) { |
539 | 0 | crypt_free_volume_key(*r_vks); |
540 | 0 | *r_vks = NULL; |
541 | |
|
542 | 0 | if (r == -ENOMEM) |
543 | 0 | log_err(cd, _("Not enough available memory to open a keyslot.")); |
544 | 0 | else if (r != -EPERM && r != -ENOENT) |
545 | 0 | log_err(cd, _("Keyslot open failed.")); |
546 | 0 | } |
547 | 0 | return r; |
548 | 0 | } |
549 | | |
550 | | int LUKS2_keyslot_context_open_all_segments(struct crypt_device *cd, |
551 | | int keyslot1, |
552 | | int keyslot2, |
553 | | struct crypt_keyslot_context *kc1, |
554 | | struct crypt_keyslot_context *kc2, |
555 | | struct volume_key **r_vks) |
556 | 0 | { |
557 | 0 | int r, r2; |
558 | |
|
559 | 0 | r = keyslot_context_open_all_segments(cd, keyslot1, keyslot2, kc1, kc2, r_vks); |
560 | 0 | if (r == -EPERM || r == -ENOENT) { |
561 | 0 | r2 = keyslot_context_open_all_segments(cd, keyslot2, keyslot1, kc2, kc1, r_vks); |
562 | 0 | if (r2 != -ENOENT) |
563 | 0 | r = r2; |
564 | 0 | } |
565 | |
|
566 | 0 | return r; |
567 | 0 | } |
568 | | |
569 | | int LUKS2_keyslot_open(struct crypt_device *cd, |
570 | | int keyslot, |
571 | | int segment, |
572 | | const char *password, |
573 | | size_t password_len, |
574 | | struct volume_key **vk) |
575 | 0 | { |
576 | 0 | struct luks2_hdr *hdr; |
577 | 0 | int r_prio, r = -EINVAL; |
578 | |
|
579 | 0 | hdr = crypt_get_hdr(cd, CRYPT_LUKS2); |
580 | 0 | if (!hdr) |
581 | 0 | return -EINVAL; |
582 | | |
583 | 0 | if (keyslot == CRYPT_ANY_SLOT) { |
584 | 0 | r_prio = LUKS2_keyslot_open_priority(cd, hdr, CRYPT_SLOT_PRIORITY_PREFER, |
585 | 0 | password, password_len, segment, vk); |
586 | 0 | if (r_prio >= 0) |
587 | 0 | r = r_prio; |
588 | 0 | else if (r_prio != -EPERM && r_prio != -ENOENT) |
589 | 0 | r = r_prio; |
590 | 0 | else |
591 | 0 | r = LUKS2_keyslot_open_priority(cd, hdr, CRYPT_SLOT_PRIORITY_NORMAL, |
592 | 0 | password, password_len, segment, vk); |
593 | | /* Prefer password wrong to no entry from priority slot */ |
594 | 0 | if (r_prio == -EPERM && r == -ENOENT) |
595 | 0 | r = r_prio; |
596 | 0 | } else |
597 | 0 | r = LUKS2_open_and_verify(cd, hdr, keyslot, segment, password, password_len, vk); |
598 | |
|
599 | 0 | if (r < 0) { |
600 | 0 | if (r == -ENOMEM) |
601 | 0 | log_err(cd, _("Not enough available memory to open a keyslot.")); |
602 | 0 | else if (r != -EPERM && r != -ENOENT) |
603 | 0 | log_err(cd, _("Keyslot open failed.")); |
604 | 0 | } |
605 | |
|
606 | 0 | return r; |
607 | 0 | } |
608 | | |
609 | | int LUKS2_keyslot_reencrypt_store(struct crypt_device *cd, |
610 | | struct luks2_hdr *hdr, |
611 | | int keyslot, |
612 | | const void *buffer, |
613 | | size_t buffer_length) |
614 | 0 | { |
615 | 0 | const keyslot_handler *h; |
616 | 0 | int r; |
617 | |
|
618 | 0 | if (!(h = LUKS2_keyslot_handler(cd, keyslot)) || strcmp(h->name, "reencrypt")) |
619 | 0 | return -EINVAL; |
620 | | |
621 | 0 | r = h->validate(cd, LUKS2_get_keyslot_jobj(hdr, keyslot)); |
622 | 0 | if (r) { |
623 | 0 | log_dbg(cd, "Keyslot validation failed."); |
624 | 0 | return r; |
625 | 0 | } |
626 | | |
627 | 0 | return h->store(cd, keyslot, NULL, 0, |
628 | 0 | buffer, buffer_length); |
629 | 0 | } |
630 | | |
631 | | int LUKS2_keyslot_store(struct crypt_device *cd, |
632 | | struct luks2_hdr *hdr, |
633 | | int keyslot, |
634 | | const char *password, |
635 | | size_t password_len, |
636 | | const struct volume_key *vk, |
637 | | const struct luks2_keyslot_params *params) |
638 | 0 | { |
639 | 0 | const keyslot_handler *h; |
640 | 0 | int r; |
641 | |
|
642 | 0 | if (keyslot == CRYPT_ANY_SLOT) |
643 | 0 | return -EINVAL; |
644 | | |
645 | 0 | if (!LUKS2_get_keyslot_jobj(hdr, keyslot)) { |
646 | | /* Try to allocate default and empty keyslot type */ |
647 | 0 | h = LUKS2_keyslot_handler_type("luks2"); |
648 | 0 | if (!h) |
649 | 0 | return -EINVAL; |
650 | | |
651 | 0 | r = h->alloc(cd, keyslot, crypt_volume_key_length(vk), params); |
652 | 0 | if (r) |
653 | 0 | return r; |
654 | 0 | } else { |
655 | 0 | if (!(h = LUKS2_keyslot_handler(cd, keyslot))) |
656 | 0 | return -EINVAL; |
657 | | |
658 | 0 | r = h->update(cd, keyslot, params); |
659 | 0 | if (r) { |
660 | 0 | log_dbg(cd, "Failed to update keyslot %d json.", keyslot); |
661 | 0 | return r; |
662 | 0 | } |
663 | 0 | } |
664 | | |
665 | 0 | r = h->validate(cd, LUKS2_get_keyslot_jobj(hdr, keyslot)); |
666 | 0 | if (r) { |
667 | 0 | log_dbg(cd, "Keyslot validation failed."); |
668 | 0 | return r; |
669 | 0 | } |
670 | | |
671 | 0 | if (LUKS2_hdr_validate(cd, hdr->jobj, hdr->hdr_size - LUKS2_HDR_BIN_LEN)) |
672 | 0 | return -EINVAL; |
673 | | |
674 | 0 | return h->store(cd, keyslot, password, password_len, |
675 | 0 | crypt_volume_key_get_key(vk), crypt_volume_key_length(vk)); |
676 | 0 | } |
677 | | |
678 | | int LUKS2_keyslot_wipe(struct crypt_device *cd, |
679 | | struct luks2_hdr *hdr, |
680 | | int keyslot) |
681 | 0 | { |
682 | 0 | struct device *device = crypt_metadata_device(cd); |
683 | 0 | uint64_t area_offset, area_length; |
684 | 0 | int r; |
685 | 0 | json_object *jobj_keyslot, *jobj_keyslots; |
686 | 0 | const keyslot_handler *h; |
687 | |
|
688 | 0 | h = LUKS2_keyslot_handler(cd, keyslot); |
689 | |
|
690 | 0 | if (!json_object_object_get_ex(hdr->jobj, "keyslots", &jobj_keyslots)) |
691 | 0 | return -EINVAL; |
692 | | |
693 | 0 | jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, keyslot); |
694 | 0 | if (!jobj_keyslot) |
695 | 0 | return -ENOENT; |
696 | | |
697 | 0 | r = LUKS2_device_write_lock(cd, hdr, device); |
698 | 0 | if (r) |
699 | 0 | return r; |
700 | | |
701 | | /* secure deletion of possible key material in keyslot area */ |
702 | 0 | r = crypt_keyslot_area(cd, keyslot, &area_offset, &area_length); |
703 | 0 | if (r && r != -ENOENT) |
704 | 0 | goto out; |
705 | | |
706 | 0 | if (!r) { |
707 | 0 | r = crypt_wipe_device(cd, device, CRYPT_WIPE_SPECIAL, area_offset, |
708 | 0 | area_length, area_length, NULL, NULL); |
709 | 0 | if (r) { |
710 | 0 | if (r == -EACCES) { |
711 | 0 | log_err(cd, _("Cannot write to device %s, permission denied."), |
712 | 0 | device_path(device)); |
713 | 0 | r = -EINVAL; |
714 | 0 | } else |
715 | 0 | log_err(cd, _("Cannot wipe device %s."), device_path(device)); |
716 | 0 | goto out; |
717 | 0 | } |
718 | 0 | } |
719 | | |
720 | | /* Slot specific wipe */ |
721 | 0 | if (h) { |
722 | 0 | r = h->wipe(cd, keyslot); |
723 | 0 | if (r < 0) |
724 | 0 | goto out; |
725 | 0 | } else |
726 | 0 | log_dbg(cd, "Wiping keyslot %d without specific-slot handler loaded.", keyslot); |
727 | | |
728 | 0 | json_object_object_del_by_uint(jobj_keyslots, keyslot); |
729 | |
|
730 | 0 | r = LUKS2_hdr_write(cd, hdr); |
731 | 0 | out: |
732 | 0 | device_write_unlock(cd, crypt_metadata_device(cd)); |
733 | 0 | return r; |
734 | 0 | } |
735 | | |
736 | | int LUKS2_keyslot_dump(struct crypt_device *cd, int keyslot) |
737 | 0 | { |
738 | 0 | const keyslot_handler *h; |
739 | |
|
740 | 0 | if (!(h = LUKS2_keyslot_handler(cd, keyslot))) |
741 | 0 | return -EINVAL; |
742 | | |
743 | 0 | return h->dump(cd, keyslot); |
744 | 0 | } |
745 | | |
746 | | crypt_keyslot_priority LUKS2_keyslot_priority_get(struct luks2_hdr *hdr, int keyslot) |
747 | 0 | { |
748 | 0 | json_object *jobj_keyslot, *jobj_priority; |
749 | |
|
750 | 0 | jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, keyslot); |
751 | 0 | if (!jobj_keyslot) |
752 | 0 | return CRYPT_SLOT_PRIORITY_INVALID; |
753 | | |
754 | 0 | if (!json_object_object_get_ex(jobj_keyslot, "priority", &jobj_priority)) |
755 | 0 | return CRYPT_SLOT_PRIORITY_NORMAL; |
756 | | |
757 | 0 | return json_object_get_int(jobj_priority); |
758 | 0 | } |
759 | | |
760 | | int LUKS2_keyslot_priority_set(struct crypt_device *cd, struct luks2_hdr *hdr, |
761 | | int keyslot, crypt_keyslot_priority priority, int commit) |
762 | 0 | { |
763 | 0 | json_object *jobj_keyslot; |
764 | |
|
765 | 0 | jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, keyslot); |
766 | 0 | if (!jobj_keyslot) |
767 | 0 | return -EINVAL; |
768 | | |
769 | 0 | if (priority == CRYPT_SLOT_PRIORITY_NORMAL) |
770 | 0 | json_object_object_del(jobj_keyslot, "priority"); |
771 | 0 | else |
772 | 0 | json_object_object_add(jobj_keyslot, "priority", json_object_new_int(priority)); |
773 | |
|
774 | 0 | return commit ? LUKS2_hdr_write(cd, hdr) : 0; |
775 | 0 | } |
776 | | |
777 | | int placeholder_keyslot_alloc(struct crypt_device *cd, |
778 | | int keyslot, |
779 | | uint64_t area_offset, |
780 | | uint64_t area_length) |
781 | 0 | { |
782 | 0 | struct luks2_hdr *hdr; |
783 | 0 | json_object *jobj_keyslots, *jobj_keyslot, *jobj_area; |
784 | |
|
785 | 0 | log_dbg(cd, "Allocating placeholder keyslot %d for LUKS1 down conversion.", keyslot); |
786 | |
|
787 | 0 | if (!(hdr = crypt_get_hdr(cd, CRYPT_LUKS2))) |
788 | 0 | return -EINVAL; |
789 | | |
790 | 0 | if (keyslot < 0 || keyslot >= LUKS2_KEYSLOTS_MAX) |
791 | 0 | return -EINVAL; |
792 | | |
793 | 0 | if (LUKS2_get_keyslot_jobj(hdr, keyslot)) |
794 | 0 | return -EINVAL; |
795 | | |
796 | 0 | if (!json_object_object_get_ex(hdr->jobj, "keyslots", &jobj_keyslots)) |
797 | 0 | return -EINVAL; |
798 | | |
799 | 0 | jobj_keyslot = json_object_new_object(); |
800 | 0 | if (!jobj_keyslot) |
801 | 0 | return -ENOMEM; |
802 | | |
803 | 0 | json_object_object_add(jobj_keyslot, "type", json_object_new_string("placeholder")); |
804 | | /* |
805 | | * key_size = -1 makes placeholder keyslot impossible to pass validation. |
806 | | * It's a safeguard against accidentally storing temporary conversion |
807 | | * LUKS2 header. |
808 | | */ |
809 | 0 | json_object_object_add(jobj_keyslot, "key_size", json_object_new_int(-1)); |
810 | | |
811 | | /* Area object */ |
812 | 0 | jobj_area = json_object_new_object(); |
813 | 0 | if (!jobj_area) { |
814 | 0 | json_object_put(jobj_keyslot); |
815 | 0 | return -ENOMEM; |
816 | 0 | } |
817 | | |
818 | 0 | json_object_object_add(jobj_area, "offset", crypt_jobj_new_uint64(area_offset)); |
819 | 0 | json_object_object_add(jobj_area, "size", crypt_jobj_new_uint64(area_length)); |
820 | 0 | json_object_object_add(jobj_keyslot, "area", jobj_area); |
821 | |
|
822 | 0 | if (json_object_object_add_by_uint(jobj_keyslots, keyslot, jobj_keyslot)) { |
823 | 0 | json_object_put(jobj_keyslot); |
824 | 0 | return -EINVAL; |
825 | 0 | } |
826 | | |
827 | 0 | return 0; |
828 | 0 | } |
829 | | |
830 | | static unsigned LUKS2_get_keyslot_digests_count(json_object *hdr_jobj, int keyslot) |
831 | 0 | { |
832 | 0 | char num[16]; |
833 | 0 | json_object *jobj_digests, *jobj_keyslots; |
834 | 0 | unsigned count = 0; |
835 | |
|
836 | 0 | if (!json_object_object_get_ex(hdr_jobj, "digests", &jobj_digests)) |
837 | 0 | return 0; |
838 | | |
839 | 0 | if (snprintf(num, sizeof(num), "%u", keyslot) < 0) |
840 | 0 | return 0; |
841 | | |
842 | 0 | json_object_object_foreach(jobj_digests, key, val) { |
843 | 0 | UNUSED(key); |
844 | 0 | json_object_object_get_ex(val, "keyslots", &jobj_keyslots); |
845 | 0 | if (LUKS2_array_jobj(jobj_keyslots, num)) |
846 | 0 | count++; |
847 | 0 | } |
848 | |
|
849 | 0 | return count; |
850 | 0 | } |
851 | | |
852 | | /* run only on header that passed basic format validation */ |
853 | | int LUKS2_keyslots_validate(struct crypt_device *cd, json_object *hdr_jobj) |
854 | 6.02k | { |
855 | 6.02k | const keyslot_handler *h; |
856 | 6.02k | int keyslot; |
857 | 6.02k | json_object *jobj_keyslots, *jobj_type; |
858 | 6.02k | uint32_t reqs, reencrypt_count = 0; |
859 | 6.02k | struct luks2_hdr dummy = { |
860 | 6.02k | .jobj = hdr_jobj |
861 | 6.02k | }; |
862 | | |
863 | 6.02k | if (!json_object_object_get_ex(hdr_jobj, "keyslots", &jobj_keyslots)) |
864 | 0 | return -EINVAL; |
865 | | |
866 | 6.02k | LUKS2_config_get_requirements(cd, &dummy, &reqs); |
867 | | |
868 | 6.02k | json_object_object_foreach(jobj_keyslots, slot, val) { |
869 | 9 | keyslot = atoi(slot); |
870 | 9 | json_object_object_get_ex(val, "type", &jobj_type); |
871 | 9 | h = LUKS2_keyslot_handler_type(json_object_get_string(jobj_type)); |
872 | 9 | if (!h) |
873 | 9 | continue; |
874 | 0 | if (h->validate && h->validate(cd, val)) { |
875 | 0 | log_dbg(cd, "Keyslot type %s validation failed on keyslot %d.", h->name, keyslot); |
876 | 0 | return -EINVAL; |
877 | 0 | } |
878 | | |
879 | 0 | if (!strcmp(h->name, "luks2") && LUKS2_get_keyslot_digests_count(hdr_jobj, keyslot) != 1) { |
880 | 0 | log_dbg(cd, "Keyslot %d is not assigned to exactly 1 digest.", keyslot); |
881 | 0 | return -EINVAL; |
882 | 0 | } |
883 | | |
884 | 0 | if (!strcmp(h->name, "reencrypt")) |
885 | 0 | reencrypt_count++; |
886 | 0 | } |
887 | | |
888 | 6.02k | if ((reqs & CRYPT_REQUIREMENT_ONLINE_REENCRYPT) && reencrypt_count == 0) { |
889 | 0 | log_dbg(cd, "Missing reencryption keyslot."); |
890 | 0 | return -EINVAL; |
891 | 0 | } |
892 | | |
893 | 6.02k | if (reencrypt_count && !LUKS2_reencrypt_requirement_candidate(&dummy)) { |
894 | 0 | log_dbg(cd, "Missing reencryption requirement flag."); |
895 | 0 | return -EINVAL; |
896 | 0 | } |
897 | | |
898 | 6.02k | if (reencrypt_count > 1) { |
899 | 0 | log_dbg(cd, "Too many reencryption keyslots."); |
900 | 0 | return -EINVAL; |
901 | 0 | } |
902 | | |
903 | 6.02k | return 0; |
904 | 6.02k | } |
905 | | |
906 | | void LUKS2_keyslots_repair(struct crypt_device *cd __attribute__((unused)), json_object *jobj_keyslots) |
907 | 370 | { |
908 | 370 | const keyslot_handler *h; |
909 | 370 | json_object *jobj_type; |
910 | | |
911 | 914 | json_object_object_foreach(jobj_keyslots, slot, val) { |
912 | 914 | UNUSED(slot); |
913 | 914 | if (!json_object_is_type(val, json_type_object) || |
914 | 563 | !json_object_object_get_ex(val, "type", &jobj_type) || |
915 | 421 | !json_object_is_type(jobj_type, json_type_string)) |
916 | 509 | continue; |
917 | | |
918 | 405 | h = LUKS2_keyslot_handler_type(json_object_get_string(jobj_type)); |
919 | 405 | if (h && h->repair) |
920 | 185 | h->repair(val); |
921 | 405 | } |
922 | 370 | } |
923 | | |
924 | | /* assumes valid header */ |
925 | | int LUKS2_find_keyslot(struct luks2_hdr *hdr, const char *type) |
926 | 0 | { |
927 | 0 | int i; |
928 | 0 | json_object *jobj_keyslot, *jobj_type; |
929 | |
|
930 | 0 | if (!type) |
931 | 0 | return -EINVAL; |
932 | | |
933 | 0 | for (i = 0; i < LUKS2_KEYSLOTS_MAX; i++) { |
934 | 0 | jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, i); |
935 | 0 | if (!jobj_keyslot) |
936 | 0 | continue; |
937 | | |
938 | 0 | json_object_object_get_ex(jobj_keyslot, "type", &jobj_type); |
939 | 0 | if (!strcmp(json_object_get_string(jobj_type), type)) |
940 | 0 | return i; |
941 | 0 | } |
942 | | |
943 | 0 | return -ENOENT; |
944 | 0 | } |
945 | | |
946 | | /* assumes valid header, it does not move references in tokens/digests etc! */ |
947 | | int LUKS2_keyslot_swap(struct crypt_device *cd, struct luks2_hdr *hdr, |
948 | | int keyslot, int keyslot2) |
949 | 0 | { |
950 | 0 | json_object *jobj_keyslots, *jobj_keyslot, *jobj_keyslot2; |
951 | 0 | int r; |
952 | |
|
953 | 0 | if (!json_object_object_get_ex(hdr->jobj, "keyslots", &jobj_keyslots)) |
954 | 0 | return -EINVAL; |
955 | | |
956 | 0 | jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, keyslot); |
957 | 0 | if (!jobj_keyslot) |
958 | 0 | return -EINVAL; |
959 | | |
960 | 0 | jobj_keyslot2 = LUKS2_get_keyslot_jobj(hdr, keyslot2); |
961 | 0 | if (!jobj_keyslot2) |
962 | 0 | return -EINVAL; |
963 | | |
964 | | /* This transfer owner of object, no need for json_object_put */ |
965 | 0 | json_object_get(jobj_keyslot); |
966 | 0 | json_object_get(jobj_keyslot2); |
967 | |
|
968 | 0 | json_object_object_del_by_uint(jobj_keyslots, keyslot); |
969 | 0 | r = json_object_object_add_by_uint(jobj_keyslots, keyslot, jobj_keyslot2); |
970 | 0 | if (r < 0) { |
971 | 0 | json_object_put(jobj_keyslot2); |
972 | 0 | log_dbg(cd, "Failed to swap keyslot %d.", keyslot); |
973 | 0 | return r; |
974 | 0 | } |
975 | | |
976 | 0 | json_object_object_del_by_uint(jobj_keyslots, keyslot2); |
977 | 0 | r = json_object_object_add_by_uint(jobj_keyslots, keyslot2, jobj_keyslot); |
978 | 0 | if (r < 0) { |
979 | 0 | json_object_put(jobj_keyslot); |
980 | 0 | log_dbg(cd, "Failed to swap keyslot2 %d.", keyslot2); |
981 | 0 | } |
982 | |
|
983 | 0 | return r; |
984 | 0 | } |