From patchwork Wed Nov 12 12:42:42 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Simon Glass <sjg@u-boot.org>
X-Patchwork-Id: 687
Return-Path: <concept-bounces+u-boot-concept=u-boot.org@u-boot.org>
X-Original-To: u-boot-concept@u-boot.org
Delivered-To: u-boot-concept@u-boot.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org;
	s=default; t=1762951393;
	bh=b4kNn13JnZRCYtWUG7E+NyOLQ1kcgTUYkSbPPpBVv3c=;
	h=From:To:Date:In-Reply-To:References:CC:Subject:List-Id:
	 List-Archive:List-Help:List-Owner:List-Post:List-Subscribe:
	 List-Unsubscribe:From;
	b=Tms0c/FdM1jgQP5p7v85K+HxM/hPJBuBEY71mkemZoZGSaX68JXDz64vBbI7L4KW+
	 2uOVzPCvdxOuSGRjNZMBggbTsfdPd/DoYzwjBi5hqfM5chHMVQ7MWApFDGwJEbwLpS
	 qRu5WAoWX5yHZq7nGlTVNtWkWt2sbO8e5B0vadsaPwHWmslf2XfHQolyEv94//eEhS
	 3qZbx0nAa0YeS78oiIXtq+N4Kbh6KkB10PHRKFOYirrt8ipqnORlaUo2mbMs6u1ln/
	 s959biSVGgFGcODOj/pqSXWTkXC+wUsOuXYryZjxfRCHXdjuI/sE6vL8Xo+bz9pgbb
	 CiBtbQ0gHaqgA==
Received: from localhost (localhost [127.0.0.1])
	by mail.u-boot.org (Postfix) with ESMTP id 0F010684F6
	for <u-boot-concept@u-boot.org>; Wed, 12 Nov 2025 05:43:13 -0700 (MST)
X-Virus-Scanned: Debian amavis at 
Received: from mail.u-boot.org ([127.0.0.1])
 by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP
 id TrQ1TWvC-Wy1 for <u-boot-concept@u-boot.org>;
 Wed, 12 Nov 2025 05:43:13 -0700 (MST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org;
	s=default; t=1762951392;
	bh=b4kNn13JnZRCYtWUG7E+NyOLQ1kcgTUYkSbPPpBVv3c=;
	h=From:To:Date:In-Reply-To:References:CC:Subject:List-Id:
	 List-Archive:List-Help:List-Owner:List-Post:List-Subscribe:
	 List-Unsubscribe:From;
	b=MUMLcgYhvFHmSi5imGuY+YOrm1phz06CZezOzwTadLf5HUmH8Fg0Mpe0zS0v3JO09
	 DQhMz16qSp7jPaaRZm/avXEBJ5wRqJ6fPTNlo/ng0FLykKLyCMah63qvF3OWpl+EZF
	 1NN41cBiLR4DJgmQaE2bd7Om2uWxldLcK4BZo09aefMnd8izswbRWMS1yj/Lv4mbqo
	 R67AXH3wjTsUdIJhUimAOebr07BIxM1zvBqvpKCKAvHAH7xpQEAJ9SE+lqoEDFmMmK
	 ErY4MKfW9mvham3T1AaSB/FU7JX1oaF5WpD5hKTisLjY1ZfFqmXMYtLMhAxKgDgQ5j
	 JYoYtVbS7+xtQ==
Received: from mail.u-boot.org (localhost [127.0.0.1])
	by mail.u-boot.org (Postfix) with ESMTP id F3AD7683FC
	for <u-boot-concept@u-boot.org>; Wed, 12 Nov 2025 05:43:12 -0700 (MST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org;
	s=default; t=1762951390;
	bh=Z+KmQRAeFDElhmg4Ox1SjvM+a1VOq93W0y2epBHc59Q=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=b5qgKjw1splGD7H7hpUeBx30PnboR/JAgiIfEzUero0OKrGizbhnjb0k/NKvC61k0
	 xA9xVnAN0ZZS55zVRPqPTytTem8vOkblhkET4lE7i9OYzbqFeWZFBiNM75qYt/C9L3
	 bBRjMCTr9GwAAEX/X93dXHvmY64RoGINo3oAxp/EKPYVwTcW1PiCaaGnac/AGJ8yWt
	 cJlS6GIbgPYkKJ9DNn5j7yvV/2HYUgIfSCKimcf66YmtFRAeEamjoBkxfrHiPcszVb
	 9u/ajfh5WOBW4TJNA3rk0HFn4q5OAA185fepSl0pw2GwVjw1NN1tST2hpO7ejksdJX
	 sWGdJfO8jOCFg==
Received: from localhost (localhost [127.0.0.1])
	by mail.u-boot.org (Postfix) with ESMTP id DCD23682E4;
	Wed, 12 Nov 2025 05:43:10 -0700 (MST)
X-Virus-Scanned: Debian amavis at 
Received: from mail.u-boot.org ([127.0.0.1])
 by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10026) with ESMTP
 id Z6OWPpUv9plP; Wed, 12 Nov 2025 05:43:10 -0700 (MST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org;
	s=default; t=1762951386;
	bh=dz3Xf8oZauQVT55hd0yWi2dP+XVm2WCTNzWsHcwhtRU=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=RULjyqBhXsy85RHhc0S0CYwjVSWN1N3xGtNL098FhiotqkrOsL00r+Rtcwo1efz3q
	 9Rpp9gerWal6nRXZXflGV4G7VF5kFalXIt7wHFwqrM6Ea9F/6y77WTiEsR4b8o4EDb
	 TaxPfSuWox7rTSbTSxxrnrGVaDOu3aCOemXUvFPcfrEUhyyNremjqMlVBN1oI1OA5v
	 VIymk/t2hyQ7ynZyIzg1BurIC2mYX3ISUD2/i7NbJm8wL+FZWsJLpZ4sdd5YpWsWAi
	 BnN39pvvFxy3BxRsA3QJGU4tT77WGdDI1M7l3O+BCrcjc6L47kKGczPOAunRbzjMLU
	 57JWbA+cljXhw==
Received: from u-boot.org (unknown [73.34.74.121])
	by mail.u-boot.org (Postfix) with ESMTPSA id 8DD9E68375;
	Wed, 12 Nov 2025 05:43:06 -0700 (MST)
From: Simon Glass <sjg@u-boot.org>
To: U-Boot Concept <concept@u-boot.org>
Date: Wed, 12 Nov 2025 05:42:42 -0700
Message-ID: <20251112124252.1081477-2-sjg@u-boot.org>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20251112124252.1081477-1-sjg@u-boot.org>
References: <20251112124252.1081477-1-sjg@u-boot.org>
MIME-Version: 1.0
Message-ID-Hash: JUB5EJIVEPYGFQ2NJZHECN5Q6Z2MFR2Q
X-Message-ID-Hash: JUB5EJIVEPYGFQ2NJZHECN5Q6Z2MFR2Q
X-MailFrom: sjg@u-boot.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop;
 banned-address; emergency; member-moderation; nonmember-moderation;
 administrivia; implicit-dest; max-recipients; max-size; news-moderation;
 no-subject; digests; suspicious-header
CC: Simon Glass <simon.glass@canonical.com>, Claude <noreply@anthropic.com>
X-Mailman-Version: 3.3.10
Precedence: list
Subject: [Concept] [PATCH 1/5] luks: Exclude the payload from the size
 calculation
List-Id: Discussion and patches related to U-Boot Concept <concept.u-boot.org>
Archived-At: 
 <https://lists.u-boot.org/archives/list/concept@u-boot.org/message/JUB5EJIVEPYGFQ2NJZHECN5Q6Z2MFR2Q/>
List-Archive: <https://lists.u-boot.org/archives/list/concept@u-boot.org/>
List-Help: <mailto:concept-request@u-boot.org?subject=help>
List-Owner: <mailto:concept-owner@u-boot.org>
List-Post: <mailto:concept@u-boot.org>
List-Subscribe: <mailto:concept-join@u-boot.org>
List-Unsubscribe: <mailto:concept-leave@u-boot.org>

From: Simon Glass <simon.glass@canonical.com>

Fix the blkmap-size calculation to exclude the LUKS header/payload
offset. This was missed in the initial implementation.

Co-developed-by: Claude <noreply@anthropic.com>
Signed-off-by: Simon Glass <simon.glass@canonical.com>
Fixes: 0cbfb2d4900 ("luks: Provide a way to unlock and map encrypted..")
---

 drivers/block/luks.c | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/drivers/block/luks.c b/drivers/block/luks.c
index 3bdfd7dba61..c7e5a3da154 100644
--- a/drivers/block/luks.c
+++ b/drivers/block/luks.c
@@ -596,6 +596,7 @@ int luks_create_blkmap(struct udevice *blk, struct disk_partition *pinfo,
 		       struct udevice **blkmapp)
 {
 	u8 essiv_key[SHA256_SUM_LEN];  /* SHA-256 output */
+	lbaint_t decrypted_size;
 	struct luks1_phdr *hdr;
 	struct luks2_hdr *hdr2;
 	struct blk_desc *desc;
@@ -736,10 +737,15 @@ int luks_create_blkmap(struct udevice *blk, struct disk_partition *pinfo,
 		}
 	}
 
-	/* Map the encrypted partition to the blkmap device */
-	log_debug("mapping blkmap: blknr 0 blkcnt %lx payload_offset %x essiv %d\n",
-		  (ulong)pinfo->size, payload_offset, use_essiv);
-	ret = blkmap_map_crypt(dev, 0, pinfo->size, blk, pinfo->start,
+	/*
+	 * Map the encrypted partition to the blkmap device. The decrypted size
+	 * is the partition size minus the payload offset
+	 */
+	decrypted_size = pinfo->size - payload_offset;
+	log_debug("mapping blkmap: blknr 0 blkcnt %llx payload_offset %x essiv %d\n",
+		  (unsigned long long)decrypted_size, payload_offset,
+		  use_essiv);
+	ret = blkmap_map_crypt(dev, 0, decrypted_size, blk, pinfo->start,
 			       master_key, key_size, payload_offset,
 			       use_essiv, use_essiv ? essiv_key : NULL);
 	if (ret) {