Bug 27494 — publicly exports dm key information

Change udisks-dm-export to only export UDISKS_DM_TARGETS_PARAMS for "linear"
types. It is the only one we care about for now and know how to interpret.
"crypto" types have information about the encryption key in the target
parameters, which we must not leak.

Also add appropriate comments to the two places which currently evaluate
UDISKS_DM_TARGETS_PARAMS.

1 files changed, 4 insertions, 1 deletions

diff --git a/src/probers/udisks-dm-export.c b/src/probers/udisks-dm-export.c
index b950c32..8fff4f9 100644
--- a/src/probers/udisks-dm-export.c
+++ b/src/probers/udisks-dm-export.c
@@ -287,7 +287,10 @@ dm_export (int major, int minor)
           g_string_append (target_types_str, target_type);
           g_string_append_printf (start_str, "%" G_GUINT64_FORMAT, start);
           g_string_append_printf (length_str, "%" G_GUINT64_FORMAT, length);
-          if (params != NULL && strlen (params) > 0)
+          /* Set target_params for known-safe and known-needed target types only. In particular,
+           * we must not export it for "crypto", since that would expose
+           * information about the key. */
+          if (g_strcmp0 (target_type, "linear") == 0 && params != NULL && strlen (params) > 0)
             {
               _udev_util_encode_string (params, buf, sizeof (buf));
               g_string_append (params_str, buf);