diff -Nur util-linux-2.11n/MCONFIG util-linux-2.11n-int/MCONFIG --- util-linux-2.11n/MCONFIG Sun Dec 2 03:02:08 2001 +++ util-linux-2.11n-int/MCONFIG Tue Dec 18 21:38:11 2001 @@ -16,7 +16,7 @@ # If HAVE_PAM is set to "yes", then login, chfn, chsh, and newgrp # will use PAM for authentication. Additionally, passwd will not be # installed as it is not PAM aware. -HAVE_PAM=no +HAVE_PAM=yes # If HAVE_SHADOW is set to "yes", then login, chfn, chsh, newgrp, passwd, # and vipw will not be built or installed from the login-utils @@ -203,7 +203,7 @@ -DUSRSBINDIR=\"$(USRSBIN_DIR)\" \ -DLOGDIR=\"$(LOG_DIR)\" \ -DVARPATH=\"$(VAR_PATH)\" \ - -DLOCALEDIR=\"$(LOCALE_DIR)\" + -DLOCALEDIR=\"$(LOCALE_DIR)\" %.o: %.c diff -Nur util-linux-2.11n/mount/Makefile util-linux-2.11n-int/mount/Makefile --- util-linux-2.11n/mount/Makefile Sun May 20 02:52:24 2001 +++ util-linux-2.11n-int/mount/Makefile Tue Dec 18 21:38:11 2001 @@ -24,7 +24,7 @@ MAYBE = pivot_root swapoff -LO_OBJS = lomount.o $(LIB)/xstrncpy.o +LO_OBJS = lomount.o $(LIB)/xstrncpy.o rmd160.o NFS_OBJS = nfsmount.o nfsmount_xdr.o nfsmount_clnt.o GEN_FILES = nfsmount.h nfsmount_xdr.c nfsmount_clnt.c @@ -57,7 +57,7 @@ main_losetup.o: lomount.c $(COMPILE) -DMAIN lomount.c -o $@ -losetup: main_losetup.o $(LIB)/xstrncpy.o +losetup: main_losetup.o $(LIB)/xstrncpy.o rmd160.o $(LINK) $^ -o $@ mount.o umount.o nfsmount.o losetup.o fstab.o realpath.o sundries.o: sundries.h diff -Nur util-linux-2.11n/mount/lomount.c util-linux-2.11n-int/mount/lomount.c --- util-linux-2.11n/mount/lomount.c Thu Mar 15 11:09:58 2001 +++ util-linux-2.11n-int/mount/lomount.c Tue Dec 18 21:38:11 2001 @@ -6,6 +6,11 @@ * - added Native Language Support * Sun Mar 21 1999 - Arnaldo Carvalho de Melo * - fixed strerr(errno) in gettext calls + * 2000-09-24 Marc Mutz + * - added long option names and the --pass-fd option to pass + * passphrases via fd's to losetup/mount. Used for encryption in + * non-interactive environments. The idea behind xgetpass() is stolen + * from GnuPG, v.1.0.3 (http://www.gnupg.org/). */ #define PROC_DEVICES "/proc/devices" @@ -21,54 +26,107 @@ #include #include #include +#include #include #include #include #include "loop.h" #include "lomount.h" +#include "rmd160.h" #include "xstrncpy.h" #include "nls.h" +#ifndef LO_CRYPT_CRYPTOAPI +#define LO_CRYPT_CRYPTOAPI 18 +#endif +#ifndef LO_CRYPT_NONE +#define LO_CRYPT_NONE 0 +#endif +#ifndef LO_CRYPT_XOR +#define LO_CRYPT_XOR 1 +#endif +#ifndef LO_CRYPT_DES +#define LO_CRYPT_DES 2 +#endif +#ifndef LO_CRYPT_FISH2 +#define LO_CRYPT_FISH2 3 +#endif +#ifndef LO_CRYPT_BLOW +#define LO_CRYPT_BLOW 4 +#endif +#ifndef LO_CRYPT_CAST128 +#define LO_CRYPT_CAST128 5 +#endif +#ifndef LO_CRYPT_IDEA +#define LO_CRYPT_IDEA 6 +#endif +#ifndef LO_CRYPT_SERPENT +#define LO_CRYPT_SERPENT 7 +#endif +#ifndef LO_CRYPT_MARS +#define LO_CRYPT_MARS 8 +#endif +#ifndef LO_CRYPT_RC6 +#define LO_CRYPT_RC6 11 +#endif +#ifndef LO_CRYPT_3DES +#define LO_CRYPT_3DES 12 +#endif +#ifndef LO_CRYPT_DFC +#define LO_CRYPT_DFC 15 +#endif +#ifndef LO_CRYPT_RIJNDAEL +#define LO_CRYPT_RIJNDAEL 16 +#endif + + extern int verbose; extern char *xstrdup (const char *s); /* not: #include "sundries.h" */ extern void error (const char *fmt, ...); /* idem */ + +struct cipher_info +{ + const char *name; + int blocksize; + int keysize_mask; + int ivsize; + int key_schedule_size; +}; + +static int set_loop_passwd(struct loop_info *_loopinfo, int pfd, int keysz, + const char *encryption, int fd, int ffd); +static int get_cipher_info(const char *name, struct cipher_info *res); +static int name_to_id(const char *name); +#ifdef MAIN +static char *id_to_name(int id); +#endif + + #ifdef LOOP_SET_FD struct crypt_type_struct { int id; char *name; + int keylength; } crypt_type_tbl[] = { - { LO_CRYPT_NONE, "no" }, - { LO_CRYPT_NONE, "none" }, - { LO_CRYPT_XOR, "xor" }, - { LO_CRYPT_DES, "DES" }, - { -1, NULL } + { LO_CRYPT_NONE, "none", 0 }, + { LO_CRYPT_XOR, "xor", 0 }, + { LO_CRYPT_DES, "des", 8 }, + { LO_CRYPT_FISH2, "twofish", 20 }, + { LO_CRYPT_BLOW, "blowfish", 20 }, + { LO_CRYPT_CAST128, "cast", 16 }, + { LO_CRYPT_SERPENT, "serpent", 16 }, + { LO_CRYPT_MARS, "mars", 16 }, + { LO_CRYPT_RC6, "rc6", 16 }, + { LO_CRYPT_3DES, "des-ede3", 24 }, + { LO_CRYPT_DFC, "dfc", 16 }, + { LO_CRYPT_IDEA, "idea", 16 }, + { LO_CRYPT_RIJNDAEL, "rijndael", 16 }, + { -1, NULL,0 } }; -static int -crypt_type (const char *name) { - int i; - - if (name) { - for (i = 0; crypt_type_tbl[i].id != -1; i++) - if (!strcasecmp (name, crypt_type_tbl[i].name)) - return crypt_type_tbl[i].id; - } - return -1; -} - #ifdef MAIN -static char * -crypt_name (int id) { - int i; - - for (i = 0; crypt_type_tbl[i].id != -1; i++) - if (id == crypt_type_tbl[i].id) - return crypt_type_tbl[i].name; - return "undefined"; -} - static int show_loop (char *device) { struct loop_info loopinfo; @@ -90,7 +148,7 @@ printf (_("%s: [%04x]:%ld (%s) offset %d, %s encryption\n"), device, loopinfo.lo_device, loopinfo.lo_inode, loopinfo.lo_name, loopinfo.lo_offset, - crypt_name (loopinfo.lo_encrypt_type)); + id_to_name(loopinfo.lo_encrypt_type)); close (fd); return 0; @@ -183,24 +241,64 @@ error(_( "mount: Could not find any loop device, and, according to %s,\n" " this kernel does not know about the loop device.\n" - " (If so, then recompile or `insmod loop.o'.)"), + " (If so, then recompile or `modprobe loop'.)"), PROC_DEVICES); else error(_( "mount: Could not find any loop device. Maybe this kernel does not know\n" - " about the loop device (then recompile or `insmod loop.o'), or\n" + " about the loop device (then recompile or `modprobe loop'), or\n" " maybe /dev/loop# has the wrong major number?")); } else error(_("mount: could not find any free loop device")); return 0; } +#define HASHLENGTH 20 +#define PASSWDBUFFLEN 130 /* getpass returns only max. 128 bytes, see man getpass */ + +/* A function to read the passphrase either from the terminal or from + * an open file descriptor */ +static char * +xgetpass (int pfd, const char *prompt) +{ + if (pfd < 0) /* terminal */ + return (getpass(prompt)); + else { /* file descriptor */ + char *pass = NULL; + int buflen, i; + + buflen=0; + for (i=0; ; i++) { + if (i >= buflen-1) { + /* we're running out of space in the buffer. + * Make it bigger: */ + char *tmppass = pass; + buflen += 128; + pass = realloc(tmppass,buflen); + if (pass == NULL) { + /* realloc failed. Stop reading _now_. */ + error("not enough memory while reading passphrase"); + pass = tmppass; /* the old buffer hasn't changed */ + break; + } + }; + if ( read(pfd,pass+i, 1) != 1 || pass[i] == '\n' ) + break; + } + if (pass == NULL) + return ""; + else { + pass[i] = 0; + return pass; + } + } +} + int set_loop (const char *device, const char *file, int offset, - const char *encryption, int *loopro) { + const char *encryption, int pfd, int keysz, int *loopro) { struct loop_info loopinfo; - int fd, ffd, mode, i; - char *pass; + int fd, ffd, mode, tried_old; mode = (*loopro ? O_RDONLY : O_RDWR); if ((ffd = open (file, mode)) < 0) { @@ -218,13 +316,10 @@ *loopro = (mode == O_RDONLY); memset (&loopinfo, 0, sizeof (loopinfo)); - xstrncpy (loopinfo.lo_name, file, LO_NAME_SIZE); - if (encryption && (loopinfo.lo_encrypt_type = crypt_type (encryption)) - < 0) { - fprintf (stderr, _("Unsupported encryption type %s\n"), - encryption); - return 1; - } + snprintf(loopinfo.lo_name, sizeof(loopinfo.lo_name), + "%s-cbc", encryption); + loopinfo.lo_name[LO_NAME_SIZE - 1] = 0; + loopinfo.lo_encrypt_type = LO_CRYPT_CRYPTOAPI; loopinfo.lo_offset = offset; #ifdef MCL_FUTURE @@ -240,24 +335,73 @@ } #endif - switch (loopinfo.lo_encrypt_type) { + if (ioctl (fd, LOOP_SET_FD, ffd) < 0) { + perror ("ioctl: LOOP_SET_FD"); + return 1; + } + + tried_old = 0; +again: + set_loop_passwd(&loopinfo, pfd, keysz, encryption, fd, ffd); + + if (ioctl (fd, LOOP_SET_STATUS, &loopinfo) < 0) { + /* Try again with old-style LO_CRYPT_XX if + new-style LO_CRYPT_CRYPTOAPI ioctl didn't work */ + if (tried_old) { + error("The cipher does not exist, or a cipher module " + "needs to be loaded into the kernel"); + perror ("ioctl: LOOP_SET_STATUS"); + goto out_ioctl; + } + strncpy (loopinfo.lo_name, file, LO_NAME_SIZE); + loopinfo.lo_name[LO_NAME_SIZE - 1] = 0; + loopinfo.lo_encrypt_type = name_to_id (encryption); + tried_old = 1; + goto again; + } + close (fd); + close (ffd); + if (verbose > 1) + printf(_("set_loop(%s,%s,%d): success\n"), + device, file, offset); + return 0; +out_ioctl: + (void) ioctl (fd, LOOP_CLR_FD, 0); + return 1; +} + +int +set_loop_passwd(struct loop_info *loopinfo, int pfd, int keysz, + const char *encryption, int fd, int ffd) +{ + int i; + int keylength; + char *pass; + char keybits[2*HASHLENGTH]; + char passwdbuff[PASSWDBUFFLEN]; + struct cipher_info info; + + switch (loopinfo->lo_encrypt_type) { case LO_CRYPT_NONE: - loopinfo.lo_encrypt_key_size = 0; + loopinfo->lo_encrypt_key_size = 0; break; case LO_CRYPT_XOR: - pass = getpass (_("Password: ")); - xstrncpy (loopinfo.lo_encrypt_key, pass, LO_KEY_SIZE); - loopinfo.lo_encrypt_key_size = strlen(loopinfo.lo_encrypt_key); + /* WARNING: xgetpass() can return massive amounts of data, + * not only 128 bytes like the original getpass(3) */ + pass = xgetpass (pfd,_("Password: ")); + xstrncpy (loopinfo->lo_encrypt_key, pass, LO_KEY_SIZE); + loopinfo->lo_encrypt_key_size = strlen(loopinfo->lo_encrypt_key); break; case LO_CRYPT_DES: - pass = getpass (_("Password: ")); - strncpy (loopinfo.lo_encrypt_key, pass, 8); - loopinfo.lo_encrypt_key[8] = 0; - loopinfo.lo_encrypt_key_size = 8; + printf(_("WARNING: Use of DES is depreciated.\n")); + pass = xgetpass (pfd,_("Password: ")); + strncpy (loopinfo->lo_encrypt_key, pass, 8); + loopinfo->lo_encrypt_key[8] = 0; + loopinfo->lo_encrypt_key_size = 8; pass = getpass (_("Init (up to 16 hex digits): ")); for (i = 0; i < 16 && pass[i]; i++) if (isxdigit (pass[i])) { - loopinfo.lo_init[i >> 3] |= (pass[i] > '9' ? + loopinfo->lo_init[i >> 3] |= (pass[i] > '9' ? (islower (pass[i]) ? toupper (pass[i]) : pass[i])-'A'+10 : pass[i]-'0') << (i&7) * 4; } else { @@ -266,29 +410,88 @@ return 1; } break; + case LO_CRYPT_FISH2: + case LO_CRYPT_BLOW: + case LO_CRYPT_IDEA: + case LO_CRYPT_CAST128: + case LO_CRYPT_SERPENT: + case LO_CRYPT_MARS: + case LO_CRYPT_RC6: + case LO_CRYPT_3DES: + case LO_CRYPT_DFC: + case LO_CRYPT_RIJNDAEL: + pass = xgetpass(pfd, _("Password: ")); + strncpy(passwdbuff+1,pass,PASSWDBUFFLEN-1); + passwdbuff[PASSWDBUFFLEN-1] = '\0'; + passwdbuff[0] = 'A'; + rmd160_hash_buffer(keybits,pass,strlen(pass)); + rmd160_hash_buffer(keybits+HASHLENGTH,passwdbuff,strlen(pass)+1); + memcpy((char*)loopinfo->lo_encrypt_key,keybits,2*HASHLENGTH); + keylength=0; + for(i=0; crypt_type_tbl[i].id != -1; i++){ + if(loopinfo->lo_encrypt_type == crypt_type_tbl[i].id){ + keylength = crypt_type_tbl[i].keylength; + break; + } + } + loopinfo->lo_encrypt_key_size=keylength; + break; + case LO_CRYPT_CRYPTOAPI: + /* Give the kernel an opportunity to load the cipher */ + (void) ioctl (fd, LOOP_SET_STATUS, loopinfo); + if (get_cipher_info(loopinfo->lo_name, &info) < 0) { + return 1; + } + if (keysz > 0 && + !((1 << ((keysz / 8) - 1)) & info.keysize_mask)) { + error("The specified keysize is not supported by " + "the selected cipher"); + keysz = 0; + } + + while (keysz <= 0 || + !((1 << ((keysz / 8) - 1)) & info.keysize_mask)) { + int i = 0; + int available = 0; + char keysize[200]; + printf("Available keysizes (bits): "); + for (; i < 32; i++) { + if (info.keysize_mask & (1 << i)) { + printf("%d ", 8*(i+1)); + available = 1; + } + } + if (!available) { + printf("none"); + } + printf("\nKeysize: "); + fgets(keysize, sizeof(keysize), stdin); + keysz = atoi(keysize); + } + + pass = xgetpass(pfd, _("Password: ")); + strncpy(passwdbuff+1,pass,PASSWDBUFFLEN-1); + passwdbuff[PASSWDBUFFLEN-1] = '\0'; + passwdbuff[0] = 'A'; + rmd160_hash_buffer(keybits,pass,strlen(pass)); + rmd160_hash_buffer(keybits+HASHLENGTH,passwdbuff,strlen(pass)+1); + memcpy((char*)loopinfo->lo_encrypt_key,keybits,2*HASHLENGTH); + + loopinfo->lo_encrypt_key_size=keysz/8; + + break; default: fprintf (stderr, _("Don't know how to get key for encryption system %d\n"), - loopinfo.lo_encrypt_type); - return 1; - } - if (ioctl (fd, LOOP_SET_FD, ffd) < 0) { - perror ("ioctl: LOOP_SET_FD"); + loopinfo->lo_encrypt_type); return 1; } - if (ioctl (fd, LOOP_SET_STATUS, &loopinfo) < 0) { - (void) ioctl (fd, LOOP_CLR_FD, 0); - perror ("ioctl: LOOP_SET_STATUS"); - return 1; - } - close (fd); - close (ffd); - if (verbose > 1) - printf(_("set_loop(%s,%s,%d): success\n"), - device, file, offset); - return 0; + return 0; } + + + int del_loop (const char *device) { int fd; @@ -319,7 +522,7 @@ int set_loop (const char *device, const char *file, int offset, - const char *encryption, int *loopro) { + const char *encryption, int pfd, int *loopro) { mutter(); return 1; } @@ -348,13 +551,40 @@ int verbose = 0; static char *progname; +static struct option longopts[] = { + { "delete", 0, 0, 'd' }, + { "detach", 0, 0, 'd' }, + { "encryption", 1, 0, 'e' }, + { "help", 0, 0, 'h' }, + { "offset", 1, 0, 'o' }, + { "pass-fd", 1, 0, 'p' }, + { "verbose", 0, 0, 'v' }, + { "keybits", 1, 0, 'k' }, + { NULL, 0, 0, 0 } +}; + + static void usage(void) { fprintf(stderr, _("usage:\n\ %s loop_device # give info\n\ %s -d loop_device # delete\n\ - %s [ -e encryption ] [ -o offset ] loop_device file # setup\n"), - progname, progname, progname); + %s [ options ] loop_device file # setup\n\ + where options include\n\ + --offset , -o \n\ + start at offset into file.\n\ + --pass-fd , -p \n\ + read passphrase from file descriptor \n\ + instead of the terminal.\n\ + --encryption , -e \n\ + encrypt with .\n\ + Check /proc/cipher for available ciphers.\n\ + --keybits , -k \n\ + specify number of bits in the hashed key given\n\ + to the cipher. Some ciphers support several key\n\ + sizes and might be more efficient with a smaller\n\ + key size. Key sizes < 128 are generally not\n\ + recommended\n"), progname, progname, progname); exit(1); } @@ -387,19 +617,22 @@ int main(int argc, char **argv) { - char *offset, *encryption; + char *offset, *encryption, *passfd, *keysize; int delete,off,c; + int pfd = -1; int res = 0; int ro = 0; + int keysz = 0; setlocale(LC_ALL, ""); bindtextdomain(PACKAGE, LOCALEDIR); textdomain(PACKAGE); delete = off = 0; - offset = encryption = NULL; + offset = encryption = passfd = keysize = NULL; progname = argv[0]; - while ((c = getopt(argc,argv,"de:o:v")) != EOF) { + while ((c = getopt_long(argc,argv,"de:hk:o:p:v", + longopts, NULL)) != EOF) { switch (c) { case 'd': delete = 1; @@ -407,9 +640,15 @@ case 'e': encryption = optarg; break; + case 'k': + keysize = optarg; + break; case 'o': offset = optarg; break; + case 'p': + passfd = optarg; + break; case 'v': verbose = 1; break; @@ -418,7 +657,7 @@ } } if (argc == 1) usage(); - if ((delete && (argc != optind+1 || encryption || offset)) || + if ((delete && (argc != optind+1 || encryption || offset || passfd)) || (!delete && (argc < optind+1 || argc > optind+2))) usage(); if (argc == optind+1) { @@ -429,7 +668,12 @@ } else { if (offset && sscanf(offset,"%d",&off) != 1) usage(); - res = set_loop(argv[optind],argv[optind+1],off,encryption,&ro); + if (passfd && sscanf(passfd,"%d",&pfd) != 1) + usage(); + if (keysize && sscanf(keysize,"%d",&keysz) != 1) + usage(); + res = set_loop(argv[optind], argv[optind+1], off, + encryption, pfd, keysz, &ro); } return res; } @@ -445,3 +689,61 @@ } #endif #endif + +static int get_cipher_info(const char *name, struct cipher_info *res) +{ + char path[PATH_MAX]; + char buf[2000]; + FILE *f; + struct { + int *out; + const char *prefix; + } fields[] = {{&res->blocksize, "blocksize:"}, + {&res->keysize_mask, "keysize_mask:"}, + {&res->ivsize, "ivsize:"}, + {&res->key_schedule_size, "key_schedule_size:"}}; + snprintf(path, sizeof(path), "/proc/crypto/cipher/%s", name); + f = fopen(path, "r"); + while(f && fgets(buf, sizeof(buf), f)) { + int i; + for (i = 0; i < sizeof(fields)/sizeof(fields[0]); i++) { + int len = strlen(fields[i].prefix); + if (strncmp(buf, fields[i].prefix, len) == 0) { + *fields[i].out = strtoul(&buf[len+1], NULL, 0); + break; + } + } + + } + if (!f) + return -1; + return 0; +} + + +static int +name_to_id(const char *name) +{ + int i; + + if (name) { + for (i = 0; crypt_type_tbl[i].id != -1; i++) + if (!strcasecmp (name, crypt_type_tbl[i].name)) + return crypt_type_tbl[i].id; + } else + return LO_CRYPT_NONE; + return LO_CRYPT_CRYPTOAPI; +} + +#ifdef MAIN +static char * +id_to_name(int id) { + int i; + + for (i = 0; crypt_type_tbl[i].id != -1; i++) + if (id == crypt_type_tbl[i].id) + return crypt_type_tbl[i].name; + return "undefined"; +} +#endif + diff -Nur util-linux-2.11n/mount/lomount.h util-linux-2.11n-int/mount/lomount.h --- util-linux-2.11n/mount/lomount.h Fri Dec 8 19:08:02 2000 +++ util-linux-2.11n-int/mount/lomount.h Tue Dec 18 21:38:11 2001 @@ -1,5 +1,6 @@ extern int verbose; -extern int set_loop (const char *, const char *, int, const char *, int *); +extern int set_loop (const char *, const char *, int, const char *, + int, int, int *); extern int del_loop (const char *); extern int is_loop_device (const char *); extern char * find_unused_loop_device (void); diff -Nur util-linux-2.11n/mount/losetup.8 util-linux-2.11n-int/mount/losetup.8 --- util-linux-2.11n/mount/losetup.8 Fri Aug 11 13:11:30 2000 +++ util-linux-2.11n-int/mount/losetup.8 Tue Dec 18 21:38:11 2001 @@ -10,6 +10,9 @@ ] [ .B \-o .I offset +] [ +.B \-p +.I num ] .I loop_device file .br @@ -26,9 +29,9 @@ \fIloop_device\fP argument is given, the status of the corresponding loop device is shown. .SH OPTIONS -.IP \fB\-d\fP +.IP "\fB\-\-delete, \-\-detach, \-d\fP" detach the file or device associated with the specified loop device. -.IP "\fB\-e \fIencryption\fP" +.IP "\fB\-\-encryption, \-e \fIencryption\fP" .RS enable data encryption. The following keywords are recognized: .IP \fBNONE\fP @@ -36,16 +39,62 @@ .PD 0 .IP \fBXOR\fP use a simple XOR encryption. +.IP \fBAES\fP +use Advanced Encryption Standard encryption. AES encryption is only available +if you are using the international kernel and AES encryption has been enabled +in the Crypto API. +enabled in the Crypto API. +.IP \fBBlowfish\fP +use Blowfish encryption. Blowfish encryption is only available if you +are using the international kernel and Blowfish encryption has been +enabled in the Crypto API. +.IP \fBTwofish\fP +use Twofish encryption. Twofish encryption is only available if you +are using the international kernel and Twofish encryption has been +enabled in the Crypto API. +.IP \fBCAST\fP +use CAST encryption. CAST encryption is only available if you +are using the international kernel and CAST encryption has been +enabled in the Crypto API. .IP \fBDES\fP use DES encryption. DES encryption is only available if the optional DES package has been added to the kernel. DES encryption uses an additional start value that is used to protect passwords against dictionary -attacks. +attacks. Use of DES is deprecated. +.IP \fBDFC\fP +use DFC encryption. DFC encryption is only available if you +are using the international kernel and DFC encryption has been +enabled in the Crypto API. +.IP \fBIDEA\fP +use IDEA encryption. IDEA encryption is only available if you +are using the international kernel and IDEA encryption has been +enabled in the Crypto API. +.IP \fBMARS\fP +use MARS encryption. MARS encryption is only available if you +are using the international kernel and MARS encryption has been +enabled in the Crypto API. +.IP \fBRC5\fP +use RC5 encryption. RC5 encryption is only available if you +are using the international kernel and RC5 encryption has been +enabled in the Crypto API. +.IP \fBRC6\fP +use RC6 encryption. RC6 encryption is only available if you +are using the international kernel and RC6 encryption has been +enabled in the Crypto API. +.IP \fBSerpent\fP +use Serpent encryption. Serpent encryption is only available if you +are using the international kernel and Serpent encryption has been +enabled in the Crypto API. .PD .RE -.IP "\fB\-o \fIoffset\fP" +.IP "\fB\-\-offset, \-o \fIoffset\fP" the data start is moved \fIoffset\fP bytes into the specified file or device. +.IP "\fB\-\-pass-fd, \-p \fInum\fP" +read the passphrase from file descriptor \fInum\fP instead of the +terminal. +.IP "\fB\-\-keybits, \-k \fInum\fP" +set the number of bits to use in key to \fInum\fP. .SH RETURN VALUE .B losetup returns 0 on success, nonzero on failure. When @@ -58,6 +107,7 @@ .SH FILES .nf /dev/loop0,/dev/loop1,... loop devices (major=7) +/proc/cipher/* available ciphers .fi .SH EXAMPLE If you are using the loadable module you must have the module loaded @@ -69,9 +119,8 @@ .nf .IP dd if=/dev/zero of=/file bs=1k count=100 -losetup -e des /dev/loop0 /file -Password: -Init (up to 16 hex digits): +losetup -e blowfish /dev/loop0 /file +Password : mkfs -t ext2 /dev/loop0 100 mount -t ext2 /dev/loop0 /mnt ... @@ -85,8 +134,12 @@ # rmmod loop .LP .fi -.SH RESTRICTION -DES encryption is painfully slow. On the other hand, XOR is terribly weak. +.SH RESTRICTIONS +DES encryption is painfully slow. On the other hand, XOR is terribly +weak. Both are insecure nowadays. Some ciphers require a licence for +you to be allowed to use them. +.SH BUGS +CAST, DES, RC5 and Twofish are currently broken and cannot be used. .SH AUTHORS .nf Original version: Theodore Ts'o diff -Nur util-linux-2.11n/mount/mount.8 util-linux-2.11n-int/mount/mount.8 --- util-linux-2.11n/mount/mount.8 Sat Nov 24 19:31:34 2001 +++ util-linux-2.11n-int/mount/mount.8 Tue Dec 18 21:40:41 2001 @@ -250,6 +250,12 @@ .B \-v Verbose mode. .TP +.B \-p "\fInum\fP" +If the mount requires a passphrase to be entered, read it from file +descriptor +.IR num\fP +instead of from the terminal. +.TP .B \-a Mount all filesystems (of the given types) mentioned in .IR fstab . @@ -546,6 +552,15 @@ .BR noexec ", " nosuid ", and " nodev (unless overridden by subsequent options, as in the option line .BR users,exec,dev,suid ). +.TP +.B encryption +Specifies an encryption algorithm to use. Used in conjunction with the +.BR loop " option." +.TP +.B keybits +Specifies the key size to use for an encryption algorithm. Used in conjunction +with the +.BR loop " and " encryption " options." .RE .SH "FILESYSTEM SPECIFIC MOUNT OPTIONS" @@ -1535,7 +1550,10 @@ .BR loop ", " offset " and " encryption , that are really options to .BR losetup (8). -If no explicit loop device is mentioned +If the mount requires a passphrase, you will be prompted for one unless +you specify a file descriptor to read from instead with the +.BR \-\-pass-fd +option. If no explicit loop device is mentioned (but just an option `\fB\-o loop\fP' is given), then .B mount will try to find some unused loop device and use that. diff -Nur util-linux-2.11n/mount/mount.8~ util-linux-2.11n-int/mount/mount.8~ --- util-linux-2.11n/mount/mount.8~ Thu Jan 1 01:00:00 1970 +++ util-linux-2.11n-int/mount/mount.8~ Tue Dec 18 21:38:11 2001 @@ -0,0 +1,1615 @@ +.\" Copyright (c) 1996 Andries Brouwer +.\" +.\" This page is somewhat derived from a page that was +.\" (c) 1980, 1989, 1991 The Regents of the University of California +.\" and had been heavily modified by Rik Faith and myself. +.\" (Probably no BSD text remains.) +.\" Fragments of text were written by Werner Almesberger, Remy Card, +.\" Stephen Tweedie and Eric Youngdale. +.\" +.\" This is free documentation; you can redistribute it and/or +.\" modify it under the terms of the GNU General Public License as +.\" published by the Free Software Foundation; either version 2 of +.\" the License, or (at your option) any later version. +.\" +.\" The GNU General Public License's references to "object code" +.\" and "executables" are to be interpreted as the output of any +.\" document formatting or typesetting system, including +.\" intermediate and printed output. +.\" +.\" This manual is distributed in the hope that it will be useful, +.\" but WITHOUT ANY WARRANTY; without even the implied warranty of +.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.\" GNU General Public License for more details. +.\" +.\" You should have received a copy of the GNU General Public +.\" License along with this manual; if not, write to the Free +.\" Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, +.\" USA. +.\" +.\" 960705, aeb: version for mount-2.7g +.\" 970114, aeb: xiafs and ext are dead; romfs is new +.\" 970623, aeb: -F option +.\" 970914, reg: -s option +.\" 981111, K.Garloff: /etc/filesystems +.\" 990111, aeb: documented /sbin/mount.smbfs +.\" 990730, Yann Droneaud : updated page +.\" 991214, Elrond : added some docs on devpts +.\" 010725, Nikita Danilov : reiserfs options +.\" 011124, Karl Eichwalder : tmpfs options +.\" +.TH MOUNT 8 "14 September 1997" "Linux 2.0" "Linux Programmer's Manual" +.SH NAME +mount \- mount a file system +.SH SYNOPSIS +.BI "mount [\-lhV]" +.LP +.BI "mount \-a [\-fFnrsvw] [\-t " vfstype ] +.br +.BI "mount [\-fnrsvw] [\-o " options " [,...]] " "device " | " dir" +.br +.BI "mount [\-fnrsvw] [\-t " vfstype "] [\-o " options "] " "device dir" +.SH DESCRIPTION +All files accessible in a Unix system are arranged in one big +tree, the file hierarchy, rooted at +.BR / . +These files can be spread out over several devices. The +.B mount +command serves to attach the file system found on some device +to the big file tree. Conversely, the +.BR umount (8) +command will detach it again. + +The standard form of the +.B mount +command, is +.RS +.br +.BI "mount \-t" " type device dir" +.RE +This tells the kernel to attach the file system found on +.I device +(which is of type +.IR type ) +at the directory +.IR dir . +The previous contents (if any) and owner and mode of +.I dir +become invisible, and as long as this file system remains mounted, +the pathname +.I dir +refers to the root of the file system on +.IR device . + +Three forms of invocation do not actually mount anything: +.RS +.br +.B "mount \-h" +.RE +prints a help message; +.RS +.br +.B "mount \-V" +.RE +prints a version string; and just +.RS +.BI "mount [-l] [-t" " type" ] +.RE +lists all mounted file systems (of type +.IR type ). +The option \-l adds the (ext2, ext3 and XFS) labels in this listing. +See below. + +.\" In fact since 2.3.99. At first the syntax was mount -t bind. +Since Linux 2.4.0 it is possible to remount part of the +file hierarchy somewhere else. The call is +.RS +.br +.B "mount --bind olddir newdir" +.RE + +The +.I proc +file system is not associated with a special device, and when +mounting it, an arbitrary keyword, such as +.I proc +can be used instead of a device specification. +(The customary choice +.I none +is less fortunate: the error message `none busy' from +.B umount +can be confusing.) + +Most devices are indicated by a file name (of a block special device), like +.IR /dev/sda1 , +but there are other possibilities. For example, in the case of an NFS mount, +.I device +may look like +.IR knuth.cwi.nl:/dir . +It is possible to indicate a block special device using its +volume label or UUID (see the \-L and \-U options below). + +The file +.I /etc/fstab +(see +.BR fstab (5)), +may contain lines describing what devices are usually +mounted where, using which options. This file is used in three ways: +.LP +(i) The command +.RS +.br +.BI "mount \-a [-t" " type" ] +.RE +(usually given in a bootscript) causes all file systems mentioned in +.I fstab +(of the proper type) to be mounted as indicated, except for those +whose line contains the +.B noauto +keyword. Adding the +.B \-F +option will make mount fork, so that the +filesystems are mounted simultaneously. +.LP +(ii) When mounting a file system mentioned in +.IR fstab , +it suffices to give only the device, or only the mount point. +.LP +(iii) Normally, only the superuser can mount file systems. +However, when +.I fstab +contains the +.B user +option on a line, then anybody can mount the corresponding system. +.LP +Thus, given a line +.RS +.br +.B "/dev/cdrom /cd iso9660 ro,user,noauto,unhide" +.RE +any user can mount the iso9660 file system found on his CDROM +using the command +.RS +.br +.B "mount /dev/cdrom" +.RE +or +.RS +.br +.B "mount /cd" +.RE +For more details, see +.BR fstab (5). +Only the user that mounted a filesystem can unmount it again. +If any user should be able to unmount, then use +.B users +instead of +.B user +in the +.I fstab +line. +The +.B owner +option is similar to the +.B user +option, with the restriction that the user must be the owner +of the special file. This may be useful e.g. for +.I /dev/fd +if a login script makes the console user owner of this device. + +The programs +.B mount +and +.B umount +maintain a list of currently mounted file systems in the file +.IR /etc/mtab . +If no arguments are given to +.BR mount , +this list is printed. +When the +.I proc +filesystem is mounted (say at +.IR /proc ), +the files +.I /etc/mtab +and +.I /proc/mounts +have very similar contents. The former has somewhat +more information, such as the mount options used, +but is not necessarily up-to-date (cf. the +.B \-n +option below). It is possible to replace +.I /etc/mtab +by a symbolic link to +.IR /proc/mounts , +but some information is lost that way, and in particular +working with the loop device will be less convenient. + +.SH OPTIONS +The full set of options used by an invocation of +.B mount +is determined by first extracting the +options for the file system from the +.I fstab +table, then applying any options specified by the +.B \-o +argument, and finally applying a +.BR \-r " or " \-w +option, when present. + +Options available for the +.B mount +command: +.TP +.B \-V +Output version. +.TP +.B \-h +Print a help message. +.TP +.B \-v +Verbose mode. +.TP +.B \-p "\fInum\fP" +If the mount requires a passphrase to be entered, read it from file +descriptor +.IR num\fP +instead of from the terminal. +.TP +.B \-a +Mount all filesystems (of the given types) mentioned in +.IR fstab . +.TP +.B \-F +(Used in conjunction with +.BR \-a .) +Fork off a new incarnation of mount for each device. +This will do the mounts on different devices or different NFS servers +in parallel. +This has the advantage that it is faster; also NFS timeouts go in +parallel. A disadvantage is that the mounts are done in undefined order. +Thus, you cannot use this option if you want to mount both +.I /usr +and +.IR /usr/spool . +.TP +.B \-f +Causes everything to be done except for the actual system call; if it's not +obvious, this ``fakes'' mounting the file system. This option is useful in +conjunction with the +.B \-v +flag to determine what the +.B mount +command is trying to do. It can also be used to add entries for devices +that were mounted earlier with the -n option. +.TP +.B \-l +Add the ext2, ext3 and XFS labels in the mount output. Mount must have +permission to read the disk device (e.g. be suid root) for this to work. +One can set such a label for ext2 or ext3 using the +.BR e2label (8) +utility, or for XFS using +.BR xfs_admin (8). +.TP +.B \-n +Mount without writing in +.IR /etc/mtab . +This is necessary for example when +.I /etc +is on a read-only file system. +.TP +.B \-s +Tolerate sloppy mount options rather than failing. This will ignore +mount options not supported by a filesystem type. Not all filesystems +support this option. This option exists for support of the Linux +autofs\-based automounter. +.TP +.B \-r +Mount the file system read-only. A synonym is +.BR "\-o ro" . +.TP +.B \-w +Mount the file system read/write. This is the default. A synonym is +.BR "\-o rw" . +.TP +.BI \-L " label" +Mount the partition that has the specified +.IR label . +.TP +.BI \-U " uuid" +Mount the partition that has the specified +.IR uuid . +These two options require the file +.I /proc/partitions +(present since Linux 2.1.116) to exist. +.TP +.BI \-t " vfstype" +The argument following the +.B \-t +is used to indicate the file system type. The file system types which are +currently supported are: +.IR adfs , +.IR affs , +.IR autofs , +.IR coda , +.IR coherent , +.IR cramfs , +.IR devpts , +.IR efs , +.IR ext , +.IR ext2 , +.IR ext3 , +.IR hfs , +.IR hpfs , +.IR iso9660 , +.IR jfs , +.IR minix , +.IR msdos , +.IR ncpfs , +.IR nfs , +.IR ntfs , +.IR proc , +.IR qnx4 , +.IR reiserfs , +.IR romfs , +.IR smbfs , +.IR sysv , +.IR tmpfs , +.IR udf , +.IR ufs , +.IR umsdos , +.IR vfat , +.IR xenix , +.IR xfs , +.IR xiafs . +Note that coherent, sysv and xenix are equivalent and that +.I xenix +and +.I coherent +will be removed at some point in the future \(em use +.I sysv +instead. Since kernel version 2.1.21 the types +.I ext +and +.I xiafs +do not exist anymore. + +For most types all the +.B mount +program has to do is issue a simple +.IR mount (2) +system call, and no detailed knowledge of the filesystem type is required. +For a few types however (like nfs, smbfs, ncpfs) ad hoc code is +necessary. The nfs ad hoc code is built in, but smbfs and ncpfs +have a separate mount program. In order to make it possible to +treat all types in a uniform way, mount will execute the program +.I /sbin/mount.TYPE +(if that exists) when called with type +.IR TYPE . +Since various versions of the +.I smbmount +program have different calling conventions, +.I /sbin/mount.smb +may have to be a shell script that sets up the desired call. + +The type +.I iso9660 +is the default. If no +.B \-t +option is given, or if the +.B auto +type is specified, the superblock is probed for the filesystem type +.RI ( adfs , +.IR bfs , +.IR cramfs , +.IR ext , +.IR ext2 , +.IR ext3 , +.IR hfs , +.IR hpfs , +.IR iso9660 , +.IR jfs , +.IR minix , +.IR ntfs , +.IR qnx4 , +.IR reiserfs , +.IR romfs , +.IR ufs , +.IR vxfs , +.IR xfs , +.IR xiafs +are supported). +If this probe fails, mount will try to read the file +.IR /etc/filesystems , +or, if that does not exist, +.IR /proc/filesystems . +All of the filesystem types listed there will be tried, +except for those that are labeled "nodev" (e.g., +.IR devpts , +.I proc +and +.IR nfs ). + +Note that the +.B auto +type may be useful for user-mounted floppies. +Creating a file +.I /etc/filesystems +can be useful to change the probe order (e.g., to try vfat before msdos) +or if you use a kernel module autoloader. +Warning: the probing uses a heuristic (the presence of appropriate `magic'), +and could recognize the wrong filesystem type. + +More than one type may be specified in a comma separated +list. The list of file system types can be prefixed with +.B no +to specify the file system types on which no action should be taken. +(This can be meaningful with the +.B \-a +option.) + +For example, the command: +.RS +.RS +.B "mount \-a \-t nomsdos,ext" +.RE +mounts all file systems except those of type +.I msdos +and +.IR ext . +.RE +.TP +.B \-o +Options are specified with a +.B \-o +flag followed by a comma separated string of options. +Some of these options are only useful when they appear in the +.I /etc/fstab +file. The following options apply to any file system that is being +mounted (but not every file system actually honors them - e.g., the +.B sync +option today has effect only for ext2, ext3 and ufs): +.RS +.TP +.B async +All I/O to the file system should be done asynchronously. +.TP +.B atime +Update inode access time for each access. This is the default. +.TP +.B auto +Can be mounted with the +.B \-a +option. +.TP +.B defaults +Use default options: +.BR rw ", " suid ", " dev ", " exec ", " auto ", " nouser ", and " async. +.TP +.B dev +Interpret character or block special devices on the file system. +.TP +.B exec +Permit execution of binaries. +.TP +.B noatime +Do not update inode access times on this file system (e.g, for faster +access on the news spool to speed up news servers). +.TP +.B noauto +Can only be mounted explicitly (i.e., the +.B \-a +option will not cause the file system to be mounted). +.TP +.B nodev +Do not interpret character or block special devices on the file +system. +.TP +.B noexec +Do not allow execution of any binaries on the mounted file system. +This option might be useful for a server that has file systems containing +binaries for architectures other than its own. +.TP +.B nosuid +Do not allow set-user-identifier or set-group-identifier bits to take +effect. (This seems safe, but is in fact rather unsafe if you have +suidperl(1) installed.) +.TP +.B nouser +Forbid an ordinary (i.e., non-root) user to mount the file system. +This is the default. +.TP +.B remount +Attempt to remount an already-mounted file system. This is commonly +used to change the mount flags for a file system, especially to make a +readonly file system writeable. It does not change device or mount point. +.TP +.B ro +Mount the file system read-only. +.TP +.B rw +Mount the file system read-write. +.TP +.B suid +Allow set-user-identifier or set-group-identifier bits to take +effect. +.TP +.B sync +All I/O to the file system should be done synchronously. +.TP +.B user +Allow an ordinary user to mount the file system. +The name of the mounting user is written to mtab so that he can unmount +the file system again. +This option implies the options +.BR noexec ", " nosuid ", and " nodev +(unless overridden by subsequent options, as in the option line +.BR user,exec,dev,suid ). +.TP +.B users +Allow every user to mount and unmount the file system. +This option implies the options +.BR noexec ", " nosuid ", and " nodev +(unless overridden by subsequent options, as in the option line +.BR users,exec,dev,suid ). +.RE + +.SH "FILESYSTEM SPECIFIC MOUNT OPTIONS" +The following options apply only to certain file systems. +We sort them by file system. They all follow the +.B \-o +flag. +.SH "Mount options for adfs" +.TP +\fBuid=\fP\fIvalue\fP and \fBgid=\fP\fIvalue\fP +Set the owner and group of the files in the file system (default: uid=gid=0). +.TP +\fBownmask=\fP\fIvalue\fP and \fBothmask=\fP\fIvalue\fP +Set the permission mask for ADFS 'owner' permissions and 'other' permissions, +respectively (default: 0700 and 0077, respectively). +See also +.IR /usr/src/linux/Documentation/filesystems/adfs.txt . +.SH "Mount options for affs" +.TP +\fBuid=\fP\fIvalue\fP and \fBgid=\fP\fIvalue\fP +Set the owner and group of the root of the file system (default: uid=gid=0, +but with option +.B uid +or +.B gid +without specified value, the uid and gid of the current process are taken). +.TP +\fBsetuid=\fP\fIvalue\fP and \fBsetgid=\fP\fIvalue\fP +Set the owner and group of all files. +.TP +.BI mode= value +Set the mode of all files to +.IR value " & 0777" +disregarding the original permissions. +Add search permission to directories that have read permission. +The value is given in octal. +.TP +.B protect +Do not allow any changes to the protection bits on the file system. +.TP +.B usemp +Set uid and gid of the root of the file system to the uid and gid +of the mount point upon the first sync or umount, and then +clear this option. Strange... +.TP +.B verbose +Print an informational message for each successful mount. +.TP +.BI prefix= string +Prefix used before volume name, when following a link. +.TP +.BI volume= string +Prefix (of length at most 30) used before '/' when following a symbolic link. +.TP +.BI reserved= value +(Default: 2.) Number of unused blocks at the start of the device. +.TP +.BI root= value +Give explicitly the location of the root block. +.TP +.BI bs= value +Give blocksize. Allowed values are 512, 1024, 2048, 4096. +.TP +.BR grpquota " / " noquota " / " quota " / " usrquota +These options are accepted but ignored. +(However, quota utilities may react to such strings in +.IR /etc/fstab .) + +.SH "Mount options for coherent" +None. + +.SH "Mount options for devpts" +The devpts file system is a pseudo file system, traditionally mounted on +.IR /dev/pts . +In order to acquire a pseudo terminal, a process opens +.IR /dev/ptmx ; +the number of the pseudo terminal is then made available to the process +and the pseudo terminal slave can be accessed as +.IR /dev/pts/ . +.TP +\fBuid=\fP\fIvalue\fP and \fBgid=\fP\fIvalue\fP +This sets the owner or the group of newly created PTYs to +the specified values. When nothing is specified, they will +be set to the UID and GID of the creating process. +For example, if there is a tty group with GID 5, then +.B gid=5 +will cause newly created PTYs to belong to the tty group. +.TP +.BI mode= value +Set the mode of newly created PTYs to the specified value. +The default is 0600. +A value of +.B mode=620 +and +.B gid=5 +makes "mesg y" the default on newly created PTYs. + +.SH "Mount options for ext" +None. +Note that the `ext' file system is obsolete. Don't use it. +Since Linux version 2.1.21 extfs is no longer part of the kernel source. + +.SH "Mount options for ext2" +The `ext2' file system is the standard Linux file system. +Due to a kernel bug, it may be mounted with random mount options +(fixed in Linux 2.0.4). +.TP +.BR bsddf " / " minixdf +Set the behaviour for the +.I statfs +system call. The +.B minixdf +behaviour is to return in the +.I f_blocks +field the total number of blocks of the file system, while the +.B bsddf +behaviour (which is the default) is to subtract the overhead blocks +used by the ext2 file system and not available for file storage. Thus +.RE +.nf + +% mount /k -o minixdf; df /k; umount /k +Filesystem 1024-blocks Used Available Capacity Mounted on +/dev/sda6 2630655 86954 2412169 3% /k +% mount /k -o bsddf; df /k; umount /k +Filesystem 1024-blocks Used Available Capacity Mounted on +/dev/sda6 2543714 13 2412169 0% /k + +.fi +(Note that this example shows that one can add command line options +to the options given in +.IR /etc/fstab .) + +.TP +.BR check " / " check=normal " / " check=strict +Set checking level. When at least one of these options is set (and +.B check=normal +is set by default) the inodes and blocks bitmaps are checked upon mount +(which can take half a minute or so on a big disk, and is rather useless). +With strict checking, block deallocation checks that the block to free +is in the data zone. +.TP +.BR check=none " / " nocheck +No checking is done. This is fast. Recent kernels do not have a +check option anymore - checking with +.BR e2fsck (8) +is more meaningful. +.TP +.B debug +Print debugging info upon each (re)mount. +.TP +.BR errors=continue " / " errors=remount-ro " / " errors=panic +Define the behaviour when an error is encountered. +(Either ignore errors and just mark the file system erroneous and continue, +or remount the file system read-only, or panic and halt the system.) +The default is set in the filesystem superblock, and can be +changed using +.BR tune2fs (8). +.TP +.BR grpid " or " bsdgroups " / " nogrpid " or " sysvgroups +These options define what group id a newly created file gets. +When +.BR grpid +is set, it takes the group id of the directory in which it is created; +otherwise (the default) it takes the fsgid of the current process, unless +the directory has the setgid bit set, in which case it takes the gid +from the parent directory, and also gets the setgid bit set +if it is a directory itself. +.TP +\fBresgid=\fP\fIn\fP and \fBresuid=\fP\fIn\fP +The ext2 file system reserves a certain percentage of the available +space (by default 5%, see +.BR mke2fs (8) +and +.BR tune2fs (8)). +These options determine who can use the reserved blocks. +(Roughly: whoever has the specified uid, or belongs to the specified group.) +.TP +.BI sb= n +Instead of block 1, use block +.I n +as superblock. This could be useful when the filesystem has been damaged. +(Earlier, copies of the superblock would be made every 8192 blocks: in +block 1, 8193, 16385, ... (and one got hundreds or even thousands +of copies on a big filesystem). Since version 1.08, +.B mke2fs +has a \-s (sparse superblock) option to reduce the number of backup +superblocks, and since version 1.15 this is the default. Note +that this may mean that ext2 filesystems created by a recent +.B mke2fs +cannot be mounted r/w under Linux 2.0.*.) +The block number here uses 1k units. Thus, if you want to use logical +block 32768 on a filesystem with 4k blocks, use "sb=131072". +.TP +.BR grpquota " / " noquota " / " quota " / " usrquota +These options are accepted but ignored. + +.TP +.BR nouid32 +Disables 32-bit UIDs and GIDs. This is for interoperability with older +kernels which only store and expect 16-bit values. + + +.SH "Mount options for ext3" +The `ext3' file system is version of the ext2 file system which has been +enhanced with journalling. It supports the same options as ext2 as +well as the following additions: +.\" .TP +.\" .BR abort +.\" Mount the file system in abort mode, as if a fatal error has occurred. +.TP +.BR journal=update +Update the ext3 file system's journal to the current format. +.TP +.BR journal=inum +When a journal already exists, this option is ignored. Otherwise, it +specifies the number of the inode which will represent the ext3 file system's +journal file; ext3 will create a new journal, overwriting the old contents +of the file whose inode number is +.IR inum . +.TP +.BR noload +Do not load the ext3 file system's journal on mounting. +.TP +.BR data=journal " / " data=ordered " / " data=writeback +Specifies the journalling mode for file data. Metadata is always journaled. +.RS +.TP +.B journal +All data is committed into the journal prior to being written into the +main file system. +.TP +.B ordered +This is the default mode. All data is forced directly out to the main file +system prior to its metadata being committed to the journal. +.TP +.B writeback +Data ordering is not preserved - data may be written into the main +file system after its metadata has been committed to the journal. +This is rumoured to be the highest-throughput option. It guarantees +internal file system integrity, however it can allow old data to appear +in files after a crash and journal recovery. + +.SH "Mount options for fat" +(Note: +.I fat +is not a separate filesystem, but a common part of the +.IR msdos , +.I umsdos +and +.I vfat +filesystems.) +.TP +.BR blocksize=512 " / " blocksize=1024 " / " blocksize=2048 +Set blocksize (default 512). +.TP +\fBuid=\fP\fIvalue\fP and \fBgid=\fP\fIvalue\fP +Set the owner and group of all files. (Default: the uid and gid +of the current process.) +.TP +.BI umask= value +Set the umask (the bitmask of the permissions that are +.B not +present). The default is the umask of the current process. +The value is given in octal. +.TP +.BI check= value +Three different levels of pickyness can be chosen: +.RS +.TP +.B r[elaxed] +Upper and lower case are accepted and equivalent, long name parts are +truncated (e.g. +.I verylongname.foobar +becomes +.IR verylong.foo ), +leading and embedded spaces are accepted in each name part (name and extension). +.TP +.B n[ormal] +Like "relaxed", but many special characters (*, ?, <, spaces, etc.) are +rejected. This is the default. +.TP +.B s[trict] +Like "normal", but names may not contain long parts and special characters +that are sometimes used on Linux, but are not accepted by MS-DOS are +rejected. (+, =, spaces, etc.) +.RE +.TP +.BI codepage= value +Sets the codepage for converting to shortname characters on FAT +and VFAT filesystems. By default, codepage 437 is used. +.TP +.BR conv=b[inary] " / " conv=t[ext] " / " conv=a[uto] +The +.I fat +file system can perform CRLF<-->NL (MS-DOS text format to UNIX text +format) conversion in the kernel. The following conversion modes are +available: +.RS +.TP +.B binary +no translation is performed. This is the default. +.TP +.B text +CRLF<-->NL translation is performed on all files. +.TP +.B auto +CRLF<-->NL translation is performed on all files that don't have a +"well-known binary" extension. The list of known extensions can be found at +the beginning of +.I fs/fat/misc.c +(as of 2.0, the list is: exe, com, bin, app, sys, drv, ovl, ovr, obj, +lib, dll, pif, arc, zip, lha, lzh, zoo, tar, z, arj, tz, taz, tzp, tpz, +gz, tgz, deb, gif, bmp, tif, gl, jpg, pcx, tfm, vf, gf, pk, pxl, dvi). +.PP +Programs that do computed lseeks won't like in-kernel text conversion. +Several people have had their data ruined by this translation. Beware! + +For file systems mounted in binary mode, a conversion tool +(fromdos/todos) is available. +.RE +.TP +.BI cvf_format= module +Forces the driver to use the CVF (Compressed Volume File) module +.RI cvf_ module +instead of auto-detection. If the kernel supports kmod, the +cvf_format=xxx option also controls on-demand CVF module loading. +.TP +.BI cvf_option= option +Option passed to the CVF module. +.TP +.B debug +Turn on the +.I debug +flag. A version string and a list of file system parameters will be +printed (these data are also printed if the parameters appear to be +inconsistent). +.TP +.BR fat=12 " / " fat=16 " / " fat=32 +Specify a 12, 16 or 32 bit fat. This overrides +the automatic FAT type detection routine. Use with caution! +.TP +.BI iocharset= value +Character set to use for converting between 8 bit characters +and 16 bit Unicode characters. The default is iso8859-1. +Long filenames are stored on disk in Unicode format. +.TP +.B quiet +Turn on the +.I quiet +flag. Attempts to chown or chmod files do not return errors, +although they fail. Use with caution! +.TP +.B "sys_immutable, showexec, dots, nodots, dotsOK=[yes|no]" +Various misguided attempts to force Unix or DOS conventions +onto a FAT file system. + +.SH "Mount options for hpfs" +.TP +\fBuid=\fP\fIvalue\fP and \fBgid=\fP\fIvalue\fP +Set the owner and group of all files. (Default: the uid and gid +of the current process.) +.TP +.BI umask= value +Set the umask (the bitmask of the permissions that are +.B not +present). The default is the umask of the current process. +The value is given in octal. +.TP +.BR case=lower " / " case=asis +Convert all files names to lower case, or leave them. +(Default: +.BR case=lower .) +.TP +.BR conv=binary " / " conv=text " / " conv=auto +For +.BR conv=text , +delete some random CRs (in particular, all followed by NL) +when reading a file. +For +.BR conv=auto , +choose more or less at random between +.BR conv=binary " and " conv=text . +For +.BR conv=binary , +just read what is in the file. This is the default. +.TP +.B nocheck +Do not abort mounting when certain consistency checks fail. + +.SH "Mount options for iso9660" +Normal +.I iso9660 +filenames appear in a 8.3 format (i.e., DOS-like restrictions on filename +length), and in addition all characters are in upper case. Also there is +no field for file ownership, protection, number of links, provision for +block/character devices, etc. + +Rock Ridge is an extension to iso9660 that provides all of these unix like +features. Basically there are extensions to each directory record that +supply all of the additional information, and when Rock Ridge is in use, +the filesystem is indistinguishable from a normal UNIX file system (except +that it is read-only, of course). +.TP +.B norock +Disable the use of Rock Ridge extensions, even if available. Cf.\& +.BR map . +.TP +.B nojoliet +Disable the use of Microsoft Joliet extensions, even if available. Cf.\& +.BR map . +.TP +.BR check=r[elaxed] " / " check=s[trict] +With +.BR check=relaxed , +a filename is first converted to lower case before doing the lookup. +This is probably only meaningful together with +.B norock +and +.BR map=normal . +(Default: +.BR check=strict .) +.TP +\fBuid=\fP\fIvalue\fP and \fBgid=\fP\fIvalue\fP +Give all files in the file system the indicated user or group id, +possibly overriding the information found in the Rock Ridge extensions. +(Default: +.BR uid=0,gid=0 .) +.TP +.BR map=n[ormal] " / " map=o[ff] " / " map=a[corn] +For non-Rock Ridge volumes, normal name translation maps upper +to lower case ASCII, drops a trailing `;1', and converts `;' to `.'. +With +.B map=off +no name translation is done. See +.BR norock . +(Default: +.BR map=normal .) +.B map=acorn +is like +.BR map=normal +but also apply Acorn extensions if present. +.TP +.BI mode= value +For non-Rock Ridge volumes, give all files the indicated mode. +(Default: read permission for everybody.) +Since Linux 2.1.37 one no longer needs to specify the mode in +decimal. (Octal is indicated by a leading 0.) +.TP +.B unhide +Also show hidden and associated files. +.TP +.B block=[512|1024|2048] +Set the block size to the indicated value. +(Default: +.BR block=1024 .) +.TP +.BR conv=a[uto] " / " conv=b[inary] " / " conv=m[text] " / " conv=t[ext] +(Default: +.BR conv=binary .) +Since Linux 1.3.54 this option has no effect anymore. +(And non-binary settings used to be very dangerous, +possibly leading to silent data corruption.) +.TP +.B cruft +If the high byte of the file length contains other garbage, +set this mount option to ignore the high order bits of the file length. +This implies that a file cannot be larger than 16MB. +The `cruft' option is set automatically if the entire CDROM +has a weird size (negative, or more than 800MB). It is also +set when volume sequence numbers other than 0 or 1 are seen. +.TP +.B session=x +Select number of session on multisession CD. (Since 2.3.4.) +.TP +.B sbsector=xxx +Session begins from sector xxx. (Since 2.3.4.) + +.SH "Mount options for minix" +None. + +.SH "Mount options for msdos" +See mount options for fat. +If the +.I msdos +file system detects an inconsistency, it reports an error and sets the file +system read-only. The file system can be made writeable again by remounting +it. + +.SH "Mount options for ncp" +Just like +.IR nfs ", the " ncp +implementation expects a binary argument (a +.IR "struct ncp_mount_data" ) +to the mount system call. This argument is constructed by +.BR ncpmount (8) +and the current version of +.B mount +(2.6h) does not know anything about ncp. + +.SH "Mount options for nfs" +Instead of a textual option string, parsed by the kernel, the +.I nfs +file system expects a binary argument of type +.IR "struct nfs_mount_data" . +The program +.B mount +itself parses the following options of the form `tag=value', +and puts them in the structure mentioned: +.BI rsize= n, +.BI wsize= n, +.BI timeo= n, +.BI retrans= n, +.BI acregmin= n, +.BI acregmax= n, +.BI acdirmin= n, +.BI acdirmax= n, +.BI actimeo= n, +.BI retry= n, +.BI port= n, +.BI mountport= n, +.BI mounthost= name, +.BI mountprog= n, +.BI mountvers= n, +.BI nfsprog= n, +.BI nfsvers= n, +.BI namlen= n. +The option +.BI addr= n +is accepted but ignored. +Also the following Boolean options, possibly preceded by +.B no +are recognized: +.BR bg , +.BR fg , +.BR soft , +.BR hard , +.BR intr , +.BR posix , +.BR cto , +.BR ac , +.BR tcp , +.BR udp , +.BR lock . +For details, see +.BR nfs (5). + +Especially useful options include +.TP +.B rsize=8192,wsize=8192 +This will make your nfs connection much faster than with the default +buffer size of 1024. (NFSv2 does not work with larger values of +.B rsize +and +.BR wsize .) +.TP +.B hard +The program accessing a file on a NFS mounted file system will hang +when the server crashes. The process cannot be interrupted or +killed unless you also specify +.BR intr . +When the NFS server is back online the program will continue undisturbed +from where it was. This is probably what you want. +.TP +.B soft +This option allows the kernel to time out if the nfs server is not +responding for some time. The time can be +specified with +.BR timeo=time . +This option might be useful if your nfs server sometimes doesn't respond +or will be rebooted while some process tries to get a file from the server. +Usually it just causes lots of trouble. +.TP +.B nolock +Do not use locking. Do not start lockd. + +.SH "Mount options for ntfs" +.TP +.BI iocharset= name +Character set to use when returning file names. +Unlike VFAT, NTFS suppresses names that contain +unconvertible characters. +.TP +.BR utf8 +Use UTF-8 for converting file names. +.TP +.B uni_xlate=[0|1|2] +For 0 (or `no' or `false'), do not use escape sequences +for unknown Unicode characters. +For 1 (or `yes' or `true') or 2, use vfat-style 4-byte escape sequences +starting with ":". Here 2 give a little-endian encoding +and 1 a byteswapped bigendian encoding. +.TP +.B posix=[0|1] +If enabled (posix=1), the file system distinguishes between +upper and lower case. The 8.3 alias names are presented as +hard links instead of being suppressed. +.TP +\fBuid=\fP\fIvalue\fP, \fBgid=\fP\fIvalue\fP and \fBumask=\fP\fIvalue\fP +Set the file permission on the filesystem. +By default, the files are owned by root and not readable by somebody else. + +.SH "Mount options for proc" +.TP +\fBuid=\fP\fIvalue\fP and \fBgid=\fP\fIvalue\fP +These options are recognized, but have no effect as far as I can see. + +.SH "Mount options for reiserfs" +The reiserfs mount options are more fully described at +.IR http://www.namesys.com/mount-options.html . +.TP +.BR conv +Instructs version 3.6 reiserfs software to mount a version 3.5 file system, +using the 3.6 format for newly created objects. This file system will no +longer be compatible with reiserfs 3.5 tools. +.TP +.BR hash=rupasov " / " hash=tea " / " hash=r5 " / " hash=detect +Choose which hash function reiserfs will use to find files within directories. +.RS +.TP +.B rupasov +A hash invented by Yury Yu. Rupasov. It is fast and preserves locality, +mapping lexicographically close file names to close hash values. +This option should not be used, as it causes a high probability of hash +collisions. +.TP +.B tea +A Davis-Meyer function implemented by Jeremy Fitzhardinge. +It uses hash permuting bits in the name. It gets high randomness +and, therefore, low probability of hash collisions at come CPU cost. +This may be used if EHASHCOLLISION errors are experienced with the r5 hash. +.TP +.B r5 +A modified version of the rupasov hash. It is used by default and is +the best choice unless the file system has huge directories and +unusual file-name patterns. +.TP +.B detect +Instructs +.IR mount +to detect which hash function is in use by examining +the file system being mounted, and to write this information into +the reiserfs superblock. This is only useful on the first mount of +an old format file system. +.RE +.TP +.BR hashed_relocation +Tunes the block allocator. This may provide performance improvements +in some situations. +.TP +.BR no_unhashed_relocation +Tunes the block allocator. This may provide performance improvements +in some situations. +.TP +.BR noborder +Disable the border allocator algorithm invented by Yury Yu. Rupasov. +This may provide performance improvements in some situations. +.TP +.BR nolog +Disable journalling. This will provide slight performance improvements in +some situations at the cost of losing reiserfs's fast recovery from crashes. +Even with this option turned on, reiserfs still performs all journalling +operations, save for actual writes into its journalling area. Implementation +of +.IR nolog +is a work in progress. +.TP +.BR notail +By default, reiserfs stores small files and `file tails' directly into its +tree. This confuses some utilities such as +.BR LILO (8) . +This option is used to disable packing of files into the tree. +.TP +.BR replayonly +Replay the transactions which are in the journal, but do not actually +mount the file system. Mainly used by +.IR reiserfsck . +.TP +.BI resize= number +A remount option which permits online expansion of reiserfs partitions. +Instructs reiserfs to assume that the device has +.I number +blocks. +This option is designed for use with devices which are under logical +volume management (LVM). +There is a special +.I resizer +utility which can be obtained from +.IR ftp://ftp.namesys.com/pub/reiserfsprogs . + +.SH "Mount options for romfs" +None. + +.SH "Mount options for smbfs" +Just like +.IR nfs ", the " smb +implementation expects a binary argument (a +.IR "struct smb_mount_data" ) +to the mount system call. This argument is constructed by +.BR smbmount (8) +and the current version of +.B mount +(2.9w) does not know anything about smb. + +.SH "Mount options for sysv" +None. + +.SH "Mount options for tmpfs" +The following parameters accept a suffix +.BR k , +.B m +or +.B g +for Ki, Mi, Gi (binary kilo, mega and giga) and can be changed on remount. +.TP +.BI size= nbytes +Override default size of the filesystem. +The size is given in bytes, and rounded down to entire pages. +The default is half of the memory. +.TP +.B nr_blocks= +Set number of blocks. +.TP +.B nr_inodes= +Set number of inodes. +.TP +.B mode= +Set initial permissions of the root directory. + +.SH "Mount options for udf" +.TP +.B gid= +Set the default group. +.TP +.B umask= +Set the default umask. +.TP +.B uid= +Set the default user. +.TP +.B unhide +Show otherwise hidden files. +.TP +.B undelete +Show deleted files in lists. +.TP +.B strict +Set strict conformance (unused). +.TP +.B utf8 +(unused). +.TP +.B iocharset +(unused). +.TP +.B bs= +Set the block size. (May not work unless 2048.) +.TP +.B novrs +Skip volume sequence recognition. +.TP +.B session= +Set the CDROM session counting from 0. Default: last session. +.TP +.B anchor= +Override standard anchor location. Default: 256. +.TP +.B volume= +Override the VolumeDesc location. (unused) +.TP +.B partition= +Override the PartitionDesc location. (unused) +.TP +.B lastblock= +Set the last block of the filesystem. +.TP +.B fileset= +Override the fileset block location. (unused) +.TP +.B rootdir= +Override the root directory location. (unused) + +.SH "Mount options for ufs" +.TP +.BI ufstype= value +UFS is a file system widely used in different operating systems. +The problem are differences among implementations. Features of some +implementations are undocumented, so its hard to recognize the +type of ufs automatically. +That's why the user must specify the type of ufs by mount option. +Possible values are: +.RS +.TP +.B old +Old format of ufs, this is the default, read only. +.TP +.B 44bsd +For filesystems created by a BSD-like system (NetBSD,FreeBSD,OpenBSD). +.TP +.B sun +For filesystems created by SunOS or Solaris on Sparc. +.TP +.B sunx86 +For filesystems created by Solaris on x86. +.TP +.B nextstep +For filesystems created by NeXTStep (on NeXT station) (currently read only). +.TP +.B nextstep-cd +For NextStep CDROMs (block_size == 2048), read-only. +.TP +.B openstep +For filesystems created by OpenStep (currently read only). +.RE + +.TP +.BI onerror= value +Set behaviour on error: +.RS +.TP +.B panic +If an error is encountered, cause a kernel panic. +.TP +.B [lock|umount|repair] +These mount options don't do anything at present; +when an error is encountered only a console message is printed. +.RE + +.SH "Mount options for umsdos" +See mount options for msdos. +The +.B dotsOK +option is explicitly killed by +.IR umsdos . + +.SH "Mount options for vfat" +First of all, the mount options for +.I fat +are recognized. +The +.B dotsOK +option is explicitly killed by +.IR vfat . +Furthermore, there are +.TP +.B uni_xlate +Translate unhandled Unicode characters to special escaped sequences. +This lets you backup and restore filenames that are created with any +Unicode characters. Without this option, a '?' is used when no +translation is possible. The escape character is ':' because it is +otherwise illegal on the vfat filesystem. The escape sequence +that gets used, where u is the unicode character, +is: ':', (u & 0x3f), ((u>>6) & 0x3f), (u>>12). +.TP +.B posix +Allow two files with names that only differ in case. +.TP +.B nonumtail +First try to make a short name without sequence number, +before trying +.IR name~num.ext . +.TP +.B utf8 +UTF8 is the filesystem safe 8-bit encoding of Unicode that is used +by the console. It can be be enabled for the filesystem with this option. +If `uni_xlate' gets set, UTF8 gets disabled. + +.SH "Mount options for xenix" +None. + +.SH "Mount options for xfs" +.TP +.BI biosize= size +Sets the preferred buffered I/O size (default size is 64K). +.I size +must be expressed as the logarithm (base2) of the desired I/O size. +Valid values for this option are 14 through 16, inclusive +(i.e. 16K, 32K, and 64K bytes). +On machines with a 4K pagesize, 13 (8K bytes) is also a valid +.IR size . +The preferred buffered I/O size can also be altered on an individual +file basis using the +.BR ioctl (2) +system call. +.TP +.B dmapi " / " xdsm +Enable the DMAPI (Data Management API) event callouts. +.TP +.BI logbufs= value +Set the number of in-memory log buffers. +Valid numbers range from 2-8 inclusive. +The default value is 8 buffers for filesystems with a blocksize of 64K, +4 buffers for filesystems with a blocksize of 32K, +3 buffers for filesystems with a blocksize of 16K, +and 2 buffers for all other configurations. +Increasing the number of buffers may increase performance on +some workloads at the cost of the memory used for the +additional log buffers and their associated control structures. +.TP +.BI logbsize= value +Set the size of each in-memory log buffer. +Valid sizes are 16384 (16K) and 32768 (32K). +The default value for machines with more than 32MB of memory is 32768, +machines with less memory use 16384 by default. +.TP +\fBlogdev=\fP\fIdevice\fP and \fBrtdev=\fP\fIdevice\fP +Use an external log (metadata journal) and/or real-time device. +An XFS filesystem has up to three parts: a data section, a log section, +and a real-time section. +The real-time section is optional, and the log section can be separate +from the data section or contained within it. +Refer to +.BR xfs (5). +.TP +.B noalign +Data allocations will not be aligned at stripe unit boundaries. +.TP +.B noatime +Access timestamps are not updated when a file is read. +.TP +.B norecovery +The filesystem will be mounted without running log recovery. +If the filesystem was not cleanly unmounted, it is likely to +be inconsistent when mounted in +.B norecovery +mode. +Some files or directories may not be accessible because of this. +Filesystems mounted +.B norecovery +must be mounted read-only or the mount will fail. +.TP +.B osyncisdsync +Make writes to files opened with the O_SYNC flag set behave +as if the O_DSYNC flag had been used instead. +This can result in better performance without compromising +data safety. +However if this option is in effect, timestamp updates from +O_SYNC writes can be lost if the system crashes. +.TP +.BR quota " / " usrquota " / " uqnoenforce +User disk quota accounting enabled, and limits (optionally) enforced. +.TP +.BR grpquota " / " gqnoenforce +Group disk quota accounting enabled and limits (optionally) enforced. +.TP +\fBsunit=\fP\fIvalue\fP and \fBswidth=\fP\fIvalue\fP +Used to specify the stripe unit and width for a RAID device or a stripe +volume. +.I value +must be specified in 512-byte block units. +If this option is not specified and the filesystem was made on a stripe +volume or the stripe width or unit were specified for the RAID device at +mkfs time, then the mount system call will restore the value from the +superblock. +For filesystems that are made directly on RAID devices, these options can be +used to override the information in the superblock if the underlying disk +layout changes after the filesystem has been created. +The +.B swidth +option is required if the +.B sunit +option has been specified, +and must be a multiple of the +.B sunit +value. + +.SH "Mount options for xiafs" +None. Although nothing is wrong with xiafs, it is not used much, +and is not maintained. Probably one shouldn't use it. +Since Linux version 2.1.21 xiafs is no longer part of the kernel source. + +.SH "THE LOOP DEVICE" +One further possible type is a mount via the loop device. For example, +the command + +.nf +.B " mount /tmp/fdimage /mnt -t msdos -o loop=/dev/loop3,blocksize=1024" +.fi + +will set up the loop device +.I /dev/loop3 +to correspond to the file +.IR /tmp/fdimage , +and then mount this device on +.IR /mnt . +This type of mount knows about three options, namely +.BR loop ", " offset " and " encryption , +that are really options to +.BR losetup (8). +If the mount requires a passphrase, you will be prompted for one unless +you specify a file descriptor to read from instead with the +.BR \-\-pass-fd +option. If no explicit loop device is mentioned +(but just an option `\fB\-o loop\fP' is given), then +.B mount +will try to find some unused loop device and use that. +If you are not so unwise as to make +.I /etc/mtab +a symbolic link to +.I /proc/mounts +then any loop device allocated by +.B mount +will be freed by +.BR umount . +You can also free a loop device by hand, using `losetup -d', see +.BR losetup (8). + +.SH FILES +.I /etc/fstab +file system table +.br +.I /etc/mtab +table of mounted file systems +.br +.I /etc/mtab~ +lock file +.br +.I /etc/mtab.tmp +temporary file +.SH "SEE ALSO" +.BR mount (2), +.BR umount (2), +.BR fstab (5), +.BR umount (8), +.BR swapon (8), +.BR nfs (5), +.BR xfs (5), +.BR e2label (8), +.BR xfs_admin (8), +.BR mountd (8), +.BR nfsd (8), +.BR mke2fs (8), +.BR tune2fs (8), +.BR losetup (8) +.SH BUGS +It is possible for a corrupted file system to cause a crash. +.PP +Some Linux file systems don't support +.B "\-o sync" +(the ext2 and ext3 file systems +.I do +support synchronous updates (a la BSD) when mounted with the +.B sync +option). +.PP +The +.B "\-o remount" +may not be able to change mount parameters (all +.IR ext2fs -specific +parameters, except +.BR sb , +are changeable with a remount, for example, but you can't change +.B gid +or +.B umask +for the +.IR fatfs ). +.SH HISTORY +A +.B mount +command existed in Version 5 AT&T UNIX. diff -Nur util-linux-2.11n/mount/mount.c util-linux-2.11n-int/mount/mount.c --- util-linux-2.11n/mount/mount.c Sun Nov 11 00:10:44 2001 +++ util-linux-2.11n-int/mount/mount.c Tue Dec 18 21:38:11 2001 @@ -108,6 +108,9 @@ /* True if ruid != euid. */ static int suid = 0; +/* Contains the fd no. to read the passphrase from, if any */ +static int pfd = -1; + /* Map from -o and fstab option strings to the flag argument to mount(2). */ struct opt_map { const char *opt; /* option name */ @@ -184,7 +187,7 @@ }; static char *opt_loopdev, *opt_vfstype, *opt_offset, *opt_encryption, - *opt_speed; + *opt_keybits, *opt_speed; static struct string_opt_map { char *tag; @@ -195,6 +198,7 @@ { "vfs=", 1, &opt_vfstype }, { "offset=", 0, &opt_offset }, { "encryption=", 0, &opt_encryption }, + { "keybits=", 0, &opt_keybits }, { "speed=", 0, &opt_speed }, { NULL, 0, NULL } }; @@ -544,7 +548,7 @@ static int loop_check(char **spec, char **type, int *flags, int *loop, char **loopdev, char **loopfile) { - int looptype, offset; + int looptype, offset, keybits; /* * In the case of a loop mount, either type is of the form lo@/dev/loop5 @@ -587,7 +591,9 @@ if (verbose) printf(_("mount: going to use the loop device %s\n"), *loopdev); offset = opt_offset ? strtoul(opt_offset, NULL, 0) : 0; - if (set_loop (*loopdev, *loopfile, offset, opt_encryption, &loopro)) { + keybits = opt_keybits ? strtoul(opt_keybits, NULL, 0) : 0; + if (set_loop (*loopdev, *loopfile, offset, opt_encryption, pfd, + keybits, &loopro)) { if (verbose) printf(_("mount: failed setting up loop device\n")); return EX_FAIL; @@ -1305,6 +1311,7 @@ { "read-write", 0, 0, 'w' }, { "rw", 0, 0, 'w' }, { "options", 1, 0, 'o' }, + { "pass-fd", 1, 0, 'p' }, { "types", 1, 0, 't' }, { "bind", 0, 0, 128 }, { "replace", 0, 0, 129 }, @@ -1337,7 +1344,7 @@ " mount --bind olddir newdir\n" "A device can be given by name, say /dev/hda1 or /dev/cdrom,\n" "or by label, using -L label or by uuid, using -U uuid .\n" - "Other options: [-nfFrsvw] [-o options].\n" + "Other options: [-nfFrsvw] [-o options] [-p num].\n" "For many more details, say man 8 mount .\n" )); /* @@ -1353,6 +1360,7 @@ int c, result = 0, specseen; char *options = NULL, *spec, *node; char *volumelabel = NULL; + char *passfd = NULL; char *uuid = NULL; char *types = NULL; struct mntentchn *mc; @@ -1374,7 +1382,7 @@ initproctitle(argc, argv); #endif - while ((c = getopt_long (argc, argv, "afFhlL:no:rsU:vVwt:", + while ((c = getopt_long (argc, argv, "afFhlL:no:p:rsU:vVwt:", longopts, NULL)) != EOF) { switch (c) { case 'a': /* mount everything in fstab */ @@ -1404,6 +1412,9 @@ else options = xstrdup(optarg); break; + case 'p': /* read passphrase from given fd */ + passfd = optarg; + break; case 'r': /* mount readonly */ readonly = 1; readwrite = 0; @@ -1492,6 +1503,9 @@ } else spec = NULL; /* just for gcc */ + if (passfd && sscanf(passfd,"%d",&pfd) != 1) + die (EX_USAGE, _("mount: argument to --pass-fd or -p must be a number")); + switch (argc+specseen) { case 0: /* mount -a */ diff -Nur util-linux-2.11n/mount/rmd160.c util-linux-2.11n-int/mount/rmd160.c --- util-linux-2.11n/mount/rmd160.c Thu Jan 1 01:00:00 1970 +++ util-linux-2.11n-int/mount/rmd160.c Tue Dec 18 21:38:11 2001 @@ -0,0 +1,532 @@ +/* rmd160.c - RIPE-MD160 + * Copyright (C) 1998 Free Software Foundation, Inc. + */ + +/* This file was part of GnuPG. Modified for use within the Linux + * mount utility by Marc Mutz . None of this code is + * by myself. I just removed everything that you don't need when all + * you want to do is to use rmd160_hash_buffer(). + * My comments are marked with (mm). */ + +/* GnuPG is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * GnuPG is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ + +#include /* (mm) for memcpy */ +#include /* (mm) for BIG_ENDIAN and BYTE_ORDER */ +#include "rmd160.h" + +/* (mm) these are used by the original GnuPG file. In order to modify + * that file not too much, we keep the notations. maybe it would be + * better to include linux/types.h and typedef __u32 to u32 and __u8 + * to byte? */ +typedef unsigned int u32; /* taken from e.g. util-linux's minix.h */ +typedef unsigned char byte; + +typedef struct { + u32 h0,h1,h2,h3,h4; + u32 nblocks; + byte buf[64]; + int count; +} RMD160_CONTEXT; + +/**************** + * Rotate a 32 bit integer by n bytes + */ +#if defined(__GNUC__) && defined(__i386__) +static inline u32 +rol( u32 x, int n) +{ + __asm__("roll %%cl,%0" + :"=r" (x) + :"0" (x),"c" (n)); + return x; +} +#else + #define rol(x,n) ( ((x) << (n)) | ((x) >> (32-(n))) ) +#endif + +/********************************* + * RIPEMD-160 is not patented, see (as of 25.10.97) + * http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html + * Note that the code uses Little Endian byteorder, which is good for + * 386 etc, but we must add some conversion when used on a big endian box. + * + * + * Pseudo-code for RIPEMD-160 + * + * RIPEMD-160 is an iterative hash function that operates on 32-bit words. + * The round function takes as input a 5-word chaining variable and a 16-word + * message block and maps this to a new chaining variable. All operations are + * defined on 32-bit words. Padding is identical to that of MD4. + * + * + * RIPEMD-160: definitions + * + * + * nonlinear functions at bit level: exor, mux, -, mux, - + * + * f(j, x, y, z) = x XOR y XOR z (0 <= j <= 15) + * f(j, x, y, z) = (x AND y) OR (NOT(x) AND z) (16 <= j <= 31) + * f(j, x, y, z) = (x OR NOT(y)) XOR z (32 <= j <= 47) + * f(j, x, y, z) = (x AND z) OR (y AND NOT(z)) (48 <= j <= 63) + * f(j, x, y, z) = x XOR (y OR NOT(z)) (64 <= j <= 79) + * + * + * added constants (hexadecimal) + * + * K(j) = 0x00000000 (0 <= j <= 15) + * K(j) = 0x5A827999 (16 <= j <= 31) int(2**30 x sqrt(2)) + * K(j) = 0x6ED9EBA1 (32 <= j <= 47) int(2**30 x sqrt(3)) + * K(j) = 0x8F1BBCDC (48 <= j <= 63) int(2**30 x sqrt(5)) + * K(j) = 0xA953FD4E (64 <= j <= 79) int(2**30 x sqrt(7)) + * K'(j) = 0x50A28BE6 (0 <= j <= 15) int(2**30 x cbrt(2)) + * K'(j) = 0x5C4DD124 (16 <= j <= 31) int(2**30 x cbrt(3)) + * K'(j) = 0x6D703EF3 (32 <= j <= 47) int(2**30 x cbrt(5)) + * K'(j) = 0x7A6D76E9 (48 <= j <= 63) int(2**30 x cbrt(7)) + * K'(j) = 0x00000000 (64 <= j <= 79) + * + * + * selection of message word + * + * r(j) = j (0 <= j <= 15) + * r(16..31) = 7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8 + * r(32..47) = 3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12 + * r(48..63) = 1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2 + * r(64..79) = 4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13 + * r0(0..15) = 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12 + * r0(16..31)= 6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2 + * r0(32..47)= 15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13 + * r0(48..63)= 8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14 + * r0(64..79)= 12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11 + * + * + * amount for rotate left (rol) + * + * s(0..15) = 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8 + * s(16..31) = 7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12 + * s(32..47) = 11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5 + * s(48..63) = 11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12 + * s(64..79) = 9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6 + * s'(0..15) = 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6 + * s'(16..31)= 9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11 + * s'(32..47)= 9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5 + * s'(48..63)= 15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8 + * s'(64..79)= 8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11 + * + * + * initial value (hexadecimal) + * + * h0 = 0x67452301; h1 = 0xEFCDAB89; h2 = 0x98BADCFE; h3 = 0x10325476; + * h4 = 0xC3D2E1F0; + * + * + * RIPEMD-160: pseudo-code + * + * It is assumed that the message after padding consists of t 16-word blocks + * that will be denoted with X[i][j], with 0 <= i <= t-1 and 0 <= j <= 15. + * The symbol [+] denotes addition modulo 2**32 and rol_s denotes cyclic left + * shift (rotate) over s positions. + * + * + * for i := 0 to t-1 { + * A := h0; B := h1; C := h2; D = h3; E = h4; + * A' := h0; B' := h1; C' := h2; D' = h3; E' = h4; + * for j := 0 to 79 { + * T := rol_s(j)(A [+] f(j, B, C, D) [+] X[i][r(j)] [+] K(j)) [+] E; + * A := E; E := D; D := rol_10(C); C := B; B := T; + * T := rol_s'(j)(A' [+] f(79-j, B', C', D') [+] X[i][r'(j)] + [+] K'(j)) [+] E'; + * A' := E'; E' := D'; D' := rol_10(C'); C' := B'; B' := T; + * } + * T := h1 [+] C [+] D'; h1 := h2 [+] D [+] E'; h2 := h3 [+] E [+] A'; + * h3 := h4 [+] A [+] B'; h4 := h0 [+] B [+] C'; h0 := T; + * } + */ + +/* Some examples: + * "" 9c1185a5c5e9fc54612808977ee8f548b2258d31 + * "a" 0bdc9d2d256b3ee9daae347be6f4dc835a467ffe + * "abc" 8eb208f7e05d987a9b044a8e98c6b087f15a0bfc + * "message digest" 5d0689ef49d2fae572b881b123a85ffa21595f36 + * "a...z" f71c27109c692c1b56bbdceb5b9d2865b3708dbc + * "abcdbcde...nopq" 12a053384a9c0c88e405a06c27dcf49ada62eb2b + * "A...Za...z0...9" b0e20b6e3116640286ed3a87a5713079b21f5189 + * 8 times "1234567890" 9b752e45573d4b39f4dbd3323cab82bf63326bfb + * 1 million times "a" 52783243c1697bdbe16d37f97f68f08325dc1528 + */ + + +static void +rmd160_init( RMD160_CONTEXT *hd ) +{ + hd->h0 = 0x67452301; + hd->h1 = 0xEFCDAB89; + hd->h2 = 0x98BADCFE; + hd->h3 = 0x10325476; + hd->h4 = 0xC3D2E1F0; + hd->nblocks = 0; + hd->count = 0; +} + + + +/**************** + * Transform the message X which consists of 16 32-bit-words + */ +static void +transform( RMD160_CONTEXT *hd, byte *data ) +{ + u32 a,b,c,d,e,aa,bb,cc,dd,ee,t; + #if BYTE_ORDER == BIG_ENDIAN + u32 x[16]; + { int i; + byte *p2, *p1; + for(i=0, p1=data, p2=(byte*)x; i < 16; i++, p2 += 4 ) { + p2[3] = *p1++; + p2[2] = *p1++; + p2[1] = *p1++; + p2[0] = *p1++; + } + } + #else + #if 0 + u32 *x =(u32*)data; + #else + /* this version is better because it is always aligned; + * The performance penalty on a 586-100 is about 6% which + * is acceptable - because the data is more local it might + * also be possible that this is faster on some machines. + * This function (when compiled with -02 on gcc 2.7.2) + * executes on a 586-100 (39.73 bogomips) at about 1900kb/sec; + * [measured with a 4MB data and "gpgm --print-md rmd160"] */ + u32 x[16]; + memcpy( x, data, 64 ); + #endif + #endif + + +#define K0 0x00000000 +#define K1 0x5A827999 +#define K2 0x6ED9EBA1 +#define K3 0x8F1BBCDC +#define K4 0xA953FD4E +#define KK0 0x50A28BE6 +#define KK1 0x5C4DD124 +#define KK2 0x6D703EF3 +#define KK3 0x7A6D76E9 +#define KK4 0x00000000 +#define F0(x,y,z) ( (x) ^ (y) ^ (z) ) +#define F1(x,y,z) ( ((x) & (y)) | (~(x) & (z)) ) +#define F2(x,y,z) ( ((x) | ~(y)) ^ (z) ) +#define F3(x,y,z) ( ((x) & (z)) | ((y) & ~(z)) ) +#define F4(x,y,z) ( (x) ^ ((y) | ~(z)) ) +#define R(a,b,c,d,e,f,k,r,s) do { t = a + f(b,c,d) + k + x[r]; \ + a = rol(t,s) + e; \ + c = rol(c,10); \ + } while(0) + + /* left lane */ + a = hd->h0; + b = hd->h1; + c = hd->h2; + d = hd->h3; + e = hd->h4; + R( a, b, c, d, e, F0, K0, 0, 11 ); + R( e, a, b, c, d, F0, K0, 1, 14 ); + R( d, e, a, b, c, F0, K0, 2, 15 ); + R( c, d, e, a, b, F0, K0, 3, 12 ); + R( b, c, d, e, a, F0, K0, 4, 5 ); + R( a, b, c, d, e, F0, K0, 5, 8 ); + R( e, a, b, c, d, F0, K0, 6, 7 ); + R( d, e, a, b, c, F0, K0, 7, 9 ); + R( c, d, e, a, b, F0, K0, 8, 11 ); + R( b, c, d, e, a, F0, K0, 9, 13 ); + R( a, b, c, d, e, F0, K0, 10, 14 ); + R( e, a, b, c, d, F0, K0, 11, 15 ); + R( d, e, a, b, c, F0, K0, 12, 6 ); + R( c, d, e, a, b, F0, K0, 13, 7 ); + R( b, c, d, e, a, F0, K0, 14, 9 ); + R( a, b, c, d, e, F0, K0, 15, 8 ); + R( e, a, b, c, d, F1, K1, 7, 7 ); + R( d, e, a, b, c, F1, K1, 4, 6 ); + R( c, d, e, a, b, F1, K1, 13, 8 ); + R( b, c, d, e, a, F1, K1, 1, 13 ); + R( a, b, c, d, e, F1, K1, 10, 11 ); + R( e, a, b, c, d, F1, K1, 6, 9 ); + R( d, e, a, b, c, F1, K1, 15, 7 ); + R( c, d, e, a, b, F1, K1, 3, 15 ); + R( b, c, d, e, a, F1, K1, 12, 7 ); + R( a, b, c, d, e, F1, K1, 0, 12 ); + R( e, a, b, c, d, F1, K1, 9, 15 ); + R( d, e, a, b, c, F1, K1, 5, 9 ); + R( c, d, e, a, b, F1, K1, 2, 11 ); + R( b, c, d, e, a, F1, K1, 14, 7 ); + R( a, b, c, d, e, F1, K1, 11, 13 ); + R( e, a, b, c, d, F1, K1, 8, 12 ); + R( d, e, a, b, c, F2, K2, 3, 11 ); + R( c, d, e, a, b, F2, K2, 10, 13 ); + R( b, c, d, e, a, F2, K2, 14, 6 ); + R( a, b, c, d, e, F2, K2, 4, 7 ); + R( e, a, b, c, d, F2, K2, 9, 14 ); + R( d, e, a, b, c, F2, K2, 15, 9 ); + R( c, d, e, a, b, F2, K2, 8, 13 ); + R( b, c, d, e, a, F2, K2, 1, 15 ); + R( a, b, c, d, e, F2, K2, 2, 14 ); + R( e, a, b, c, d, F2, K2, 7, 8 ); + R( d, e, a, b, c, F2, K2, 0, 13 ); + R( c, d, e, a, b, F2, K2, 6, 6 ); + R( b, c, d, e, a, F2, K2, 13, 5 ); + R( a, b, c, d, e, F2, K2, 11, 12 ); + R( e, a, b, c, d, F2, K2, 5, 7 ); + R( d, e, a, b, c, F2, K2, 12, 5 ); + R( c, d, e, a, b, F3, K3, 1, 11 ); + R( b, c, d, e, a, F3, K3, 9, 12 ); + R( a, b, c, d, e, F3, K3, 11, 14 ); + R( e, a, b, c, d, F3, K3, 10, 15 ); + R( d, e, a, b, c, F3, K3, 0, 14 ); + R( c, d, e, a, b, F3, K3, 8, 15 ); + R( b, c, d, e, a, F3, K3, 12, 9 ); + R( a, b, c, d, e, F3, K3, 4, 8 ); + R( e, a, b, c, d, F3, K3, 13, 9 ); + R( d, e, a, b, c, F3, K3, 3, 14 ); + R( c, d, e, a, b, F3, K3, 7, 5 ); + R( b, c, d, e, a, F3, K3, 15, 6 ); + R( a, b, c, d, e, F3, K3, 14, 8 ); + R( e, a, b, c, d, F3, K3, 5, 6 ); + R( d, e, a, b, c, F3, K3, 6, 5 ); + R( c, d, e, a, b, F3, K3, 2, 12 ); + R( b, c, d, e, a, F4, K4, 4, 9 ); + R( a, b, c, d, e, F4, K4, 0, 15 ); + R( e, a, b, c, d, F4, K4, 5, 5 ); + R( d, e, a, b, c, F4, K4, 9, 11 ); + R( c, d, e, a, b, F4, K4, 7, 6 ); + R( b, c, d, e, a, F4, K4, 12, 8 ); + R( a, b, c, d, e, F4, K4, 2, 13 ); + R( e, a, b, c, d, F4, K4, 10, 12 ); + R( d, e, a, b, c, F4, K4, 14, 5 ); + R( c, d, e, a, b, F4, K4, 1, 12 ); + R( b, c, d, e, a, F4, K4, 3, 13 ); + R( a, b, c, d, e, F4, K4, 8, 14 ); + R( e, a, b, c, d, F4, K4, 11, 11 ); + R( d, e, a, b, c, F4, K4, 6, 8 ); + R( c, d, e, a, b, F4, K4, 15, 5 ); + R( b, c, d, e, a, F4, K4, 13, 6 ); + + aa = a; bb = b; cc = c; dd = d; ee = e; + + /* right lane */ + a = hd->h0; + b = hd->h1; + c = hd->h2; + d = hd->h3; + e = hd->h4; + R( a, b, c, d, e, F4, KK0, 5, 8); + R( e, a, b, c, d, F4, KK0, 14, 9); + R( d, e, a, b, c, F4, KK0, 7, 9); + R( c, d, e, a, b, F4, KK0, 0, 11); + R( b, c, d, e, a, F4, KK0, 9, 13); + R( a, b, c, d, e, F4, KK0, 2, 15); + R( e, a, b, c, d, F4, KK0, 11, 15); + R( d, e, a, b, c, F4, KK0, 4, 5); + R( c, d, e, a, b, F4, KK0, 13, 7); + R( b, c, d, e, a, F4, KK0, 6, 7); + R( a, b, c, d, e, F4, KK0, 15, 8); + R( e, a, b, c, d, F4, KK0, 8, 11); + R( d, e, a, b, c, F4, KK0, 1, 14); + R( c, d, e, a, b, F4, KK0, 10, 14); + R( b, c, d, e, a, F4, KK0, 3, 12); + R( a, b, c, d, e, F4, KK0, 12, 6); + R( e, a, b, c, d, F3, KK1, 6, 9); + R( d, e, a, b, c, F3, KK1, 11, 13); + R( c, d, e, a, b, F3, KK1, 3, 15); + R( b, c, d, e, a, F3, KK1, 7, 7); + R( a, b, c, d, e, F3, KK1, 0, 12); + R( e, a, b, c, d, F3, KK1, 13, 8); + R( d, e, a, b, c, F3, KK1, 5, 9); + R( c, d, e, a, b, F3, KK1, 10, 11); + R( b, c, d, e, a, F3, KK1, 14, 7); + R( a, b, c, d, e, F3, KK1, 15, 7); + R( e, a, b, c, d, F3, KK1, 8, 12); + R( d, e, a, b, c, F3, KK1, 12, 7); + R( c, d, e, a, b, F3, KK1, 4, 6); + R( b, c, d, e, a, F3, KK1, 9, 15); + R( a, b, c, d, e, F3, KK1, 1, 13); + R( e, a, b, c, d, F3, KK1, 2, 11); + R( d, e, a, b, c, F2, KK2, 15, 9); + R( c, d, e, a, b, F2, KK2, 5, 7); + R( b, c, d, e, a, F2, KK2, 1, 15); + R( a, b, c, d, e, F2, KK2, 3, 11); + R( e, a, b, c, d, F2, KK2, 7, 8); + R( d, e, a, b, c, F2, KK2, 14, 6); + R( c, d, e, a, b, F2, KK2, 6, 6); + R( b, c, d, e, a, F2, KK2, 9, 14); + R( a, b, c, d, e, F2, KK2, 11, 12); + R( e, a, b, c, d, F2, KK2, 8, 13); + R( d, e, a, b, c, F2, KK2, 12, 5); + R( c, d, e, a, b, F2, KK2, 2, 14); + R( b, c, d, e, a, F2, KK2, 10, 13); + R( a, b, c, d, e, F2, KK2, 0, 13); + R( e, a, b, c, d, F2, KK2, 4, 7); + R( d, e, a, b, c, F2, KK2, 13, 5); + R( c, d, e, a, b, F1, KK3, 8, 15); + R( b, c, d, e, a, F1, KK3, 6, 5); + R( a, b, c, d, e, F1, KK3, 4, 8); + R( e, a, b, c, d, F1, KK3, 1, 11); + R( d, e, a, b, c, F1, KK3, 3, 14); + R( c, d, e, a, b, F1, KK3, 11, 14); + R( b, c, d, e, a, F1, KK3, 15, 6); + R( a, b, c, d, e, F1, KK3, 0, 14); + R( e, a, b, c, d, F1, KK3, 5, 6); + R( d, e, a, b, c, F1, KK3, 12, 9); + R( c, d, e, a, b, F1, KK3, 2, 12); + R( b, c, d, e, a, F1, KK3, 13, 9); + R( a, b, c, d, e, F1, KK3, 9, 12); + R( e, a, b, c, d, F1, KK3, 7, 5); + R( d, e, a, b, c, F1, KK3, 10, 15); + R( c, d, e, a, b, F1, KK3, 14, 8); + R( b, c, d, e, a, F0, KK4, 12, 8); + R( a, b, c, d, e, F0, KK4, 15, 5); + R( e, a, b, c, d, F0, KK4, 10, 12); + R( d, e, a, b, c, F0, KK4, 4, 9); + R( c, d, e, a, b, F0, KK4, 1, 12); + R( b, c, d, e, a, F0, KK4, 5, 5); + R( a, b, c, d, e, F0, KK4, 8, 14); + R( e, a, b, c, d, F0, KK4, 7, 6); + R( d, e, a, b, c, F0, KK4, 6, 8); + R( c, d, e, a, b, F0, KK4, 2, 13); + R( b, c, d, e, a, F0, KK4, 13, 6); + R( a, b, c, d, e, F0, KK4, 14, 5); + R( e, a, b, c, d, F0, KK4, 0, 15); + R( d, e, a, b, c, F0, KK4, 3, 13); + R( c, d, e, a, b, F0, KK4, 9, 11); + R( b, c, d, e, a, F0, KK4, 11, 11); + + + t = hd->h1 + d + cc; + hd->h1 = hd->h2 + e + dd; + hd->h2 = hd->h3 + a + ee; + hd->h3 = hd->h4 + b + aa; + hd->h4 = hd->h0 + c + bb; + hd->h0 = t; +} + + +/* Update the message digest with the contents + * of INBUF with length INLEN. + */ +static void +rmd160_write( RMD160_CONTEXT *hd, byte *inbuf, size_t inlen) +{ + if( hd->count == 64 ) { /* flush the buffer */ + transform( hd, hd->buf ); + hd->count = 0; + hd->nblocks++; + } + if( !inbuf ) + return; + if( hd->count ) { + for( ; inlen && hd->count < 64; inlen-- ) + hd->buf[hd->count++] = *inbuf++; + rmd160_write( hd, NULL, 0 ); + if( !inlen ) + return; + } + + while( inlen >= 64 ) { + transform( hd, inbuf ); + hd->count = 0; + hd->nblocks++; + inlen -= 64; + inbuf += 64; + } + for( ; inlen && hd->count < 64; inlen-- ) + hd->buf[hd->count++] = *inbuf++; +} + +/* The routine terminates the computation + */ + +static void +rmd160_final( RMD160_CONTEXT *hd ) +{ + u32 t, msb, lsb; + byte *p; + + rmd160_write(hd, NULL, 0); /* flush */; + + msb = 0; + t = hd->nblocks; + if( (lsb = t << 6) < t ) /* multiply by 64 to make a byte count */ + msb++; + msb += t >> 26; + t = lsb; + if( (lsb = t + hd->count) < t ) /* add the count */ + msb++; + t = lsb; + if( (lsb = t << 3) < t ) /* multiply by 8 to make a bit count */ + msb++; + msb += t >> 29; + + if( hd->count < 56 ) { /* enough room */ + hd->buf[hd->count++] = 0x80; /* pad */ + while( hd->count < 56 ) + hd->buf[hd->count++] = 0; /* pad */ + } + else { /* need one extra block */ + hd->buf[hd->count++] = 0x80; /* pad character */ + while( hd->count < 64 ) + hd->buf[hd->count++] = 0; + rmd160_write(hd, NULL, 0); /* flush */; + memset(hd->buf, 0, 56 ); /* fill next block with zeroes */ + } + /* append the 64 bit count */ + hd->buf[56] = lsb ; + hd->buf[57] = lsb >> 8; + hd->buf[58] = lsb >> 16; + hd->buf[59] = lsb >> 24; + hd->buf[60] = msb ; + hd->buf[61] = msb >> 8; + hd->buf[62] = msb >> 16; + hd->buf[63] = msb >> 24; + transform( hd, hd->buf ); + + p = hd->buf; + #if BYTE_ORDER == BIG_ENDIAN + #define X(a) do { *p++ = hd->h##a ; *p++ = hd->h##a >> 8; \ + *p++ = hd->h##a >> 16; *p++ = hd->h##a >> 24; } while(0) + #else /* little endian */ + #define X(a) do { *(u32*)p = hd->h##a ; p += 4; } while(0) + #endif + X(0); + X(1); + X(2); + X(3); + X(4); + #undef X +} + +/**************** + * Shortcut functions which puts the hash value of the supplied buffer + * into outbuf which must have a size of 20 bytes. + */ +void +rmd160_hash_buffer( char *outbuf, const char *buffer, size_t length ) +{ + RMD160_CONTEXT hd; + + rmd160_init( &hd ); + rmd160_write( &hd, (byte*)buffer, length ); + rmd160_final( &hd ); + memcpy( outbuf, hd.buf, 20 ); +} diff -Nur util-linux-2.11n/mount/rmd160.h util-linux-2.11n-int/mount/rmd160.h --- util-linux-2.11n/mount/rmd160.h Thu Jan 1 01:00:00 1970 +++ util-linux-2.11n-int/mount/rmd160.h Tue Dec 18 21:38:11 2001 @@ -0,0 +1,9 @@ +#ifndef RMD160_H +#define RMD160_H + +void +rmd160_hash_buffer( char *outbuf, const char *buffer, size_t length ); + +#endif /*RMD160_H*/ + + diff -Nur util-linux-2.11n/mount/sundries.c util-linux-2.11n-int/mount/sundries.c --- util-linux-2.11n/mount/sundries.c Fri Jul 27 11:40:23 2001 +++ util-linux-2.11n-int/mount/sundries.c Tue Dec 18 21:38:11 2001 @@ -162,7 +162,7 @@ return 1; no = 0; - if (!strncmp(types, "no", 2)) { + if (types && !strncmp(types, "no", 2)) { no = 1; types += 2; }