diff --git a/src/bin/zfs-tpm1x-load-key.cpp b/src/bin/zfs-tpm1x-load-key.cpp index 23f6451..9647263 100644 --- a/src/bin/zfs-tpm1x-load-key.cpp +++ b/src/bin/zfs-tpm1x-load-key.cpp @@ -5,6 +5,7 @@ // #include #define WRAPPING_KEY_LEN 32 +#include #include #include #include @@ -64,7 +65,7 @@ int main(int argc, char ** argv) { TRY_MAIN(try_policy_or_passphrase("unseal wrapping key", "wrapping key", parent_key_policy, [&] { return Tspi_Data_Unseal(sealed_object, parent_key, &loaded_wrap_key_len, &loaded_wrap_key); })); if(loaded_wrap_key_len != sizeof(wrap_key)) { - fprintf(stderr, "Wrong sealed data length (%u != %zu):", loaded_wrap_key_len, sizeof(wrap_key)); + fprintf(stderr, "Wrong sealed data length (%" PRIu32 " != %zu): ", loaded_wrap_key_len, sizeof(wrap_key)); for(auto i = 0u; i < loaded_wrap_key_len; ++i) fprintf(stderr, "%02X", loaded_wrap_key[i]); fprintf(stderr, "\n"); diff --git a/src/bin/zfs-tpm2-change-key.cpp b/src/bin/zfs-tpm2-change-key.cpp index e63c73c..f084d33 100644 --- a/src/bin/zfs-tpm2-change-key.cpp +++ b/src/bin/zfs-tpm2-change-key.cpp @@ -5,6 +5,7 @@ // #include #define WRAPPING_KEY_LEN 32 +#include #include #include "../fd.hpp" @@ -44,7 +45,9 @@ int main(int argc, char ** argv) { zfs_get_name(dataset), previous_handle_s); else { if(tpm2_free_persistent(tpm2_ctx, tpm2_session, previous_handle)) - fprintf(stderr, "Couldn't free previous persistent handle for dataset %s. You might need to run \"tpm2_evictcontrol -c 0x%X\" or equivalent!\n", + fprintf(stderr, + "Couldn't free previous persistent handle for dataset %s. You might need to run \"tpm2_evictcontrol -c 0x%" PRIX32 + "\" or equivalent!\n", zfs_get_name(dataset), previous_handle); } })); @@ -60,14 +63,15 @@ int main(int argc, char ** argv) { bool ok = false; // Try to free the persistent handle if we're unsuccessful in actually using it later on quickscope_wrapper persistent_clearer{[&] { if(!ok && tpm2_free_persistent(tpm2_ctx, tpm2_session, persistent_handle)) - fprintf(stderr, "Couldn't free persistent handle. You might need to run \"tpm2_evictcontrol -c 0x%X\" or equivalent!\n", persistent_handle); + fprintf(stderr, "Couldn't free persistent handle. You might need to run \"tpm2_evictcontrol -c 0x%" PRIX32 "\" or equivalent!\n", + persistent_handle); if(!ok) clear_key_props(dataset); }}; { char persistent_handle_s[2 + sizeof(persistent_handle) * 2 + 1]; - if(auto written = snprintf(persistent_handle_s, sizeof(persistent_handle_s), "0x%X", persistent_handle); + if(auto written = snprintf(persistent_handle_s, sizeof(persistent_handle_s), "0x%" PRIX32, persistent_handle); written < 0 || written >= static_cast(sizeof(persistent_handle_s))) { fprintf(stderr, "Truncated persistent_handle name? %d/%zu\n", written, sizeof(persistent_handle_s)); return __LINE__; diff --git a/src/tpm1x.hpp b/src/tpm1x.hpp index d2edd33..060bb81 100644 --- a/src/tpm1x.hpp +++ b/src/tpm1x.hpp @@ -22,7 +22,7 @@ /// Used as default secret if passphrase wasn't provided for wrapping key for the sealed object -// I just got this out of /dev/random +// I just got this out of /dev/random, for greppers: CE4CF677875B5EB8993591D5A9AF1ED24A3A8736 static const constexpr uint8_t parent_key_secret[TPM_SHA1_160_HASH_LEN]{0xCE, 0x4C, 0xF6, 0x77, 0x87, 0x5B, 0x5E, 0xB8, 0x99, 0x35, 0x91, 0xD5, 0xA9, 0xAF, 0x1E, 0xD2, 0x4A, 0x3A, 0x87, 0x36}; diff --git a/src/tpm2.cpp b/src/tpm2.cpp index 7bcc124..fb6ba76 100644 --- a/src/tpm2.cpp +++ b/src/tpm2.cpp @@ -7,6 +7,7 @@ #include "parse.hpp" #include +#include #include @@ -46,12 +47,12 @@ TPM2B_DATA tpm2_creation_metadata(const char * dataset_name) { const auto now = time(nullptr); const auto now_tm = localtime(&now); metadata.size = snprintf((char *)metadata.buffer, sizeof(metadata.buffer), "%s %d-%02d-%02dT%02d:%02d:%02d %s", dataset_name, // - now_tm->tm_year + 1900, now_tm->tm_mon + 1, now_tm->tm_mday, now_tm->tm_hour, now_tm->tm_min, now_tm->tm_sec, // - TZPFMS_VERSION) + + now_tm->tm_year + 1900, now_tm->tm_mon + 1, now_tm->tm_mday, now_tm->tm_hour, now_tm->tm_min, now_tm->tm_sec, // + TZPFMS_VERSION) + 1; metadata.size = metadata.size > sizeof(metadata.buffer) ? sizeof(metadata.buffer) : metadata.size; - // fprintf(stderr, "%d/%zu: \"%s\"\n", metadata.size, sizeof(metadata.buffer), metadata.buffer); + // fprintf(stderr, "%" PRIu16 "/%zu: \"%s\"\n", metadata.size, sizeof(metadata.buffer), metadata.buffer); return metadata; } @@ -72,7 +73,7 @@ int tpm2_generate_rand(ESYS_CONTEXT * tpm2_ctx, void * into, size_t length) { quickscope_wrapper rand_deleter{[=] { Esys_Free(rand); }}; if(rand->size != length) { - fprintf(stderr, "Wrong random size: wanted %zu, got %u bytes.\n", length, rand->size); + fprintf(stderr, "Wrong random size: wanted %zu, got %" PRIu16 " bytes.\n", length, rand->size); return __LINE__; } @@ -232,7 +233,7 @@ int tpm2_unseal(ESYS_CONTEXT * tpm2_ctx, ESYS_TR tpm2_session, TPMI_DH_PERSISTEN [&] { return Esys_Unseal(tpm2_ctx, pandle, tpm2_session, ESYS_TR_NONE, ESYS_TR_NONE, &unsealed); })); if(unsealed->size != data_len) { - fprintf(stderr, "Unsealed data has wrong length %u, expected %zu!\n", unsealed->size, data_len); + fprintf(stderr, "Unsealed data has wrong length %" PRIu16 ", expected %zu!\n", unsealed->size, data_len); return __LINE__; } memcpy(data, unsealed->buffer, data_len); diff --git a/src/zfs.cpp b/src/zfs.cpp index 6303349..ffd8656 100644 --- a/src/zfs.cpp +++ b/src/zfs.cpp @@ -98,8 +98,8 @@ int clear_key_props(zfs_handle_t * from) { bool ok = false; quickscope_wrapper props_deleter{[&] { if(!ok) - fprintf(stderr, "You might need to run \"zfs inherit %s %s\" and \"zfs inherit %s %s\"!\n", PROPNAME_BACKEND, zfs_get_name(from), PROPNAME_KEY, - zfs_get_name(from)); + fprintf(stderr, "You might need to run \"zfs inherit %s %s\" and \"zfs inherit %s %s\" to fully clear metadata!\n", PROPNAME_BACKEND, zfs_get_name(from), + PROPNAME_KEY, zfs_get_name(from)); }}; TRY("delete tzpfms.backend", zfs_prop_inherit(from, PROPNAME_BACKEND, B_FALSE));