cryptocheck: Add --quiet option

The option can be used to suppress output if we only want to test the return value of the command. Also, mention this option in the documentation. Signed-off-by: Michael Chang <mchang@suse.com> Signed-off-by: Maxim Suhanov <dfirblog@gmail.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2025-03-14 19:03:39 +08:00 · 2025-03-14 19:03:39 +08:00 · 73d1c959ea
commit 73d1c959ea
parent dbc0eb5bd1
3 changed files with 28 additions and 8 deletions
--- a/docs/grub.texi
+++ b/docs/grub.texi
@ -6743,12 +6743,14 @@ Alias for @code{hashsum --hash crc32 arg @dots{}}. See command @command{hashsum}
@node cryptocheck
@subsection cryptocheck

-@deffn Command cryptocheck device
+@deffn Command cryptocheck [ @option{--quiet} ] device
 Check if a given diskfilter device is backed by encrypted devices
 (@pxref{cryptomount} for additional information).

 The command examines all backing devices, physical volumes, of a specified
 logical volume, like LVM2, and fails when at least one of them is unencrypted.
+
+The option @option{--quiet} can be given to suppress the output.
@end deffn

@node cryptomount
--- a/grub-core/commands/search.c
+++ b/grub-core/commands/search.c
@ -67,6 +67,9 @@ is_unencrypted_disk (grub_disk_t disk)

  if (disk->dev->id == GRUB_DISK_DEVICE_DISKFILTER_ID)
    {
+      char opt[] = "--quiet";
+      char *args[2];
+
      cmd = grub_command_find ("cryptocheck");
      if (cmd == NULL) /* No diskfilter module loaded for some reason. */
        return true;
@ -77,7 +80,9 @@ is_unencrypted_disk (grub_disk_t disk)
        return true;

      grub_snprintf (disk_str, disk_str_len, "(%s)", disk->name);
-      res = cmd->func (cmd, 1, &disk_str);
+      args[0] = opt;
+      args[1] = disk_str;
+      res = cmd->func (cmd, 2, args);
      grub_free (disk_str);
      return (res != GRUB_ERR_NONE) ? true : false; /* GRUB_ERR_NONE for encrypted. */
    }
--- a/grub-core/disk/diskfilter.c
+++ b/grub-core/disk/diskfilter.c
@ -1414,6 +1414,19 @@ grub_cmd_cryptocheck (grub_command_t cmd __attribute__ ((unused)),
  int check_pvs_res;
  int namelen;
  int pvs_cnt;
+  int opt_quiet = 0;
+
+  if (argc == 2)
+    {
+      if (grub_strcmp (args[0], "--quiet") == 0)
+	{
+	  opt_quiet = 1;
+	  argc--;
+	  args++;
+	}
+      else
+	return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("unrecognized option: %s"), args[0]);
+    }

  if (argc != 1)
    return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("disk name expected"));
@ -1436,7 +1449,7 @@ grub_cmd_cryptocheck (grub_command_t cmd __attribute__ ((unused)),

  check_pvs_res = grub_diskfilter_check_pvs_encrypted (disk, &pvs_cnt);
  grub_disk_close (disk);
-
+  if (!opt_quiet)
    grub_printf ("%s is %sencrypted (%d pv%s examined)\n", &args[0][1],
 		 (check_pvs_res == GRUB_ERR_NONE) ? "" : "un",
 		 pvs_cnt,
@ -1468,7 +1481,7 @@ GRUB_MOD_INIT(diskfilter)
 {
  grub_disk_dev_register (&grub_diskfilter_dev);
  cmd = grub_register_command ("cryptocheck", grub_cmd_cryptocheck,
-                                N_("DEVICE"),
+                                N_("[--quiet] DEVICE"),
                                N_("Check if a logical volume resides on encrypted disks."));
 }