diff options
| author | koverstreet <kent.overstreet@gmail.com> | 2025-07-13 08:05:00 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-07-13 08:05:00 -0500 |
| commit | 73740b9cf25fab1cab76c787f762b0fd4253c2f3 (patch) | |
| tree | 8b2a528fcafec574f7409f4ef3d4efae627e0367 | |
| parent | 5dd10a17e9c06b24818bc19cd78db0a8e4492ef8 (diff) | |
| parent | 7362ed1223e7b832b5c35a24b48d2d95042bdc0d (diff) | |
Merge pull request #391 from prey169/master
Format filesystem with encryption using a passphase file
| -rw-r--r-- | c_src/cmd_format.c | 19 | ||||
| -rw-r--r-- | c_src/libbcachefs.h | 1 |
2 files changed, 19 insertions, 1 deletions
diff --git a/c_src/cmd_format.c b/c_src/cmd_format.c index d494c357..740b0e81 100644 --- a/c_src/cmd_format.c +++ b/c_src/cmd_format.c @@ -21,6 +21,7 @@ #include <uuid/uuid.h> #include "cmds.h" +#include "tools-util.h" #include "posix_to_bcachefs.h" #include "libbcachefs.h" #include "crypto.h" @@ -34,6 +35,7 @@ #define OPTS \ x(0, replicas, required_argument) \ x(0, encrypted, no_argument) \ +x(0, passphrase_file, required_argument) \ x(0, no_passphrase, no_argument) \ x('L', fs_label, required_argument) \ x('U', uuid, required_argument) \ @@ -59,6 +61,7 @@ static void format_usage(void) puts(" --replicas=# Sets both data and metadata replicas\n" " --encrypted Enable whole filesystem encryption (chacha20/poly1305)\n" + " --passphrase_file=file File containing passphrase used for encryption/decryption\n" " --no_passphrase Don't encrypt master encryption key\n" " -L, --fs_label=label\n" " -U, --uuid=uuid\n" @@ -173,6 +176,9 @@ int cmd_format(int argc, char *argv[]) case O_encrypted: opts.encrypted = true; break; + case O_passphrase_file: + opts.passphrase_file = optarg; + break; case O_no_passphrase: no_passphrase = true; break; @@ -247,8 +253,19 @@ int cmd_format(int argc, char *argv[]) if (opts.source && !initialize) die("--source, --no_initialize are incompatible"); + if (opts.passphrase_file && !opts.encrypted) + die("--passphrase_file, requires --encrypted set"); + + if (opts.passphrase_file && no_passphrase) { + die("--passphrase_file, --no_passphrase are incompatible"); + } + if (opts.encrypted && !no_passphrase) { - opts.passphrase = read_passphrase_twice("Enter passphrase: "); + if (opts.passphrase_file) { + opts.passphrase = read_file_str(AT_FDCWD, opts.passphrase_file); + } else { + opts.passphrase = read_passphrase_twice("Enter passphrase: "); + } initialize = false; } diff --git a/c_src/libbcachefs.h b/c_src/libbcachefs.h index edb05084..7a7a9e2c 100644 --- a/c_src/libbcachefs.h +++ b/c_src/libbcachefs.h @@ -42,6 +42,7 @@ struct format_opts { unsigned version; unsigned superblock_size; bool encrypted; + char *passphrase_file; char *passphrase; char *source; bool no_sb_at_end; |