diff options
| author | Kent Overstreet <kent.overstreet@gmail.com> | 2022-05-19 15:59:37 -0400 |
|---|---|---|
| committer | Kent Overstreet <kent.overstreet@gmail.com> | 2022-05-19 16:01:51 -0400 |
| commit | 8cc7d4928198f843fa6d790a615405140fc992d3 (patch) | |
| tree | d2e7de8e9e120e2228017817f5476f8e9e73c74f | |
| parent | 0766bee8fdf3973953fd3184f63dfe2a0760c08d (diff) | |
cmd_unlock: Add -k argument to specify keyring
This adds a new argument (-k) to cmd_unlock for specifying the keyring
to add to. The default is user, but user_session and session can also be
specified.
Signed-off-by: Kent Overstreet <kent.overstreet@gmail.com>
| -rw-r--r-- | .bcachefs_revision | 2 | ||||
| -rw-r--r-- | cmd_key.c | 10 | ||||
| -rw-r--r-- | cmd_migrate.c | 2 | ||||
| -rw-r--r-- | crypto.c | 23 | ||||
| -rw-r--r-- | crypto.h | 2 | ||||
| -rw-r--r-- | libbcachefs/checksum.c | 2 | ||||
| -rw-r--r-- | libbcachefs/lru.c | 6 | ||||
| -rw-r--r-- | libbcachefs/lru.h | 2 | ||||
| -rw-r--r-- | libbcachefs/recovery.c | 9 |
9 files changed, 35 insertions, 23 deletions
diff --git a/.bcachefs_revision b/.bcachefs_revision index 9aed74e1..c1cb5fdb 100644 --- a/.bcachefs_revision +++ b/.bcachefs_revision @@ -1 +1 @@ -c4ca278a540bd2f99864f198a6ec9b4cb1f1fd44 +40eaef7e8049b75ff7e5da42227295c754d9c906 @@ -14,20 +14,26 @@ static void unlock_usage(void) "\n" "Options:\n" " -c Check if a device is encrypted\n" + " -k (session|user|user_session)\n" + " Keyring to add to (default: user)\n" " -h Display this help and exit\n" "Report bugs to <linux-bcache@vger.kernel.org>"); } int cmd_unlock(int argc, char *argv[]) { + const char *keyring = "user"; bool check = false; int opt; - while ((opt = getopt(argc, argv, "ch")) != -1) + while ((opt = getopt(argc, argv, "ck:h")) != -1) switch (opt) { case 'c': check = true; break; + case 'k': + keyring = strdup(optarg); + break; case 'h': unlock_usage(); exit(EXIT_SUCCESS); @@ -59,7 +65,7 @@ int cmd_unlock(int argc, char *argv[]) char *passphrase = read_passphrase("Enter passphrase: "); - bch2_add_key(sb.sb, passphrase); + bch2_add_key(sb.sb, "user", keyring, passphrase); bch2_free_super(&sb); memzero_explicit(passphrase, strlen(passphrase)); diff --git a/cmd_migrate.c b/cmd_migrate.c index b67fc02d..a553319b 100644 --- a/cmd_migrate.c +++ b/cmd_migrate.c @@ -691,7 +691,7 @@ static int migrate_fs(const char *fs_path, u64 sb_offset = le64_to_cpu(sb->layout.sb_offset[0]); if (format_opts.passphrase) - bch2_add_key(sb, format_opts.passphrase); + bch2_add_key(sb, "user", "user", format_opts.passphrase); free(sb); @@ -133,10 +133,23 @@ void bch2_passphrase_check(struct bch_sb *sb, const char *passphrase, die("incorrect passphrase"); } -void bch2_add_key(struct bch_sb *sb, const char *passphrase) +void bch2_add_key(struct bch_sb *sb, + const char *type, + const char *keyring_str, + const char *passphrase) { struct bch_key passphrase_key; struct bch_encrypted_key sb_key; + int keyring; + + if (!strcmp(keyring_str, "session")) + keyring = KEY_SPEC_SESSION_KEYRING; + else if (!strcmp(keyring_str, "user")) + keyring = KEY_SPEC_USER_KEYRING; + else if (!strcmp(keyring_str, "user_session")) + keyring = KEY_SPEC_USER_SESSION_KEYRING; + else + die("unknown keyring %s", keyring_str); bch2_passphrase_check(sb, passphrase, &passphrase_key, @@ -147,12 +160,10 @@ void bch2_add_key(struct bch_sb *sb, const char *passphrase) char *description = mprintf("bcachefs:%s", uuid); - if (add_key("logon", description, - &passphrase_key, sizeof(passphrase_key), - KEY_SPEC_USER_KEYRING) < 0 || - add_key("user", description, + if (add_key(type, + description, &passphrase_key, sizeof(passphrase_key), - KEY_SPEC_USER_KEYRING) < 0) + keyring) < 0) die("add_key error: %m"); memzero_explicit(description, strlen(description)); @@ -15,7 +15,7 @@ struct bch_key derive_passphrase(struct bch_sb_field_crypt *, const char *); bool bch2_sb_is_encrypted(struct bch_sb *); void bch2_passphrase_check(struct bch_sb *, const char *, struct bch_key *, struct bch_encrypted_key *); -void bch2_add_key(struct bch_sb *, const char *); +void bch2_add_key(struct bch_sb *, const char *, const char *, const char *); void bch_sb_crypt_init(struct bch_sb *sb, struct bch_sb_field_crypt *, const char *); diff --git a/libbcachefs/checksum.c b/libbcachefs/checksum.c index 425582f6..50157b40 100644 --- a/libbcachefs/checksum.c +++ b/libbcachefs/checksum.c @@ -424,7 +424,7 @@ static int __bch2_request_key(char *key_description, struct bch_key *key) const struct user_key_payload *ukp; int ret; - keyring_key = request_key(&key_type_logon, key_description, NULL); + keyring_key = request_key(&key_type_user, key_description, NULL); if (IS_ERR(keyring_key)) return PTR_ERR(keyring_key); diff --git a/libbcachefs/lru.c b/libbcachefs/lru.c index ce23b383..d2783317 100644 --- a/libbcachefs/lru.c +++ b/libbcachefs/lru.c @@ -130,7 +130,7 @@ int bch2_lru_change(struct btree_trans *trans, u64 id, u64 idx, } static int bch2_check_lru_key(struct btree_trans *trans, - struct btree_iter *lru_iter, bool initial) + struct btree_iter *lru_iter) { struct bch_fs *c = trans->c; struct btree_iter iter; @@ -193,7 +193,7 @@ fsck_err: return ret; } -int bch2_check_lrus(struct bch_fs *c, bool initial) +int bch2_check_lrus(struct bch_fs *c) { struct btree_trans trans; struct btree_iter iter; @@ -207,7 +207,7 @@ int bch2_check_lrus(struct bch_fs *c, bool initial) ret = __bch2_trans_do(&trans, NULL, NULL, BTREE_INSERT_NOFAIL| BTREE_INSERT_LAZY_RW, - bch2_check_lru_key(&trans, &iter, initial)); + bch2_check_lru_key(&trans, &iter)); if (ret) break; } diff --git a/libbcachefs/lru.h b/libbcachefs/lru.h index bfe38a67..3decb7b1 100644 --- a/libbcachefs/lru.h +++ b/libbcachefs/lru.h @@ -14,6 +14,6 @@ int bch2_lru_delete(struct btree_trans *, u64, u64, u64, struct bkey_s_c); int bch2_lru_set(struct btree_trans *, u64, u64, u64 *); int bch2_lru_change(struct btree_trans *, u64, u64, u64, u64 *, struct bkey_s_c); -int bch2_check_lrus(struct bch_fs *, bool); +int bch2_check_lrus(struct bch_fs *); #endif /* _BCACHEFS_LRU_H */ diff --git a/libbcachefs/recovery.c b/libbcachefs/recovery.c index ff483ff3..36ab2e3b 100644 --- a/libbcachefs/recovery.c +++ b/libbcachefs/recovery.c @@ -1256,11 +1256,10 @@ use_clean: bch_info(c, "checking lrus"); err = "error checking lrus"; - ret = bch2_check_lrus(c, true); + ret = bch2_check_lrus(c); if (ret) goto err; bch_verbose(c, "done checking lrus"); - set_bit(BCH_FS_CHECK_LRUS_DONE, &c->flags); bch_info(c, "checking alloc to lru refs"); @@ -1268,12 +1267,8 @@ use_clean: ret = bch2_check_alloc_to_lru_refs(c); if (ret) goto err; - set_bit(BCH_FS_CHECK_ALLOC_TO_LRU_REFS_DONE, &c->flags); - - ret = bch2_check_lrus(c, true); - if (ret) - goto err; bch_verbose(c, "done checking alloc to lru refs"); + set_bit(BCH_FS_CHECK_ALLOC_TO_LRU_REFS_DONE, &c->flags); } else { set_bit(BCH_FS_MAY_GO_RW, &c->flags); set_bit(BCH_FS_INITIAL_GC_DONE, &c->flags); |