[v2,2/9] common/encrypt: add helper functions that wrap new xfs_io commands
diff mbox series

Message ID 20190920003753.40281-3-ebiggers@kernel.org
State New
Headers show
Series
  • xfstests: add tests for fscrypt key management improvements
Related show

Commit Message

Eric Biggers Sept. 20, 2019, 12:37 a.m. UTC
From: Eric Biggers <ebiggers@google.com>

Wrap the new xfs_io commands 'add_enckey', 'rm_enckey', and
'enckey_status' with helper functions.

Also add _user_do_get_encpolicy(), so that all encryption xfs_io
commands have a _user_do() version.

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 common/encrypt | 65 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 65 insertions(+)

Patch
diff mbox series

diff --git a/common/encrypt b/common/encrypt
index 7bbe1936..a086e80f 100644
--- a/common/encrypt
+++ b/common/encrypt
@@ -261,6 +261,71 @@  _get_encpolicy()
 	$XFS_IO_PROG -c "get_encpolicy $*" "$file"
 }
 
+_user_do_get_encpolicy()
+{
+	local file=$1
+	shift
+
+	_user_do "$XFS_IO_PROG -c \"get_encpolicy $*\" \"$file\""
+}
+
+# Add an encryption key to the given filesystem.
+_add_enckey()
+{
+	local mnt=$1
+	local raw_key=$2
+	shift 2
+
+	echo -ne "$raw_key" | $XFS_IO_PROG -c "add_enckey $*" "$mnt"
+}
+
+_user_do_add_enckey()
+{
+	local mnt=$1
+	local raw_key=$2
+	shift 2
+
+	_user_do "echo -ne \"$raw_key\" | $XFS_IO_PROG -c \"add_enckey $*\" \"$mnt\""
+}
+
+# Remove the given encryption key from the given filesystem.
+_rm_enckey()
+{
+	local mnt=$1
+	local keyspec=$2
+	shift 2
+
+	$XFS_IO_PROG -c "rm_enckey $* $keyspec" "$mnt"
+}
+
+_user_do_rm_enckey()
+{
+	local mnt=$1
+	local keyspec=$2
+	shift 2
+
+	_user_do "$XFS_IO_PROG -c \"rm_enckey $* $keyspec\" \"$mnt\""
+}
+
+# Get the status of the given encryption key on the given filesystem.
+_enckey_status()
+{
+	local mnt=$1
+	local keyspec=$2
+	shift 2
+
+	$XFS_IO_PROG -c "enckey_status $* $keyspec" "$mnt"
+}
+
+_user_do_enckey_status()
+{
+	local mnt=$1
+	local keyspec=$2
+	shift 2
+
+	_user_do "$XFS_IO_PROG -c \"enckey_status $* $keyspec\" \"$mnt\""
+}
+
 # Retrieve the encryption nonce of the given inode as a hex string.  The nonce
 # was randomly generated by the filesystem and isn't exposed directly to
 # userspace.  But it can be read using the filesystem's debugging tools.