diff options
| author | Joe Richey joerichey@google.com <joerichey@google.com> | 2017-05-31 17:54:35 -0700 |
|---|---|---|
| committer | Joe Richey joerichey@google.com <joerichey@google.com> | 2017-06-26 15:40:08 -0700 |
| commit | defd27f75df3a6eef84ac33adf89b1ce255e738c (patch) | |
| tree | 851a587fb4a12381e7a29e32759636021ecaf42c /actions/context.go | |
| parent | d71b7f248e21f5254c32ecbf752a1dbe940a1177 (diff) | |
actions: Simplify the callback mechanism
This commit makes the callbacks for getting keys easier to understand.
Functions which need keys now take a KeyFunc callback. This callback
contains a ProtectorInfo parameter (basically a read-only version of
metadata.ProtectorData) and a boolean which indicates if the call is
being retried. The documentation is also updated to say which functions
will retry the KeyFunc.
For selecting a protector, there is now an OptionFunc callback which
takes a slice of ProtectorOptions. A ProtectorOption is a ProtectorInfo
along with additional information about a linked filesystem (if
applicable).
This commit also adds in methods for getting the protector options for a
specific filesystem or policy. It also adds a function for getting the
policy descriptor for a specific path.
Change-Id: I41e0d94ffd44e7166b0c5cf1b5d18437960bdf90
Diffstat (limited to 'actions/context.go')
| -rw-r--r-- | actions/context.go | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/actions/context.go b/actions/context.go index f4a3985..4d7d30d 100644 --- a/actions/context.go +++ b/actions/context.go @@ -95,3 +95,54 @@ func NewContextFromMountpoint(mountpoint string) (ctx *Context, err error) { ctx.Mount.Path, ctx.Mount.Device) return } + +// checkContext verifies that the context contains an valid config and a mount +// which is being used with fscrypt. +func (ctx *Context) checkContext() error { + if !ctx.Config.IsValid() { + return ErrBadConfig + } + return ctx.Mount.CheckSetup() +} + +// GetProtectorOption returns the ProtectorOption for the protector on the +// context's mountpoint with the specified descriptor. +func (ctx *Context) GetProtectorOption(protectorDescriptor string) *ProtectorOption { + mnt, data, err := ctx.Mount.GetProtector(protectorDescriptor) + if err != nil { + return &ProtectorOption{ProtectorInfo{}, nil, err} + } + + info := ProtectorInfo{data} + // No linked path if on the same mountpoint + if mnt == ctx.Mount { + return &ProtectorOption{info, nil, nil} + } + return &ProtectorOption{info, mnt, nil} +} + +// ListProtectorOptions creates a slice of all the options for all of the +// Protectors on the Context's mountpoint. +func (ctx *Context) ListProtectorOptions() ([]*ProtectorOption, error) { + descriptors, err := ctx.Mount.ListProtectors() + if err != nil { + return nil, err + } + + options := make([]*ProtectorOption, len(descriptors)) + for i, descriptor := range descriptors { + options[i] = ctx.GetProtectorOption(descriptor) + } + return options, nil +} + +// ListOptionsForPolicy creates a slice of the ProtectorOptions which protect +// the policy specified by policyDescriptor. +func (ctx *Context) ListOptionsForPolicy(policyDescriptor string) ([]*ProtectorOption, error) { + policy, err := getPolicyData(ctx, policyDescriptor) + if err != nil { + return nil, err + } + + return policy.listOptions(), nil +} |