diff options
| author | Joe Richey joerichey@google.com <joerichey@google.com> | 2017-10-04 18:35:48 -0700 |
|---|---|---|
| committer | Joseph Richey <joerichey94@gmail.com> | 2017-10-19 02:22:22 -0700 |
| commit | ef2407fd0ae0ccc31cd894f0e2f84e0a871547a4 (patch) | |
| tree | f4e2618d52a9a327ed98cb386b3845d16a543da3 /ext4 | |
| parent | b7295ee7e3514f616d03a4c0ab391db22d6ab315 (diff) | |
ext4: Initial work for fscrypt-ext4
Diffstat (limited to 'ext4')
| -rw-r--r-- | ext4/ext4.go | 37 | ||||
| -rw-r--r-- | ext4/feature_flag.go | 36 |
2 files changed, 73 insertions, 0 deletions
diff --git a/ext4/ext4.go b/ext4/ext4.go new file mode 100644 index 0000000..cbe87da --- /dev/null +++ b/ext4/ext4.go @@ -0,0 +1,37 @@ +package main + +import ( + "fmt" + "io" + "os" +) + +func printUsage(w io.Writer, name string) { + fmt.Fprintf(w, "Usage: %s [enable|disable] <device> [--force]\n\n", name) + fmt.Fprintln(w, "Enable or disable encryption on an ext4 filesystem.") + fmt.Fprintln(w, " <device> - Path to the filesystem device") + fmt.Fprintln(w, " --force - Automatically proceed with the operation") +} + +func main() { + if len(os.Args) != 3 { + printUsage(os.Stderr, os.Args[0]) + os.Exit(1) + } + switch os.Args[1] { + case "enable": + fmt.Println("Enabling encryption!!") + case "disable": + fmt.Println("Disabling encryption!!") + default: + fmt.Fprintf(os.Stderr, "%s: invalid command %q\n", os.Args[0], os.Args[1]) + printUsage(os.Stderr, os.Args[0]) + os.Exit(1) + } + + if isExt4EncryptionEnabled(os.Args[2]) { + fmt.Printf("%q has encryption\n", os.Args[2]) + } else { + fmt.Printf("%q doesn't have encryption\n", os.Args[2]) + } +} diff --git a/ext4/feature_flag.go b/ext4/feature_flag.go new file mode 100644 index 0000000..4c64e0a --- /dev/null +++ b/ext4/feature_flag.go @@ -0,0 +1,36 @@ +package main + +/* +#cgo LDFLAGS: -lext2fs +#include <ext2fs/ext2_fs.h> +#include <ext2fs/ext2fs.h> + +#include <stdlib.h> +*/ +import "C" +import ( + "fmt" + "unsafe" +) + +// isExt4EncryptionEnabled returns true if the provided ext4 filesystem (as a +// path to a device or mountpoint) has the encrypt feature flag enabled. +func isExt4EncryptionEnabled(path string) bool { + cPath := C.CString(path) + defer C.free(unsafe.Pointer(cPath)) + + var fs C.ext2_filsys + ret := C.ext2fs_open(cPath, 0, 0, 0, C.unix_io_manager, &fs) + if ret != 0 { + panic(fmt.Errorf("Got error code %v when opening %s", ret, path)) + } + + hasEncryption := C.ext2fs_has_feature_encrypt(fs.super) + return hasEncryption != 0 +} + +// enableExt4Encryption enables encryption on the filesystem at the specified +// path. + +// disableExt4Encryption disables encryption on the filesystem at the specified +// path. Note that this operation is not supported and can cause data loss. |