diff options
| author | Eric Biggers <ebiggers@google.com> | 2020-05-09 14:52:07 -0700 |
|---|---|---|
| committer | Eric Biggers <ebiggers@google.com> | 2020-05-09 15:21:31 -0700 |
| commit | fb88d74f0335cdf8218bb8dfbaa03f23773318cf (patch) | |
| tree | 423e1d12c13e081ec29a53a0adebd5ff733bc56a /keyring/fs_keyring.go | |
| parent | 9383d4be92981a4c956c775479bb48b7eec9db79 (diff) | |
keyring: improve errors
ErrAccessUserKeyring:
Include the user, and fix the backwards wrapping.
ErrSessionUserKeyring:
Include the user.
ErrKeyAdd:
ErrKeyRemove:
ErrKeySearch:
ErrLinkUserKeyring:
Replace these with one-off unnamed errors because they are
never checked for, and this makes it easier for the callers to
provide better messages, e.g. fixing the backwards wrapping.
Diffstat (limited to 'keyring/fs_keyring.go')
| -rw-r--r-- | keyring/fs_keyring.go | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/keyring/fs_keyring.go b/keyring/fs_keyring.go index 262e0e5..9b949b9 100644 --- a/keyring/fs_keyring.go +++ b/keyring/fs_keyring.go @@ -203,7 +203,9 @@ func fsAddEncryptionKey(key *crypto.Key, descriptor string, log.Printf("FS_IOC_ADD_ENCRYPTION_KEY(%q, %s, <raw>) = %v", mount.Path, descriptor, errno) if errno != 0 { - return errors.Wrap(ErrKeyAdd, errno.Error()) + return errors.Wrapf(errno, + "error adding key with descriptor %s to filesystem %s", + descriptor, mount.Path) } if descriptor, err = validateKeyDescriptor(&arg.Key_spec, descriptor); err != nil { fsRemoveEncryptionKey(descriptor, mount, user) @@ -266,7 +268,9 @@ func fsRemoveEncryptionKey(descriptor string, mount *filesystem.Mount, } return ErrKeyNotPresent default: - return errors.Wrap(ErrKeyRemove, errno.Error()) + return errors.Wrapf(errno, + "error removing key with descriptor %s from filesystem %s", + descriptor, mount.Path) } } @@ -298,7 +302,10 @@ func fsGetEncryptionKeyStatus(descriptor string, mount *filesystem.Mount, log.Printf("FS_IOC_GET_ENCRYPTION_KEY_STATUS(%q, %s) = %v, status=%d, status_flags=0x%x", mount.Path, descriptor, errno, arg.Status, arg.Status_flags) if errno != 0 { - return KeyStatusUnknown, errors.Wrap(ErrKeySearch, errno.Error()) + return KeyStatusUnknown, + errors.Wrapf(errno, + "error getting status of key with descriptor %s on filesystem %s", + descriptor, mount.Path) } switch arg.Status { case unix.FSCRYPT_KEY_STATUS_ABSENT: @@ -313,6 +320,7 @@ func fsGetEncryptionKeyStatus(descriptor string, mount *filesystem.Mount, return KeyAbsentButFilesBusy, nil default: return KeyStatusUnknown, - errors.Wrapf(ErrKeySearch, "unknown key status (%d)", arg.Status) + errors.Errorf("unknown key status (%d) for key with descriptor %s on filesystem %s", + arg.Status, descriptor, mount.Path) } } |