2 files changed, 158 insertions, 0 deletions
diff --git a/cmd/ext4/ext4.go b/cmd/ext4/ext4.go
new file mode 100644
index 0000000..1df1f23
--- /dev/null
+++ b/cmd/ext4/ext4.go
@@ -0,0 +1,74 @@
+/*
+ * ext4.go - Handles command line processing for fscrypt-ext4.
+ *
+ * Copyright 2017 Google Inc.
+ * Author: Joe Richey (joerichey@google.com)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy of
+ * the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+package main
+
+import (
+	"fmt"
+
+	"github.com/google/fscrypt/cmd"
+)
+
+var (
+	mountpointArg = &cmd.Argument{
+		ArgName: "mountpoint",
+		Usage:   "the mountpoint of an ext4 filesystem",
+	}
+	deviceArg = &cmd.Argument{
+		ArgName: "device",
+		Usage:   "the path to a device containing an ext4 filesystem",
+	}
+	ext4Usage = fmt.Sprintf("(%s | %s) [options]", mountpointArg, deviceArg)
+)
+
+func main() { ext4Command.Run() }
+
+var ext4Command = &cmd.Command{
+	Title: "manage ext4 encryption feature flag",
+	UsageLines: []string{
+		fmt.Sprintf("enable  %s", ext4Usage),
+		fmt.Sprintf("disable %s", ext4Usage),
+		cmd.VersionUsage,
+	},
+	SubCommands: []*cmd.Command{enableCommand, disableCommand, cmd.VersionCommand},
+	Arguments:   []*cmd.Argument{mountpointArg, deviceArg},
+	Flags:       []cmd.Flag{cmd.ForceFlag, cmd.VerboseFlag, cmd.HelpFlag},
+	ManPage:     &cmd.ManPage{Name: "fscrypt-ext4", Section: 8},
+}
+var enableCommand = &cmd.Command{
+	Name:             "enable",
+	Title:            "turn on encryption for an ext4 filesystem",
+	UsageLines:       []string{ext4Usage},
+	InheritArguments: true,
+	InheritFlags:     true,
+	Action:           func(c *cmd.Context) error { return toggleState(c, true) },
+}
+var disableCommand = &cmd.Command{
+	Name:             "disable",
+	Title:            "turn off encryption for an ext4 filesystem",
+	UsageLines:       []string{ext4Usage},
+	InheritArguments: true,
+	InheritFlags:     true,
+	Action:           func(c *cmd.Context) error { return toggleState(c, false) },
+}
+
+func toggleState(c *cmd.Context, enable bool) error {
+	fmt.Fprintf(cmd.Output, "Toggle value = %v", enable)
+	return nil
+}
diff --git a/cmd/ext4/feature_flag.go b/cmd/ext4/feature_flag.go
new file mode 100644
index 0000000..58b3669
--- /dev/null
+++ b/cmd/ext4/feature_flag.go
@@ -0,0 +1,84 @@
+// +build linux,cgo
+
+/*
+ * feature_flag.go - Changes encryption flag for an ext4 filesystem.
+ *
+ * Copyright 2017 Google Inc.
+ * Author: Joe Richey (joerichey@google.com)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy of
+ * the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+package main
+
+/*
+#cgo LDFLAGS: -lext2fs
+#include <ext2fs/ext2_fs.h>
+#include <ext2fs/ext2fs.h>
+
+#include <stdlib.h>
+*/
+import "C"
+import (
+	"fmt"
+
+	"github.com/google/fscrypt/filesystem"
+)
+
+// Ext4Filesystem wraps the C structures returned from libext2fs.
+type Ext4Filesystem struct {
+	ptr     C.ext2_filsys
+	mounted bool
+	retVal  C.errcode_t
+}
+
+// NewExt4Filesystem creates a new Ext4Filesystem from a mountpoint path. Fail
+// if the path is not the mountpoint of an ext4 filesystem or cannot be opened.
+func NewExt4Filesystem(mount *filesystem.Mount) (*Ext4Filesystem, error) {
+	if mount.Filesystem != "ext4" {
+		err := fmt.Errorf("%q is not an ext4 filesystem (type %q)", mount.Path, mount.Filesystem)
+		return nil, err
+	}
+	if mount.Device == "" {
+		err := fmt.Errorf("underlying device for %q is invalid", mount.Filesystem)
+		return nil, err
+	}
+	return nil, nil
+}
+
+// HasValidBlockSize returns true if the filesystem has the same block size as
+// the system's page size.
+func (fs *Ext4Filesystem) HasValidBlockSize() bool {
+	return true
+}
+
+// IsEncryptionEnabled return true if the "encrypt" feature flag is set.
+func (fs *Ext4Filesystem) IsEncryptionEnabled() bool {
+	return C.ext2fs_has_feature_encrypt(fs.ptr.super) != 0
+}
+
+// EnableEncryption sets the "encrypt" feature flag and writes the appropriate
+// information in the superblock to allow filesystem encryption.
+func (fs *Ext4Filesystem) EnableEncryption() error {
+	return nil
+}
+
+// DisableEncryption removes the "encrypt" feature flag.
+func (fs *Ext4Filesystem) DisableEncryption() error {
+	return nil
+}
+
+// Close safely closes, frees, and runs cleanup f9r the filesystem.
+func (fs *Ext4Filesystem) Close() error {
+	return nil
+}