From defd27f75df3a6eef84ac33adf89b1ce255e738c Mon Sep 17 00:00:00 2001 From: "Joe Richey joerichey@google.com" Date: Wed, 31 May 2017 17:54:35 -0700 Subject: actions: Simplify the callback mechanism This commit makes the callbacks for getting keys easier to understand. Functions which need keys now take a KeyFunc callback. This callback contains a ProtectorInfo parameter (basically a read-only version of metadata.ProtectorData) and a boolean which indicates if the call is being retried. The documentation is also updated to say which functions will retry the KeyFunc. For selecting a protector, there is now an OptionFunc callback which takes a slice of ProtectorOptions. A ProtectorOption is a ProtectorInfo along with additional information about a linked filesystem (if applicable). This commit also adds in methods for getting the protector options for a specific filesystem or policy. It also adds a function for getting the policy descriptor for a specific path. Change-Id: I41e0d94ffd44e7166b0c5cf1b5d18437960bdf90 --- actions/context.go | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) (limited to 'actions/context.go') diff --git a/actions/context.go b/actions/context.go index f4a3985..4d7d30d 100644 --- a/actions/context.go +++ b/actions/context.go @@ -95,3 +95,54 @@ func NewContextFromMountpoint(mountpoint string) (ctx *Context, err error) { ctx.Mount.Path, ctx.Mount.Device) return } + +// checkContext verifies that the context contains an valid config and a mount +// which is being used with fscrypt. +func (ctx *Context) checkContext() error { + if !ctx.Config.IsValid() { + return ErrBadConfig + } + return ctx.Mount.CheckSetup() +} + +// GetProtectorOption returns the ProtectorOption for the protector on the +// context's mountpoint with the specified descriptor. +func (ctx *Context) GetProtectorOption(protectorDescriptor string) *ProtectorOption { + mnt, data, err := ctx.Mount.GetProtector(protectorDescriptor) + if err != nil { + return &ProtectorOption{ProtectorInfo{}, nil, err} + } + + info := ProtectorInfo{data} + // No linked path if on the same mountpoint + if mnt == ctx.Mount { + return &ProtectorOption{info, nil, nil} + } + return &ProtectorOption{info, mnt, nil} +} + +// ListProtectorOptions creates a slice of all the options for all of the +// Protectors on the Context's mountpoint. +func (ctx *Context) ListProtectorOptions() ([]*ProtectorOption, error) { + descriptors, err := ctx.Mount.ListProtectors() + if err != nil { + return nil, err + } + + options := make([]*ProtectorOption, len(descriptors)) + for i, descriptor := range descriptors { + options[i] = ctx.GetProtectorOption(descriptor) + } + return options, nil +} + +// ListOptionsForPolicy creates a slice of the ProtectorOptions which protect +// the policy specified by policyDescriptor. +func (ctx *Context) ListOptionsForPolicy(policyDescriptor string) ([]*ProtectorOption, error) { + policy, err := getPolicyData(ctx, policyDescriptor) + if err != nil { + return nil, err + } + + return policy.listOptions(), nil +} -- cgit v1.2.3