From b96f72d63641c8dcfe5e142ecd5d6c9f9a7d5778 Mon Sep 17 00:00:00 2001 From: "Joe Richey joerichey@google.com" Date: Fri, 6 Oct 2017 14:25:07 -0700 Subject: ext4: start refactor --- ext4/ext4.go | 62 +++++++++++++++++++++++++-------------- ext4/feature_flag.go | 82 ++++++++++++++++++++++++++++++++++++++++++---------- 2 files changed, 106 insertions(+), 38 deletions(-) (limited to 'ext4') diff --git a/ext4/ext4.go b/ext4/ext4.go index 401d208..7419929 100644 --- a/ext4/ext4.go +++ b/ext4/ext4.go @@ -1,3 +1,22 @@ +/* + * ext4.go - Handles command line processing for fscrypt-ext4. + * + * Copyright 2017 Google Inc. + * Author: Joe Richey (joerichey@google.com) + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ + package main import ( @@ -34,7 +53,7 @@ Arguments: ` ) -func printUsageAndExit(err error) { +func printAndExit(err error, printUsage bool) { var w io.Writer var rc int if err == nil { @@ -46,45 +65,44 @@ func printUsageAndExit(err error) { rc = 1 fmt.Fprintf(w, "%s: %v\n", cmdName, err) } - - fmt.Fprintf(w, usageFmt, cmdName) - fmt.Fprintln(w, "\nOptions:") - set.VisitAll(func(f *flag.Flag) { - fmt.Fprintf(w, "\t--%s\n\t\t%s\n", f.Name, f.Usage) - }) - fmt.Fprintf(w, "\nSee the %s man page for more info.\n", manPage) + if printUsage { + fmt.Fprintf(w, usageFmt, cmdName) + fmt.Fprintln(w, "\nOptions:") + set.VisitAll(func(f *flag.Flag) { + fmt.Fprintf(w, "\t--%s\n\t\t%s\n", f.Name, f.Usage) + }) + fmt.Fprintf(w, "\nSee the %s man page for more info.\n", manPage) + } os.Exit(rc) } func main() { set.SetOutput(ioutil.Discard) if err := set.Parse(os.Args[1:]); err != nil { - printUsageAndExit(err) + printAndExit(err, true) } if *helpFlag { - printUsageAndExit(nil) + printAndExit(nil, true) } if *versionFlag { fmt.Println(version) return } if set.NArg() != 2 { - printUsageAndExit(fmt.Errorf("expected 2 arguments, got %d", set.NArg())) + printAndExit(fmt.Errorf("expected 2 arguments (got %d)", set.NArg()), true) + } + + _, err := NewExt4Filesystem(set.Arg(1)) + if err != nil { + printAndExit(err, false) } - command, mountpoint := set.Arg(0), set.Arg(1) - switch command { + switch command := set.Arg(0); command { case "enable": - fmt.Println("Enabling encryption!!") + fmt.Println("Enabling encryption not implemented") case "disable": - fmt.Println("Disabling encryption!!") + fmt.Println("Disabling encryption not implemented") default: - printUsageAndExit(fmt.Errorf("invalid command %q", command)) - } - - if isExt4EncryptionEnabled(mountpoint) { - fmt.Printf("%q has encryption\n", mountpoint) - } else { - fmt.Printf("%q doesn't have encryption\n", mountpoint) + printAndExit(fmt.Errorf("invalid command %q", command), true) } } diff --git a/ext4/feature_flag.go b/ext4/feature_flag.go index 4c64e0a..4b588d6 100644 --- a/ext4/feature_flag.go +++ b/ext4/feature_flag.go @@ -1,3 +1,22 @@ +/* + * feature_flag.go - Changes encryption flag for an ext4 filesystem. + * + * Copyright 2017 Google Inc. + * Author: Joe Richey (joerichey@google.com) + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy of + * the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ + package main /* @@ -10,27 +29,58 @@ package main import "C" import ( "fmt" - "unsafe" + + "github.com/google/fscrypt/filesystem" ) -// isExt4EncryptionEnabled returns true if the provided ext4 filesystem (as a -// path to a device or mountpoint) has the encrypt feature flag enabled. -func isExt4EncryptionEnabled(path string) bool { - cPath := C.CString(path) - defer C.free(unsafe.Pointer(cPath)) +// Ext4Filesystem wraps the C structures returned from libext2fs. +type Ext4Filesystem struct { + ptr C.ext2_filsys + mounted bool + retVal C.errcode_t +} - var fs C.ext2_filsys - ret := C.ext2fs_open(cPath, 0, 0, 0, C.unix_io_manager, &fs) - if ret != 0 { - panic(fmt.Errorf("Got error code %v when opening %s", ret, path)) +// NewExt4Filesystem creates a new Ext4Filesystem from a mountpoint path. Fail +// if the path is not the mountpoint of an ext4 filesystem or cannot be opened. +func NewExt4Filesystem(mountpoint string) (*Ext4Filesystem, error) { + mount, err := filesystem.FindMount(set.Arg(1)) + if err != nil { + return nil, err } + if mount.Filesystem != "ext4" { + err := fmt.Errorf("%q is not an ext4 filesystem (type %q)", mount.Path, mount.Filesystem) + return nil, err + } + if mount.Device == "" { + err := fmt.Errorf("underlying device for %q is invalid", mount.Filesystem) + return nil, err + } + return nil, nil +} - hasEncryption := C.ext2fs_has_feature_encrypt(fs.super) - return hasEncryption != 0 +// HasValidBlockSize returns true if the filesystem has the same block size as +// the system's page size. +func (fs *Ext4Filesystem) HasValidBlockSize() bool { + return true } -// enableExt4Encryption enables encryption on the filesystem at the specified -// path. +// IsEncryptionEnabled return true if the "encrypt" feature flag is set. +func (fs *Ext4Filesystem) IsEncryptionEnabled() bool { + return C.ext2fs_has_feature_encrypt(fs.ptr.super) != 0 +} + +// EnableEncryption sets the "encrypt" feature flag and writes the appropriate +// information in the superblock to allow filesystem encryption. +func (fs *Ext4Filesystem) EnableEncryption() error { + return nil +} -// disableExt4Encryption disables encryption on the filesystem at the specified -// path. Note that this operation is not supported and can cause data loss. +// DisableEncryption removes the "encrypt" feature flag. +func (fs *Ext4Filesystem) DisableEncryption() error { + return nil +} + +// Close safely closes, frees, and runs cleanup f9r the filesystem. +func (fs *Ext4Filesystem) Close() error { + return nil +} -- cgit v1.2.3