All of lore.kernel.org
 help / color / mirror / Atom feed
From: Eric Biggers <ebiggers@kernel.org>
To: Eric Sandeen <sandeen@sandeen.net>
Cc: linux-xfs@vger.kernel.org, fstests@vger.kernel.org,
	linux-fscrypt@vger.kernel.org
Subject: Re: [PATCH v2 7/8] xfs_io/encrypt: add 'rm_enckey' command
Date: Wed, 25 Sep 2019 16:11:00 -0700	[thread overview]
Message-ID: <20190925231058.GA3163@gmail.com> (raw)
In-Reply-To: <bdfb64e2-fb21-7e42-63ec-e9caddd13287@sandeen.net>

On Tue, Sep 24, 2019 at 05:39:02PM -0500, Eric Sandeen wrote:
> On 9/19/19 7:18 PM, Eric Biggers wrote:
> > From: Eric Biggers <ebiggers@google.com>
> > 
> > Add a 'rm_enckey' command to xfs_io, to provide a command-line interface
> > to the FS_IOC_REMOVE_ENCRYPTION_KEY and
> > FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS ioctls.
> > 
> > Signed-off-by: Eric Biggers <ebiggers@google.com>
> > ---
> >  io/encrypt.c      | 75 +++++++++++++++++++++++++++++++++++++++++++++++
> >  man/man8/xfs_io.8 | 15 ++++++++++
> >  2 files changed, 90 insertions(+)
> > 
> > diff --git a/io/encrypt.c b/io/encrypt.c
> > index d38ac595..7531c4ad 100644
> > --- a/io/encrypt.c
> > +++ b/io/encrypt.c
> > @@ -139,6 +139,7 @@ struct fscrypt_get_key_status_arg {
> >  static cmdinfo_t get_encpolicy_cmd;
> >  static cmdinfo_t set_encpolicy_cmd;
> >  static cmdinfo_t add_enckey_cmd;
> > +static cmdinfo_t rm_enckey_cmd;
> >  
> >  static void
> >  get_encpolicy_help(void)
> > @@ -200,6 +201,21 @@ add_enckey_help(void)
> >  "\n"));
> >  }
> >  
> > +static void
> > +rm_enckey_help(void)
> > +{
> > +	printf(_(
> > +"\n"
> > +" remove an encryption key from the filesystem\n"
> > +"\n"
> > +" Examples:\n"
> > +" 'rm_enckey 0000111122223333' - remove key for v1 policies w/ given descriptor\n"
> > +" 'rm_enckey 00001111222233334444555566667777' - remove key for v2 policies w/ given identifier\n"
> > +"\n"
> > +" -a -- remove key for all users who have added it (privileged operation)\n"
> > +"\n"));
> > +}
> > +
> >  static const struct {
> >  	__u8 mode;
> >  	const char *name;
> > @@ -693,6 +709,54 @@ out:
> >  	return 0;
> >  }
> >  
> > +static int
> > +rm_enckey_f(int argc, char **argv)
> > +{
> > +	int c;
> > +	struct fscrypt_remove_key_arg arg;
> > +	int ioc = FS_IOC_REMOVE_ENCRYPTION_KEY;
> > +
> > +	memset(&arg, 0, sizeof(arg));
> > +
> > +	while ((c = getopt(argc, argv, "a")) != EOF) {
> > +		switch (c) {
> > +		case 'a':
> > +			ioc = FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS;
> > +			break;
> > +		default:
> > +			return command_usage(&rm_enckey_cmd);
> > +		}
> > +	}
> > +	argc -= optind;
> > +	argv += optind;
> > +
> > +	if (argc != 1)
> > +		return command_usage(&rm_enckey_cmd);
> > +
> > +	if (str2keyspec(argv[0], -1, &arg.key_spec) < 0)
> > +		return 0;
> > +
> > +	if (ioctl(file->fd, ioc, &arg) != 0) {
> > +		fprintf(stderr, "Error removing encryption key: %s\n",
> > +			strerror(errno));
> > +		exitcode = 1;
> > +		return 0;
> > +	}
> > +	if (arg.removal_status_flags &
> > +	    FSCRYPT_KEY_REMOVAL_STATUS_FLAG_OTHER_USERS) {
> > +		printf("Removed user's claim to encryption key with %s %s\n",
> > +		       keyspectype(&arg.key_spec), keyspec2str(&arg.key_spec));
> > +	} else if (arg.removal_status_flags &
> > +		   FSCRYPT_KEY_REMOVAL_STATUS_FLAG_FILES_BUSY) {
> > +		printf("Removed encryption key with %s %s, but files still busy\n",
> > +		       keyspectype(&arg.key_spec), keyspec2str(&arg.key_spec));
> > +	} else {
> > +		printf("Removed encryption key with %s %s\n",
> > +		       keyspectype(&arg.key_spec), keyspec2str(&arg.key_spec));
> > +	}
> > +	return 0;
> > +}
> > +
> >  void
> >  encrypt_init(void)
> >  {
> > @@ -726,7 +790,18 @@ encrypt_init(void)
> >  	add_enckey_cmd.oneline = _("add an encryption key to the filesystem");
> >  	add_enckey_cmd.help = add_enckey_help;
> >  
> > +	rm_enckey_cmd.name = "rm_enckey";
> > +	rm_enckey_cmd.cfunc = rm_enckey_f;
> > +	rm_enckey_cmd.args = _("keyspec");
> 
> can you add "-a" to the args for the shorthelp/args here please?

Will do.

> 
> I don't know anything about this stuff.  :(  Is it to be used as:
> 
> rm_enckey -a <keyspec> ?

Yes, -a is just an optional argument.  Nothing special.

> 
> > +	rm_enckey_cmd.argmin = 0;
> > +	rm_enckey_cmd.argmax = -1;
> 
> I wonder if min/max should be 1/2 but eh, I think you catch wrong counts
> in the function itself, just without the explicit message the built-in
> checkers would give.

Well since there's only one option, we *could* pretend that it's an optional
positional argument, and do argmin=1, argmax=2, and

	if (argc == 2) {
		if (strcmp(argv[1], "-a") != 0)
			return command_usage(&rm_enckey_cmd);
		ioc = FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS;
		argv++;
	}

But all that would need to be changed if/when a second option is added.
IMO it's better to handle it in the standard way.

> 
> > +	rm_enckey_cmd.flags = CMD_NOMAP_OK | CMD_FOREIGN_OK;
> > +	rm_enckey_cmd.oneline =
> > +		_("remove an encryption key from the filesystem");
> > +	rm_enckey_cmd.help = rm_enckey_help;
> > +
> >  	add_command(&get_encpolicy_cmd);
> >  	add_command(&set_encpolicy_cmd);
> >  	add_command(&add_enckey_cmd);
> > +	add_command(&rm_enckey_cmd);
> >  }
> > diff --git a/man/man8/xfs_io.8 b/man/man8/xfs_io.8
> > index 7d6a23fe..a6894778 100644
> > --- a/man/man8/xfs_io.8
> > +++ b/man/man8/xfs_io.8
> > @@ -764,6 +764,21 @@ Otherwise, the key is added as a v2 policy key, and on success the resulting
> >  .RE
> >  .PD
> >  .TP
> > +.BI "rm_enckey " keyspec
> 
> show [-a] here as well?
> 

Will do.

- Eric

  reply	other threads:[~2019-09-25 23:11 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-09-20  0:18 [PATCH v2 0/8] xfsprogs: support fscrypt API additions in xfs_io Eric Biggers
2019-09-20  0:18 ` [PATCH v2 1/8] xfs_io/encrypt: remove unimplemented encryption modes Eric Biggers
2019-09-20  0:18 ` [PATCH v2 2/8] xfs_io/encrypt: update to UAPI definitions from Linux v5.4 Eric Biggers
2019-09-20  0:18 ` [PATCH v2 3/8] xfs_io/encrypt: add new encryption modes Eric Biggers
2019-09-20  0:18 ` [PATCH v2 4/8] xfs_io/encrypt: extend 'get_encpolicy' to support v2 policies Eric Biggers
2019-09-20  0:18 ` [PATCH v2 5/8] xfs_io/encrypt: extend 'set_encpolicy' " Eric Biggers
2019-09-20  0:18 ` [PATCH v2 6/8] xfs_io/encrypt: add 'add_enckey' command Eric Biggers
2019-09-20  0:18 ` [PATCH v2 7/8] xfs_io/encrypt: add 'rm_enckey' command Eric Biggers
2019-09-24 22:39   ` Eric Sandeen
2019-09-25 23:11     ` Eric Biggers [this message]
2019-09-20  0:18 ` [PATCH v2 8/8] xfs_io/encrypt: add 'enckey_status' command Eric Biggers

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190925231058.GA3163@gmail.com \
    --to=ebiggers@kernel.org \
    --cc=fstests@vger.kernel.org \
    --cc=linux-fscrypt@vger.kernel.org \
    --cc=linux-xfs@vger.kernel.org \
    --cc=sandeen@sandeen.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.