[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Libguestfs] [PATCH 1/3] fish: move disk decryption helpers in own file



On Mon, Sep 19, 2016 at 07:12:44PM +0200, Pino Toscano wrote:
> This way it is easier to use them outside the rest of the code in
> guestfish for inspection & mount.
> 
> Just code motion, no behaviour changes.
> ---
>  align/Makefile.am     |   1 +
>  cat/Makefile.am       |   1 +
>  df/Makefile.am        |   1 +
>  diff/Makefile.am      |   1 +
>  edit/Makefile.am      |   1 +
>  fish/Makefile.am      |   1 +
>  fish/decrypt.c        | 102 ++++++++++++++++++++++++++++++++++++++++++++++++++
>  fish/inspect.c        |  68 ---------------------------------
>  fish/options.h        |   4 +-
>  format/Makefile.am    |   1 +
>  fuse/Makefile.am      |   1 +
>  inspector/Makefile.am |   1 +
>  rescue/Makefile.am    |   1 +
>  13 files changed, 115 insertions(+), 69 deletions(-)
>  create mode 100644 fish/decrypt.c
> 
> diff --git a/align/Makefile.am b/align/Makefile.am
> index 1eccf28..eb44263 100644
> --- a/align/Makefile.am
> +++ b/align/Makefile.am
> @@ -33,6 +33,7 @@ SHARED_SOURCE_FILES = \
>  	../df/parallel.c \
>  	../df/parallel.h \
>  	../fish/config.c \
> +	../fish/decrypt.c \
>  	../fish/display-options.h \
>  	../fish/display-options.c \
>  	../fish/domain.c \
> diff --git a/cat/Makefile.am b/cat/Makefile.am
> index 38faa94..5e55742 100644
> --- a/cat/Makefile.am
> +++ b/cat/Makefile.am
> @@ -31,6 +31,7 @@ EXTRA_DIST = \
>  bin_PROGRAMS = virt-cat virt-filesystems virt-log virt-ls
>  
>  SHARED_SOURCE_FILES = \
> +	../fish/decrypt.c \
>  	../fish/display-options.h \
>  	../fish/display-options.c \
>  	../fish/domain.c \
> diff --git a/df/Makefile.am b/df/Makefile.am
> index ce1686a..6efc1dc 100644
> --- a/df/Makefile.am
> +++ b/df/Makefile.am
> @@ -28,6 +28,7 @@ bin_PROGRAMS = virt-df
>  
>  SHARED_SOURCE_FILES = \
>  	../fish/config.c \
> +	../fish/decrypt.c \
>  	../fish/display-options.h \
>  	../fish/display-options.c \
>  	../fish/domain.c \
> diff --git a/diff/Makefile.am b/diff/Makefile.am
> index cdbe05c..7dfe2cd 100644
> --- a/diff/Makefile.am
> +++ b/diff/Makefile.am
> @@ -27,6 +27,7 @@ bin_PROGRAMS = virt-diff
>  SHARED_SOURCE_FILES = \
>  	../cat/visit.h \
>  	../cat/visit.c \
> +	../fish/decrypt.c \
>  	../fish/display-options.h \
>  	../fish/display-options.c \
>  	../fish/domain.c \
> diff --git a/edit/Makefile.am b/edit/Makefile.am
> index 4ac4f08..dc9fbb0 100644
> --- a/edit/Makefile.am
> +++ b/edit/Makefile.am
> @@ -26,6 +26,7 @@ bin_PROGRAMS = virt-edit
>  
>  SHARED_SOURCE_FILES = \
>  	../fish/config.c \
> +	../fish/decrypt.c \
>  	../fish/display-options.h \
>  	../fish/display-options.c \
>  	../fish/domain.c \
> diff --git a/fish/Makefile.am b/fish/Makefile.am
> index e1bc210..8fdcd27 100644
> --- a/fish/Makefile.am
> +++ b/fish/Makefile.am
> @@ -73,6 +73,7 @@ EXTRA_DIST = \
>  # files must not include other guestfish files.
>  SHARED_SOURCE_FILES = \
>  	config.c \
> +	decrypt.c \
>  	display-options.h \
>  	display-options.c \
>  	domain.c \
> diff --git a/fish/decrypt.c b/fish/decrypt.c
> new file mode 100644
> index 0000000..d6e041d
> --- /dev/null
> +++ b/fish/decrypt.c
> @@ -0,0 +1,102 @@
> +/* libguestfs - shared disk decryption
> + * Copyright (C) 2010 Red Hat Inc.
> + *
> + * This program is free software; you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License as published by
> + * the Free Software Foundation; either version 2 of the License, or
> + * (at your option) any later version.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> + * GNU General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public License
> + * along with this program; if not, write to the Free Software
> + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
> + */
> +
> +/**
> + * This file implements the decryption of disk images, usually done
> + * before mounting their partitions.
> + */
> +
> +#include <config.h>
> +
> +#include <stdio.h>
> +#include <stdlib.h>
> +#include <string.h>
> +
> +#include "c-ctype.h"
> +
> +#include "guestfs.h"
> +
> +#include "options.h"
> +
> +/**
> + * Make a LUKS map name from the partition name,
> + * eg. C<"/dev/vda2" =E<gt> "luksvda2">
> + */
> +static void
> +make_mapname (const char *device, char *mapname, size_t len)
> +{
> +  size_t i = 0;
> +
> +  if (len < 5)
> +    abort ();
> +  strcpy (mapname, "luks");
> +  mapname += 4;
> +  len -= 4;
> +
> +  if (STRPREFIX (device, "/dev/"))
> +    i = 5;
> +
> +  for (; device[i] != '\0' && len >= 1; ++i) {
> +    if (c_isalnum (device[i])) {
> +      *mapname++ = device[i];
> +      len--;
> +    }
> +  }
> +
> +  *mapname = '\0';
> +}
> +
> +/**
> + * Simple implementation of decryption: look for any C<crypto_LUKS>
> + * partitions and decrypt them, then rescan for VGs.  This only works
> + * for Fedora whole-disk encryption.  WIP to make this work for other
> + * encryption schemes.
> + */
> +void
> +inspect_do_decrypt (guestfs_h *g)
> +{
> +  CLEANUP_FREE_STRING_LIST char **partitions = guestfs_list_partitions (g);
> +  if (partitions == NULL)
> +    exit (EXIT_FAILURE);
> +
> +  int need_rescan = 0;
> +  size_t i;
> +  for (i = 0; partitions[i] != NULL; ++i) {
> +    CLEANUP_FREE char *type = guestfs_vfs_type (g, partitions[i]);
> +    if (type && STREQ (type, "crypto_LUKS")) {
> +      char mapname[32];
> +      make_mapname (partitions[i], mapname, sizeof mapname);
> +
> +      CLEANUP_FREE char *key = read_key (partitions[i]);
> +      /* XXX Should we call guestfs_luks_open_ro if readonly flag
> +       * is set?  This might break 'mount_ro'.
> +       */
> +      if (guestfs_luks_open (g, partitions[i], key, mapname) == -1)
> +        exit (EXIT_FAILURE);
> +
> +      need_rescan = 1;
> +    }
> +  }
> +
> +  if (need_rescan) {
> +    if (guestfs_vgscan (g) == -1)
> +      exit (EXIT_FAILURE);
> +    if (guestfs_vg_activate_all (g, 1) == -1)
> +      exit (EXIT_FAILURE);
> +  }
> +}
> diff --git a/fish/inspect.c b/fish/inspect.c
> index 952d4f7..4a5b3c3 100644
> --- a/fish/inspect.c
> +++ b/fish/inspect.c
> @@ -202,71 +202,3 @@ print_inspect_prompt (void)
>              dev ? dev : mountpoints[i+1], mountpoints[i]);
>    }
>  }
> -
> -/**
> - * Make a LUKS map name from the partition name,
> - * eg. C<"/dev/vda2" =E<gt> "luksvda2">
> - */
> -static void
> -make_mapname (const char *device, char *mapname, size_t len)
> -{
> -  size_t i = 0;
> -
> -  if (len < 5)
> -    abort ();
> -  strcpy (mapname, "luks");
> -  mapname += 4;
> -  len -= 4;
> -
> -  if (STRPREFIX (device, "/dev/"))
> -    i = 5;
> -
> -  for (; device[i] != '\0' && len >= 1; ++i) {
> -    if (c_isalnum (device[i])) {
> -      *mapname++ = device[i];
> -      len--;
> -    }
> -  }
> -
> -  *mapname = '\0';
> -}
> -
> -/**
> - * Simple implementation of decryption: look for any C<crypto_LUKS>
> - * partitions and decrypt them, then rescan for VGs.  This only works
> - * for Fedora whole-disk encryption.  WIP to make this work for other
> - * encryption schemes.
> - */
> -void
> -inspect_do_decrypt (guestfs_h *g)
> -{
> -  CLEANUP_FREE_STRING_LIST char **partitions = guestfs_list_partitions (g);
> -  if (partitions == NULL)
> -    exit (EXIT_FAILURE);
> -
> -  int need_rescan = 0;
> -  size_t i;
> -  for (i = 0; partitions[i] != NULL; ++i) {
> -    CLEANUP_FREE char *type = guestfs_vfs_type (g, partitions[i]);
> -    if (type && STREQ (type, "crypto_LUKS")) {
> -      char mapname[32];
> -      make_mapname (partitions[i], mapname, sizeof mapname);
> -
> -      CLEANUP_FREE char *key = read_key (partitions[i]);
> -      /* XXX Should we call guestfs_luks_open_ro if readonly flag
> -       * is set?  This might break 'mount_ro'.
> -       */
> -      if (guestfs_luks_open (g, partitions[i], key, mapname) == -1)
> -        exit (EXIT_FAILURE);
> -
> -      need_rescan = 1;
> -    }
> -  }
> -
> -  if (need_rescan) {
> -    if (guestfs_vgscan (g) == -1)
> -      exit (EXIT_FAILURE);
> -    if (guestfs_vg_activate_all (g, 1) == -1)
> -      exit (EXIT_FAILURE);
> -  }
> -}
> diff --git a/fish/options.h b/fish/options.h
> index 061b41f..e8a4ebc 100644
> --- a/fish/options.h
> +++ b/fish/options.h
> @@ -111,6 +111,9 @@ struct mp {
>  /* in config.c */
>  extern void parse_config (void);
>  
> +/* in decrypt.c */
> +extern void inspect_do_decrypt (guestfs_h *g);
> +
>  /* in domain.c */
>  extern int add_libvirt_drives (guestfs_h *g, const char *guest);
>  
> @@ -124,7 +127,6 @@ extern void print_inspect_prompt (void);
>  
>  #if COMPILING_VIRT_INSPECTOR
>  /* (low-level inspection functions, used by virt-inspector only) */
> -extern void inspect_do_decrypt (guestfs_h *g);
>  extern void inspect_mount_root (guestfs_h *g, const char *root);
>  #endif
>  
> diff --git a/format/Makefile.am b/format/Makefile.am
> index d196910..0e881a5 100644
> --- a/format/Makefile.am
> +++ b/format/Makefile.am
> @@ -26,6 +26,7 @@ bin_PROGRAMS = virt-format
>  
>  SHARED_SOURCE_FILES = \
>  	../fish/config.c \
> +	../fish/decrypt.c \
>  	../fish/display-options.h \
>  	../fish/display-options.c \
>  	../fish/domain.c \
> diff --git a/fuse/Makefile.am b/fuse/Makefile.am
> index d766479..b8f5ad6 100644
> --- a/fuse/Makefile.am
> +++ b/fuse/Makefile.am
> @@ -34,6 +34,7 @@ bin_PROGRAMS = \
>  # between guestfish and guestmount.
>  SHARED_SOURCE_FILES = \
>  	../fish/config.c \
> +	../fish/decrypt.c \
>  	../fish/display-options.h \
>  	../fish/display-options.c \
>  	../fish/domain.c \
> diff --git a/inspector/Makefile.am b/inspector/Makefile.am
> index 00ca5d5..760e810 100644
> --- a/inspector/Makefile.am
> +++ b/inspector/Makefile.am
> @@ -54,6 +54,7 @@ bin_PROGRAMS = virt-inspector
>  
>  SHARED_SOURCE_FILES = \
>  	../fish/config.c \
> +	../fish/decrypt.c \
>  	../fish/display-options.h \
>  	../fish/display-options.c \
>  	../fish/domain.c \
> diff --git a/rescue/Makefile.am b/rescue/Makefile.am
> index c2545bd..f2a3c39 100644
> --- a/rescue/Makefile.am
> +++ b/rescue/Makefile.am
> @@ -27,6 +27,7 @@ bin_PROGRAMS = virt-rescue
>  
>  SHARED_SOURCE_FILES = \
>  	../fish/config.c \
> +	../fish/decrypt.c \
>  	../fish/display-options.h \
>  	../fish/display-options.c \
>  	../fish/domain.c \
> -- 
> 2.7.4

This appears to be straight code motion, so ACK.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine.  Supports Linux and Windows.
http://people.redhat.com/~rjones/virt-df/


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]