[Libguestfs] [PATCH] mltools, options: support --allow-discards when decrypting LUKS devices

Jan Synacek jsynacek at redhat.com
Wed Jan 22 10:57:34 UTC 2020 

On Wed, Jan 22, 2020 at 10:50 AM Richard W.M. Jones <rjones at redhat.com>
wrote:

> On Wed, Jan 22, 2020 at 10:14:38AM +0100, Jan Synacek wrote:
> > -val inspect_decrypt : Guestfs.guestfs -> key_store -> unit
> > +val inspect_decrypt : Guestfs.guestfs -> ?allow_discards:bool ->
> key_store -> unit
> >
> >  (** Simple implementation of decryption: look for any [crypto_LUKS]
> >      partitions and decrypt them, then rescan for VGs.  This only works
> >      for Fedora whole-disk encryption. *)
>
> Documentation here needs a short explanation of what the
> new allow_discards parameter does, and what the default is.
>

Will fix.

>
> > diff --git a/options/decrypt.c b/options/decrypt.c
> > index 683cf5e..0f24a7a 100644
> > --- a/options/decrypt.c
> > +++ b/options/decrypt.c
> > @@ -71,7 +71,7 @@ make_mapname (const char *device, char *mapname,
> size_t len)
> >   * encryption schemes.
> >   */
> >  void
> > -inspect_do_decrypt (guestfs_h *g, struct key_store *ks)
> > +inspect_do_decrypt (guestfs_h *g, struct key_store *ks, int
> allowdiscards)
> >  {
> >    CLEANUP_FREE_STRING_LIST char **partitions = guestfs_list_partitions
> (g);
> >    if (partitions == NULL)
> > @@ -101,7 +101,8 @@ inspect_do_decrypt (guestfs_h *g, struct key_store
> *ks)
> >           * is set?  This might break 'mount_ro'.
> >           */
> >          guestfs_push_error_handler (g, NULL, NULL);
> > -        r = guestfs_luks_open (g, partitions[i], keys[j], mapname);
> > +        r = guestfs_luks_open_opts (g, partitions[i], keys[j], mapname,
> > +                                 GUESTFS_LUKS_OPEN_OPTS_ALLOWDISCARDS,
> allowdiscards, -1);
>
> Obviously this means this patch depends on the API change :-)
>

Yes. Am I supposed to note that somewhere? Or did I miss anything?

[...]
> >  /* in decrypt.c */
> > -extern void inspect_do_decrypt (guestfs_h *g, struct key_store *ks);
> > +extern void inspect_do_decrypt (guestfs_h *g, struct key_store *ks, int
> allowdiscards);
>
> > -  inspect_do_decrypt (g, ks);
> > +  inspect_do_decrypt (g, ks, 0);
>
> Kind of wonder if we want to use a C bool here instead of an int.
>

I didn't notice that I could do that. But I think I've seen elsewhere in
the code that for "flags" like this, ints are used. The OCaml bools also
translate to C ints 1:1, but I guess that's the case for stdbool booleans
too.


>
> Rich.
>
> --
> Richard Jones, Virtualization Group, Red Hat
> http://people.redhat.com/~rjones
> Read my programming and virtualization blog: http://rwmj.wordpress.com
> virt-builder quickly builds VMs from scratch
> http://libguestfs.org/virt-builder.1.html
>
>

-- 
Jan Synacek
Software Engineer, Red Hat
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libguestfs/attachments/20200122/241865b4/attachment.htm>

More information about the Libguestfs mailing list