[Libguestfs] [libguestfs-common PATCH 08/12] options: introduce selector tpe "key_clevis"

Richard W.M. Jones rjones at redhat.com
Tue Jun 28 14:34:34 UTC 2022 

On Tue, Jun 28, 2022 at 01:49:11PM +0200, Laszlo Ersek wrote:
> >From an earlier patch in this series, we can now represent LUKS decryption
> with Clevis+Tang in those matching keys that we distill for a particular
> guestfs device or LUKS UUID. Now extend the keystore (composed from
> command line options), i.e. the store that is filtered into matching keys,
> with a selector type that stands for Clevis+Tang.
> 
> Again, this patch introduces no change in observable behavior; there is
> still no user interface for placing a selector of the new type into the
> keystore.
> 
> Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453
> Signed-off-by: Laszlo Ersek <lersek at redhat.com>
> ---
>  options/options.h | 1 +
>  options/keys.c    | 8 ++++++++
>  2 files changed, 9 insertions(+)
> 
> diff --git a/options/options.h b/options/options.h
> index 61a385da13ae..e7a0364cc926 100644
> --- a/options/options.h
> +++ b/options/options.h
> @@ -113,10 +113,11 @@ struct key_store_key {
>    char *id;
>  
>    enum {
>      key_string,             /* key specified as string */
>      key_file,               /* key stored in a file */
> +    key_clevis,             /* key reconstructed with Clevis+Tang */
>    } type;
>    union {
>      struct {
>        char *s;              /* string of the key */
>      } string;
> diff --git a/options/keys.c b/options/keys.c
> index 75c659561c52..7729fe79c99b 100644
> --- a/options/keys.c
> +++ b/options/keys.c
> @@ -169,10 +169,15 @@ get_keys (struct key_store *ks, const char *device, const char *uuid,
>          s = read_first_line_from_file (key->file.name);
>          match->clevis = false;
>          match->passphrase = s;
>          ++match;
>          break;
> +      case key_clevis:
> +        match->clevis = true;
> +        match->passphrase = NULL;
> +        ++match;
> +        break;
>        }
>      }
>    }
>  
>    if (match == r) {
> @@ -289,9 +294,12 @@ free_key_store (struct key_store *ks)
>        free (key->string.s);
>        break;
>      case key_file:
>        free (key->file.name);
>        break;
> +    case key_clevis:
> +      /* nothing */
> +      break;
>      }
>      free (key->id);
>    }

Reviewed-by: Richard W.M. Jones <rjones at redhat.com>


-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-builder quickly builds VMs from scratch
http://libguestfs.org/virt-builder.1.html

More information about the Libguestfs mailing list