1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
11 #include "user-record.h"
12 #include "user-record-util.h"
14 typedef struct HomeSetup
{
19 struct crypt_device
*crypt_device
;
22 sd_id128_t found_partition_uuid
;
23 sd_id128_t found_luks_uuid
;
24 sd_id128_t found_fs_uuid
;
26 uint8_t fscrypt_key_descriptor
[FS_KEY_DESCRIPTOR_SIZE
];
29 size_t volume_key_size
;
32 bool undo_mount
:1; /* Whether to unmount /run/systemd/user-home-mount */
33 bool do_offline_fitrim
:1;
34 bool do_offline_fallocate
:1;
36 bool do_drop_caches
:1;
38 uint64_t partition_offset
;
39 uint64_t partition_size
;
42 typedef struct PasswordCache
{
43 /* Decoding passwords from security tokens is expensive and typically requires user interaction,
44 * hence cache any we already figured out. */
45 char **pkcs11_passwords
;
46 char **fido2_passwords
;
49 void password_cache_free(PasswordCache
*cache
);
51 static inline bool password_cache_contains(const PasswordCache
*cache
, const char *p
) {
55 return strv_contains(cache
->pkcs11_passwords
, p
) || strv_contains(cache
->fido2_passwords
, p
);
58 #define HOME_SETUP_INIT \
62 .partition_offset = UINT64_MAX, \
63 .partition_size = UINT64_MAX, \
66 /* Various flags for the operation of setting up a home directory */
67 typedef enum HomeSetupFlags
{
68 HOME_SETUP_ALREADY_ACTIVATED
= 1 << 0, /* Open an already activated home, rather than activate it afresh */
71 int home_setup_done(HomeSetup
*setup
);
73 int home_setup(UserRecord
*h
, HomeSetupFlags flags
, PasswordCache
*cache
, HomeSetup
*setup
, UserRecord
**ret_header_home
);
75 int home_refresh(UserRecord
*h
, HomeSetup
*setup
, UserRecord
*header_home
, PasswordCache
*cache
, struct statfs
*ret_statfs
, UserRecord
**ret_new_home
);
77 int home_populate(UserRecord
*h
, int dir_fd
);
79 int home_load_embedded_identity(UserRecord
*h
, int root_fd
, UserRecord
*header_home
, UserReconcileMode mode
, PasswordCache
*cache
, UserRecord
**ret_embedded_home
, UserRecord
**ret_new_home
);
80 int home_store_embedded_identity(UserRecord
*h
, int root_fd
, uid_t uid
, UserRecord
*old_home
);
81 int home_extend_embedded_identity(UserRecord
*h
, UserRecord
*used
, HomeSetup
*setup
);
83 int user_record_authenticate(UserRecord
*h
, UserRecord
*secret
, PasswordCache
*cache
, bool strict_verify
);
85 int home_sync_and_statfs(int root_fd
, struct statfs
*ret
);
87 #define HOME_RUNTIME_WORK_DIR "/run/systemd/user-home-mount"