homework: make sure fscrypt backend takes a HomeSetup object for all calls

author Lennart Poettering <lennart@poettering.net>

Thu, 21 Oct 2021 11:46:01 +0000 (13:46 +0200)

committer Lennart Poettering <lennart@poettering.net>

Wed, 27 Oct 2021 20:05:02 +0000 (22:05 +0200)
author Lennart Poettering <lennart@poettering.net>
Thu, 21 Oct 2021 11:46:01 +0000 (13:46 +0200)
committer Lennart Poettering <lennart@poettering.net>
Wed, 27 Oct 2021 20:05:02 +0000 (22:05 +0200)
diff --git a/src/home/homework-fscrypt.c b/src/home/homework-fscrypt.c

index 899d4e10c6c777600acd058f8de3909746a3a3ff..77185c9c747d2741482cab6295e3f5a2e7c40fb2 100644 (file)
--- a/src/home/homework-fscrypt.c
+++ b/src/home/homework-fscrypt.c
@@ -456,6 +456,7 @@ finish:
  
  int home_create_fscrypt(
                  UserRecord *h,
+                HomeSetup *setup,
                  char **effective_passwords,
                  UserRecord **ret_home) {
  
@@ -464,7 +465,6 @@ int home_create_fscrypt(
          _cleanup_(erase_and_freep) void *volume_key = NULL;
          struct fscrypt_policy policy = {};
          size_t volume_key_size = 512 / 8;
-        _cleanup_close_ int root_fd = -1;
          _cleanup_free_ char *d = NULL;
          uint32_t nr = 0;
          const char *ip;
@@ -473,6 +473,7 @@ int home_create_fscrypt(
  
          assert(h);
          assert(user_record_storage(h) == USER_FSCRYPT);
+        assert(setup);
          assert(ret_home);
  
          assert_se(ip = user_record_image_path(h));
@@ -488,11 +489,11 @@ int home_create_fscrypt(
  
          temporary = TAKE_PTR(d); /* Needs to be destroyed now */
  
-        root_fd = open(temporary, O_RDONLY|O_CLOEXEC|O_DIRECTORY|O_NOFOLLOW);
-        if (root_fd < 0)
+        setup->root_fd = open(temporary, O_RDONLY|O_CLOEXEC|O_DIRECTORY|O_NOFOLLOW);
+        if (setup->root_fd < 0)
                  return log_error_errno(errno, "Failed to open temporary home directory: %m");
  
-        if (ioctl(root_fd, FS_IOC_GET_ENCRYPTION_POLICY, &policy) < 0) {
+        if (ioctl(setup->root_fd, FS_IOC_GET_ENCRYPTION_POLICY, &policy) < 0) {
                  if (ERRNO_IS_NOT_SUPPORTED(errno)) {
                          log_error_errno(errno, "File system does not support fscrypt: %m");
                          return -ENOLINK; /* make recognizable */
@@ -526,13 +527,13 @@ int home_create_fscrypt(
  
          log_info("Uploaded volume key to kernel.");
  
-        if (ioctl(root_fd, FS_IOC_SET_ENCRYPTION_POLICY, &policy) < 0)
+        if (ioctl(setup->root_fd, FS_IOC_SET_ENCRYPTION_POLICY, &policy) < 0)
                  return log_error_errno(errno, "Failed to set fscrypt policy on directory: %m");
  
          log_info("Encryption policy set.");
  
          STRV_FOREACH(i, effective_passwords) {
-                r = fscrypt_slot_set(root_fd, volume_key, volume_key_size, *i, nr);
+                r = fscrypt_slot_set(setup->root_fd, volume_key, volume_key_size, *i, nr);
                  if (r < 0)
                          return r;
  
@@ -541,11 +542,11 @@ int home_create_fscrypt(
  
          (void) home_update_quota_classic(h, temporary);
  
-        r = home_populate(h, root_fd);
+        r = home_populate(h, setup->root_fd);
          if (r < 0)
                  return r;
  
-        r = home_sync_and_statfs(root_fd, NULL);
+        r = home_sync_and_statfs(setup->root_fd, NULL);
          if (r < 0)
                  return r;
  
diff --git a/src/home/homework-fscrypt.h b/src/home/homework-fscrypt.h

index 736bcb9dcd9df3975f460d4374f6b830a61c2f44..e9262c6349a5ab0fbf04359b56190d5518f420b1 100644 (file)
--- a/src/home/homework-fscrypt.h
+++ b/src/home/homework-fscrypt.h
@@ -5,6 +5,7 @@
  #include "user-record.h"
  
  int home_setup_fscrypt(UserRecord *h, const PasswordCache *cache, HomeSetup *setup);
-int home_create_fscrypt(UserRecord *h, char **effective_passwords, UserRecord **ret_home);
+
+int home_create_fscrypt(UserRecord *h, HomeSetup *setup, char **effective_passwords, UserRecord **ret_home);
  
  int home_passwd_fscrypt(UserRecord *h, HomeSetup *setup, const PasswordCache *cache, char **effective_passwords);
diff --git a/src/home/homework.c b/src/home/homework.c

index cfc0c945defb104478bd5bc37bc4a9489d645e3d..7d1ea481cea137818e82a79655634e47dbaed852 100644 (file)
--- a/src/home/homework.c
+++ b/src/home/homework.c
@@ -1272,7 +1272,7 @@ static int home_create(UserRecord *h, UserRecord **ret_home) {
                  break;
  
          case USER_FSCRYPT:
-                r = home_create_fscrypt(h, effective_passwords, &new_home);
+                r = home_create_fscrypt(h, &setup, effective_passwords, &new_home);
                  break;
  
          case USER_CIFS:
author	Lennart Poettering <lennart@poettering.net>
	Thu, 21 Oct 2021 11:46:01 +0000 (13:46 +0200)
committer	Lennart Poettering <lennart@poettering.net>
	Wed, 27 Oct 2021 20:05:02 +0000 (22:05 +0200)
src/home/homework-fscrypt.c		patch \| blob \| blame \| history
src/home/homework-fscrypt.h		patch \| blob \| blame \| history
src/home/homework.c		patch \| blob \| blame \| history