[thirdparty/systemd.git] / src / home / homework.h

/* SPDX-License-Identifier: LGPL-2.1+ */
#pragma once

#include <linux/fs.h>
#include <sys/vfs.h>

#include "sd-id128.h"

#include "loop-util.h"
#include "user-record.h"
#include "user-record-util.h"

typedef struct HomeSetup {
        char *dm_name;
        char *dm_node;

        LoopDevice *loop;
        struct crypt_device *crypt_device;
        int root_fd;
        int image_fd;
        sd_id128_t found_partition_uuid;
        sd_id128_t found_luks_uuid;
        sd_id128_t found_fs_uuid;

        uint8_t fscrypt_key_descriptor[FS_KEY_DESCRIPTOR_SIZE];

        void *volume_key;
        size_t volume_key_size;

        bool undo_dm;
        bool undo_mount;
        bool do_offline_fitrim;
        bool do_offline_fallocate;

        uint64_t partition_offset;
        uint64_t partition_size;
} HomeSetup;

typedef struct PasswordCache {
        /* Decoding passwords from security tokens is expensive and typically requires user interaction, hence cache any we already figured out. */
        char **pkcs11_passwords;
        char **fido2_passwords;
} PasswordCache;

void password_cache_free(PasswordCache *cache);

#define HOME_SETUP_INIT                                 \
        {                                               \
                .root_fd = -1,                          \
                .image_fd = -1,                         \
                .partition_offset = UINT64_MAX,         \
                .partition_size = UINT64_MAX,           \
        }

int home_setup_undo(HomeSetup *setup);

int home_prepare(UserRecord *h, bool already_activated, PasswordCache *cache, HomeSetup *setup, UserRecord **ret_header_home);

int home_refresh(UserRecord *h, HomeSetup *setup, UserRecord *header_home, PasswordCache *cache, struct statfs *ret_statfs, UserRecord **ret_new_home);

int home_populate(UserRecord *h, int dir_fd);

int home_load_embedded_identity(UserRecord *h, int root_fd, UserRecord *header_home, UserReconcileMode mode, PasswordCache *cache, UserRecord **ret_embedded_home, UserRecord **ret_new_home);
int home_store_embedded_identity(UserRecord *h, int root_fd, uid_t uid, UserRecord *old_home);
int home_extend_embedded_identity(UserRecord *h, UserRecord *used, HomeSetup *setup);

int user_record_authenticate(UserRecord *h, UserRecord *secret, PasswordCache *cache, bool strict_verify);

int home_sync_and_statfs(int root_fd, struct statfs *ret);
Commit	Line	Data
70a5db58 LP	1	/* SPDX-License-Identifier: LGPL-2.1+ */
	2	#pragma once
	3
	4	#include <linux/fs.h>
	5	#include <sys/vfs.h>
	6
	7	#include "sd-id128.h"
	8
	9	#include "loop-util.h"
	10	#include "user-record.h"
	11	#include "user-record-util.h"
	12
	13	typedef struct HomeSetup {
	14	char *dm_name;
	15	char *dm_node;
	16
	17	LoopDevice *loop;
	18	struct crypt_device *crypt_device;
	19	int root_fd;
28a7f106	20	int image_fd;
70a5db58 LP	21	sd_id128_t found_partition_uuid;
	22	sd_id128_t found_luks_uuid;
	23	sd_id128_t found_fs_uuid;
	24
	25	uint8_t fscrypt_key_descriptor[FS_KEY_DESCRIPTOR_SIZE];
	26
	27	void *volume_key;
	28	size_t volume_key_size;
	29
	30	bool undo_dm;
	31	bool undo_mount;
28a7f106 LP	32	bool do_offline_fitrim;
28a7f106 LP	33	bool do_offline_fallocate;
70a5db58 LP	34
	35	uint64_t partition_offset;
	36	uint64_t partition_size;
	37	} HomeSetup;
	38
7b78db28 LP	39	typedef struct PasswordCache {
	40	/* Decoding passwords from security tokens is expensive and typically requires user interaction, hence cache any we already figured out. */
	41	char **pkcs11_passwords;
	42	char **fido2_passwords;
	43	} PasswordCache;
	44
	45	void password_cache_free(PasswordCache *cache);
	46
70a5db58 LP	47	#define HOME_SETUP_INIT \
	48	{ \
	49	.root_fd = -1, \
28a7f106	50	.image_fd = -1, \
70a5db58 LP	51	.partition_offset = UINT64_MAX, \
	52	.partition_size = UINT64_MAX, \
	53	}
	54
	55	int home_setup_undo(HomeSetup *setup);
	56
7b78db28	57	int home_prepare(UserRecord h, bool already_activated, PasswordCache cache, HomeSetup setup, UserRecord *ret_header_home);
70a5db58	58
7b78db28	59	int home_refresh(UserRecord h, HomeSetup setup, UserRecord header_home, PasswordCache cache, struct statfs ret_statfs, UserRecord *ret_new_home);
70a5db58 LP	60
	61	int home_populate(UserRecord *h, int dir_fd);
	62
7b78db28	63	int home_load_embedded_identity(UserRecord h, int root_fd, UserRecord header_home, UserReconcileMode mode, PasswordCache cache, UserRecord ret_embedded_home, UserRecord *ret_new_home);
70a5db58 LP	64	int home_store_embedded_identity(UserRecord h, int root_fd, uid_t uid, UserRecord old_home);
	65	int home_extend_embedded_identity(UserRecord h, UserRecord used, HomeSetup *setup);
	66
7b78db28	67	int user_record_authenticate(UserRecord h, UserRecord secret, PasswordCache *cache, bool strict_verify);
70a5db58 LP	68
70a5db58 LP	69	int home_sync_and_statfs(int root_fd, struct statfs *ret);