alex/bcachefs-tools
1
0
Fork 0
mirror of https://github.com/koverstreet/bcachefs-tools.git synced 2025-12-09 00:00:17 +03:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Added the ability to format a filesystem with encryption, using a passphrase key located within a file

Browse Source
This commit is contained in:
prey169 2025-07-03 23:54:12 -04:00
parent 7d69a303d1
commit 7362ed1223
2 changed files with 19 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
c_src/cmd_format.c
View File

@ -21,6 +21,7 @@
#include <uuid/uuid.h> #include <uuid/uuid.h>
#include "cmds.h" #include "cmds.h"
#include "tools-util.h"
#include "posix_to_bcachefs.h" #include "posix_to_bcachefs.h"
#include "libbcachefs.h" #include "libbcachefs.h"
#include "crypto.h" #include "crypto.h"
@ -34,6 +35,7 @@
#define OPTS \ #define OPTS \
x(0, replicas, required_argument) \ x(0, replicas, required_argument) \
x(0, encrypted, no_argument) \ x(0, encrypted, no_argument) \
x(0, passphrase_file, required_argument) \
x(0, no_passphrase, no_argument) \ x(0, no_passphrase, no_argument) \
x('L', fs_label, required_argument) \ x('L', fs_label, required_argument) \
x('U', uuid, required_argument) \ x('U', uuid, required_argument) \
@ -59,6 +61,7 @@ static void format_usage(void)
puts(" --replicas=# Sets both data and metadata replicas\n" puts(" --replicas=# Sets both data and metadata replicas\n"
" --encrypted Enable whole filesystem encryption (chacha20/poly1305)\n" " --encrypted Enable whole filesystem encryption (chacha20/poly1305)\n"
" --passphrase_file=file File containing passphrase used for encryption/decryption\n"
" --no_passphrase Don't encrypt master encryption key\n" " --no_passphrase Don't encrypt master encryption key\n"
" -L, --fs_label=label\n" " -L, --fs_label=label\n"
" -U, --uuid=uuid\n" " -U, --uuid=uuid\n"
@ -173,6 +176,9 @@ int cmd_format(int argc, char *argv[])
case O_encrypted: case O_encrypted:
opts.encrypted = true; opts.encrypted = true;
break; break;
case O_passphrase_file:
opts.passphrase_file = optarg;
break;
case O_no_passphrase: case O_no_passphrase:
no_passphrase = true; no_passphrase = true;
break; break;
@ -247,8 +253,19 @@ int cmd_format(int argc, char *argv[])
if (opts.source && !initialize) if (opts.source && !initialize)
die("--source, --no_initialize are incompatible"); die("--source, --no_initialize are incompatible");
if (opts.passphrase_file && !opts.encrypted)
die("--passphrase_file, requires --encrypted set");
if (opts.passphrase_file && no_passphrase) {
die("--passphrase_file, --no_passphrase are incompatible");
}
if (opts.encrypted && !no_passphrase) { if (opts.encrypted && !no_passphrase) {
if (opts.passphrase_file) {
opts.passphrase = read_file_str(AT_FDCWD, opts.passphrase_file);
} else {
opts.passphrase = read_passphrase_twice("Enter passphrase: "); opts.passphrase = read_passphrase_twice("Enter passphrase: ");
}
initialize = false; initialize = false;
} }

1
c_src/libbcachefs.h
View File

@ -41,6 +41,7 @@ struct format_opts {
unsigned version; unsigned version;
unsigned superblock_size; unsigned superblock_size;
bool encrypted; bool encrypted;
char *passphrase_file;
char *passphrase; char *passphrase;
char *source; char *source;
bool no_sb_at_end; bool no_sb_at_end;