cmd_unlock: Add -k argument to specify keyring

This adds a new argument (-k) to cmd_unlock for specifying the keyring
to add to. The default is user, but user_session and session can also be
specified.

Signed-off-by: Kent Overstreet <kent.overstreet@gmail.com>

.bcachefs_revision

@@ -1 +1 @@
-c4ca278a540bd2f99864f198a6ec9b4cb1f1fd44
+40eaef7e8049b75ff7e5da42227295c754d9c906

cmd_key.c

@@ -14,20 +14,26 @@ static void unlock_usage(void)
 	     "\n"
 	     "Options:\n"
 	     "  -c                     Check if a device is encrypted\n"
+	     "  -k (session|user|user_session)\n"
+	     "                         Keyring to add to (default: user)\n"
 	     "  -h                     Display this help and exit\n"
 	     "Report bugs to <linux-bcache@vger.kernel.org>");
 }
 
 int cmd_unlock(int argc, char *argv[])
 {
+	const char *keyring = "user";
 	bool check = false;
 	int opt;
 
-	while ((opt = getopt(argc, argv, "ch")) != -1)
+	while ((opt = getopt(argc, argv, "ck:h")) != -1)
 		switch (opt) {
 		case 'c':
 			check = true;
 			break;
+		case 'k':
+			keyring = strdup(optarg);
+			break;
 		case 'h':
 			unlock_usage();
 			exit(EXIT_SUCCESS);
@@ -59,7 +65,7 @@ int cmd_unlock(int argc, char *argv[])
 
 	char *passphrase = read_passphrase("Enter passphrase: ");
 
-	bch2_add_key(sb.sb, passphrase);
+	bch2_add_key(sb.sb, "user", keyring, passphrase);
 
 	bch2_free_super(&sb);
 	memzero_explicit(passphrase, strlen(passphrase));

cmd_migrate.c

@@ -691,7 +691,7 @@ static int migrate_fs(const char		*fs_path,
 	u64 sb_offset = le64_to_cpu(sb->layout.sb_offset[0]);
 
 	if (format_opts.passphrase)
-		bch2_add_key(sb, format_opts.passphrase);
+		bch2_add_key(sb, "user", "user", format_opts.passphrase);
 
 	free(sb);
 

crypto.c

@@ -133,10 +133,23 @@ void bch2_passphrase_check(struct bch_sb *sb, const char *passphrase,
 		die("incorrect passphrase");
 }
 
-void bch2_add_key(struct bch_sb *sb, const char *passphrase)
+void bch2_add_key(struct bch_sb *sb,
+		  const char *type,
+		  const char *keyring_str,
+		  const char *passphrase)
 {
 	struct bch_key passphrase_key;
 	struct bch_encrypted_key sb_key;
+	int keyring;
+
+	if (!strcmp(keyring_str, "session"))
+		keyring = KEY_SPEC_SESSION_KEYRING;
+	else if (!strcmp(keyring_str, "user"))
+		keyring = KEY_SPEC_USER_KEYRING;
+	else if (!strcmp(keyring_str, "user_session"))
+		keyring = KEY_SPEC_USER_SESSION_KEYRING;
+	else
+		die("unknown keyring %s", keyring_str);
 
 	bch2_passphrase_check(sb, passphrase,
 			      &passphrase_key,
@@ -147,12 +160,10 @@ void bch2_add_key(struct bch_sb *sb, const char *passphrase)
 
 	char *description = mprintf("bcachefs:%s", uuid);
 
-	if (add_key("logon", description,
+	if (add_key(type,
+		    description,
 		    &passphrase_key, sizeof(passphrase_key),
-		    KEY_SPEC_USER_KEYRING) < 0 ||
-	    add_key("user", description,
-		    &passphrase_key, sizeof(passphrase_key),
-		    KEY_SPEC_USER_KEYRING) < 0)
+		    keyring) < 0)
 		die("add_key error: %m");
 
 	memzero_explicit(description, strlen(description));

crypto.h

@@ -15,7 +15,7 @@ struct bch_key derive_passphrase(struct bch_sb_field_crypt *, const char *);
 bool bch2_sb_is_encrypted(struct bch_sb *);
 void bch2_passphrase_check(struct bch_sb *, const char *,
 			   struct bch_key *, struct bch_encrypted_key *);
-void bch2_add_key(struct bch_sb *, const char *);
+void bch2_add_key(struct bch_sb *, const char *, const char *, const char *);
 void bch_sb_crypt_init(struct bch_sb *sb, struct bch_sb_field_crypt *,
 		       const char *);
 

libbcachefs/checksum.c

@@ -424,7 +424,7 @@ static int __bch2_request_key(char *key_description, struct bch_key *key)
 	const struct user_key_payload *ukp;
 	int ret;
 
-	keyring_key = request_key(&key_type_logon, key_description, NULL);
+	keyring_key = request_key(&key_type_user, key_description, NULL);
 	if (IS_ERR(keyring_key))
 		return PTR_ERR(keyring_key);
 

libbcachefs/lru.c

@@ -130,7 +130,7 @@ int bch2_lru_change(struct btree_trans *trans, u64 id, u64 idx,
 }
 
 static int bch2_check_lru_key(struct btree_trans *trans,
-			      struct btree_iter *lru_iter, bool initial)
+			      struct btree_iter *lru_iter)
 {
 	struct bch_fs *c = trans->c;
 	struct btree_iter iter;
@@ -193,7 +193,7 @@ fsck_err:
 	return ret;
 }
 
-int bch2_check_lrus(struct bch_fs *c, bool initial)
+int bch2_check_lrus(struct bch_fs *c)
 {
 	struct btree_trans trans;
 	struct btree_iter iter;
@@ -207,7 +207,7 @@ int bch2_check_lrus(struct bch_fs *c, bool initial)
 		ret = __bch2_trans_do(&trans, NULL, NULL,
 				      BTREE_INSERT_NOFAIL|
 				      BTREE_INSERT_LAZY_RW,
-			bch2_check_lru_key(&trans, &iter, initial));
+			bch2_check_lru_key(&trans, &iter));
 		if (ret)
 			break;
 	}

libbcachefs/lru.h

@@ -14,6 +14,6 @@ int bch2_lru_delete(struct btree_trans *, u64, u64, u64, struct bkey_s_c);
 int bch2_lru_set(struct btree_trans *, u64, u64, u64 *);
 int bch2_lru_change(struct btree_trans *, u64, u64, u64, u64 *, struct bkey_s_c);
 
-int bch2_check_lrus(struct bch_fs *, bool);
+int bch2_check_lrus(struct bch_fs *);
 
 #endif /* _BCACHEFS_LRU_H */

libbcachefs/recovery.c

@@ -1256,24 +1256,19 @@ use_clean:
 
 		bch_info(c, "checking lrus");
 		err = "error checking lrus";
-		ret = bch2_check_lrus(c, true);
+		ret = bch2_check_lrus(c);
 		if (ret)
 			goto err;
 		bch_verbose(c, "done checking lrus");
-
 		set_bit(BCH_FS_CHECK_LRUS_DONE, &c->flags);
 
 		bch_info(c, "checking alloc to lru refs");
 		err = "error checking alloc to lru refs";
 		ret = bch2_check_alloc_to_lru_refs(c);
-		if (ret)
-			goto err;
-		set_bit(BCH_FS_CHECK_ALLOC_TO_LRU_REFS_DONE, &c->flags);
-
-		ret = bch2_check_lrus(c, true);
 		if (ret)
 			goto err;
 		bch_verbose(c, "done checking alloc to lru refs");
+		set_bit(BCH_FS_CHECK_ALLOC_TO_LRU_REFS_DONE, &c->flags);
 	} else {
 		set_bit(BCH_FS_MAY_GO_RW, &c->flags);
 		set_bit(BCH_FS_INITIAL_GC_DONE, &c->flags);