Upload to unstable

[bcachefs-tools-debian] / cmd_key.c

diff --git a/cmd_key.c b/cmd_key.c
index 6052cb0061762b8ed8d6a1f4c56dfc8c7e54ee41..96206c4c36b5a62cce4cc27fd445a383bdfa87df 100644 (file)
--- a/cmd_key.c
+++ b/cmd_key.c
@@ -14,20 +14,26 @@ static void unlock_usage(void)
             "\n"
             "Options:\n"
             "  -c                     Check if a device is encrypted\n"
+            "  -k (session|user|user_session)\n"
+            "                         Keyring to add to (default: user)\n"
             "  -h                     Display this help and exit\n"
-            "Report bugs to <linux-bcache@vger.kernel.org>");
+            "Report bugs to <linux-bcachefs@vger.kernel.org>");
 }
 
 int cmd_unlock(int argc, char *argv[])
 {
+       const char *keyring = "user";
        bool check = false;
        int opt;
 
-       while ((opt = getopt(argc, argv, "ch")) != -1)
+       while ((opt = getopt(argc, argv, "ck:h")) != -1)
                switch (opt) {
                case 'c':
                        check = true;
                        break;
+               case 'k':
+                       keyring = strdup(optarg);
+                       break;
                case 'h':
                        unlock_usage();
                        exit(EXIT_SUCCESS);
@@ -49,7 +55,7 @@ int cmd_unlock(int argc, char *argv[])
        struct bch_sb_handle sb;
        int ret = bch2_read_super(dev, &opts, &sb);
        if (ret)
-               die("Error opening %s: %s", dev, strerror(-ret));
+               die("Error opening %s: %s", dev, bch2_err_str(ret));
 
        if (!bch2_sb_is_encrypted(sb.sb))
                die("%s is not encrypted", dev);
@@ -59,7 +65,7 @@ int cmd_unlock(int argc, char *argv[])
 
        char *passphrase = read_passphrase("Enter passphrase: ");
 
-       bch2_add_key(sb.sb, passphrase);
+       bch2_add_key(sb.sb, "user", keyring, passphrase);
 
        bch2_free_super(&sb);
        memzero_explicit(passphrase, strlen(passphrase));
@@ -84,9 +90,9 @@ int cmd_set_passphrase(int argc, char *argv[])
 
        c = bch2_fs_open(argv + 1, argc - 1, opts);
        if (IS_ERR(c))
-               die("Error opening %s: %s", argv[1], strerror(-PTR_ERR(c)));
+               die("Error opening %s: %s", argv[1], bch2_err_str(PTR_ERR(c)));
 
-       struct bch_sb_field_crypt *crypt = bch2_sb_get_crypt(c->disk_sb.sb);
+       struct bch_sb_field_crypt *crypt = bch2_sb_field_get(c->disk_sb.sb, crypt);
        if (!crypt)
                die("Filesystem does not have encryption enabled");
 
@@ -105,6 +111,7 @@ int cmd_set_passphrase(int argc, char *argv[])
                die("error encrypting key");
        crypt->key = new_key;
 
+       bch2_revoke_key(c->disk_sb.sb);
        bch2_write_super(c);
        bch2_fs_stop(c);
        return 0;
@@ -121,9 +128,9 @@ int cmd_remove_passphrase(int argc, char *argv[])
        opt_set(opts, nostart, true);
        c = bch2_fs_open(argv + 1, argc - 1, opts);
        if (IS_ERR(c))
-               die("Error opening %s: %s", argv[1], strerror(-PTR_ERR(c)));
+               die("Error opening %s: %s", argv[1], bch2_err_str(PTR_ERR(c)));
 
-       struct bch_sb_field_crypt *crypt = bch2_sb_get_crypt(c->disk_sb.sb);
+       struct bch_sb_field_crypt *crypt = bch2_sb_field_get(c->disk_sb.sb, crypt);
        if (!crypt)
                die("Filesystem does not have encryption enabled");