diff options
Diffstat (limited to 'rust-src/mount/src')
| -rw-r--r-- | rust-src/mount/src/filesystem.rs | 217 | ||||
| -rw-r--r-- | rust-src/mount/src/key.rs | 97 | ||||
| -rw-r--r-- | rust-src/mount/src/lib.rs | 125 | ||||
| -rw-r--r-- | rust-src/mount/src/main.rs | 53 |
4 files changed, 0 insertions, 492 deletions
diff --git a/rust-src/mount/src/filesystem.rs b/rust-src/mount/src/filesystem.rs deleted file mode 100644 index 28a2ab9e..00000000 --- a/rust-src/mount/src/filesystem.rs +++ /dev/null @@ -1,217 +0,0 @@ -extern "C" { - pub static stdout: *mut libc::FILE; -} -use bch_bindgen::{debug, info}; -use colored::Colorize; -use getset::{CopyGetters, Getters}; -use std::path::PathBuf; -#[derive(Getters, CopyGetters)] -pub struct FileSystem { - /// External UUID of the bcachefs - #[getset(get = "pub")] - uuid: uuid::Uuid, - /// Whether filesystem is encrypted - #[getset(get_copy = "pub")] - encrypted: bool, - /// Super block - #[getset(get = "pub")] - sb: bcachefs::bch_sb_handle, - /// Member devices for this filesystem - #[getset(get = "pub")] - devices: Vec<PathBuf>, -} -impl std::fmt::Debug for FileSystem { - fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { - f.debug_struct("FileSystem") - .field("uuid", &self.uuid) - .field("encrypted", &self.encrypted) - .field("devices", &self.device_string()) - .finish() - } -} -use std::fmt; -impl std::fmt::Display for FileSystem { - fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { - let devs = self.device_string(); - write!( - f, - "{:?}: locked?={lock} ({}) ", - self.uuid, - devs, - lock = self.encrypted - ) - } -} - -impl FileSystem { - pub(crate) fn new(sb: bcachefs::bch_sb_handle) -> Self { - Self { - uuid: sb.sb().uuid(), - encrypted: sb.sb().crypt().is_some(), - sb: sb, - devices: Vec::new(), - } - } - - pub fn device_string(&self) -> String { - use itertools::Itertools; - self.devices.iter().map(|d| d.display()).join(":") - } - - pub fn mount( - &self, - target: impl AsRef<std::path::Path>, - options: impl AsRef<str>, - ) -> anyhow::Result<()> { - let src = self.device_string(); - let (data, mountflags) = parse_mount_options(options); - - info!( - "mounting bcachefs filesystem, {}", - target.as_ref().display() - ); - mount_inner(src, target, "bcachefs", mountflags, data) - } -} - -fn mount_inner( - src: String, - target: impl AsRef<std::path::Path>, - fstype: &str, - mountflags: u64, - data: Option<String>, -) -> anyhow::Result<()> { - use std::{ - ffi::{c_void, CString}, - os::{raw::c_char, unix::ffi::OsStrExt}, - }; - - // bind the CStrings to keep them alive - let src = CString::new(src)?; - let target = CString::new(target.as_ref().as_os_str().as_bytes())?; - let data = data.map(CString::new).transpose()?; - let fstype = CString::new(fstype)?; - - // convert to pointers for ffi - let src = src.as_c_str().to_bytes_with_nul().as_ptr() as *const c_char; - let target = target.as_c_str().to_bytes_with_nul().as_ptr() as *const c_char; - let data = data.as_ref().map_or(std::ptr::null(), |data| { - data.as_c_str().to_bytes_with_nul().as_ptr() as *const c_void - }); - let fstype = fstype.as_c_str().to_bytes_with_nul().as_ptr() as *const c_char; - - let ret = { - info!("mounting filesystem"); - // REQUIRES: CAP_SYS_ADMIN - unsafe { libc::mount(src, target, fstype, mountflags, data) } - }; - match ret { - 0 => Ok(()), - _ => Err(crate::ErrnoError(errno::errno()).into()), - } -} - -/// Parse a comma-separated mount options and split out mountflags and filesystem -/// specific options. -fn parse_mount_options(options: impl AsRef<str>) -> (Option<String>, u64) { - use either::Either::*; - debug!("parsing mount options: {}", options.as_ref()); - let (opts, flags) = options - .as_ref() - .split(",") - .map(|o| match o { - "dirsync" => Left(libc::MS_DIRSYNC), - "lazytime" => Left(1 << 25), // MS_LAZYTIME - "mand" => Left(libc::MS_MANDLOCK), - "noatime" => Left(libc::MS_NOATIME), - "nodev" => Left(libc::MS_NODEV), - "nodiratime" => Left(libc::MS_NODIRATIME), - "noexec" => Left(libc::MS_NOEXEC), - "nosuid" => Left(libc::MS_NOSUID), - "relatime" => Left(libc::MS_RELATIME), - "remount" => Left(libc::MS_REMOUNT), - "ro" => Left(libc::MS_RDONLY), - "rw" => Left(0), - "strictatime" => Left(libc::MS_STRICTATIME), - "sync" => Left(libc::MS_SYNCHRONOUS), - "" => Left(0), - o @ _ => Right(o), - }) - .fold((Vec::new(), 0), |(mut opts, flags), next| match next { - Left(f) => (opts, flags | f), - Right(o) => { - opts.push(o); - (opts, flags) - } - }); - - use itertools::Itertools; - ( - if opts.len() == 0 { - None - } else { - Some(opts.iter().join(",")) - }, - flags, - ) -} - -use bch_bindgen::bcachefs; -use std::collections::HashMap; -use uuid::Uuid; - -pub fn probe_filesystems() -> anyhow::Result<HashMap<Uuid, FileSystem>> { - debug!("enumerating udev devices"); - let mut udev = udev::Enumerator::new()?; - - udev.match_subsystem("block")?; // find kernel block devices - - let mut fs_map = HashMap::new(); - let devresults = udev - .scan_devices()? - .into_iter() - .filter_map(|dev| dev.devnode().map(ToOwned::to_owned)); - - for pathbuf in devresults { - match get_super_block_uuid(&pathbuf)? { - Ok((uuid_key, superblock)) => { - let fs = fs_map.entry(uuid_key).or_insert_with(|| { - info!("found bcachefs pool: {}", uuid_key); - FileSystem::new(superblock) - }); - - fs.devices.push(pathbuf); - } - - Err(e) => { - debug!("{}", e); - } - } - } - - info!("found {} filesystems", fs_map.len()); - Ok(fs_map) -} - -// #[tracing_attributes::instrument(skip(dev, fs_map))] -fn get_super_block_uuid( - path: &std::path::Path, -) -> std::io::Result<std::io::Result<(Uuid, bcachefs::bch_sb_handle)>> { - use gag::BufferRedirect; - // Stop libbcachefs from spamming the output - let gag = BufferRedirect::stdout().unwrap(); - - let sb = bch_bindgen::rs::read_super(&path)?; - let super_block = match sb { - Err(e) => { - return Ok(Err(e)); - } - Ok(sb) => sb, - }; - drop(gag); - - let uuid = (&super_block).sb().uuid(); - debug!("bcachefs superblock path={} uuid={}", path.display(), uuid); - - Ok(Ok((uuid, super_block))) -} diff --git a/rust-src/mount/src/key.rs b/rust-src/mount/src/key.rs deleted file mode 100644 index a49baa68..00000000 --- a/rust-src/mount/src/key.rs +++ /dev/null @@ -1,97 +0,0 @@ -use bch_bindgen::info; -use colored::Colorize; - -fn check_for_key(key_name: &std::ffi::CStr) -> anyhow::Result<bool> { - use bch_bindgen::keyutils::{self, keyctl_search}; - let key_name = key_name.to_bytes_with_nul().as_ptr() as *const _; - let key_type = c_str!("logon"); - - let key_id = unsafe { keyctl_search(keyutils::KEY_SPEC_USER_KEYRING, key_type, key_name, 0) }; - if key_id > 0 { - info!("Key has became available"); - Ok(true) - } else if errno::errno().0 != libc::ENOKEY { - Err(crate::ErrnoError(errno::errno()).into()) - } else { - Ok(false) - } -} - -fn wait_for_key(uuid: &uuid::Uuid) -> anyhow::Result<()> { - let key_name = std::ffi::CString::new(format!("bcachefs:{}", uuid)).unwrap(); - loop { - if check_for_key(&key_name)? { - break Ok(()); - } - - std::thread::sleep(std::time::Duration::from_secs(1)); - } -} - -const BCH_KEY_MAGIC: &str = "bch**key"; -use crate::filesystem::FileSystem; -fn ask_for_key(fs: &FileSystem) -> anyhow::Result<()> { - use anyhow::anyhow; - use bch_bindgen::bcachefs::{self, bch2_chacha_encrypt_key, bch_encrypted_key, bch_key}; - use byteorder::{LittleEndian, ReadBytesExt}; - use std::os::raw::c_char; - - let key_name = std::ffi::CString::new(format!("bcachefs:{}", fs.uuid())).unwrap(); - if check_for_key(&key_name)? { - return Ok(()); - } - - let bch_key_magic = BCH_KEY_MAGIC.as_bytes().read_u64::<LittleEndian>().unwrap(); - let crypt = fs.sb().sb().crypt().unwrap(); - let pass = rpassword::read_password_from_tty(Some("Enter passphrase: "))?; - let pass = std::ffi::CString::new(pass.trim_end())?; // bind to keep the CString alive - let mut output: bch_key = unsafe { - bcachefs::derive_passphrase( - crypt as *const _ as *mut _, - pass.as_c_str().to_bytes_with_nul().as_ptr() as *const _, - ) - }; - - let mut key = crypt.key().clone(); - let ret = unsafe { - bch2_chacha_encrypt_key( - &mut output as *mut _, - fs.sb().sb().nonce(), - &mut key as *mut _ as *mut _, - std::mem::size_of::<bch_encrypted_key>() as usize, - ) - }; - if ret != 0 { - Err(anyhow!("chacha decryption failure")) - } else if key.magic != bch_key_magic { - Err(anyhow!("failed to verify the password")) - } else { - let key_type = c_str!("logon"); - let ret = unsafe { - bch_bindgen::keyutils::add_key( - key_type, - key_name.as_c_str().to_bytes_with_nul() as *const _ as *const c_char, - &output as *const _ as *const _, - std::mem::size_of::<bch_key>() as usize, - bch_bindgen::keyutils::KEY_SPEC_USER_KEYRING, - ) - }; - if ret == -1 { - Err(anyhow!("failed to add key to keyring: {}", errno::errno())) - } else { - Ok(()) - } - } -} - -pub fn prepare_key(fs: &FileSystem, password: crate::KeyLocation) -> anyhow::Result<()> { - use crate::KeyLocation::*; - use anyhow::anyhow; - - info!("checking if key exists for filesystem {}", fs.uuid()); - match password { - Fail => Err(anyhow!("no key available")), - Wait => Ok(wait_for_key(fs.uuid())?), - Ask => ask_for_key(fs), - } -} diff --git a/rust-src/mount/src/lib.rs b/rust-src/mount/src/lib.rs deleted file mode 100644 index 68acde03..00000000 --- a/rust-src/mount/src/lib.rs +++ /dev/null @@ -1,125 +0,0 @@ -use anyhow::anyhow; -use atty::Stream; -use clap::Parser; -use uuid::Uuid; - -pub mod err { - pub enum GError { - Unknown { - message: std::borrow::Cow<'static, String>, - }, - } - pub type GResult<T, E, OE> = ::core::result::Result<::core::result::Result<T, E>, OE>; - pub type Result<T, E> = GResult<T, E, GError>; -} - -#[macro_export] -macro_rules! c_str { - ($lit:expr) => { - unsafe { - std::ffi::CStr::from_ptr(concat!($lit, "\0").as_ptr() as *const std::os::raw::c_char) - .to_bytes_with_nul() - .as_ptr() as *const std::os::raw::c_char - } - }; -} - -#[derive(Debug)] -struct ErrnoError(errno::Errno); -impl std::fmt::Display for ErrnoError { - fn fmt(&self, f: &mut std::fmt::Formatter) -> Result<(), std::fmt::Error> { - self.0.fmt(f) - } -} -impl std::error::Error for ErrnoError {} - -#[derive(Clone, Debug)] -pub enum KeyLocation { - Fail, - Wait, - Ask, -} - -#[derive(Clone, Debug)] -pub struct KeyLoc(pub Option<KeyLocation>); -impl std::ops::Deref for KeyLoc { - type Target = Option<KeyLocation>; - fn deref(&self) -> &Self::Target { - &self.0 - } -} -impl std::str::FromStr for KeyLoc { - type Err = anyhow::Error; - fn from_str(s: &str) -> anyhow::Result<Self> { - // use anyhow::anyhow; - match s { - "" => Ok(KeyLoc(None)), - "fail" => Ok(KeyLoc(Some(KeyLocation::Fail))), - "wait" => Ok(KeyLoc(Some(KeyLocation::Wait))), - "ask" => Ok(KeyLoc(Some(KeyLocation::Ask))), - _ => Err(anyhow!("invalid password option")), - } - } -} - -fn parse_fstab_uuid(uuid_raw: &str) -> Result<Uuid, uuid::Error> { - let mut uuid = String::from(uuid_raw); - if uuid.starts_with("UUID=") { - uuid = uuid.replacen("UUID=", "", 1); - } - return Uuid::parse_str(&uuid); -} - -fn stdout_isatty() -> &'static str { - if atty::is(Stream::Stdout) { - "true" - } else { - "false" - } -} - -/// Mount a bcachefs filesystem by its UUID. -#[derive(Parser, Debug)] -#[command(author, version, about, long_about = None)] -pub struct Cli { - /// Where the password would be loaded from. - /// - /// Possible values are: - /// "fail" - don't ask for password, fail if filesystem is encrypted; - /// "wait" - wait for password to become available before mounting; - /// "ask" - prompt the user for password; - #[arg(short, long, default_value = "", verbatim_doc_comment)] - pub key_location: KeyLoc, - - /// External UUID of the bcachefs filesystem - /// - /// Accepts the UUID as is or as fstab style UUID=<UUID> - #[arg(value_parser = parse_fstab_uuid)] - pub uuid: uuid::Uuid, - - /// Where the filesystem should be mounted. If not set, then the filesystem - /// won't actually be mounted. But all steps preceeding mounting the - /// filesystem (e.g. asking for passphrase) will still be performed. - pub mountpoint: Option<std::path::PathBuf>, - - /// Mount options - #[arg(short, default_value = "")] - pub options: String, - - /// Force color on/off. Default: autodetect tty - #[arg(short, long, action = clap::ArgAction::Set, default_value=stdout_isatty())] - pub colorize: bool, - - #[arg(short = 'v', long, action = clap::ArgAction::Count)] - pub verbose: u8, -} - -pub mod filesystem; -pub mod key; -// pub fn mnt_in_use() - -#[test] -fn verify_cli() { - use clap::CommandFactory; - Cli::command().debug_assert() -} diff --git a/rust-src/mount/src/main.rs b/rust-src/mount/src/main.rs deleted file mode 100644 index 66ec8acc..00000000 --- a/rust-src/mount/src/main.rs +++ /dev/null @@ -1,53 +0,0 @@ -use bcachefs_mount::Cli; -use bch_bindgen::{error, info}; -use clap::Parser; -use colored::Colorize; - -fn main() { - let opt = Cli::parse(); - bch_bindgen::log::set_verbose_level(opt.verbose + bch_bindgen::log::ERROR); - colored::control::set_override(opt.colorize); - if let Err(e) = crate::main_inner(opt) { - error!("Fatal error: {}", e); - } -} - -pub fn main_inner(opt: Cli) -> anyhow::Result<()> { - use bcachefs_mount::{filesystem, key}; - unsafe { - libc::setvbuf(filesystem::stdout, std::ptr::null_mut(), libc::_IONBF, 0); - // libc::fflush(filesystem::stdout); - } - - let fss = filesystem::probe_filesystems()?; - let fs = fss - .get(&opt.uuid) - .ok_or_else(|| anyhow::anyhow!("filesystem was not found"))?; - - info!("found filesystem {}", fs); - if fs.encrypted() { - let key = opt - .key_location - .0 - .ok_or_else(|| anyhow::anyhow!("no keyoption specified for locked filesystem"))?; - - key::prepare_key(&fs, key)?; - } - - let mountpoint = opt - .mountpoint - .ok_or_else(|| anyhow::anyhow!("mountpoint option was not specified"))?; - - fs.mount(&mountpoint, &opt.options)?; - - Ok(()) -} - -#[cfg(test)] -mod test { - // use insta::assert_debug_snapshot; - // #[test] - // fn snapshot_testing() { - // insta::assert_debug_snapshot!(); - // } -} |