linux: add nvme_lookup_keyring()

Add a function to lookup a keyring by its description.

Signed-off-by: Hannes Reinecke <hare@suse.de>
[dwagner:
  - pass in command line option to dependency requirement argument
  - drop log message, find_key_by_type_and_desc sets errno]
Signed-off-by: Daniel Wagner <dwagner@suse.de>

diff --git a/meson.build b/meson.build
index 1b663554b70ced2e1c2dbe43cd0c2d6c59b0b319..6cb946e69984436a417bc208a3148a01f7eb447d 100644 (file)
--- a/meson.build
+++ b/meson.build
@@ -98,6 +98,15 @@ endif
 conf.set('CONFIG_OPENSSL', openssl_dep.found(),
          description: 'Is OpenSSL/LibreSSL available?')
 
+if get_option('keyutils').disabled()
+    keyutils_dep = dependency('', required: false)
+else
+    keyutils_dep = dependency('libkeyutils',
+                              required : get_option('keyutils'))
+endif
+conf.set('CONFIG_KEYUTILS', keyutils_dep.found(),
+         description: 'Is libkeyutils available?')
+
 if get_option('libdbus').disabled()
     libdbus_dep = dependency('', required: false)
 else

diff --git a/meson_options.txt b/meson_options.txt
index 52d1def932e64b74dcf2f8d66604efca24f1b787..a1ed79f9a9b8cb462246354c297b5a56cb74388e 100644 (file)
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -11,3 +11,4 @@ option('python', type : 'feature', value: 'auto', description : 'Generate libnvm
 option('openssl', type : 'feature', value: 'auto', description : 'OpenSSL support')
 option('libdbus', type : 'feature', value: 'disabled', description : 'libdbus support')
 option('json-c', type : 'feature', value: 'auto', description : 'JSON support')
+option('keyutils', type: 'feature', value: 'auto', description: 'keyutils support')

diff --git a/src/libnvme.map b/src/libnvme.map
index 85ff6f31dd7f29903e064172a51c2fa54389f4cd..33b410fc118923c796fba7d226a69e11e6b13b4f 100644 (file)
--- a/src/libnvme.map
+++ b/src/libnvme.map
@@ -1,5 +1,10 @@
 # SPDX-License-Identifier: LGPL-2.1-or-later
 
+LIBNVME_1_4 {
+       global:
+               nvme_lookup_keyring;
+};
+
 LIBNVME_1_3 {
        global:
                nvme_ctrl_is_unique_discovery_ctrl;

diff --git a/src/meson.build b/src/meson.build
index 8b382b212e57eaad40a8c2f7485f7cb05fa06634..3732f8c54e039254017e24b2a035f803cce02648 100644 (file)
--- a/src/meson.build
+++ b/src/meson.build
@@ -32,6 +32,7 @@ endif
 deps = [
     json_c_dep,
     openssl_dep,
+    keyutils_dep,
 ]
 
 mi_deps = [

diff --git a/src/nvme/linux.c b/src/nvme/linux.c
index cae4036f71c690dc4c7a7105445edbe37a2c8281..6455467c7c1aefb81101f6608036b919eca2a8ec 100644 (file)
--- a/src/nvme/linux.c
+++ b/src/nvme/linux.c
@@ -28,6 +28,10 @@
 #endif
 #endif
 
+#ifdef CONFIG_KEYUTILS
+#include <keyutils.h>
+#endif
+
 #include <ccan/endian/endian.h>
 
 #include "linux.h"
@@ -638,3 +642,23 @@ out:
        return err;
 }
 #endif /* !CONFIG_OPENSSL_3 */
+
+#ifdef CONFIG_KEYUTILS
+long nvme_lookup_keyring(const char *keyring)
+{
+       key_serial_t keyring_id;
+
+       keyring_id = find_key_by_type_and_desc("keyring", keyring, 0);
+       if (keyring_id < 0)
+               return 0;
+       return keyring_id;
+}
+#else
+long nvme_lookup_keyring(const char *keyring)
+{
+       nvme_msg(NULL, LOG_ERR, "key operations not supported; "\
+                "recompile with keyutils support.\n");
+       errno = ENOTSUP;
+       return 0;
+}
+#endif

diff --git a/src/nvme/linux.h b/src/nvme/linux.h
index aa4c91ae115b810728df8c44c47eb7f6df40d950..5df437a8f564b20afe78d85ba8ae857071a227a2 100644 (file)
--- a/src/nvme/linux.h
+++ b/src/nvme/linux.h
@@ -194,4 +194,15 @@ int nvme_gen_dhchap_key(char *hostnqn, enum nvme_hmac_alg hmac,
                        unsigned int key_len, unsigned char *secret,
                        unsigned char *key);
 
+/**
+ * nvme_lookup_keyring() - Lookup keyring serial number
+ * @keyring:    Keyring name
+ *
+ * Looks up the serial number of the keyring @keyring.
+ *
+ * Return: The key serial number of the keyring
+ * or 0 with errno set otherwise.
+ */
+long nvme_lookup_keyring(const char *keyring);
+
 #endif /* _LIBNVME_LINUX_H */