From: Hannes Reinecke <hare@suse.de>
Date: Wed, 21 Feb 2024 06:32:16 +0000 (+0100)
Subject: linux: add nvme_read_key()
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=3345e275564afcbb89fe0df917075039587d985f;p=users%2Fsagi%2Flibnvme.git

linux: add nvme_read_key()

Add a function to return the payload of a key.

Signed-off-by: Hannes Reinecke <hare@suse.de>
---

diff --git a/src/libnvme.map b/src/libnvme.map
index 254e8b06..6d343922 100644
--- a/src/libnvme.map
+++ b/src/libnvme.map
@@ -2,6 +2,7 @@
 LIBNVME_1.9 {
 	global:
 		nvme_get_logging_level;
+		nvme_read_key;
 		nvme_submit_passthru;
 		nvme_submit_passthru64;
 };
diff --git a/src/nvme/linux.c b/src/nvme/linux.c
index 1127fc84..d8b17739 100644
--- a/src/nvme/linux.c
+++ b/src/nvme/linux.c
@@ -1191,12 +1191,40 @@ int nvme_set_keyring(long key_id)
 {
 	long err;
 
+	if (key_id == 0) {
+		key_id = nvme_lookup_keyring(NULL);
+		if (key_id == 0) {
+			errno = ENOKEY;
+			return -1;
+		}
+	}
+
 	err = keyctl_link(key_id, KEY_SPEC_SESSION_KEYRING);
 	if (err < 0)
 		return -1;
 	return 0;
 }
 
+unsigned char *nvme_read_key(long keyring_id, long key_id, int *len)
+{
+	void *buffer;
+	int ret;
+
+	ret = nvme_set_keyring(keyring_id);
+	if (ret < 0) {
+		errno = -ret;
+		return NULL;
+	}
+	ret = keyctl_read_alloc(key_id, &buffer);
+	if (ret < 0) {
+		errno = -ret;
+		buffer = NULL;
+	} else
+		*len = ret;
+
+	return buffer;
+}
+
 long nvme_insert_tls_key_versioned(const char *keyring, const char *key_type,
 				   const char *hostnqn, const char *subsysnqn,
 				   int version, int hmac,
@@ -1279,6 +1307,12 @@ int nvme_set_keyring(long key_id)
 	return -1;
 }
 
+unsigned char *nvme_read_key(long keyring_id, long key_id, int *len)
+{
+	errno = ENOTSUP;
+	return NULL;
+}
+
 long nvme_insert_tls_key_versioned(const char *keyring, const char *key_type,
 				   const char *hostnqn, const char *subsysnqn,
 				   int version, int hmac,
diff --git a/src/nvme/linux.h b/src/nvme/linux.h
index f38b6a60..75f58bd6 100644
--- a/src/nvme/linux.h
+++ b/src/nvme/linux.h
@@ -273,6 +273,22 @@ long nvme_lookup_key(const char *type, const char *identity);
  */
 int nvme_set_keyring(long keyring_id);
 
+/**
+ * nvme_read_key() - Read key raw data
+ * @keyring_id:     Id of the keyring holding %key_id
+ * @key_id:      Key id
+ * @len:         Length of the returned data
+ *
+ * Links the keyring specified by @keyring_id into the session
+ * keyring and reads the payload of the key specified by @key_id.
+ * @len holds the size of the returned buffer.
+ * If @keyring is 0 the default keyring '.nvme' is used.
+ *
+ * Return: Pointer to the payload on success,
+ * or NULL with errno set otherwise.
+ */
+unsigned char *nvme_read_key(long keyring_id, long key_id, int *len);
+
 /**
  * nvme_insert_tls_key() - Derive and insert TLS key
  * @keyring:    Keyring to use