From b707ef2e92cf0d2e5c359c9655e0fbdb669eca85 Mon Sep 17 00:00:00 2001 From: Hannes Reinecke Date: Thu, 23 Mar 2023 14:18:44 +0100 Subject: [PATCH] linux: add nvme_lookup_keyring() Add a function to lookup a keyring by its description. Signed-off-by: Hannes Reinecke [dwagner: - pass in command line option to dependency requirement argument - drop log message, find_key_by_type_and_desc sets errno] Signed-off-by: Daniel Wagner --- meson.build | 9 +++++++++ meson_options.txt | 1 + src/libnvme.map | 5 +++++ src/meson.build | 1 + src/nvme/linux.c | 24 ++++++++++++++++++++++++ src/nvme/linux.h | 11 +++++++++++ 6 files changed, 51 insertions(+) diff --git a/meson.build b/meson.build index 1b663554..6cb946e6 100644 --- a/meson.build +++ b/meson.build @@ -98,6 +98,15 @@ endif conf.set('CONFIG_OPENSSL', openssl_dep.found(), description: 'Is OpenSSL/LibreSSL available?') +if get_option('keyutils').disabled() + keyutils_dep = dependency('', required: false) +else + keyutils_dep = dependency('libkeyutils', + required : get_option('keyutils')) +endif +conf.set('CONFIG_KEYUTILS', keyutils_dep.found(), + description: 'Is libkeyutils available?') + if get_option('libdbus').disabled() libdbus_dep = dependency('', required: false) else diff --git a/meson_options.txt b/meson_options.txt index 52d1def9..a1ed79f9 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -11,3 +11,4 @@ option('python', type : 'feature', value: 'auto', description : 'Generate libnvm option('openssl', type : 'feature', value: 'auto', description : 'OpenSSL support') option('libdbus', type : 'feature', value: 'disabled', description : 'libdbus support') option('json-c', type : 'feature', value: 'auto', description : 'JSON support') +option('keyutils', type: 'feature', value: 'auto', description: 'keyutils support') diff --git a/src/libnvme.map b/src/libnvme.map index 85ff6f31..33b410fc 100644 --- a/src/libnvme.map +++ b/src/libnvme.map @@ -1,5 +1,10 @@ # SPDX-License-Identifier: LGPL-2.1-or-later +LIBNVME_1_4 { + global: + nvme_lookup_keyring; +}; + LIBNVME_1_3 { global: nvme_ctrl_is_unique_discovery_ctrl; diff --git a/src/meson.build b/src/meson.build index 8b382b21..3732f8c5 100644 --- a/src/meson.build +++ b/src/meson.build @@ -32,6 +32,7 @@ endif deps = [ json_c_dep, openssl_dep, + keyutils_dep, ] mi_deps = [ diff --git a/src/nvme/linux.c b/src/nvme/linux.c index cae4036f..6455467c 100644 --- a/src/nvme/linux.c +++ b/src/nvme/linux.c @@ -28,6 +28,10 @@ #endif #endif +#ifdef CONFIG_KEYUTILS +#include +#endif + #include #include "linux.h" @@ -638,3 +642,23 @@ out: return err; } #endif /* !CONFIG_OPENSSL_3 */ + +#ifdef CONFIG_KEYUTILS +long nvme_lookup_keyring(const char *keyring) +{ + key_serial_t keyring_id; + + keyring_id = find_key_by_type_and_desc("keyring", keyring, 0); + if (keyring_id < 0) + return 0; + return keyring_id; +} +#else +long nvme_lookup_keyring(const char *keyring) +{ + nvme_msg(NULL, LOG_ERR, "key operations not supported; "\ + "recompile with keyutils support.\n"); + errno = ENOTSUP; + return 0; +} +#endif diff --git a/src/nvme/linux.h b/src/nvme/linux.h index aa4c91ae..5df437a8 100644 --- a/src/nvme/linux.h +++ b/src/nvme/linux.h @@ -194,4 +194,15 @@ int nvme_gen_dhchap_key(char *hostnqn, enum nvme_hmac_alg hmac, unsigned int key_len, unsigned char *secret, unsigned char *key); +/** + * nvme_lookup_keyring() - Lookup keyring serial number + * @keyring: Keyring name + * + * Looks up the serial number of the keyring @keyring. + * + * Return: The key serial number of the keyring + * or 0 with errno set otherwise. + */ +long nvme_lookup_keyring(const char *keyring); + #endif /* _LIBNVME_LINUX_H */ -- 2.50.1