From 88c4dc1e5b9f9e545c89e8b8ee6878f57df3139c Mon Sep 17 00:00:00 2001 From: Pino Toscano Date: Fri, 29 Nov 2019 12:07:13 +0100 Subject: [PATCH] options: allow a UUID as identifier for --key This way it is possible to specify the UUID of the LUKS device instead of the libguestfs device name to decrypt a device during the inspection. Make the usage of the new luks_uuid API conditional, so other projects using the common submodule do not require a libguestfs version bump. (cherry picked from commit bb4a2dc17a78b53437896d4215ae82df8e11b788 in libguestfs-common) PT: the documentation was amended manually. --- cat/virt-cat.pod | 4 ++-- cat/virt-log.pod | 4 ++-- cat/virt-ls.pod | 4 ++-- cat/virt-tail.pod | 4 ++-- common/options/decrypt.c | 8 +++++++- common/options/keys.c | 4 ++-- common/options/options.h | 6 +++--- customize/virt-customize.pod | 4 ++-- diff/virt-diff.pod | 4 ++-- edit/virt-edit.pod | 4 ++-- fish/guestfish.pod | 4 ++-- fuse/guestmount.pod | 4 ++-- get-kernel/virt-get-kernel.pod | 4 ++-- inspector/virt-inspector.pod | 4 ++-- sparsify/virt-sparsify.pod | 4 ++-- sysprep/virt-sysprep.pod | 4 ++-- v2v/virt-v2v.pod | 4 ++-- 17 files changed, 40 insertions(+), 34 deletions(-) diff --git a/cat/virt-cat.pod b/cat/virt-cat.pod index b0301d636..2cea291ac 100644 --- a/cat/virt-cat.pod +++ b/cat/virt-cat.pod @@ -124,8 +124,8 @@ security problem with malicious guests (CVE-2010-3851). =item B<--key> SELECTOR Specify a key for LUKS, to automatically open a LUKS device when using -the inspection. C must be the libguestfs device name of the LUKS -device. +the inspection. C can be either the libguestfs device name, or +the UUID of the LUKS device. =over 4 diff --git a/cat/virt-log.pod b/cat/virt-log.pod index 0d447b3b5..888108d5f 100644 --- a/cat/virt-log.pod +++ b/cat/virt-log.pod @@ -108,8 +108,8 @@ security problem with malicious guests (CVE-2010-3851). =item B<--key> SELECTOR Specify a key for LUKS, to automatically open a LUKS device when using -the inspection. C must be the libguestfs device name of the LUKS -device. +the inspection. C can be either the libguestfs device name, or +the UUID of the LUKS device. =over 4 diff --git a/cat/virt-ls.pod b/cat/virt-ls.pod index de02a473d..307e79395 100644 --- a/cat/virt-ls.pod +++ b/cat/virt-ls.pod @@ -355,8 +355,8 @@ L above. =item B<--key> SELECTOR Specify a key for LUKS, to automatically open a LUKS device when using -the inspection. C must be the libguestfs device name of the LUKS -device. +the inspection. C can be either the libguestfs device name, or +the UUID of the LUKS device. =over 4 diff --git a/cat/virt-tail.pod b/cat/virt-tail.pod index f00384f5d..a804f4cf3 100644 --- a/cat/virt-tail.pod +++ b/cat/virt-tail.pod @@ -126,8 +126,8 @@ security problem with malicious guests (CVE-2010-3851). =item B<--key> SELECTOR Specify a key for LUKS, to automatically open a LUKS device when using -the inspection. C must be the libguestfs device name of the LUKS -device. +the inspection. C can be either the libguestfs device name, or +the UUID of the LUKS device. =over 4 diff --git a/common/options/decrypt.c b/common/options/decrypt.c index 3511d9fe9..683cf5ed4 100644 --- a/common/options/decrypt.c +++ b/common/options/decrypt.c @@ -86,7 +86,13 @@ inspect_do_decrypt (guestfs_h *g, struct key_store *ks) char mapname[32]; make_mapname (partitions[i], mapname, sizeof mapname); - CLEANUP_FREE_STRING_LIST char **keys = get_keys (ks, partitions[i]); +#ifdef GUESTFS_HAVE_LUKS_UUID + CLEANUP_FREE char *uuid = guestfs_luks_uuid (g, partitions[i]); +#else + const char *uuid = NULL; +#endif + + CLEANUP_FREE_STRING_LIST char **keys = get_keys (ks, partitions[i], uuid); assert (guestfs_int_count_strings (keys) > 0); /* Try each key in turn. */ diff --git a/common/options/keys.c b/common/options/keys.c index 7c391acde..798315c2e 100644 --- a/common/options/keys.c +++ b/common/options/keys.c @@ -126,7 +126,7 @@ read_first_line_from_file (const char *filename) * keystore, ask the user. */ char ** -get_keys (struct key_store *ks, const char *device) +get_keys (struct key_store *ks, const char *device, const char *uuid) { size_t i, j, len; char **r; @@ -148,7 +148,7 @@ get_keys (struct key_store *ks, const char *device) for (i = 0; i < ks->nr_keys; ++i) { struct key_store_key *key = &ks->keys[i]; - if (STRNEQ (key->id, device)) + if (STRNEQ (key->id, device) && (uuid && STRNEQ (key->id, uuid))) continue; switch (key->type) { diff --git a/common/options/options.h b/common/options/options.h index b83a92b06..9b7830220 100644 --- a/common/options/options.h +++ b/common/options/options.h @@ -104,8 +104,8 @@ struct mp { /* A key in the key store. */ struct key_store_key { - /* An ID for the device this key refers to. It must be the libguestfs - * device name. + /* An ID for the device this key refers to. It can be either the libguestfs + * device name, or the UUID. * * There may be multiple matching devices in the list. */ @@ -150,7 +150,7 @@ extern void print_inspect_prompt (void); /* in key.c */ extern char *read_key (const char *param); -extern char **get_keys (struct key_store *ks, const char *device); +extern char **get_keys (struct key_store *ks, const char *device, const char *uuid); extern struct key_store *key_store_add_from_selector (struct key_store *ks, const char *selector); extern struct key_store *key_store_import_key (struct key_store *ks, const struct key_store_key *key); extern void free_key_store (struct key_store *ks); diff --git a/customize/virt-customize.pod b/customize/virt-customize.pod index 491606591..5d92486a2 100644 --- a/customize/virt-customize.pod +++ b/customize/virt-customize.pod @@ -141,8 +141,8 @@ security problem with malicious guests (CVE-2010-3851). =item B<--key> SELECTOR Specify a key for LUKS, to automatically open a LUKS device when using -the inspection. C must be the libguestfs device name of the LUKS -device. +the inspection. C can be either the libguestfs device name, or +the UUID of the LUKS device. =over 4 diff --git a/diff/virt-diff.pod b/diff/virt-diff.pod index 22658072d..e67d09101 100644 --- a/diff/virt-diff.pod +++ b/diff/virt-diff.pod @@ -169,8 +169,8 @@ Display file sizes in human-readable format. =item B<--key> SELECTOR Specify a key for LUKS, to automatically open a LUKS device when using -the inspection. C must be the libguestfs device name of the LUKS -device. +the inspection. C can be either the libguestfs device name, or +the UUID of the LUKS device. =over 4 diff --git a/edit/virt-edit.pod b/edit/virt-edit.pod index 5a63cd05f..918fa66f2 100644 --- a/edit/virt-edit.pod +++ b/edit/virt-edit.pod @@ -156,8 +156,8 @@ security problem with malicious guests (CVE-2010-3851). =item B<--key> SELECTOR Specify a key for LUKS, to automatically open a LUKS device when using -the inspection. C must be the libguestfs device name of the LUKS -device. +the inspection. C can be either the libguestfs device name, or +the UUID of the LUKS device. =over 4 diff --git a/fish/guestfish.pod b/fish/guestfish.pod index ccb57b159..f1fdf094d 100644 --- a/fish/guestfish.pod +++ b/fish/guestfish.pod @@ -283,8 +283,8 @@ were found. =item B<--key> SELECTOR Specify a key for LUKS, to automatically open a LUKS device when using -the inspection. C must be the libguestfs device name of the LUKS -device. +the inspection. C can be either the libguestfs device name, or +the UUID of the LUKS device. =over 4 diff --git a/fuse/guestmount.pod b/fuse/guestmount.pod index d9e957b8b..3a02c087c 100644 --- a/fuse/guestmount.pod +++ b/fuse/guestmount.pod @@ -249,8 +249,8 @@ mounted on the real virtual machine. =item B<--key> SELECTOR Specify a key for LUKS, to automatically open a LUKS device when using -the inspection. C must be the libguestfs device name of the LUKS -device. +the inspection. C can be either the libguestfs device name, or +the UUID of the LUKS device. =over 4 diff --git a/get-kernel/virt-get-kernel.pod b/get-kernel/virt-get-kernel.pod index f0ace2d6d..78fe66df4 100644 --- a/get-kernel/virt-get-kernel.pod +++ b/get-kernel/virt-get-kernel.pod @@ -92,8 +92,8 @@ security problem with malicious guests (CVE-2010-3851). =item B<--key> SELECTOR Specify a key for LUKS, to automatically open a LUKS device when using -the inspection. C must be the libguestfs device name of the LUKS -device. +the inspection. C can be either the libguestfs device name, or +the UUID of the LUKS device. =over 4 diff --git a/inspector/virt-inspector.pod b/inspector/virt-inspector.pod index eac9dc3cd..625da876c 100644 --- a/inspector/virt-inspector.pod +++ b/inspector/virt-inspector.pod @@ -117,8 +117,8 @@ ensure the format is always specified. =item B<--key> SELECTOR Specify a key for LUKS, to automatically open a LUKS device when using -the inspection. C must be the libguestfs device name of the LUKS -device. +the inspection. C can be either the libguestfs device name, or +the UUID of the LUKS device. =over 4 diff --git a/sparsify/virt-sparsify.pod b/sparsify/virt-sparsify.pod index cf7970a5f..0767d07e6 100644 --- a/sparsify/virt-sparsify.pod +++ b/sparsify/virt-sparsify.pod @@ -233,8 +233,8 @@ See L below. =item B<--key> SELECTOR Specify a key for LUKS, to automatically open a LUKS device when using -the inspection. C must be the libguestfs device name of the LUKS -device. +the inspection. C can be either the libguestfs device name, or +the UUID of the LUKS device. =over 4 diff --git a/sysprep/virt-sysprep.pod b/sysprep/virt-sysprep.pod index d7ad7ee33..b38c76c70 100644 --- a/sysprep/virt-sysprep.pod +++ b/sysprep/virt-sysprep.pod @@ -189,8 +189,8 @@ security problem with malicious guests (CVE-2010-3851). =item B<--key> SELECTOR Specify a key for LUKS, to automatically open a LUKS device when using -the inspection. C must be the libguestfs device name of the LUKS -device. +the inspection. C can be either the libguestfs device name, or +the UUID of the LUKS device. =over 4 diff --git a/v2v/virt-v2v.pod b/v2v/virt-v2v.pod index 8c2867814..25041d0ec 100644 --- a/v2v/virt-v2v.pod +++ b/v2v/virt-v2v.pod @@ -337,8 +337,8 @@ through VDDK. =item B<--key> SELECTOR Specify a key for LUKS, to automatically open a LUKS device when using -the inspection. C must be the libguestfs device name of the LUKS -device. +the inspection. C can be either the libguestfs device name, or +the UUID of the LUKS device. =over 4 -- 2.18.4