Add kernel keyring functions for volume key.

Code is written by Ondrej Kozina. This patch adds ability to store volume key in kernel keyring (feature available in recent kernels) and avoid setting key through dm-ioctl and avoiding key in table mapping. Will be used in LUKS2. Signed-off-by: Milan Broz <gmazyland@gmail.com>
2025-12-13 03:40:05 +01:00 · 2017-05-28 14:05:36 +02:00
parent 8a859391be
commit d891e00f63
9 changed files with 645 additions and 19 deletions
--- a/lib/utils_keyring.h
+++ b/lib/utils_keyring.h
@@ -0,0 +1,38 @@
+/*
+ * kernel keyring syscall wrappers
+ *
+ * Copyright (C) 2016, Red Hat, Inc. All rights reserved.
+ * Copyright (C) 2016, Ondrej Kozina. All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#ifndef _UTILS_KEYRING
+#define _UTILS_KEYRING
+
+int keyring_check(void);
+
+int keyring_get_passphrase(const char *key_desc,
+		      char **passphrase,
+		      size_t *passphrase_len);
+
+int keyring_add_key_in_thread_keyring(
+	const char *key_desc,
+	const void *key,
+	size_t key_size);
+
+int keyring_revoke_and_unlink_key(const char *key_desc);
+
+#endif