From ca4ef3f7b981c40fde50cd15a05ace12d52dd723 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers@google.com>
Date: Tue, 15 Oct 2019 11:16:36 -0700
Subject: [PATCH 1/1] common/encrypt: add helper functions that wrap new xfs_io
 commands

Wrap the new xfs_io commands 'add_enckey', 'rm_enckey', and
'enckey_status' with helper functions.

Also add _user_do_get_encpolicy(), so that all encryption xfs_io
commands have a _user_do() version.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
---
 common/encrypt | 65 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 65 insertions(+)

diff --git a/common/encrypt b/common/encrypt
index 98013dce..dc3fe6ac 100644
--- a/common/encrypt
+++ b/common/encrypt
@@ -261,6 +261,71 @@ _get_encpolicy()
 	$XFS_IO_PROG -c "get_encpolicy $*" "$file"
 }
 
+_user_do_get_encpolicy()
+{
+	local file=$1
+	shift
+
+	_user_do "$XFS_IO_PROG -c \"get_encpolicy $*\" \"$file\""
+}
+
+# Add an encryption key to the given filesystem.
+_add_enckey()
+{
+	local mnt=$1
+	local raw_key=$2
+	shift 2
+
+	echo -ne "$raw_key" | $XFS_IO_PROG -c "add_enckey $*" "$mnt"
+}
+
+_user_do_add_enckey()
+{
+	local mnt=$1
+	local raw_key=$2
+	shift 2
+
+	_user_do "echo -ne \"$raw_key\" | $XFS_IO_PROG -c \"add_enckey $*\" \"$mnt\""
+}
+
+# Remove the given encryption key from the given filesystem.
+_rm_enckey()
+{
+	local mnt=$1
+	local keyspec=$2
+	shift 2
+
+	$XFS_IO_PROG -c "rm_enckey $* $keyspec" "$mnt"
+}
+
+_user_do_rm_enckey()
+{
+	local mnt=$1
+	local keyspec=$2
+	shift 2
+
+	_user_do "$XFS_IO_PROG -c \"rm_enckey $* $keyspec\" \"$mnt\""
+}
+
+# Get the status of the given encryption key on the given filesystem.
+_enckey_status()
+{
+	local mnt=$1
+	local keyspec=$2
+	shift 2
+
+	$XFS_IO_PROG -c "enckey_status $* $keyspec" "$mnt"
+}
+
+_user_do_enckey_status()
+{
+	local mnt=$1
+	local keyspec=$2
+	shift 2
+
+	_user_do "$XFS_IO_PROG -c \"enckey_status $* $keyspec\" \"$mnt\""
+}
+
 # Retrieve the encryption nonce of the given inode as a hex string.  The nonce
 # was randomly generated by the filesystem and isn't exposed directly to
 # userspace.  But it can be read using the filesystem's debugging tools.
-- 
2.30.2