Skip to content

Commit

Permalink
Reflect changes to encryption layering in sim pool
Browse files Browse the repository at this point in the history
  • Loading branch information
@jbaublitz
jbaublitz committed Jul 22, 2024
1 parent 5dd85da commit 5f121e0
Show file tree
Hide file tree
Showing 2 changed files with 23 additions and 84 deletions.
55 changes: 2 additions & 53 deletions src/engine/sim_engine/blockdev.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ use devicemapper::{Bytes, Sectors, IEC};
use crate::engine::{
engine::BlockDev,
shared::now_to_timestamp,
types::{DevUuid, EncryptionInfo, KeyDescription, StratSigblockVersion},
types::{DevUuid, StratSigblockVersion},
};

#[derive(Debug)]
Expand All @@ -22,7 +22,6 @@ pub struct SimDev {
user_info: Option<String>,
hardware_info: Option<String>,
initialization_time: DateTime<Utc>,
encryption_info: Option<EncryptionInfo>,
}

impl SimDev {
Expand Down Expand Up @@ -68,15 +67,14 @@ impl BlockDev for SimDev {

impl SimDev {
/// Generates a new device from any devnode.
pub fn new(devnode: &Path, encryption_info: Option<&EncryptionInfo>) -> (DevUuid, SimDev) {
pub fn new(devnode: &Path) -> (DevUuid, SimDev) {
(
DevUuid::new_v4(),
SimDev {
devnode: devnode.to_owned(),
user_info: None,
hardware_info: None,
initialization_time: now_to_timestamp(),
encryption_info: encryption_info.cloned(),
},
)
}
Expand All @@ -87,37 +85,6 @@ impl SimDev {
pub fn set_user_info(&mut self, user_info: Option<&str>) -> bool {
set_blockdev_user_info!(self; user_info)
}

/// Set the clevis info for a block device.
pub fn set_clevis_info(&mut self, pin: &str, config: &Value) {
self.encryption_info = self
.encryption_info
.take()
.map(|ei| ei.set_clevis_info((pin.to_owned(), config.clone())));
}

/// Unset the clevis info for a block device.
pub fn unset_clevis_info(&mut self) {
self.encryption_info = self.encryption_info.take().map(|ei| ei.unset_clevis_info());
}

/// Set the key description for a block device.
pub fn set_key_desc(&mut self, key_desc: &KeyDescription) {
self.encryption_info = self
.encryption_info
.take()
.map(|ei| ei.set_key_desc(key_desc.clone()))
}

/// Unset the key description for a block device.
pub fn unset_key_desc(&mut self) {
self.encryption_info = self.encryption_info.take().map(|ei| ei.unset_key_desc())
}

/// Get encryption information for this block device.
pub fn encryption_info(&self) -> Option<&EncryptionInfo> {
self.encryption_info.as_ref()
}
}

impl<'a> Into<Value> for &'a SimDev {
Expand All @@ -128,24 +95,6 @@ impl<'a> Into<Value> for &'a SimDev {
Value::from(self.devnode.display().to_string()),
);
json.insert("size".to_string(), Value::from(self.size().to_string()));
if let Some(EncryptionInfo::Both(kd, (pin, config))) = self.encryption_info.as_ref() {
json.insert(
"key_description".to_string(),
Value::from(kd.as_application_str()),
);
json.insert("clevis_pin".to_string(), Value::from(pin.to_owned()));
json.insert("clevis_config".to_string(), config.to_owned());
} else if let Some(EncryptionInfo::KeyDesc(kd)) = self.encryption_info.as_ref() {
json.insert(
"key_description".to_string(),
Value::from(kd.as_application_str()),
);
} else if let Some(EncryptionInfo::ClevisInfo((pin, config))) =
self.encryption_info.as_ref()
{
json.insert("clevis_pin".to_string(), Value::from(pin.to_owned()));
json.insert("clevis_config".to_string(), config.to_owned());
}
Value::from(json)
}
}
52 changes: 21 additions & 31 deletions src/engine/sim_engine/pool.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@

use std::{
collections::{hash_map::RandomState, HashMap, HashSet},
iter::once,
path::Path,
vec::Vec,
};
Expand All @@ -16,8 +17,8 @@ use crate::{
engine::{
engine::{BlockDev, Filesystem, Pool},
shared::{
gather_encryption_info, init_cache_idempotent_or_err, validate_filesystem_size,
validate_filesystem_size_specs, validate_name, validate_paths,
init_cache_idempotent_or_err, validate_filesystem_size, validate_filesystem_size_specs,
validate_name, validate_paths,
},
sim_engine::{blockdev::SimDev, filesystem::SimFilesystem},
structures::Table,
Expand All @@ -39,6 +40,7 @@ pub struct SimPool {
filesystems: Table<FilesystemUuid, SimFilesystem>,
fs_limit: u64,
enable_overprov: bool,
encryption_info: Option<EncryptionInfo>,
}

#[derive(Debug, Eq, PartialEq, Serialize)]
Expand All @@ -51,7 +53,7 @@ pub struct PoolSave {
impl SimPool {
pub fn new(paths: &[&Path], enc_info: Option<&EncryptionInfo>) -> (PoolUuid, SimPool) {
let devices: HashSet<_, RandomState> = HashSet::from_iter(paths);
let device_pairs = devices.iter().map(|p| SimDev::new(p, enc_info));
let device_pairs = devices.iter().map(|p| SimDev::new(p));
(
PoolUuid::new_v4(),
SimPool {
Expand All @@ -60,6 +62,7 @@ impl SimPool {
filesystems: Table::default(),
fs_limit: 10,
enable_overprov: true,
encryption_info: enc_info.cloned(),
},
)
}
Expand All @@ -86,35 +89,31 @@ impl SimPool {
}

fn encryption_info(&self) -> Option<PoolEncryptionInfo> {
gather_encryption_info(
self.block_devs.len(),
self.block_devs.values().map(|bd| bd.encryption_info()),
)
.expect("sim engine cannot create pools with encrypted and unencrypted devices together")
self.encryption_info
.as_ref()
.map(|p| PoolEncryptionInfo::from(once(p)))
}

fn add_clevis_info(&mut self, pin: &str, config: &Value) {
self.block_devs
.iter_mut()
.for_each(|(_, bd)| bd.set_clevis_info(pin, config))
self.encryption_info = self
.encryption_info
.take()
.map(|ei| ei.set_clevis_info((pin.to_owned(), config.to_owned())));
}

fn clear_clevis_info(&mut self) {
self.block_devs
.iter_mut()
.for_each(|(_, bd)| bd.unset_clevis_info())
self.encryption_info = self.encryption_info.take().map(|ei| ei.unset_clevis_info());
}

fn add_key_desc(&mut self, key_desc: &KeyDescription) {
self.block_devs
.iter_mut()
.for_each(|(_, bd)| bd.set_key_desc(key_desc))
self.encryption_info = self
.encryption_info
.take()
.map(|ei| ei.set_key_desc(key_desc.to_owned()));
}

fn clear_key_desc(&mut self) {
self.block_devs
.iter_mut()
.for_each(|(_, bd)| bd.unset_key_desc())
self.encryption_info = self.encryption_info.take().map(|ei| ei.unset_key_desc());
}

/// Check the limit of filesystems on a pool and return an error if it has been passed.
Expand Down Expand Up @@ -219,7 +218,7 @@ impl Pool for SimPool {
"At least one blockdev path is required to initialize a cache.".to_string(),
));
}
let blockdev_pairs: Vec<_> = blockdevs.iter().map(|p| SimDev::new(p, None)).collect();
let blockdev_pairs: Vec<_> = blockdevs.iter().map(|p| SimDev::new(p)).collect();
let blockdev_uuids: Vec<_> = blockdev_pairs.iter().map(|(uuid, _)| *uuid).collect();
self.cache_devs.extend(blockdev_pairs);
Ok(SetCreateAction::new(blockdev_uuids))
Expand Down Expand Up @@ -296,7 +295,6 @@ impl Pool for SimPool {
}

let devices: HashSet<_, RandomState> = HashSet::from_iter(paths);
let encryption_info = pool_enc_to_enc!(self.encryption_info());

let the_vec = match tier {
BlockDevTier::Cache => &self.cache_devs,
Expand All @@ -307,15 +305,7 @@ impl Pool for SimPool {

let filtered_device_pairs: Vec<_> = devices
.iter()
.map(|p| {
SimDev::new(
p,
match tier {
BlockDevTier::Data => encryption_info.as_ref(),
BlockDevTier::Cache => None,
},
)
})
.map(|p| SimDev::new(p))
.filter(|(_, sd)| !filter.contains(&sd.devnode()))
.collect();

Expand Down

0 comments on commit 5f121e0

Please sign in to comment.