-
Notifications
You must be signed in to change notification settings - Fork 242
/
luks.go
71 lines (59 loc) · 2.08 KB
/
luks.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
// Copyright 2020 Red Hat, Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package types
import (
"strings"
"github.com/coreos/ignition/v2/config/shared/errors"
"github.com/coreos/ignition/v2/config/util"
"github.com/coreos/vcontext/path"
"github.com/coreos/vcontext/report"
)
func (l Luks) Key() string {
return l.Name
}
func (l Luks) IgnoreDuplicates() map[string]struct{} {
return map[string]struct{}{
"Options": {},
}
}
func (l Luks) Validate(c path.ContextPath) (r report.Report) {
if strings.Contains(l.Name, "/") {
r.AddOnError(c.Append("name"), errors.ErrLuksNameContainsSlash)
}
r.AddOnError(c.Append("label"), l.validateLabel())
if util.NilOrEmpty(l.Device) {
r.AddOnError(c.Append("device"), errors.ErrDiskDeviceRequired)
} else {
r.AddOnError(c.Append("device"), validatePath(*l.Device))
}
if util.NotEmpty(l.Clevis.Custom.Pin) && (len(l.Clevis.Tang) > 0 || util.IsTrue(l.Clevis.Tpm2) || (l.Clevis.Threshold != nil && *l.Clevis.Threshold != 0)) {
r.AddOnError(c.Append("clevis"), errors.ErrClevisCustomWithOthers)
}
// fail if a key file is provided and is not valid
if err := validateURLNilOK(l.KeyFile.Source); err != nil {
r.AddOnError(c.Append("keys"), errors.ErrInvalidLuksKeyFile)
}
return
}
func (l Luks) validateLabel() error {
if util.NilOrEmpty(l.Label) {
return nil
}
if len(*l.Label) > 47 {
// LUKS2_LABEL_L has a maximum length of 48 (including the null terminator)
// https://gitlab.com/cryptsetup/cryptsetup/-/blob/1633f030e89ad2f11ae649ba9600997a41abd3fc/lib/luks2/luks2.h#L86
return errors.ErrLuksLabelTooLong
}
return nil
}