Online re-encrypt

.github/workflows/main.yml

@@ -244,7 +244,7 @@ jobs:
       matrix:
         include:
           - rev: HEAD
-            options: --post-test-check=verify-filesystem-symlinks --post-test-check=verify-pool-metadata --highest-revision-number=7
+            options: --post-test-check=verify-filesystem-symlinks --post-test-check=verify-pool-metadata --highest-revision-number=8
           - rev: v3.6.2
             options: --highest-revision-number=6
     runs-on: ubuntu-22.04

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "stratisd"
-version = "3.7.0"
+version = "3.8.0"
 authors.workspace = true
 edition.workspace = true
 rust-version.workspace = true

src/dbus_api/api/mod.rs

@@ -150,6 +150,20 @@ pub fn get_base_tree<'a>(
                 .add_p(manager_3_0::version_property(&f))
                 .add_p(manager_3_7::stopped_pools_property(&f)),
         )
+        .add(
+            f.interface(consts::MANAGER_INTERFACE_NAME_3_8, ())
+                .add_m(manager_3_5::create_pool_method(&f))
+                .add_m(manager_3_0::set_key_method(&f))
+                .add_m(manager_3_0::unset_key_method(&f))
+                .add_m(manager_3_0::list_keys_method(&f))
+                .add_m(manager_3_0::destroy_pool_method(&f))
+                .add_m(manager_3_0::engine_state_report_method(&f))
+                .add_m(manager_3_7::start_pool_method(&f))
+                .add_m(manager_3_6::stop_pool_method(&f))
+                .add_m(manager_3_2::refresh_state_method(&f))
+                .add_p(manager_3_0::version_property(&f))
+                .add_p(manager_3_7::stopped_pools_property(&f)),
+        )
         .add(
             f.interface(consts::REPORT_INTERFACE_NAME_3_0, ())
                 .add_m(report_3_0::get_report_method(&f)),
@@ -181,6 +195,10 @@ pub fn get_base_tree<'a>(
         .add(
             f.interface(consts::REPORT_INTERFACE_NAME_3_7, ())
                 .add_m(report_3_0::get_report_method(&f)),
+        )
+        .add(
+            f.interface(consts::REPORT_INTERFACE_NAME_3_8, ())
+                .add_m(report_3_0::get_report_method(&f)),
         );
 
     let path = obj_path.get_name().to_owned();

src/dbus_api/blockdev/mod.rs

@@ -138,6 +138,19 @@ pub fn create_dbus_blockdev<'a>(
                 .add_p(blockdev_3_0::physical_path_property(&f))
                 .add_p(blockdev_3_0::size_property(&f))
                 .add_p(blockdev_3_3::new_size_property(&f)),
+        )
+        .add(
+            f.interface(consts::BLOCKDEV_INTERFACE_NAME_3_8, ())
+                .add_p(blockdev_3_0::devnode_property(&f))
+                .add_p(blockdev_3_0::hardware_info_property(&f))
+                .add_p(blockdev_3_0::initialization_time_property(&f))
+                .add_p(blockdev_3_0::pool_property(&f))
+                .add_p(blockdev_3_0::tier_property(&f))
+                .add_p(blockdev_3_3::user_info_property(&f))
+                .add_p(blockdev_3_0::uuid_property(&f))
+                .add_p(blockdev_3_0::physical_path_property(&f))
+                .add_p(blockdev_3_0::size_property(&f))
+                .add_p(blockdev_3_3::new_size_property(&f)),
         );
 
     let path = object_path.get_name().to_owned();
@@ -236,6 +249,18 @@ pub fn get_blockdev_properties(
             consts::BLOCKDEV_NEW_SIZE_PROP => shared::blockdev_new_size_prop(dev)
         },
         consts::BLOCKDEV_INTERFACE_NAME_3_7 => {
+            consts::BLOCKDEV_DEVNODE_PROP => shared::blockdev_devnode_prop(dev),
+            consts::BLOCKDEV_HARDWARE_INFO_PROP => shared::blockdev_hardware_info_prop(dev),
+            consts::BLOCKDEV_USER_INFO_PROP => shared::blockdev_user_info_prop(dev),
+            consts::BLOCKDEV_INIT_TIME_PROP => shared::blockdev_init_time_prop(dev),
+            consts::BLOCKDEV_POOL_PROP => parent.clone(),
+            consts::BLOCKDEV_UUID_PROP => uuid_to_string!(dev_uuid),
+            consts::BLOCKDEV_TIER_PROP => shared::blockdev_tier_prop(tier),
+            consts::BLOCKDEV_PHYSICAL_PATH_PROP => shared::blockdev_physical_path_prop(dev),
+            consts::BLOCKDEV_TOTAL_SIZE_PROP => shared::blockdev_size_prop(dev),
+            consts::BLOCKDEV_NEW_SIZE_PROP => shared::blockdev_new_size_prop(dev)
+        },
+        consts::BLOCKDEV_INTERFACE_NAME_3_8 => {
             consts::BLOCKDEV_DEVNODE_PROP => shared::blockdev_devnode_prop(dev),
             consts::BLOCKDEV_HARDWARE_INFO_PROP => shared::blockdev_hardware_info_prop(dev),
             consts::BLOCKDEV_USER_INFO_PROP => shared::blockdev_user_info_prop(dev),

src/dbus_api/consts.rs

@@ -15,6 +15,7 @@ pub const MANAGER_INTERFACE_NAME_3_4: &str = "org.storage.stratis3.Manager.r4";
 pub const MANAGER_INTERFACE_NAME_3_5: &str = "org.storage.stratis3.Manager.r5";
 pub const MANAGER_INTERFACE_NAME_3_6: &str = "org.storage.stratis3.Manager.r6";
 pub const MANAGER_INTERFACE_NAME_3_7: &str = "org.storage.stratis3.Manager.r7";
+pub const MANAGER_INTERFACE_NAME_3_8: &str = "org.storage.stratis3.Manager.r8";
 pub const REPORT_INTERFACE_NAME_3_0: &str = "org.storage.stratis3.Report.r0";
 pub const REPORT_INTERFACE_NAME_3_1: &str = "org.storage.stratis3.Report.r1";
 pub const REPORT_INTERFACE_NAME_3_2: &str = "org.storage.stratis3.Report.r2";
@@ -23,6 +24,7 @@ pub const REPORT_INTERFACE_NAME_3_4: &str = "org.storage.stratis3.Report.r4";
 pub const REPORT_INTERFACE_NAME_3_5: &str = "org.storage.stratis3.Report.r5";
 pub const REPORT_INTERFACE_NAME_3_6: &str = "org.storage.stratis3.Report.r6";
 pub const REPORT_INTERFACE_NAME_3_7: &str = "org.storage.stratis3.Report.r7";
+pub const REPORT_INTERFACE_NAME_3_8: &str = "org.storage.stratis3.Report.r8";
 
 pub const LOCKED_POOLS_PROP: &str = "LockedPools";
 pub const STOPPED_POOLS_PROP: &str = "StoppedPools";
@@ -35,6 +37,7 @@ pub const POOL_INTERFACE_NAME_3_4: &str = "org.storage.stratis3.pool.r4";
 pub const POOL_INTERFACE_NAME_3_5: &str = "org.storage.stratis3.pool.r5";
 pub const POOL_INTERFACE_NAME_3_6: &str = "org.storage.stratis3.pool.r6";
 pub const POOL_INTERFACE_NAME_3_7: &str = "org.storage.stratis3.pool.r7";
+pub const POOL_INTERFACE_NAME_3_8: &str = "org.storage.stratis3.pool.r8";
 pub const POOL_NAME_PROP: &str = "Name";
 pub const POOL_UUID_PROP: &str = "Uuid";
 pub const POOL_HAS_CACHE_PROP: &str = "HasCache";
@@ -58,6 +61,7 @@ pub const FILESYSTEM_INTERFACE_NAME_3_4: &str = "org.storage.stratis3.filesystem
 pub const FILESYSTEM_INTERFACE_NAME_3_5: &str = "org.storage.stratis3.filesystem.r5";
 pub const FILESYSTEM_INTERFACE_NAME_3_6: &str = "org.storage.stratis3.filesystem.r6";
 pub const FILESYSTEM_INTERFACE_NAME_3_7: &str = "org.storage.stratis3.filesystem.r7";
+pub const FILESYSTEM_INTERFACE_NAME_3_8: &str = "org.storage.stratis3.filesystem.r8";
 pub const FILESYSTEM_NAME_PROP: &str = "Name";
 pub const FILESYSTEM_UUID_PROP: &str = "Uuid";
 pub const FILESYSTEM_USED_PROP: &str = "Used";
@@ -76,6 +80,7 @@ pub const BLOCKDEV_INTERFACE_NAME_3_4: &str = "org.storage.stratis3.blockdev.r4"
 pub const BLOCKDEV_INTERFACE_NAME_3_5: &str = "org.storage.stratis3.blockdev.r5";
 pub const BLOCKDEV_INTERFACE_NAME_3_6: &str = "org.storage.stratis3.blockdev.r6";
 pub const BLOCKDEV_INTERFACE_NAME_3_7: &str = "org.storage.stratis3.blockdev.r7";
+pub const BLOCKDEV_INTERFACE_NAME_3_8: &str = "org.storage.stratis3.blockdev.r8";
 pub const BLOCKDEV_DEVNODE_PROP: &str = "Devnode";
 pub const BLOCKDEV_HARDWARE_INFO_PROP: &str = "HardwareInfo";
 pub const BLOCKDEV_USER_INFO_PROP: &str = "UserInfo";
@@ -98,6 +103,7 @@ pub fn standard_pool_interfaces() -> Vec<String> {
         POOL_INTERFACE_NAME_3_5,
         POOL_INTERFACE_NAME_3_6,
         POOL_INTERFACE_NAME_3_7,
+        POOL_INTERFACE_NAME_3_8,
     ]
     .iter()
     .map(|s| (*s).to_string())
@@ -115,6 +121,7 @@ pub fn standard_filesystem_interfaces() -> Vec<String> {
         FILESYSTEM_INTERFACE_NAME_3_5,
         FILESYSTEM_INTERFACE_NAME_3_6,
         FILESYSTEM_INTERFACE_NAME_3_7,
+        FILESYSTEM_INTERFACE_NAME_3_8,
     ]
     .iter()
     .map(|s| (*s).to_string())
@@ -132,6 +139,7 @@ pub fn standard_blockdev_interfaces() -> Vec<String> {
         BLOCKDEV_INTERFACE_NAME_3_5,
         BLOCKDEV_INTERFACE_NAME_3_6,
         BLOCKDEV_INTERFACE_NAME_3_7,
+        BLOCKDEV_INTERFACE_NAME_3_8,
     ]
     .iter()
     .map(|s| (*s).to_string())

src/dbus_api/filesystem/mod.rs

@@ -127,6 +127,19 @@ pub fn create_dbus_filesystem<'a>(
                 .add_p(filesystem_3_0::used_property(&f))
                 .add_p(filesystem_3_6::size_limit_property(&f))
                 .add_p(filesystem_3_7::origin_property(&f)),
+        )
+        .add(
+            f.interface(consts::FILESYSTEM_INTERFACE_NAME_3_8, ())
+                .add_m(filesystem_3_0::rename_method(&f))
+                .add_p(filesystem_3_0::devnode_property(&f))
+                .add_p(filesystem_3_0::name_property(&f))
+                .add_p(filesystem_3_0::pool_property(&f))
+                .add_p(filesystem_3_0::uuid_property(&f))
+                .add_p(filesystem_3_0::created_property(&f))
+                .add_p(filesystem_3_0::size_property(&f))
+                .add_p(filesystem_3_0::used_property(&f))
+                .add_p(filesystem_3_6::size_limit_property(&f))
+                .add_p(filesystem_3_7::origin_property(&f)),
         );
 
     let path = object_path.get_name().to_owned();
@@ -209,6 +222,17 @@ pub fn get_fs_properties(
             consts::FILESYSTEM_SIZE_LIMIT_PROP => shared::fs_size_limit_prop(fs)
         },
         consts::FILESYSTEM_INTERFACE_NAME_3_7 => {
+            consts::FILESYSTEM_NAME_PROP => shared::fs_name_prop(fs_name),
+            consts::FILESYSTEM_UUID_PROP => uuid_to_string!(fs_uuid),
+            consts::FILESYSTEM_DEVNODE_PROP => shared::fs_devnode_prop(fs, pool_name, fs_name),
+            consts::FILESYSTEM_POOL_PROP => parent.clone(),
+            consts::FILESYSTEM_CREATED_PROP => shared::fs_created_prop(fs),
+            consts::FILESYSTEM_SIZE_PROP => shared::fs_size_prop(fs),
+            consts::FILESYSTEM_USED_PROP => shared::fs_used_prop(fs),
+            consts::FILESYSTEM_SIZE_LIMIT_PROP => shared::fs_size_limit_prop(fs),
+            consts::FILESYSTEM_ORIGIN_PROP => shared::fs_origin_prop(fs)
+        },
+        consts::FILESYSTEM_INTERFACE_NAME_3_8 => {
             consts::FILESYSTEM_NAME_PROP => shared::fs_name_prop(fs_name),
             consts::FILESYSTEM_UUID_PROP => uuid_to_string!(fs_uuid),
             consts::FILESYSTEM_DEVNODE_PROP => shared::fs_devnode_prop(fs, pool_name, fs_name),

src/dbus_api/pool/mod.rs

@@ -19,6 +19,7 @@ mod pool_3_3;
 mod pool_3_5;
 mod pool_3_6;
 mod pool_3_7;
+mod pool_3_8;
 pub mod prop_conv;
 mod shared;
 
@@ -275,6 +276,40 @@ pub fn create_dbus_pool<'a>(
                 .add_p(pool_3_1::enable_overprov_property(&f))
                 .add_p(pool_3_1::no_alloc_space_property(&f))
                 .add_p(pool_3_7::metadata_version_property(&f)),
+        )
+        .add(
+            f.interface(consts::POOL_INTERFACE_NAME_3_8, ())
+                .add_m(pool_3_6::create_filesystems_method(&f))
+                .add_m(pool_3_7::destroy_filesystems_method(&f))
+                .add_m(pool_3_0::snapshot_filesystem_method(&f))
+                .add_m(pool_3_0::add_blockdevs_method(&f))
+                .add_m(pool_3_0::bind_clevis_method(&f))
+                .add_m(pool_3_0::unbind_clevis_method(&f))
+                .add_m(pool_3_5::init_cache_method(&f))
+                .add_m(pool_3_0::add_cachedevs_method(&f))
+                .add_m(pool_3_0::bind_keyring_method(&f))
+                .add_m(pool_3_0::unbind_keyring_method(&f))
+                .add_m(pool_3_0::rebind_keyring_method(&f))
+                .add_m(pool_3_0::rebind_clevis_method(&f))
+                .add_m(pool_3_0::rename_method(&f))
+                .add_m(pool_3_3::grow_physical_device_method(&f))
+                .add_m(pool_3_7::get_metadata_method(&f))
+                .add_m(pool_3_8::encrypt_pool_method(&f))
+                .add_m(pool_3_8::reencrypt_pool_method(&f))
+                .add_p(pool_3_0::name_property(&f))
+                .add_p(pool_3_0::uuid_property(&f))
+                .add_p(pool_3_0::encrypted_property(&f))
+                .add_p(pool_3_0::avail_actions_property(&f))
+                .add_p(pool_3_0::key_desc_property(&f))
+                .add_p(pool_3_0::clevis_info_property(&f))
+                .add_p(pool_3_0::has_cache_property(&f))
+                .add_p(pool_3_0::alloc_size_property(&f))
+                .add_p(pool_3_0::used_size_property(&f))
+                .add_p(pool_3_0::total_size_property(&f))
+                .add_p(pool_3_1::fs_limit_property(&f))
+                .add_p(pool_3_1::enable_overprov_property(&f))
+                .add_p(pool_3_1::no_alloc_space_property(&f))
+                .add_p(pool_3_7::metadata_version_property(&f)),
         );
 
     let path = object_path.get_name().to_owned();
@@ -407,6 +442,22 @@ pub fn get_pool_properties(
             consts::POOL_OVERPROV_PROP => shared::pool_overprov_enabled(pool),
             consts::POOL_NO_ALLOCABLE_SPACE_PROP => shared::pool_no_alloc_space(pool),
             consts::POOL_METADATA_VERSION_PROP => shared::pool_metadata_version(pool)
+        },
+        consts::POOL_INTERFACE_NAME_3_8 => {
+            consts::POOL_NAME_PROP => shared::pool_name_prop(pool_name),
+            consts::POOL_UUID_PROP => uuid_to_string!(pool_uuid),
+            consts::POOL_ENCRYPTED_PROP => shared::pool_enc_prop(pool),
+            consts::POOL_AVAIL_ACTIONS_PROP => shared::pool_avail_actions_prop(pool),
+            consts::POOL_KEY_DESC_PROP => shared::pool_key_desc_prop(pool),
+            consts::POOL_CLEVIS_INFO_PROP => shared::pool_clevis_info_prop(pool),
+            consts::POOL_HAS_CACHE_PROP => shared::pool_has_cache_prop(pool),
+            consts::POOL_ALLOC_SIZE_PROP => shared::pool_allocated_size(pool),
+            consts::POOL_TOTAL_USED_PROP => shared::pool_used_size(pool),
+            consts::POOL_TOTAL_SIZE_PROP => shared::pool_total_size(pool),
+            consts::POOL_FS_LIMIT_PROP => shared::pool_fs_limit(pool),
+            consts::POOL_OVERPROV_PROP => shared::pool_overprov_enabled(pool),
+            consts::POOL_NO_ALLOCABLE_SPACE_PROP => shared::pool_no_alloc_space(pool),
+            consts::POOL_METADATA_VERSION_PROP => shared::pool_metadata_version(pool)
         }
     }
 }

src/dbus_api/pool/pool_3_0/api.rs

@@ -130,7 +130,7 @@ pub fn add_cachedevs_method(f: &Factory<MTSync<TData>, TData>) -> Method<MTSync<
 pub fn encrypted_property(f: &Factory<MTSync<TData>, TData>) -> Property<MTSync<TData>, TData> {
     f.property::<bool, _>(consts::POOL_ENCRYPTED_PROP, ())
         .access(Access::Read)
-        .emits_changed(EmitsChangedSignal::Const)
+        .emits_changed(EmitsChangedSignal::True)
         .on_get(get_pool_encrypted)
 }
 

src/dbus_api/pool/pool_3_8/api.rs

@@ -0,0 +1,45 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+use dbus_tree::{Factory, MTSync, Method};
+
+use crate::dbus_api::{
+    pool::pool_3_8::methods::{encrypt_pool, reencrypt_pool},
+    types::TData,
+};
+
+pub fn encrypt_pool_method(f: &Factory<MTSync<TData>, TData>) -> Method<MTSync<TData>, TData> {
+    f.method("EncryptPool", (), encrypt_pool)
+        // Optional key description of key in the kernel keyring
+        // b: true if the pool should be encrypted and able to be
+        // unlocked with a passphrase associated with this key description.
+        // s: key description
+        //
+        // Rust representation: (bool, String)
+        .in_arg(("key_desc", "(bs)"))
+        // Optional Clevis information for binding on initialization.
+        // b: true if the pool should be encrypted and able to be unlocked
+        // using Clevis.
+        // s: pin name
+        // s: JSON config for Clevis use
+        //
+        // Rust representation: (bool, (String, String))
+        .in_arg(("clevis_info", "(b(ss))"))
+        // b: true if pool was newly encrypted
+        //
+        // Rust representation: bool
+        .out_arg(("results", "b"))
+        .out_arg(("return_code", "q"))
+        .out_arg(("return_string", "s"))
+}
+
+pub fn reencrypt_pool_method(f: &Factory<MTSync<TData>, TData>) -> Method<MTSync<TData>, TData> {
+    f.method("ReencryptPool", (), reencrypt_pool)
+        // b: true if successful
+        //
+        // Rust representation: bool
+        .out_arg(("results", "b"))
+        .out_arg(("return_code", "q"))
+        .out_arg(("return_string", "s"))
+}