Crypt interface issues

[smoser]

I'm looking at lvm.go, and see a couple things i had questions on with crypt.

a.) CryptClose take a key. You do not have to supply a key to close a device that is already open

b.) CryptOpen takes a lvName and a key. Presumably this lvName is the name of the logical volume to open. When you open a luks device, you need to provide it with a new name, as the old device remains present.. Given /dev/vg0/lv0 as a logical block device:

    $ vgcreate vg0 /dev/vde
    $ lvcreate --size=100MiB --name=lv0 vg0
    $ echo -n "seecret" > password.txt
    $ cryptsetup luksFormat --batch-mode --key=file=password.txt /dev/vg0/lv0
    $ cryptsetup open --type=luks --batch-mode --key-file=password.txt /dev/vg0/lv0 lv0-decrypted

    $ ls -l /dev/mapper/*lv0* /dev/vg0/lv0
    lrwxrwxrwx 1 root root 8 Jan 27 20:34 /dev/mapper/lv0-decrypted -> ../dm-27
    lrwxrwxrwx 1 root root 8 Jan 27 20:34 /dev/mapper/vg0-lv0 -> ../dm-26
    lrwxrwxrwx 1 root root 8 Jan 27 20:34 /dev/vg0/lv0 -> ../dm-26

So somewhere/somehow we have to account for the 'lv0-decrypted' device name. Previously we had an 'EncryptedLv' type which accounted for this. That might not be the best, but one way or another we do have to deal with it.

c.) Since the user of the encrypted lv probably wants to use the decrypted name (mount /dev/vg0/lv0-decrypted /mnt), we need to somehow deal with that. I'd like to avoid the API user having to think about the implementation. But just create a logical volume that is encrypted and then use it.

d.) as I commented other places, lvName are not system unique. So in some way you have to pass a volumeGroup here also.

[rchamarthy]

a. Removed the key b/c. Added DecryptedLVName and DecryptedLVPath to LV structure d. Added vgName to all LV operations