From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id 142E71FF136 for ; Mon, 20 Apr 2026 09:22:59 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id D803C1E724; Mon, 20 Apr 2026 09:22:58 +0200 (CEST) Message-ID: Date: Mon, 20 Apr 2026 09:22:54 +0200 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH proxmox-backup v3 07/30] pbs-config: implement encryption key config handling To: Thomas Lamprecht References: <20260419210610.3915597-1-t.lamprecht@proxmox.com> <20260419210610.3915597-2-t.lamprecht@proxmox.com> Content-Language: en-US, de-DE From: Christian Ebner In-Reply-To: <20260419210610.3915597-2-t.lamprecht@proxmox.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1776669691066 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.070 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Message-ID-Hash: 4CQM7FJGGEBHKK7HEZ5D7VAIRJLR3GB7 X-Message-ID-Hash: 4CQM7FJGGEBHKK7HEZ5D7VAIRJLR3GB7 X-MailFrom: c.ebner@proxmox.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: pbs-devel@lists.proxmox.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Proxmox Backup Server development discussion List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: On 4/19/26 11:06 PM, Thomas Lamprecht wrote: > Am 14.04.26 um 14:59 schrieb Christian Ebner: >> diff --git a/pbs-config/src/encryption_keys.rs b/pbs-config/src/encryption_keys.rs >> >> +/// Mark the key as archived by setting the `archived-at` timestamp. >> +pub fn archive_key(id: &str, mut config: SectionConfigData) -> Result<(), Error> { > > nit: Unlike delete_key, which has a "Safety: caller must acquire and hold > config lock" doc comment, archive_key has no such note even though it has > the same precondition (takes `mut config` without re-locking). Might be good > to add an equivalent note here for consistency - this also nicely documents > the intent alongside the pending must_use-based fix for the missing lock > binding in store_key. Added the safety docstring for archive_key as well. > >> +/// Config type for encryption key config entries >> +pub const ENCRYPTION_KEYS_CFG_TYPE_ID: &str = "sync-key"; > > nit: the type id "sync-key" hardcodes a sync-only assumption into what is > otherwise named as a generic "encryption keys" config. If there's any intent > to reuse this config outside of sync jobs later, albeit renaming it is a > minor migration cost, if some use cases really come up, just wanted to > notice this tiny boundary "leak" as now it'd be still trivial to adapt the > name, but really no hard feelings at all. The intend was to keep the door open in case we decide to merge this config with the tape key config for PBS 5.