rough sketch of enforcing invalid states in Go

bootstrapper/internal/diskencryption/diskencryption_cgo.go

@@ -34,11 +34,16 @@ var (
 
 // Cryptsetup manages the encrypted state mapper device.
 type Cryptsetup struct {
-	fs         afero.Fs
+	fs afero.Fs
-	device     cryptdevice
+	// device     cryptdevice
 	initByName initByName
 }
 
+type OpenCryptsetup struct {
+	*Cryptsetup
+	device cryptdevice
+}
+
 // New creates a new Cryptsetup.
 func New() *Cryptsetup {
 	return &Cryptsetup{
@@ -50,35 +55,31 @@ func New() *Cryptsetup {
 }
 
 // Open opens the cryptdevice.
-func (c *Cryptsetup) Open() error {
+func (c *Cryptsetup) Open() (*OpenCryptsetup, error) {
 	packageLock.Lock()
 	defer packageLock.Unlock()
-	if c.device != nil {
-		return errDeviceAlreadyOpen
-	}
 	var err error
-	c.device, err = c.initByName(stateMapperDevice)
+	device, err := c.initByName(stateMapperDevice)
 	if err != nil {
-		return fmt.Errorf("initializing crypt device for mapped device %q: %w", stateMapperDevice, err)
+		return nil, fmt.Errorf("initializing crypt device for mapped device %q: %w", stateMapperDevice, err)
 	}
-	return nil
+	return &OpenCryptsetup{c, device}, nil
 }
 
 // Close closes the cryptdevice.
-func (c *Cryptsetup) Close() error {
+func (c *OpenCryptsetup) Close() error {
 	packageLock.Lock()
 	defer packageLock.Unlock()
-	if c.device == nil {
+	//if c.device == nil {
-		return errDeviceNotOpen
+	//	return errDeviceNotOpen
-	}
+	//}
 	c.device.Free()
-	c.device = nil
+	c.device = nil // How to prevent close from being called twice? Return closeFn in constructor which suggests defer closeFn() pattern?
+
 	return nil
 }
 
-// UUID gets the device's UUID.
+func (c *OpenCryptsetup) UUID() (string, error) {
-// Only works after calling Open().
-func (c *Cryptsetup) UUID() (string, error) {
 	packageLock.Lock()
 	defer packageLock.Unlock()
 	if c.device == nil {
@@ -93,7 +94,7 @@ func (c *Cryptsetup) UUID() (string, error) {
 
 // UpdatePassphrase switches the initial random passphrase of the mapped crypt device to a permanent passphrase.
 // Only works after calling Open().
-func (c *Cryptsetup) UpdatePassphrase(passphrase string) error {
+func (c *OpenCryptsetup) UpdatePassphrase(passphrase string) error {
 	packageLock.Lock()
 	defer packageLock.Unlock()
 	if c.device == nil {

bootstrapper/internal/diskencryption/diskencryption_cross.go

@@ -1,50 +0,0 @@
-//go:build !linux || !cgo
-
-/*
-Copyright (c) Edgeless Systems GmbH
-
-SPDX-License-Identifier: AGPL-3.0-only
-*/
-
-/*
-Package diskencryption handles interaction with a node's state disk.
-
-This package is not thread safe, since libcryptsetup is not thread safe.
-There should only be one instance using this package per process.
-*/
-package diskencryption
-
-import "errors"
-
-// Cryptsetup manages the encrypted state mapper device.
-type Cryptsetup struct{}
-
-// New creates a new Cryptsetup.
-// This function panics if CGO is disabled.
-func New() *Cryptsetup {
-	return &Cryptsetup{}
-}
-
-// Open opens the cryptdevice.
-// This function does nothing if CGO is disabled.
-func (c *Cryptsetup) Open() error {
-	return errors.New("using cryptsetup requires building with CGO")
-}
-
-// Close closes the cryptdevice.
-// This function errors if CGO is disabled.
-func (c *Cryptsetup) Close() error {
-	return errors.New("using cryptsetup requires building with CGO")
-}
-
-// UUID gets the device's UUID.
-// This function errors if CGO is disabled.
-func (c *Cryptsetup) UUID() (string, error) {
-	return "", errors.New("using cryptsetup requires building with CGO")
-}
-
-// UpdatePassphrase switches the initial random passphrase of the mapped crypt device to a permanent passphrase.
-// This function errors if CGO is disabled.
-func (c *Cryptsetup) UpdatePassphrase(_ string) error {
-	return errors.New("using cryptsetup requires building with CGO")
-}