On Tue, 2021-08-17 at 15:04 +0100, Luis Henriques wrote: > Encryption is currently only supported on files/directories with layouts > where stripe_count=1. Forbid changing layouts when encryption is involved. > > Signed-off-by: Luis Henriques <lhenriques@xxxxxxx> > --- > Changes since v1: > - dropped changes to ceph_sync_setxattr(), MDS shall be responsible for > preventing layout changes on encrypted dirs/files > > fs/ceph/ioctl.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/fs/ceph/ioctl.c b/fs/ceph/ioctl.c > index 477ecc667aee..480d18bb2ff0 100644 > --- a/fs/ceph/ioctl.c > +++ b/fs/ceph/ioctl.c > @@ -294,6 +294,10 @@ static long ceph_set_encryption_policy(struct file *file, unsigned long arg) > struct inode *inode = file_inode(file); > struct ceph_inode_info *ci = ceph_inode(inode); > > + /* encrypted directories can't have striped layout */ > + if (ci->i_layout.stripe_count > 1) > + return -EINVAL; > + > ret = vet_mds_for_fscrypt(file); > if (ret) > return ret; Thanks Luis. I've gone ahead and merged this into my fscrypt pile. -- Jeff Layton <jlayton@xxxxxxxxxx>
