From: Xiubo Li <xiubli@xxxxxxxxxx> There is no need to create new nonce for the subdirs, since the encyrption will be used to encrypt/dencrypt the dentry name only. And later in the request reply it will fill the encryption info which is exactly inherit from the parent. This could help us simplify the snapshot supporting. And no need to parse the inode from a long snap name and search it from the cache, which may not exist. Signed-off-by: Xiubo Li <xiubli@xxxxxxxxxx> --- This depends on the ceph PR: https://github.com/ceph/ceph/pull/45516 And mds will always send the parent's encryption info back when creating directories. fs/ceph/inode.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c index 7b670e2405c1..f005213fe48b 100644 --- a/fs/ceph/inode.c +++ b/fs/ceph/inode.c @@ -91,9 +91,15 @@ struct inode *ceph_new_inode(struct inode *dir, struct dentry *dentry, if (err < 0) goto out_err; - err = ceph_fscrypt_prepare_context(dir, inode, as_ctx); - if (err) - goto out_err; + /* + * For subdirs they will inherit the whole encrytion info + * from their parent. + */ + if (!S_ISDIR(*mode)) { + err = ceph_fscrypt_prepare_context(dir, inode, as_ctx); + if (err) + goto out_err; + } return inode; out_err: -- 2.27.0
