Re: [PATCH 2/2] encrypt: add ceph support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 26/10/2022 22:12, Zorro Lang wrote:
On Wed, Oct 26, 2022 at 03:04:18PM +0800, xiubli@xxxxxxxxxx wrote:
From: Xiubo Li <xiubli@xxxxxxxxxx>

For ceph we couldn't use the mkfs to check whether the encryption
is support or not, we need to mount it first and then check the
'set_encpolicy', etc.

Signed-off-by: Xiubo Li <xiubli@xxxxxxxxxx>
---
  common/encrypt | 17 +++++++++++++++++
  1 file changed, 17 insertions(+)

diff --git a/common/encrypt b/common/encrypt
index fd620c41..e837c9de 100644
--- a/common/encrypt
+++ b/common/encrypt
@@ -153,6 +153,23 @@ _scratch_check_encrypted()
  		# erase the UBI volume; reformated automatically on next mount
  		$UBIUPDATEVOL_PROG ${SCRATCH_DEV} -t
  		;;
+	ceph)
+		# Try to mount the filesystem. We need to check whether the encryption
+		# is support or not via the ioctl cmd, such as 'set_encpolicy'.
+		if ! _try_scratch_mount &>>$seqres.full; then
+			_notrun "kernel is unaware of $FSTYP encryption feature," \
+				"or mkfs options are not compatible with encryption"
+		fi
+
+		mkdir $SCRATCH_MNT/tmpdir
+		if _set_encpolicy $SCRATCH_MNT/tmpdir 2>&1 >>$seqres.full | \
+			grep -Eq 'Inappropriate ioctl for device|Operation not supported'
+		then
+			_notrun "kernel does not support $FSTYP encryption"
+		fi
+		rmdir $SCRATCH_MNT/tmpdir
+		_scratch_unmount
As I replied in patch 1/2, this function is a mkfs function, if ceph need a
specific mkfs way, you can do it in this function, or you even can keep it
empty

   ceph)
	;;

Or does a simple cleanup

   ceph)
	_scratch_cleanup_files
	...
	;;

I'm not familar with ceph, that depends on you. But the change in this patch is
not "mkfs", it's a checking, checking if the current $SCRATCH_MNT supports
encryption, you should do it in other function which does that checking job, not
change a mkfs function to be a check function.

Sounds good. Let me check how to that.

Thanks Zorro again.

- Xiubo


Thanks,
Zorro

+		;;
  	*)
  		_notrun "No encryption support for $FSTYP"
  		;;
--
2.31.1





[Index of Archives]     [CEPH Users]     [Ceph Large]     [Ceph Dev]     [Information on CEPH]     [Linux BTRFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux