On 26/10/2022 22:12, Zorro Lang wrote:
On Wed, Oct 26, 2022 at 03:04:18PM +0800, xiubli@xxxxxxxxxx wrote:
From: Xiubo Li <xiubli@xxxxxxxxxx>
For ceph we couldn't use the mkfs to check whether the encryption
is support or not, we need to mount it first and then check the
'set_encpolicy', etc.
Signed-off-by: Xiubo Li <xiubli@xxxxxxxxxx>
---
common/encrypt | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/common/encrypt b/common/encrypt
index fd620c41..e837c9de 100644
--- a/common/encrypt
+++ b/common/encrypt
@@ -153,6 +153,23 @@ _scratch_check_encrypted()
# erase the UBI volume; reformated automatically on next mount
$UBIUPDATEVOL_PROG ${SCRATCH_DEV} -t
;;
+ ceph)
+ # Try to mount the filesystem. We need to check whether the encryption
+ # is support or not via the ioctl cmd, such as 'set_encpolicy'.
+ if ! _try_scratch_mount &>>$seqres.full; then
+ _notrun "kernel is unaware of $FSTYP encryption feature," \
+ "or mkfs options are not compatible with encryption"
+ fi
+
+ mkdir $SCRATCH_MNT/tmpdir
+ if _set_encpolicy $SCRATCH_MNT/tmpdir 2>&1 >>$seqres.full | \
+ grep -Eq 'Inappropriate ioctl for device|Operation not supported'
+ then
+ _notrun "kernel does not support $FSTYP encryption"
+ fi
+ rmdir $SCRATCH_MNT/tmpdir
+ _scratch_unmount
As I replied in patch 1/2, this function is a mkfs function, if ceph need a
specific mkfs way, you can do it in this function, or you even can keep it
empty
ceph)
;;
Or does a simple cleanup
ceph)
_scratch_cleanup_files
...
;;
I'm not familar with ceph, that depends on you. But the change in this patch is
not "mkfs", it's a checking, checking if the current $SCRATCH_MNT supports
encryption, you should do it in other function which does that checking job, not
change a mkfs function to be a check function.
Sounds good. Let me check how to that.
Thanks Zorro again.
- Xiubo
Thanks,
Zorro
+ ;;
*)
_notrun "No encryption support for $FSTYP"
;;
--
2.31.1
