xiubli@xxxxxxxxxx writes: > From: Xiubo Li <xiubli@xxxxxxxxxx> > > This patch series is based on Jeff Layton's previous great work and effort > on this and all the patches bas been in the testing branch since this > Monday(20 Mar) I've been going through this new rev[1] in the last few days and I couldn't find any issues with it. The rebase on top of 6.3 added minor changes since last version (for example, there's no need to call fscrypt_add_test_dummy_key() anymore), but everything seems to be fine. So, FWIW, feel free to add my: Tested-by: Luís Henriques <lhenriques@xxxxxxx> Reviewed-by: Luís Henriques <lhenriques@xxxxxxx> to the whole series. And, again, thanks a lot for your work on this! [1] Actually, I've looked into what's currently in the 'testing' branch, which is already slightly different from this v17. Cheers, -- Luís > Since v15 we have added the ceph qa teuthology test cases for this [1][2], > which will test both the file name and contents encryption features and at > the same time they will also test the IO benchmarks. > > To support the fscrypt we also have some other work in ceph [3][4][5][6][7][8][9]: > > [1] https://github.com/ceph/ceph/pull/48628 > [2] https://github.com/ceph/ceph/pull/49934 > [3] https://github.com/ceph/ceph/pull/43588 > [4] https://github.com/ceph/ceph/pull/37297 > [5] https://github.com/ceph/ceph/pull/45192 > [6] https://github.com/ceph/ceph/pull/45312 > [7] https://github.com/ceph/ceph/pull/40828 > [8] https://github.com/ceph/ceph/pull/45224 > [9] https://github.com/ceph/ceph/pull/45073 > > The [9] is still undering testing and will soon be merged after that. All > the others had been merged. > > This will depend on Eric's [10] which is a [DO NOT MERGE] patch in the > ceph-client's testing branch temporarily. > > [10] https://git.kernel.org/pub/scm/fs/fscrypt/linux.git/log/?h=for-next, > > The main changes since v16: > > - rebased onto v6.3 rc3 > > - An bug fix for size truncating, which will cause the pagecaches to be > incorrectly truncated. > - Luis fixed atomic open bug for encrypted directories > > > > Jeff Layton (47): > libceph: add spinlock around osd->o_requests > libceph: define struct ceph_sparse_extent and add some helpers > libceph: add sparse read support to msgr2 crc state machine > libceph: add sparse read support to OSD client > libceph: support sparse reads on msgr2 secure codepath > libceph: add sparse read support to msgr1 > ceph: add new mount option to enable sparse reads > ceph: preallocate inode for ops that may create one > ceph: make ceph_msdc_build_path use ref-walk > libceph: add new iov_iter-based ceph_msg_data_type and > ceph_osd_data_type > ceph: use osd_req_op_extent_osd_iter for netfs reads > ceph: fscrypt_auth handling for ceph > ceph: ensure that we accept a new context from MDS for new inodes > ceph: add support for fscrypt_auth/fscrypt_file to cap messages > ceph: implement -o test_dummy_encryption mount option > ceph: decode alternate_name in lease info > ceph: add fscrypt ioctls > ceph: add encrypted fname handling to ceph_mdsc_build_path > ceph: send altname in MClientRequest > ceph: encode encrypted name in dentry release > ceph: properly set DCACHE_NOKEY_NAME flag in lookup > ceph: set DCACHE_NOKEY_NAME in atomic open > ceph: make d_revalidate call fscrypt revalidator for encrypted > dentries > ceph: add helpers for converting names for userland presentation > ceph: add fscrypt support to ceph_fill_trace > ceph: create symlinks with encrypted and base64-encoded targets > ceph: make ceph_get_name decrypt filenames > ceph: add a new ceph.fscrypt.auth vxattr > ceph: add some fscrypt guardrails > libceph: add CEPH_OSD_OP_ASSERT_VER support > ceph: size handling for encrypted inodes in cap updates > ceph: fscrypt_file field handling in MClientRequest messages > ceph: handle fscrypt fields in cap messages from MDS > ceph: update WARN_ON message to pr_warn > ceph: add infrastructure for file encryption and decryption > libceph: allow ceph_osdc_new_request to accept a multi-op read > ceph: disable fallocate for encrypted inodes > ceph: disable copy offload on encrypted inodes > ceph: don't use special DIO path for encrypted inodes > ceph: align data in pages in ceph_sync_write > ceph: add read/modify/write to ceph_sync_write > ceph: plumb in decryption during sync reads > ceph: add fscrypt decryption support to ceph_netfs_issue_op > ceph: set i_blkbits to crypto block size for encrypted inodes > ceph: add encryption support to writepage > ceph: fscrypt support for writepages > ceph: report STATX_ATTR_ENCRYPTED on encrypted inodes > > Luís Henriques (11): > ceph: add base64 endcoding routines for encrypted names > ceph: allow encrypting a directory while not having Ax caps > ceph: mark directory as non-complete after loading key > ceph: don't allow changing layout on encrypted files/directories > ceph: invalidate pages when doing direct/sync writes > ceph: add support for encrypted snapshot names > ceph: add support for handling encrypted snapshot names > ceph: update documentation regarding snapshot naming limitations > ceph: prevent snapshots to be created in encrypted locked directories > ceph: switch ceph_open() to use new fscrypt helper > ceph: switch ceph_open_atomic() to use the new fscrypt helper > > Xiubo Li (13): > ceph: make the ioctl cmd more readable in debug log > ceph: fix base64 encoded name's length check in ceph_fname_to_usr() > ceph: pass the request to parse_reply_info_readdir() > ceph: add ceph_encode_encrypted_dname() helper > ceph: add support to readdir for encrypted filenames > ceph: get file size from fscrypt_file when present in inode traces > ceph: add __ceph_get_caps helper support > ceph: add __ceph_sync_read helper support > ceph: add object version support for sync read > ceph: add truncate size handling support for fscrypt > libceph: defer removing the req from osdc just after req->r_callback > ceph: drop the messages from MDS when unmounting > ceph: fix updating the i_truncate_pagecache_size for fscrypt > > Documentation/filesystems/ceph.rst | 10 + > fs/ceph/Makefile | 1 + > fs/ceph/acl.c | 4 +- > fs/ceph/addr.c | 182 ++++++-- > fs/ceph/caps.c | 226 ++++++++-- > fs/ceph/crypto.c | 669 +++++++++++++++++++++++++++++ > fs/ceph/crypto.h | 270 ++++++++++++ > fs/ceph/dir.c | 188 ++++++-- > fs/ceph/export.c | 44 +- > fs/ceph/file.c | 593 +++++++++++++++++++++---- > fs/ceph/inode.c | 613 +++++++++++++++++++++++--- > fs/ceph/ioctl.c | 126 +++++- > fs/ceph/mds_client.c | 477 +++++++++++++++++--- > fs/ceph/mds_client.h | 29 +- > fs/ceph/quota.c | 4 + > fs/ceph/snap.c | 6 + > fs/ceph/super.c | 162 ++++++- > fs/ceph/super.h | 44 +- > fs/ceph/xattr.c | 29 ++ > include/linux/ceph/ceph_fs.h | 21 +- > include/linux/ceph/messenger.h | 40 ++ > include/linux/ceph/osd_client.h | 93 +++- > include/linux/ceph/rados.h | 4 + > net/ceph/messenger.c | 79 ++++ > net/ceph/messenger_v1.c | 98 ++++- > net/ceph/messenger_v2.c | 286 +++++++++++- > net/ceph/osd_client.c | 369 +++++++++++++++- > 27 files changed, 4260 insertions(+), 407 deletions(-) > create mode 100644 fs/ceph/crypto.c > create mode 100644 fs/ceph/crypto.h > > -- > 2.31.1 >
