On Mon, Sep 14, 2020 at 03:16:51PM -0400, Jeff Layton wrote: > This is the third posting of the ceph+fscrypt integration work. This > just covers context handling, filename and symlink support. > > The main changes since the last set are mainly to address Eric's review > comments. Hopefully this will be much closer to mergeable. Some highlights: > > 1/ rebase onto Eric's fscrypt-file-creation-v2 tag > > 2/ fscrypt_context_for_new_inode now takes a void * to hold the context > > 3/ make fscrypt_fname_disk_to_usr designate whether the returned name > is a nokey name. This is necessary to close a potential race in > readdir support > > 4/ fscrypt_base64_encode/decode remain in fs/crypto (not moved into lib/) > > 5/ test_dummy_encryption handling is moved into a separate patch, and > several bugs fixed that resulted in context not being set up > properly. > > 6/ symlink handling now works > > Content encryption is the next step, but I want to get the fscache > rework done first. It would be nice if we were able to store encrypted > files in the cache, for instance. > > This set has been tagged as "ceph-fscrypt-rfc.3" in my tree here: > > https://git.kernel.org/pub/scm/linux/kernel/git/jlayton/linux.git > > Note that this is still quite preliminary, but my goal is to get a set > merged for v5.11. A few comments that didn't fit anywhere else: I'm looking forward to contents encryption, as that's the most important part. Is there any possibility that the fscrypt xfstests can be run on ceph? See: https://www.kernel.org/doc/html/latest/filesystems/fscrypt.html#tests In fs/ceph/Kconfig, CEPH_FS needs: select FS_ENCRYPTION_ALGS if FS_ENCRYPTION There are compile errors when !CONFIG_FS_ENCRYPTION. - Eric
