[RFC PATCH v5 00/19] ceph+fscrypt: context, filename and symlink support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I haven't posted this in a while and there were some bugs shaken out of
the last posting. This adds (partial) support for fscrypt to kcephfs,
including crypto contexts, filenames and encrypted symlink targets. At
this point, the xfstests quick tests that generally pass without fscrypt
also pass with test_dummy_encryption enabled.

There is one lingering bug that I'm having trouble tracking down: xfstest
generic/477 (an open_by_handle_at test) sometimes throws a "Busy inodes
after umount" warning. I'm narrowed down the issue a bit, but there is
some raciness involved so I haven't quite nailed it down yet.

This set is quite invasive. There is probably some further work to be
done to add common code helpers and the like, but the final diffstat
probably won't look too different.

This set does not include encryption of file contents. That is turning
out to be a bit trickier than first expected owing to the fact that the
MDS is usually what handles truncation, and the i_size no longer
represents the amount of data stored in the backing store. That will
probably require an MDS change to fix, and we're still sorting out the
details.

Jeff Layton (19):
  vfs: export new_inode_pseudo
  fscrypt: export fscrypt_base64_encode and fscrypt_base64_decode
  fscrypt: export fscrypt_fname_encrypt and fscrypt_fname_encrypted_size
  fscrypt: add fscrypt_context_for_new_inode
  ceph: crypto context handling for ceph
  ceph: implement -o test_dummy_encryption mount option
  ceph: preallocate inode for ops that may create one
  ceph: add routine to create fscrypt context prior to RPC
  ceph: make ceph_msdc_build_path use ref-walk
  ceph: add encrypted fname handling to ceph_mdsc_build_path
  ceph: decode alternate_name in lease info
  ceph: send altname in MClientRequest
  ceph: properly set DCACHE_NOKEY_NAME flag in lookup
  ceph: make d_revalidate call fscrypt revalidator for encrypted
    dentries
  ceph: add helpers for converting names for userland presentation
  ceph: add fscrypt support to ceph_fill_trace
  ceph: add support to readdir for encrypted filenames
  ceph: create symlinks with encrypted and base64-encoded targets
  ceph: add fscrypt ioctls

 fs/ceph/Makefile            |   1 +
 fs/ceph/crypto.c            | 185 +++++++++++++++++++++++
 fs/ceph/crypto.h            | 101 +++++++++++++
 fs/ceph/dir.c               | 178 ++++++++++++++++++-----
 fs/ceph/file.c              |  56 ++++---
 fs/ceph/inode.c             | 255 +++++++++++++++++++++++++++++---
 fs/ceph/ioctl.c             |  94 ++++++++++++
 fs/ceph/mds_client.c        | 283 ++++++++++++++++++++++++++++++------
 fs/ceph/mds_client.h        |  14 +-
 fs/ceph/super.c             |  80 +++++++++-
 fs/ceph/super.h             |  16 +-
 fs/ceph/xattr.c             |  32 ++++
 fs/crypto/fname.c           |  53 +++++--
 fs/crypto/fscrypt_private.h |   9 +-
 fs/crypto/hooks.c           |   6 +-
 fs/crypto/policy.c          |  34 ++++-
 fs/inode.c                  |   1 +
 include/linux/fscrypt.h     |  10 ++
 18 files changed, 1246 insertions(+), 162 deletions(-)
 create mode 100644 fs/ceph/crypto.c
 create mode 100644 fs/ceph/crypto.h

-- 
2.30.2




[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [NTFS 3]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [NTFS 3]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux