On 12/9/21 11:36 PM, Jeff Layton wrote:
I've not posted this in a while, so I figured it was a good time to do
so. This patchset is a pile of the mostly settled parts of the fscrypt
integration series. With this, pretty much everything but the actual
content encryption in files now works.
This series is also in the wip-fscrypt-size branch of the ceph-client
tree:
https://github.com/ceph/ceph-client/tree/wip-fscrypt-size
It would also be nice to have an ack from Al Viro on patch #1, and from
Eric Biggers on #2-5. Those touch code outside of the ceph parts. If
they aren't acceptable for some reason, I'll need to find other ways to
handle them.
Jeff Layton (31):
vfs: export new_inode_pseudo
fscrypt: export fscrypt_base64url_encode and fscrypt_base64url_decode
fscrypt: export fscrypt_fname_encrypt and fscrypt_fname_encrypted_size
fscrypt: add fscrypt_context_for_new_inode
fscrypt: uninline and export fscrypt_require_key
ceph: preallocate inode for ops that may create one
ceph: crypto context handling for ceph
ceph: parse new fscrypt_auth and fscrypt_file fields in inode traces
ceph: add fscrypt_* handling to caps.c
ceph: add ability to set fscrypt_auth via setattr
ceph: implement -o test_dummy_encryption mount option
ceph: decode alternate_name in lease info
ceph: add fscrypt ioctls
ceph: make ceph_msdc_build_path use ref-walk
ceph: add encrypted fname handling to ceph_mdsc_build_path
ceph: send altname in MClientRequest
ceph: encode encrypted name in dentry release
ceph: properly set DCACHE_NOKEY_NAME flag in lookup
ceph: make d_revalidate call fscrypt revalidator for encrypted
dentries
ceph: add helpers for converting names for userland presentation
ceph: add fscrypt support to ceph_fill_trace
ceph: add support to readdir for encrypted filenames
ceph: create symlinks with encrypted and base64-encoded targets
ceph: make ceph_get_name decrypt filenames
ceph: add a new ceph.fscrypt.auth vxattr
ceph: add some fscrypt guardrails
libceph: add CEPH_OSD_OP_ASSERT_VER support
ceph: size handling for encrypted inodes in cap updates
ceph: fscrypt_file field handling in MClientRequest messages
ceph: get file size from fscrypt_file when present in inode traces
ceph: handle fscrypt fields in cap messages from MDS
Luis Henriques (1):
ceph: don't allow changing layout on encrypted files/directories
Xiubo Li (4):
ceph: add __ceph_get_caps helper support
ceph: add __ceph_sync_read helper support
ceph: add object version support for sync read
ceph: add truncate size handling support for fscrypt
fs/ceph/Makefile | 1 +
fs/ceph/acl.c | 4 +-
fs/ceph/caps.c | 211 ++++++++++--
fs/ceph/crypto.c | 253 ++++++++++++++
fs/ceph/crypto.h | 154 +++++++++
fs/ceph/dir.c | 209 +++++++++---
fs/ceph/export.c | 44 ++-
fs/ceph/file.c | 125 ++++---
fs/ceph/inode.c | 566 +++++++++++++++++++++++++++++---
fs/ceph/ioctl.c | 87 +++++
fs/ceph/mds_client.c | 349 +++++++++++++++++---
fs/ceph/mds_client.h | 24 +-
fs/ceph/super.c | 82 ++++-
fs/ceph/super.h | 42 ++-
fs/ceph/xattr.c | 29 ++
fs/crypto/fname.c | 40 ++-
fs/crypto/fscrypt_private.h | 35 +-
fs/crypto/hooks.c | 6 +-
fs/crypto/keysetup.c | 27 ++
fs/crypto/policy.c | 34 +-
fs/inode.c | 1 +
include/linux/ceph/ceph_fs.h | 21 +-
include/linux/ceph/osd_client.h | 6 +-
include/linux/ceph/rados.h | 4 +
include/linux/fscrypt.h | 15 +
net/ceph/osd_client.c | 5 +
26 files changed, 2087 insertions(+), 287 deletions(-)
create mode 100644 fs/ceph/crypto.c
create mode 100644 fs/ceph/crypto.h
I have test this series together with ceph side PR#1 and worked well for
me. LGTM.
1), https://github.com/ceph/ceph/pull/43588
Reviewed-by: Xiubo Li <xiubli@xxxxxxxxxx>
BRs
