Jeff Layton <jlayton@xxxxxxxxxx> writes: > On Mon, 2022-02-14 at 17:57 +0000, Luís Henriques wrote: >> Jeff Layton <jlayton@xxxxxxxxxx> writes: >> >> > This patchset represents a (mostly) complete rough draft of fscrypt >> > support for cephfs. The context, filename and symlink support is more or >> > less the same as the versions posted before, and comprise the first half >> > of the patches. >> > >> > The new bits here are the size handling changes and support for content >> > encryption, in buffered, direct and synchronous codepaths. Much of this >> > code is still very rough and needs a lot of cleanup work. >> > >> > fscrypt support relies on some MDS changes that are being tracked here: >> > >> > https://github.com/ceph/ceph/pull/43588 >> > >> >> Please correct me if I'm wrong (and I've a feeling that I *will* be >> wrong): we're still missing some mechanism that prevents clients that do >> not support fscrypt from creating new files in an encryption directory, >> right? I'm pretty sure I've discussed this "somewhere" with "someone", >> but I can't remember anything else. >> >> At this point, I can create an encrypted directory and, from a different >> client (that doesn't support fscrypt), create a new non-encrypted file in >> that directory. The result isn't good, of course. >> >> I guess that a new feature bit can be used so that the MDS won't allow any >> sort of operations (or, at least, write/create operations) on encrypted >> dirs from clients that don't have this bit set. >> >> So, am I missing something or is this still on the TODO list? >> >> (I can try to have a look at it if this is still missing.) >> >> Cheers, > > It's still on the TODO list. > > Basically, I think we'll want to allow non-fscrypt-enabled clients to > stat and readdir in an fscrypt-enabled directory tree, and unlink files > and directories in it. > > They should have no need to do anything else. You can't run backups from > such clients since you wouldn't have the real size or crypto context. Yep, that makes sense. And do you think that adding a new feature bit is the best way to sort this out, or did you had other solution in mind? I'll try to spend some time on this tomorrow. Cheers, -- Luís
