On Tue, 2022-03-22 at 10:12 -0400, Jeff Layton wrote: > This patchset represents a (mostly) working prototype of the > ceph+fscrypt work. With this, I'm able run xfstests with > test_dummy_encryption, and most of the tests that pass on ceph without > fscrypt now pass on it. > > When I made the last posting of this series [1], I mentioned that proper > support for sparse read support would be necessary to do this. Thus, the > biggest difference from the v10 set is that this is now based on top of > the patch series that I posted yesterday to implement sparse reads [2]. > > Aside from that, there are also numerous cleanups all over the tree, as > well as an overhaul of the readdir handling by Xiubo. > > This series is not yet bug-free, but it's at a point where it is quite > usable, providing you're running against the Quincy release of ceph > (which should ship sometime in the next few months). > > Next Steps: > =========== > I'm not going to sugar-coat it. This is a huge, invasive patch series > that touches a lot of the most sensitive code in ceph. > > Eric Biggers has acked the changes we need in fscrypt infrastructure. I > still need Al to ack exporting the new_inode_pseudo symbol. The rest is > pretty much all ceph and libceph code. > > The main piece missing at this point is support for sparse reads with > ms_mode settings other than "crc". Once that's complete, I want to merge > that and this series into the ceph "testing" branch so we can start > running tests against it in teuthology with fscrypt enabled. > > If that goes well, I think we could probably merge this into mainline > for v5.20 or v5.21. There is also some incoming support for netfs write > and DIO read helpers that we may want to convert to as well [3]. That > may alter the timing as well. > > Review, comments and questions are welcome... > > [1]: https://lore.kernel.org/ceph-devel/20220111191608.88762-1-jlayton@xxxxxxxxxx/ > > [2]: https://lore.kernel.org/ceph-devel/20220318135013.43934-1-jlayton@xxxxxxxxxx/ > > [3]: https://lore.kernel.org/ceph-devel/YixWLJXyWtD+STvl@xxxxxxxxxxxxx/T/#maec7e3579f13a45171ad23d7a49183d169fcfcca > > Jeff Layton (41): > vfs: export new_inode_pseudo > fscrypt: export fscrypt_base64url_encode and fscrypt_base64url_decode > fscrypt: export fscrypt_fname_encrypt and fscrypt_fname_encrypted_size > fscrypt: add fscrypt_context_for_new_inode > ceph: preallocate inode for ops that may create one > ceph: crypto context handling for ceph > ceph: parse new fscrypt_auth and fscrypt_file fields in inode traces > ceph: add support for fscrypt_auth/fscrypt_file to cap messages > ceph: add ability to set fscrypt_auth via setattr > ceph: implement -o test_dummy_encryption mount option > ceph: decode alternate_name in lease info > ceph: add fscrypt ioctls > ceph: make ceph_msdc_build_path use ref-walk > ceph: add encrypted fname handling to ceph_mdsc_build_path > ceph: send altname in MClientRequest > ceph: encode encrypted name in dentry release > ceph: properly set DCACHE_NOKEY_NAME flag in lookup > ceph: make d_revalidate call fscrypt revalidator for encrypted > dentries > ceph: add helpers for converting names for userland presentation > ceph: add fscrypt support to ceph_fill_trace > ceph: create symlinks with encrypted and base64-encoded targets > ceph: make ceph_get_name decrypt filenames > ceph: add a new ceph.fscrypt.auth vxattr > ceph: add some fscrypt guardrails > libceph: add CEPH_OSD_OP_ASSERT_VER support > ceph: size handling for encrypted inodes in cap updates > ceph: fscrypt_file field handling in MClientRequest messages > ceph: get file size from fscrypt_file when present in inode traces > ceph: handle fscrypt fields in cap messages from MDS > ceph: add infrastructure for file encryption and decryption > libceph: allow ceph_osdc_new_request to accept a multi-op read > ceph: disable fallocate for encrypted inodes > ceph: disable copy offload on encrypted inodes > ceph: don't use special DIO path for encrypted inodes > ceph: align data in pages in ceph_sync_write > ceph: add read/modify/write to ceph_sync_write > ceph: plumb in decryption during sync reads > ceph: add fscrypt decryption support to ceph_netfs_issue_op > ceph: set i_blkbits to crypto block size for encrypted inodes > ceph: add encryption support to writepage > ceph: fscrypt support for writepages > > Luis Henriques (1): > ceph: don't allow changing layout on encrypted files/directories > > Xiubo Li (9): > ceph: make the ioctl cmd more readable in debug log > ceph: fix base64 encoded name's length check in ceph_fname_to_usr() > ceph: pass the request to parse_reply_info_readdir() > ceph: add ceph_encode_encrypted_dname() helper > ceph: add support to readdir for encrypted filenames > ceph: add __ceph_get_caps helper support > ceph: add __ceph_sync_read helper support > ceph: add object version support for sync read > ceph: add truncate size handling support for fscrypt > > fs/ceph/Makefile | 1 + > fs/ceph/acl.c | 4 +- > fs/ceph/addr.c | 128 ++++++-- > fs/ceph/caps.c | 212 +++++++++++-- > fs/ceph/crypto.c | 432 +++++++++++++++++++++++++ > fs/ceph/crypto.h | 256 +++++++++++++++ > fs/ceph/dir.c | 182 ++++++++--- > fs/ceph/export.c | 44 ++- > fs/ceph/file.c | 530 ++++++++++++++++++++++++++----- > fs/ceph/inode.c | 546 +++++++++++++++++++++++++++++--- > fs/ceph/ioctl.c | 126 +++++++- > fs/ceph/mds_client.c | 455 ++++++++++++++++++++++---- > fs/ceph/mds_client.h | 24 +- > fs/ceph/super.c | 91 +++++- > fs/ceph/super.h | 43 ++- > fs/ceph/xattr.c | 29 ++ > fs/crypto/fname.c | 44 ++- > fs/crypto/fscrypt_private.h | 9 +- > fs/crypto/hooks.c | 6 +- > fs/crypto/policy.c | 35 +- > fs/inode.c | 1 + > include/linux/ceph/ceph_fs.h | 21 +- > include/linux/ceph/osd_client.h | 6 +- > include/linux/ceph/rados.h | 4 + > include/linux/fscrypt.h | 10 + > net/ceph/osd_client.c | 32 +- > 26 files changed, 2907 insertions(+), 364 deletions(-) > create mode 100644 fs/ceph/crypto.c > create mode 100644 fs/ceph/crypto.h > I'm going to go ahead and update the wip-fscrypt branch in the ceph kernel tree to use this series. Please note that for now, that branch won't work correctly when the ms_mode=secure or ms_mode=legacy transport modes are used. Once the sparse read support is updated to include those, we should be able to use other transports with it. Cheers, -- Jeff Layton <jlayton@xxxxxxxxxx>
