| Message ID | 20210326173227.96363-1-jlayton@kernel.org (mailing list archive) |
|---|---|
| Headers | show |
| Series | ceph+fscrypt: context, filename and symlink support | expand |
On Fri, 2021-03-26 at 13:32 -0400, Jeff Layton wrote: > I haven't posted this in a while and there were some bugs shaken out of > the last posting. This adds (partial) support for fscrypt to kcephfs, > including crypto contexts, filenames and encrypted symlink targets. At > this point, the xfstests quick tests that generally pass without fscrypt > also pass with test_dummy_encryption enabled. > > There is one lingering bug that I'm having trouble tracking down: xfstest > generic/477 (an open_by_handle_at test) sometimes throws a "Busy inodes > after umount" warning. I'm narrowed down the issue a bit, but there is > some raciness involved so I haven't quite nailed it down yet. > > This set is quite invasive. There is probably some further work to be > done to add common code helpers and the like, but the final diffstat > probably won't look too different. > > This set does not include encryption of file contents. That is turning > out to be a bit trickier than first expected owing to the fact that the > MDS is usually what handles truncation, and the i_size no longer > represents the amount of data stored in the backing store. That will > probably require an MDS change to fix, and we're still sorting out the > details. > > Jeff Layton (19): > vfs: export new_inode_pseudo > fscrypt: export fscrypt_base64_encode and fscrypt_base64_decode > fscrypt: export fscrypt_fname_encrypt and fscrypt_fname_encrypted_size > fscrypt: add fscrypt_context_for_new_inode > ceph: crypto context handling for ceph > ceph: implement -o test_dummy_encryption mount option > ceph: preallocate inode for ops that may create one > ceph: add routine to create fscrypt context prior to RPC > ceph: make ceph_msdc_build_path use ref-walk > ceph: add encrypted fname handling to ceph_mdsc_build_path > ceph: decode alternate_name in lease info > ceph: send altname in MClientRequest > ceph: properly set DCACHE_NOKEY_NAME flag in lookup > ceph: make d_revalidate call fscrypt revalidator for encrypted > dentries > ceph: add helpers for converting names for userland presentation > ceph: add fscrypt support to ceph_fill_trace > ceph: add support to readdir for encrypted filenames > ceph: create symlinks with encrypted and base64-encoded targets > ceph: add fscrypt ioctls > > fs/ceph/Makefile | 1 + > fs/ceph/crypto.c | 185 +++++++++++++++++++++++ > fs/ceph/crypto.h | 101 +++++++++++++ > fs/ceph/dir.c | 178 ++++++++++++++++++----- > fs/ceph/file.c | 56 ++++--- > fs/ceph/inode.c | 255 +++++++++++++++++++++++++++++--- > fs/ceph/ioctl.c | 94 ++++++++++++ > fs/ceph/mds_client.c | 283 ++++++++++++++++++++++++++++++------ > fs/ceph/mds_client.h | 14 +- > fs/ceph/super.c | 80 +++++++++- > fs/ceph/super.h | 16 +- > fs/ceph/xattr.c | 32 ++++ > fs/crypto/fname.c | 53 +++++-- > fs/crypto/fscrypt_private.h | 9 +- > fs/crypto/hooks.c | 6 +- > fs/crypto/policy.c | 34 ++++- > fs/inode.c | 1 + > include/linux/fscrypt.h | 10 ++ > 18 files changed, 1246 insertions(+), 162 deletions(-) > create mode 100644 fs/ceph/crypto.c > create mode 100644 fs/ceph/crypto.h > Oh, I should mention that this is all in my ceph-fscrypt-fnames branch: https://git.kernel.org/pub/scm/linux/kernel/git/jlayton/linux.git/ This all still under heavy development, so I'm open to suggestions and review. If you're daring and want to test with it, please do. I do think this has the potential to be a "killer feature" for ceph (and maybe other network filesystems). Being able to store data securely on an otherwise "public" cluster seems like a very nice thing to have. Cheers,
I haven't posted this in a while and there were some bugs shaken out of the last posting. This adds (partial) support for fscrypt to kcephfs, including crypto contexts, filenames and encrypted symlink targets. At this point, the xfstests quick tests that generally pass without fscrypt also pass with test_dummy_encryption enabled. There is one lingering bug that I'm having trouble tracking down: xfstest generic/477 (an open_by_handle_at test) sometimes throws a "Busy inodes after umount" warning. I'm narrowed down the issue a bit, but there is some raciness involved so I haven't quite nailed it down yet. This set is quite invasive. There is probably some further work to be done to add common code helpers and the like, but the final diffstat probably won't look too different. This set does not include encryption of file contents. That is turning out to be a bit trickier than first expected owing to the fact that the MDS is usually what handles truncation, and the i_size no longer represents the amount of data stored in the backing store. That will probably require an MDS change to fix, and we're still sorting out the details. Jeff Layton (19): vfs: export new_inode_pseudo fscrypt: export fscrypt_base64_encode and fscrypt_base64_decode fscrypt: export fscrypt_fname_encrypt and fscrypt_fname_encrypted_size fscrypt: add fscrypt_context_for_new_inode ceph: crypto context handling for ceph ceph: implement -o test_dummy_encryption mount option ceph: preallocate inode for ops that may create one ceph: add routine to create fscrypt context prior to RPC ceph: make ceph_msdc_build_path use ref-walk ceph: add encrypted fname handling to ceph_mdsc_build_path ceph: decode alternate_name in lease info ceph: send altname in MClientRequest ceph: properly set DCACHE_NOKEY_NAME flag in lookup ceph: make d_revalidate call fscrypt revalidator for encrypted dentries ceph: add helpers for converting names for userland presentation ceph: add fscrypt support to ceph_fill_trace ceph: add support to readdir for encrypted filenames ceph: create symlinks with encrypted and base64-encoded targets ceph: add fscrypt ioctls fs/ceph/Makefile | 1 + fs/ceph/crypto.c | 185 +++++++++++++++++++++++ fs/ceph/crypto.h | 101 +++++++++++++ fs/ceph/dir.c | 178 ++++++++++++++++++----- fs/ceph/file.c | 56 ++++--- fs/ceph/inode.c | 255 +++++++++++++++++++++++++++++--- fs/ceph/ioctl.c | 94 ++++++++++++ fs/ceph/mds_client.c | 283 ++++++++++++++++++++++++++++++------ fs/ceph/mds_client.h | 14 +- fs/ceph/super.c | 80 +++++++++- fs/ceph/super.h | 16 +- fs/ceph/xattr.c | 32 ++++ fs/crypto/fname.c | 53 +++++-- fs/crypto/fscrypt_private.h | 9 +- fs/crypto/hooks.c | 6 +- fs/crypto/policy.c | 34 ++++- fs/inode.c | 1 + include/linux/fscrypt.h | 10 ++ 18 files changed, 1246 insertions(+), 162 deletions(-) create mode 100644 fs/ceph/crypto.c create mode 100644 fs/ceph/crypto.h