mbox series

[RFC,v8,00/24] ceph+fscrypt: context, filename and symlink support

Message ID 20210826162014.73464-1-jlayton@kernel.org (mailing list archive)
Headers show
Series ceph+fscrypt: context, filename and symlink support | expand

Message

Jeff Layton Aug. 26, 2021, 4:19 p.m. UTC 
v8: bugfixes, comment cleanups, etc.

It's been a little while since my last posting of this series. Not a lot
has changed in this series since then. This is mostly addressing review
comments on the v7 posting. Many thanks to Eric, Xiubo and Luis for
helping review the last set.

There are a few smaller bugfixes, some comment fixes, and a new helper
to determine the length of a ceph_fscrypt_auth field was added.

This support requires changes to the MDS that are currently being
tracked here:

    https://github.com/ceph/ceph/pull/41284

This patchset also requires a patch that's not yet in tree from Eric
Biggers:

    [PATCH] fscrypt: align Base64 encoding with RFC 4648 base64url

Hopefully, that will go into v5.15.

Work continues on the content piece, but I don't think we want to merge
any of this until we have a fully-working prototype. I'm planning to
send a ceph+fscrypt state of the union email in a bit that covers the
state of the larger project.

Stay tuned...

Jeff Layton (24):
  vfs: export new_inode_pseudo
  fscrypt: export fscrypt_base64url_encode and fscrypt_base64url_decode
  fscrypt: export fscrypt_fname_encrypt and fscrypt_fname_encrypted_size
  fscrypt: add fscrypt_context_for_new_inode
  ceph: preallocate inode for ops that may create one
  ceph: parse new fscrypt_auth and fscrypt_file fields in inode traces
  ceph: add fscrypt_* handling to caps.c
  ceph: crypto context handling for ceph
  ceph: add ability to set fscrypt_auth via setattr
  ceph: implement -o test_dummy_encryption mount option
  ceph: add fscrypt ioctls
  ceph: decode alternate_name in lease info
  ceph: make ceph_msdc_build_path use ref-walk
  ceph: add encrypted fname handling to ceph_mdsc_build_path
  ceph: send altname in MClientRequest
  ceph: encode encrypted name in dentry release
  ceph: properly set DCACHE_NOKEY_NAME flag in lookup
  ceph: make d_revalidate call fscrypt revalidator for encrypted
    dentries
  ceph: add helpers for converting names for userland presentation
  ceph: add fscrypt support to ceph_fill_trace
  ceph: add support to readdir for encrypted filenames
  ceph: create symlinks with encrypted and base64-encoded targets
  ceph: make ceph_get_name decrypt filenames
  ceph: add a new ceph.fscrypt.auth vxattr

 fs/ceph/Makefile             |   1 +
 fs/ceph/acl.c                |   4 +-
 fs/ceph/caps.c               |  93 ++++++++--
 fs/ceph/crypto.c             | 254 ++++++++++++++++++++++++++
 fs/ceph/crypto.h             | 129 +++++++++++++
 fs/ceph/dir.c                | 198 +++++++++++++++-----
 fs/ceph/export.c             |  44 +++--
 fs/ceph/file.c               |  64 ++++---
 fs/ceph/inode.c              | 304 ++++++++++++++++++++++++++++---
 fs/ceph/ioctl.c              |  83 +++++++++
 fs/ceph/mds_client.c         | 342 +++++++++++++++++++++++++++++------
 fs/ceph/mds_client.h         |  22 ++-
 fs/ceph/super.c              |  82 ++++++++-
 fs/ceph/super.h              |  31 +++-
 fs/ceph/xattr.c              |  25 +++
 fs/crypto/fname.c            |  40 +++-
 fs/crypto/fscrypt_private.h  |   9 +-
 fs/crypto/hooks.c            |   6 +-
 fs/crypto/policy.c           |  34 +++-
 fs/inode.c                   |   1 +
 include/linux/ceph/ceph_fs.h |  21 ++-
 include/linux/fscrypt.h      |  10 +
 22 files changed, 1572 insertions(+), 225 deletions(-)
 create mode 100644 fs/ceph/crypto.c
 create mode 100644 fs/ceph/crypto.h