| Message ID | 20220427191314.222867-1-jlayton@kernel.org (mailing list archive) |
|---|---|
| Headers | show |
| Series | ceph+fscrypt: full support | expand |
Jeff, All the patches looks good to me. I saw you have fixed the "[PATCH v14 58/64]" in the wip-fscrypt branch. Feel free to add: Reviewed-by: Xiubo Li <xiubli@redhat.com> Thanks. -- Xiubo On 4/28/22 3:12 AM, Jeff Layton wrote: > Yet another ceph+fscrypt posting. The main changes since v13: > > - rebased onto v5.18-rc4 + ceph testing branch patches, fixed up minor > merge conflicts, and squashed a few patches together > > - squashed in a number of patches from Xiubo to fix issues with > truncation handling > > - incorporated Luís' patches to encrypt snapshot names > > - dropped a patch to export fscrypt's base64 implementation, since Luís' > snapshot implementation added a new variant that we need to use. > > At this point, I'm mainly waiting on Al to merge this patch into -next > and eventually into v5.19: > > fs: change test in inode_insert5 for adding to the sb list > > Once that's in, it should clear the way for us to start merging the > rest of the pile (though probably not all at once). > > There are also some mysterious failures that have cropped up in testing > with teuthology, particularly with thrash testing. We'll need to get to > the bottom of that before we can merge the bulk of these patches. > > I've updated the wip-fscrypt branch in the ceph tree with this pile for > now. Help with testing would be welcome! > > Jeff Layton (48): > libceph: add spinlock around osd->o_requests > libceph: define struct ceph_sparse_extent and add some helpers > libceph: add sparse read support to msgr2 crc state machine > libceph: add sparse read support to OSD client > libceph: support sparse reads on msgr2 secure codepath > libceph: add sparse read support to msgr1 > ceph: add new mount option to enable sparse reads > fs: change test in inode_insert5 for adding to the sb list > fscrypt: export fscrypt_fname_encrypt and fscrypt_fname_encrypted_size > fscrypt: add fscrypt_context_for_new_inode > ceph: preallocate inode for ops that may create one > ceph: fscrypt_auth handling for ceph > ceph: ensure that we accept a new context from MDS for new inodes > ceph: add support for fscrypt_auth/fscrypt_file to cap messages > ceph: implement -o test_dummy_encryption mount option > ceph: decode alternate_name in lease info > ceph: add fscrypt ioctls > ceph: make ceph_msdc_build_path use ref-walk > ceph: add encrypted fname handling to ceph_mdsc_build_path > ceph: send altname in MClientRequest > ceph: encode encrypted name in dentry release > ceph: properly set DCACHE_NOKEY_NAME flag in lookup > ceph: set DCACHE_NOKEY_NAME in atomic open > ceph: make d_revalidate call fscrypt revalidator for encrypted > dentries > ceph: add helpers for converting names for userland presentation > ceph: add fscrypt support to ceph_fill_trace > ceph: create symlinks with encrypted and base64-encoded targets > ceph: make ceph_get_name decrypt filenames > ceph: add a new ceph.fscrypt.auth vxattr > ceph: add some fscrypt guardrails > libceph: add CEPH_OSD_OP_ASSERT_VER support > ceph: size handling for encrypted inodes in cap updates > ceph: fscrypt_file field handling in MClientRequest messages > ceph: get file size from fscrypt_file when present in inode traces > ceph: handle fscrypt fields in cap messages from MDS > ceph: update WARN_ON message to pr_warn > ceph: add infrastructure for file encryption and decryption > libceph: allow ceph_osdc_new_request to accept a multi-op read > ceph: disable fallocate for encrypted inodes > ceph: disable copy offload on encrypted inodes > ceph: don't use special DIO path for encrypted inodes > ceph: align data in pages in ceph_sync_write > ceph: add read/modify/write to ceph_sync_write > ceph: plumb in decryption during sync reads > ceph: add fscrypt decryption support to ceph_netfs_issue_op > ceph: set i_blkbits to crypto block size for encrypted inodes > ceph: add encryption support to writepage > ceph: fscrypt support for writepages > > Luís Henriques (7): > ceph: add base64 endcoding routines for encrypted names > ceph: don't allow changing layout on encrypted files/directories > ceph: invalidate pages when doing direct/sync writes > ceph: add support for encrypted snapshot names > ceph: add support for handling encrypted snapshot names > ceph: update documentation regarding snapshot naming limitations > ceph: prevent snapshots to be created in encrypted locked directories > > Xiubo Li (9): > ceph: make the ioctl cmd more readable in debug log > ceph: fix base64 encoded name's length check in ceph_fname_to_usr() > ceph: pass the request to parse_reply_info_readdir() > ceph: add ceph_encode_encrypted_dname() helper > ceph: add support to readdir for encrypted filenames > ceph: add __ceph_get_caps helper support > ceph: add __ceph_sync_read helper support > ceph: add object version support for sync read > ceph: add truncate size handling support for fscrypt > > Documentation/filesystems/ceph.rst | 10 + > fs/ceph/Makefile | 1 + > fs/ceph/acl.c | 4 +- > fs/ceph/addr.c | 136 ++++-- > fs/ceph/caps.c | 219 ++++++++-- > fs/ceph/crypto.c | 638 +++++++++++++++++++++++++++++ > fs/ceph/crypto.h | 264 ++++++++++++ > fs/ceph/dir.c | 187 +++++++-- > fs/ceph/export.c | 44 +- > fs/ceph/file.c | 598 ++++++++++++++++++++++----- > fs/ceph/inode.c | 579 +++++++++++++++++++++++--- > fs/ceph/ioctl.c | 126 +++++- > fs/ceph/mds_client.c | 465 +++++++++++++++++---- > fs/ceph/mds_client.h | 24 +- > fs/ceph/super.c | 107 ++++- > fs/ceph/super.h | 43 +- > fs/ceph/xattr.c | 29 ++ > fs/crypto/fname.c | 36 +- > fs/crypto/fscrypt_private.h | 9 +- > fs/crypto/hooks.c | 6 +- > fs/crypto/policy.c | 35 +- > fs/inode.c | 11 +- > include/linux/ceph/ceph_fs.h | 21 +- > include/linux/ceph/messenger.h | 32 ++ > include/linux/ceph/osd_client.h | 89 +++- > include/linux/ceph/rados.h | 4 + > include/linux/fscrypt.h | 5 + > net/ceph/messenger.c | 1 + > net/ceph/messenger_v1.c | 98 ++++- > net/ceph/messenger_v2.c | 287 ++++++++++++- > net/ceph/osd_client.c | 306 +++++++++++++- > 31 files changed, 4009 insertions(+), 405 deletions(-) > create mode 100644 fs/ceph/crypto.c > create mode 100644 fs/ceph/crypto.h >
Yet another ceph+fscrypt posting. The main changes since v13: - rebased onto v5.18-rc4 + ceph testing branch patches, fixed up minor merge conflicts, and squashed a few patches together - squashed in a number of patches from Xiubo to fix issues with truncation handling - incorporated Luís' patches to encrypt snapshot names - dropped a patch to export fscrypt's base64 implementation, since Luís' snapshot implementation added a new variant that we need to use. At this point, I'm mainly waiting on Al to merge this patch into -next and eventually into v5.19: fs: change test in inode_insert5 for adding to the sb list Once that's in, it should clear the way for us to start merging the rest of the pile (though probably not all at once). There are also some mysterious failures that have cropped up in testing with teuthology, particularly with thrash testing. We'll need to get to the bottom of that before we can merge the bulk of these patches. I've updated the wip-fscrypt branch in the ceph tree with this pile for now. Help with testing would be welcome! Jeff Layton (48): libceph: add spinlock around osd->o_requests libceph: define struct ceph_sparse_extent and add some helpers libceph: add sparse read support to msgr2 crc state machine libceph: add sparse read support to OSD client libceph: support sparse reads on msgr2 secure codepath libceph: add sparse read support to msgr1 ceph: add new mount option to enable sparse reads fs: change test in inode_insert5 for adding to the sb list fscrypt: export fscrypt_fname_encrypt and fscrypt_fname_encrypted_size fscrypt: add fscrypt_context_for_new_inode ceph: preallocate inode for ops that may create one ceph: fscrypt_auth handling for ceph ceph: ensure that we accept a new context from MDS for new inodes ceph: add support for fscrypt_auth/fscrypt_file to cap messages ceph: implement -o test_dummy_encryption mount option ceph: decode alternate_name in lease info ceph: add fscrypt ioctls ceph: make ceph_msdc_build_path use ref-walk ceph: add encrypted fname handling to ceph_mdsc_build_path ceph: send altname in MClientRequest ceph: encode encrypted name in dentry release ceph: properly set DCACHE_NOKEY_NAME flag in lookup ceph: set DCACHE_NOKEY_NAME in atomic open ceph: make d_revalidate call fscrypt revalidator for encrypted dentries ceph: add helpers for converting names for userland presentation ceph: add fscrypt support to ceph_fill_trace ceph: create symlinks with encrypted and base64-encoded targets ceph: make ceph_get_name decrypt filenames ceph: add a new ceph.fscrypt.auth vxattr ceph: add some fscrypt guardrails libceph: add CEPH_OSD_OP_ASSERT_VER support ceph: size handling for encrypted inodes in cap updates ceph: fscrypt_file field handling in MClientRequest messages ceph: get file size from fscrypt_file when present in inode traces ceph: handle fscrypt fields in cap messages from MDS ceph: update WARN_ON message to pr_warn ceph: add infrastructure for file encryption and decryption libceph: allow ceph_osdc_new_request to accept a multi-op read ceph: disable fallocate for encrypted inodes ceph: disable copy offload on encrypted inodes ceph: don't use special DIO path for encrypted inodes ceph: align data in pages in ceph_sync_write ceph: add read/modify/write to ceph_sync_write ceph: plumb in decryption during sync reads ceph: add fscrypt decryption support to ceph_netfs_issue_op ceph: set i_blkbits to crypto block size for encrypted inodes ceph: add encryption support to writepage ceph: fscrypt support for writepages Luís Henriques (7): ceph: add base64 endcoding routines for encrypted names ceph: don't allow changing layout on encrypted files/directories ceph: invalidate pages when doing direct/sync writes ceph: add support for encrypted snapshot names ceph: add support for handling encrypted snapshot names ceph: update documentation regarding snapshot naming limitations ceph: prevent snapshots to be created in encrypted locked directories Xiubo Li (9): ceph: make the ioctl cmd more readable in debug log ceph: fix base64 encoded name's length check in ceph_fname_to_usr() ceph: pass the request to parse_reply_info_readdir() ceph: add ceph_encode_encrypted_dname() helper ceph: add support to readdir for encrypted filenames ceph: add __ceph_get_caps helper support ceph: add __ceph_sync_read helper support ceph: add object version support for sync read ceph: add truncate size handling support for fscrypt Documentation/filesystems/ceph.rst | 10 + fs/ceph/Makefile | 1 + fs/ceph/acl.c | 4 +- fs/ceph/addr.c | 136 ++++-- fs/ceph/caps.c | 219 ++++++++-- fs/ceph/crypto.c | 638 +++++++++++++++++++++++++++++ fs/ceph/crypto.h | 264 ++++++++++++ fs/ceph/dir.c | 187 +++++++-- fs/ceph/export.c | 44 +- fs/ceph/file.c | 598 ++++++++++++++++++++++----- fs/ceph/inode.c | 579 +++++++++++++++++++++++--- fs/ceph/ioctl.c | 126 +++++- fs/ceph/mds_client.c | 465 +++++++++++++++++---- fs/ceph/mds_client.h | 24 +- fs/ceph/super.c | 107 ++++- fs/ceph/super.h | 43 +- fs/ceph/xattr.c | 29 ++ fs/crypto/fname.c | 36 +- fs/crypto/fscrypt_private.h | 9 +- fs/crypto/hooks.c | 6 +- fs/crypto/policy.c | 35 +- fs/inode.c | 11 +- include/linux/ceph/ceph_fs.h | 21 +- include/linux/ceph/messenger.h | 32 ++ include/linux/ceph/osd_client.h | 89 +++- include/linux/ceph/rados.h | 4 + include/linux/fscrypt.h | 5 + net/ceph/messenger.c | 1 + net/ceph/messenger_v1.c | 98 ++++- net/ceph/messenger_v2.c | 287 ++++++++++++- net/ceph/osd_client.c | 306 +++++++++++++- 31 files changed, 4009 insertions(+), 405 deletions(-) create mode 100644 fs/ceph/crypto.c create mode 100644 fs/ceph/crypto.h