diff mbox series

[v15,15/29] ceph: disable copy offload on encrypted inodes

Message ID	20220825133132.153657-16-jlayton@kernel.org (mailing list archive)
State	New, archived
Headers	show Return-Path: <ceph-devel-owner@kernel.org> From: Jeff Layton <jlayton@kernel.org> To: xiubli@redhat.com, idryomov@gmail.com Cc: lhenriques@suse.de, ceph-devel@vger.kernel.org Subject: [PATCH v15 15/29] ceph: disable copy offload on encrypted inodes Date: Thu, 25 Aug 2022 09:31:18 -0400 Message-Id: <20220825133132.153657-16-jlayton@kernel.org> In-Reply-To: <20220825133132.153657-1-jlayton@kernel.org> References: <20220825133132.153657-1-jlayton@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	ceph: remaining patches for fscrypt support \| expand [v15,00/29] ceph: remaining patches for fscrypt support [v15,01/29] ceph: don't allow changing layout on encrypted files/directories [v15,02/29] libceph: add CEPH_OSD_OP_ASSERT_VER support [v15,03/29] ceph: size handling for encrypted inodes in cap updates [v15,04/29] ceph: fscrypt_file field handling in MClientRequest messages [v15,05/29] ceph: get file size from fscrypt_file when present in inode traces [v15,06/29] ceph: handle fscrypt fields in cap messages from MDS [v15,07/29] ceph: update WARN_ON message to pr_warn [v15,08/29] ceph: add __ceph_get_caps helper support [v15,09/29] ceph: add __ceph_sync_read helper support [v15,10/29] ceph: add object version support for sync read [v15,11/29] ceph: add infrastructure for file encryption and decryption [v15,12/29] ceph: add truncate size handling support for fscrypt [v15,13/29] libceph: allow ceph_osdc_new_request to accept a multi-op read [v15,14/29] ceph: disable fallocate for encrypted inodes [v15,15/29] ceph: disable copy offload on encrypted inodes [v15,16/29] ceph: don't use special DIO path for encrypted inodes [v15,17/29] ceph: align data in pages in ceph_sync_write [v15,18/29] ceph: add read/modify/write to ceph_sync_write [v15,19/29] ceph: plumb in decryption during sync reads [v15,20/29] ceph: add fscrypt decryption support to ceph_netfs_issue_op [v15,21/29] ceph: set i_blkbits to crypto block size for encrypted inodes [v15,22/29] ceph: add encryption support to writepage [v15,23/29] ceph: fscrypt support for writepages [v15,24/29] ceph: invalidate pages when doing direct/sync writes [v15,25/29] ceph: add support for encrypted snapshot names [v15,26/29] ceph: add support for handling encrypted snapshot names [v15,27/29] ceph: update documentation regarding snapshot naming limitations [v15,28/29] ceph: prevent snapshots to be created in encrypted locked directories [v15,29/29] ceph: report STATX_ATTR_ENCRYPTED on encrypted inodes

Commit Message

Jeff Layton Aug. 25, 2022, 1:31 p.m. UTC

If we have an encrypted inode, then the client will need to re-encrypt
the contents of the new object. Disable copy offload to or from
encrypted inodes.

Reviewed-by: Xiubo Li <xiubli@redhat.com>
Signed-off-by: Jeff Layton <jlayton@kernel.org>
---
 fs/ceph/file.c | 4 ++++
 1 file changed, 4 insertions(+)

diff mbox series

Patch

diff --git a/fs/ceph/file.c b/fs/ceph/file.c
index 64f8f668970f..bd5e04d994ac 100644
--- a/fs/ceph/file.c
+++ b/fs/ceph/file.c
@@ -2502,6 +2502,10 @@  static ssize_t __ceph_copy_file_range(struct file *src_file, loff_t src_off,
 		return -EOPNOTSUPP;
 	}
 
+	/* Every encrypted inode gets its own key, so we can't offload them */
+	if (IS_ENCRYPTED(src_inode) || IS_ENCRYPTED(dst_inode))
+		return -EOPNOTSUPP;
+
 	if (len < src_ci->i_layout.object_size)
 		return -EOPNOTSUPP; /* no remote copy will be done */