Message ID | 20220331153130.41287-8-jlayton@kernel.org (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | ceph+fscrypt: fully-working prototype | expand |
On Thu, Mar 31, 2022 at 11:30:43AM -0400, Jeff Layton wrote: > From: Luís Henriques <lhenriques@suse.de> > > fstests make use of legacy keysetup where the key description uses a > filesystem-specific prefix. Add this ceph-specific prefix to the > fscrypt_operations data structure. > > Signed-off-by: Luís Henriques <lhenriques@suse.de> > Signed-off-by: Jeff Layton <jlayton@kernel.org> > --- > fs/ceph/crypto.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/fs/ceph/crypto.c b/fs/ceph/crypto.c > index a513ff373b13..d1a6595a810f 100644 > --- a/fs/ceph/crypto.c > +++ b/fs/ceph/crypto.c > @@ -65,6 +65,7 @@ static bool ceph_crypt_empty_dir(struct inode *inode) > } > > static struct fscrypt_operations ceph_fscrypt_ops = { > + .key_prefix = "ceph:", > .get_context = ceph_crypt_get_context, > .set_context = ceph_crypt_set_context, > .empty_dir = ceph_crypt_empty_dir, > -- > 2.35.1 > As I mentioned before (https://lore.kernel.org/r/20200908042925.GI68127@sol.localdomain), I don't think you should do this, given that the filesystem-specific key description prefixes are deprecated. In fact, they're sort of doubly deprecated, since first they were superseded by "fscrypt:", and then "login" keys were superseded by FS_IOC_ADD_ENCRYPTION_KEY. How about updating fstests to use "fscrypt:" instead of "$FSTYP:" if $FSTYP is not ext4 or f2fs? Or maybe fstests should just use "fscrypt:" unconditionally, given that this has been supported by ext4 and f2fs since 4.8, and 4.9 is now the oldest supported LTS kernel. - Eric
Eric Biggers <ebiggers@kernel.org> writes: > On Thu, Mar 31, 2022 at 11:30:43AM -0400, Jeff Layton wrote: >> From: Luís Henriques <lhenriques@suse.de> >> >> fstests make use of legacy keysetup where the key description uses a >> filesystem-specific prefix. Add this ceph-specific prefix to the >> fscrypt_operations data structure. >> >> Signed-off-by: Luís Henriques <lhenriques@suse.de> >> Signed-off-by: Jeff Layton <jlayton@kernel.org> >> --- >> fs/ceph/crypto.c | 1 + >> 1 file changed, 1 insertion(+) >> >> diff --git a/fs/ceph/crypto.c b/fs/ceph/crypto.c >> index a513ff373b13..d1a6595a810f 100644 >> --- a/fs/ceph/crypto.c >> +++ b/fs/ceph/crypto.c >> @@ -65,6 +65,7 @@ static bool ceph_crypt_empty_dir(struct inode *inode) >> } >> >> static struct fscrypt_operations ceph_fscrypt_ops = { >> + .key_prefix = "ceph:", >> .get_context = ceph_crypt_get_context, >> .set_context = ceph_crypt_set_context, >> .empty_dir = ceph_crypt_empty_dir, >> -- >> 2.35.1 >> > > As I mentioned before > (https://lore.kernel.org/r/20200908042925.GI68127@sol.localdomain), I don't > think you should do this, given that the filesystem-specific key description > prefixes are deprecated. In fact, they're sort of doubly deprecated, since > first they were superseded by "fscrypt:", and then "login" keys were > superseded by FS_IOC_ADD_ENCRYPTION_KEY. > > How about updating fstests to use "fscrypt:" instead of "$FSTYP:" if $FSTYP is > not ext4 or f2fs? > > Or maybe fstests should just use "fscrypt:" unconditionally, given that this has > been supported by ext4 and f2fs since 4.8, and 4.9 is now the oldest supported > LTS kernel. OK, makes sense. Thanks for the suggestion. I'll follow-up with an fstests patch to do what you suggest (use $FSTYP only for those 2 filesystems). Cheers,
diff --git a/fs/ceph/crypto.c b/fs/ceph/crypto.c index a513ff373b13..d1a6595a810f 100644 --- a/fs/ceph/crypto.c +++ b/fs/ceph/crypto.c @@ -65,6 +65,7 @@ static bool ceph_crypt_empty_dir(struct inode *inode) } static struct fscrypt_operations ceph_fscrypt_ops = { + .key_prefix = "ceph:", .get_context = ceph_crypt_get_context, .set_context = ceph_crypt_set_context, .empty_dir = ceph_crypt_empty_dir,