[13/40] lustre: sec: Lustre/HSM on enc file with enc key

Message ID	1681042400-15491-14-git-send-email-jsimmons@infradead.org (mailing list archive)
State	New, archived
Headers	show Return-Path: <lustre-devel-bounces@lists.lustre.org> From: James Simmons <jsimmons@infradead.org> To: Andreas Dilger <adilger@whamcloud.com>, Oleg Drokin <green@whamcloud.com>, NeilBrown <neilb@suse.de> Date: Sun, 9 Apr 2023 08:12:53 -0400 Message-Id: <1681042400-15491-14-git-send-email-jsimmons@infradead.org> In-Reply-To: <1681042400-15491-1-git-send-email-jsimmons@infradead.org> References: <1681042400-15491-1-git-send-email-jsimmons@infradead.org> Subject: [lustre-devel] [PATCH 13/40] lustre: sec: Lustre/HSM on enc file with enc key Precedence: list Cc: Lustre Development List <lustre-devel@lists.lustre.org> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: lustre-devel-bounces@lists.lustre.org Sender: "lustre-devel" <lustre-devel-bounces@lists.lustre.org>
Series	lustre: backport OpenSFS changes from March XX, 2023 \| expand [00/40] lustre: backport OpenSFS changes from March XX, 2023 [01/40] lustre: protocol: basic batching processing framework [02/40] lustre: lov: fiemap improperly handles fm_extent_count=0 [03/40] lustre: llite: SIGBUS is possible on a race with page reclaim [04/40] lustre: osc: page fault in osc_release_bounce_pages() [05/40] lustre: readahead: add stats for read-ahead page count [06/40] lustre: quota: enforce project quota for root [07/40] lustre: ldlm: send the cancel RPC asap [08/40] lustre: enc: align Base64 encoding with RFC 4648 base64url [09/40] lustre: quota: fix insane grant quota [10/40] lustre: llite: check truncated page in ->readpage() [11/40] lnet: o2iblnd: Fix key mismatch issue [12/40] lustre: sec: fid2path for encrypted files [13/40] lustre: sec: Lustre/HSM on enc file with enc key [14/40] lustre: llite: check read page past requested [15/40] lustre: llite: fix relatime support [16/40] lustre: ptlrpc: clarify AT error message [17/40] lustre: update version to 2.15.54 [18/40] lustre: tgt: skip free inodes in OST weights [19/40] lustre: fileset: check fileset for operations by fid [20/40] lustre: clio: Remove cl_page_size() [21/40] lustre: fid: clean up OBIF_MAX_OID and IDIF_MAX_OID [22/40] lustre: llog: fix processing of a wrapped catalog [23/40] lustre: llite: replace lld_nfs_dentry flag with opencache handling [24/40] lustre: llite: match lock in corresponding namespace [25/40] lnet: libcfs: remove unused hash code [26/40] lustre: client: -o network needs add_conn processing [27/40] lnet: Lock primary NID logic [28/40] lnet: Peers added via kernel API should be permanent [29/40] lnet: don't delete peer created by Lustre [30/40] lnet: memory leak in copy_ioc_udsp_descr [31/40] lnet: remove crash with UDSP [32/40] lustre: ptlrpc: fix clang build errors [33/40] lustre: ldlm: remove client_import_find_conn() [34/40] lnet: add 'force' option to lnetctl peer del [35/40] lustre: ldlm: BL_AST lock cancel still can be batched [36/40] lnet: lnet_parse_route uses wrong loop var [37/40] lustre: tgt: add qos debug [38/40] lustre: enc: file names encryption when using secure boot [39/40] lustre: uapi: add DMV_IMP_INHERIT connect flag [40/40] lustre: llite: dir layout inheritance fixes

Message ID

1681042400-15491-14-git-send-email-jsimmons@infradead.org (mailing list archive)

State

New, archived

Headers

From: James Simmons <jsimmons@infradead.org>
To: Andreas Dilger <adilger@whamcloud.com>, Oleg Drokin <green@whamcloud.com>,
 NeilBrown <neilb@suse.de>
Date: Sun,  9 Apr 2023 08:12:53 -0400
Message-Id: <1681042400-15491-14-git-send-email-jsimmons@infradead.org>
In-Reply-To: <1681042400-15491-1-git-send-email-jsimmons@infradead.org>
References: <1681042400-15491-1-git-send-email-jsimmons@infradead.org>
Subject: [lustre-devel] [PATCH 13/40] lustre: sec: Lustre/HSM on enc file
 with enc key
Precedence: list
Cc: Lustre Development List <lustre-devel@lists.lustre.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: lustre-devel-bounces@lists.lustre.org
Sender: "lustre-devel" <lustre-devel-bounces@lists.lustre.org>

Series

lustre: backport OpenSFS changes from March XX, 2023 | expand

Commit Message

James Simmons April 9, 2023, 12:12 p.m. UTC

From: Sebastien Buisson <sbuisson@ddn.com>

Support for Lustre/HSM on encrypted files when the encryption key is
available requires similar attention as with file migration.
The volatile file used for HSM restore must have the same encryption
context as the Lustre file being restored, so that file content
remains accessible after the layout swap at the end of the restore
procedure.

Please note that using Lustre/HSM with the encryption key creates
clear text copies of encrypted files on the HSM backend storage.

WC-bug-id: https://jira.whamcloud.com/browse/LU-16310
Lustre-commit: df7a8d92d2378e236 ("LU-16310 sec: Lustre/HSM on enc file with enc key")
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Reviewed-on: https://review.whamcloud.com/c/fs/lustre-release/+/49153
Reviewed-by: Oleg Drokin <green@whamcloud.com>
Reviewed-by: jsimmons <jsimmons@infradead.org>
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: Etienne AUJAMES <eaujames@ddn.com>
Signed-off-by: James Simmons <jsimmons@infradead.org>
---
 fs/lustre/llite/crypto.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/fs/lustre/llite/crypto.c b/fs/lustre/llite/crypto.c
index 5fb7f4d..61b85c8 100644
--- a/fs/lustre/llite/crypto.c
+++ b/fs/lustre/llite/crypto.c
@@ -246,7 +246,16 @@  int ll_setup_filename(struct inode *dir, const struct qstr *iname,
 		fid->f_oid = 0;
 		fid->f_ver = 0;
 	}
-	rc = fscrypt_setup_filename(dir, &dname, lookup, fname);
+	if (unlikely(filename_is_volatile(iname->name,
+					  iname->len, NULL))) {
+		/* keep volatile name as-is, matters for server side */
+		memset(fname, 0, sizeof(struct fscrypt_name));
+		fname->disk_name.name = (unsigned char *)iname->name;
+		fname->disk_name.len = iname->len;
+		rc = 0;
+	} else {
+		rc = fscrypt_setup_filename(dir, &dname, lookup, fname);
+	}
 	if (rc == -ENOENT && lookup) {
 		if (((is_root_inode(dir) &&
 		     iname->len == strlen(dot_fscrypt_name) &&

[13/40] lustre: sec: Lustre/HSM on enc file with enc key

Commit Message

Patch