• Jeff Layton's avatar
    ceph: fscrypt_auth handling for ceph · 2d332d5b
    Jeff Layton authored
    Most fscrypt-enabled filesystems store the crypto context in an xattr,
    but that's problematic for ceph as xatts are governed by the XATTR cap,
    but we really want the crypto context as part of the AUTH cap.
    
    Because of this, the MDS has added two new inode metadata fields:
    fscrypt_auth and fscrypt_file. The former is used to hold the crypto
    context, and the latter is used to track the real file size.
    
    Parse new fscrypt_auth and fscrypt_file fields in inode traces. For now,
    we don't use fscrypt_file, but fscrypt_auth is used to hold the fscrypt
    context.
    
    Allow the client to use a setattr request for setting the fscrypt_auth
    field. Since this is not a standard setattr request from the VFS, we add
    a new field to __ceph_setattr that carries ceph-specific inode attrs.
    
    Have the set_context op do a setattr that sets the fscrypt_auth value,
    and get_context just return the contents of that field (since it should
    always be available).
    Signed-off-by: default avatarJeff Layton <jlayton@kernel.org>
    Reviewed-by: default avatarXiubo Li <xiubli@redhat.com>
    Reviewed-and-tested-by: default avatarLuís Henriques <lhenriques@suse.de>
    Reviewed-by: default avatarMilind Changire <mchangir@redhat.com>
    Signed-off-by: default avatarIlya Dryomov <idryomov@gmail.com>
    2d332d5b
super.c 38.4 KB