Re: [PATCH v3 0/6] ceph: encrypt the snapshot directories

["Luís Henriques" <lhenriques@suse.de>]

Xiubo Li <xiubli@redhat.com> writes:

> On 3/2/22 11:40 PM, Luís Henriques wrote:
>> Hi Xiubo,
>>
>> xiubli@redhat.com writes:
>>
>>> From: Xiubo Li <xiubli@redhat.com>
>>>
>>> This patch series is base on the 'wip-fscrypt' branch in ceph-client.
>> I gave this patchset a try but it looks broken.  For example, if 'mydir'
>> is an encrypted *and* locked directory doing:
>>
>> # ls -l mydir/.snap
>>
>> will result in:
>>
>> fscrypt (ceph, inode 1099511627782): Error -105 getting encryption context
>
> Sorry, I forgot to mention you need the following ceph PRs:
>
> https://github.com/ceph/ceph/pull/45208
>
> https://github.com/ceph/ceph/pull/45192

Oh, wow!  I completely missed those PRs.  Yeah, that would probably
explain why it was not working for me.

Cheers,
-- 
Luís

>
>
>> My RFC patch had an issue that I haven't fully analyzed (and that I
>> "fixed" using the d_drop()).  But why is the much simpler approach I used
>> not acceptable? (I.e simply use fscryt_auth from parent in
>> ceph_get_snapdir()).
>
> Sorry, I missed reading your patch. I will check more carefully about that.
>
> This patch series is mainly supporting other features, that is the long snap
> names inheirt from parent snaprealms.
>
> I will drop the related patch here and cherry-pick to use yours then and do the
> test.
>
> - Xiubo
>
>>
>>> V3:
>>> - Add more detail comments in the commit comments and code comments.
>>> - Fix some bugs.
>>> - Improved the patches.
>>> - Remove the already merged patch.
>>>
>>> V2:
>>> - Fix several bugs, such as for the long snap name encrypt/dencrypt
>>> - Skip double dencypting dentry names for readdir
>>>
>>> ======
>>>
>>> NOTE: This patch series won't fix the long snap shot issue as Luis
>>> is working on that.
>> Yeah, I'm getting back to it right now.  Let's see if I can untangle this
>> soon ;-)
>>
>> Cheers,
>