From: Jeff Layton <jlayton@kernel.org>
To: idryomov@gmail.com, xiubli@redhat.com
Cc: ceph-devel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-fscrypt@vger.kernel.org, linux-kernel@vger.kernel.org,
lhenriques@suse.de
Subject: [RFC PATCH v11 47/51] ceph: plumb in decryption during sync reads
Date: Tue, 22 Mar 2022 10:13:12 -0400 [thread overview]
Message-ID: <20220322141316.41325-48-jlayton@kernel.org> (raw)
In-Reply-To: <20220322141316.41325-1-jlayton@kernel.org>
Switch to using sparse reads when the inode is encrypted.
Note that the crypto block may be smaller than a page, but the reverse
cannot be true.
Signed-off-by: Jeff Layton <jlayton@kernel.org>
---
fs/ceph/file.c | 89 ++++++++++++++++++++++++++++++++++++--------------
1 file changed, 65 insertions(+), 24 deletions(-)
diff --git a/fs/ceph/file.c b/fs/ceph/file.c
index 19d5c50f60df..eb04dc8f1f93 100644
--- a/fs/ceph/file.c
+++ b/fs/ceph/file.c
@@ -934,7 +934,7 @@ ssize_t __ceph_sync_read(struct inode *inode, loff_t *ki_pos,
u64 off = *ki_pos;
u64 len = iov_iter_count(to);
u64 i_size = i_size_read(inode);
- bool sparse = ceph_test_mount_opt(fsc, SPARSEREAD);
+ bool sparse = IS_ENCRYPTED(inode) || ceph_test_mount_opt(fsc, SPARSEREAD);
u64 objver = 0;
dout("sync_read on inode %p %llx~%llx\n", inode, *ki_pos, len);
@@ -962,10 +962,19 @@ ssize_t __ceph_sync_read(struct inode *inode, loff_t *ki_pos,
int idx;
size_t left;
struct ceph_osd_req_op *op;
+ u64 read_off = off;
+ u64 read_len = len;
+
+ /* determine new offset/length if encrypted */
+ ceph_fscrypt_adjust_off_and_len(inode, &read_off, &read_len);
+
+ dout("sync_read orig %llu~%llu reading %llu~%llu",
+ off, len, read_off, read_len);
req = ceph_osdc_new_request(osdc, &ci->i_layout,
- ci->i_vino, off, &len, 0, 1,
- sparse ? CEPH_OSD_OP_SPARSE_READ : CEPH_OSD_OP_READ,
+ ci->i_vino, read_off, &read_len, 0, 1,
+ sparse ? CEPH_OSD_OP_SPARSE_READ :
+ CEPH_OSD_OP_READ,
CEPH_OSD_FLAG_READ,
NULL, ci->i_truncate_seq,
ci->i_truncate_size, false);
@@ -974,10 +983,13 @@ ssize_t __ceph_sync_read(struct inode *inode, loff_t *ki_pos,
break;
}
+ /* adjust len downward if the request truncated the len */
+ if (off + len > read_off + read_len)
+ len = read_off + read_len - off;
more = len < iov_iter_count(to);
- num_pages = calc_pages_for(off, len);
- page_off = off & ~PAGE_MASK;
+ num_pages = calc_pages_for(read_off, read_len);
+ page_off = offset_in_page(off);
pages = ceph_alloc_page_vector(num_pages, GFP_KERNEL);
if (IS_ERR(pages)) {
ceph_osdc_put_request(req);
@@ -985,7 +997,8 @@ ssize_t __ceph_sync_read(struct inode *inode, loff_t *ki_pos,
break;
}
- osd_req_op_extent_osd_data_pages(req, 0, pages, len, page_off,
+ osd_req_op_extent_osd_data_pages(req, 0, pages, read_len,
+ offset_in_page(read_off),
false, false);
op = &req->r_ops[0];
@@ -1004,7 +1017,7 @@ ssize_t __ceph_sync_read(struct inode *inode, loff_t *ki_pos,
ceph_update_read_metrics(&fsc->mdsc->metric,
req->r_start_latency,
req->r_end_latency,
- len, ret);
+ read_len, ret);
if (ret > 0)
objver = req->r_version;
@@ -1019,8 +1032,34 @@ ssize_t __ceph_sync_read(struct inode *inode, loff_t *ki_pos,
else if (ret == -ENOENT)
ret = 0;
+ if (ret > 0 && IS_ENCRYPTED(inode)) {
+ int fret;
+
+ fret = ceph_fscrypt_decrypt_extents(inode, pages, read_off,
+ op->extent.sparse_ext, op->extent.sparse_ext_cnt);
+ if (fret < 0) {
+ ret = fret;
+ ceph_osdc_put_request(req);
+ break;
+ }
+
+ /* account for any partial block at the beginning */
+ fret -= (off - read_off);
+
+ /*
+ * Short read after big offset adjustment?
+ * Nothing is usable, just call it a zero
+ * len read.
+ */
+ fret = max(fret, 0);
+
+ /* account for partial block at the end */
+ ret = min_t(ssize_t, fret, len);
+ }
+
ceph_osdc_put_request(req);
+ /* Short read but not EOF? Zero out the remainder. */
if (ret >= 0 && ret < len && (off + ret < i_size)) {
int zlen = min(len - ret, i_size - off - ret);
int zoff = page_off + ret;
@@ -1034,15 +1073,16 @@ ssize_t __ceph_sync_read(struct inode *inode, loff_t *ki_pos,
idx = 0;
left = ret > 0 ? ret : 0;
while (left > 0) {
- size_t len, copied;
- page_off = off & ~PAGE_MASK;
- len = min_t(size_t, left, PAGE_SIZE - page_off);
+ size_t plen, copied;
+
+ plen = min_t(size_t, left, PAGE_SIZE - page_off);
SetPageUptodate(pages[idx]);
copied = copy_page_to_iter(pages[idx++],
- page_off, len, to);
+ page_off, plen, to);
off += copied;
left -= copied;
- if (copied < len) {
+ page_off = 0;
+ if (copied < plen) {
ret = -EFAULT;
break;
}
@@ -1059,20 +1099,21 @@ ssize_t __ceph_sync_read(struct inode *inode, loff_t *ki_pos,
break;
}
- if (off > *ki_pos) {
- if (off >= i_size) {
- *retry_op = CHECK_EOF;
- ret = i_size - *ki_pos;
- *ki_pos = i_size;
- } else {
- ret = off - *ki_pos;
- *ki_pos = off;
+ if (ret > 0) {
+ if (off > *ki_pos) {
+ if (off >= i_size) {
+ *retry_op = CHECK_EOF;
+ ret = i_size - *ki_pos;
+ *ki_pos = i_size;
+ } else {
+ ret = off - *ki_pos;
+ *ki_pos = off;
+ }
}
- }
-
- if (last_objver && ret > 0)
- *last_objver = objver;
+ if (last_objver)
+ *last_objver = objver;
+ }
dout("sync_read result %zd retry_op %d\n", ret, *retry_op);
return ret;
}
--
2.35.1
next prev parent reply other threads:[~2022-03-22 14:17 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-22 14:12 [RFC PATCH v11 00/51] ceph+fscrypt : full support Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 01/51] vfs: export new_inode_pseudo Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 02/51] fscrypt: export fscrypt_base64url_encode and fscrypt_base64url_decode Jeff Layton
2022-03-23 14:33 ` Luís Henriques
2022-03-24 17:46 ` Eric Biggers
2022-03-25 9:59 ` Luís Henriques
2022-03-24 18:20 ` Colin Walters
2022-03-22 14:12 ` [RFC PATCH v11 03/51] fscrypt: export fscrypt_fname_encrypt and fscrypt_fname_encrypted_size Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 04/51] fscrypt: add fscrypt_context_for_new_inode Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 05/51] ceph: preallocate inode for ops that may create one Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 06/51] ceph: crypto context handling for ceph Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 07/51] ceph: parse new fscrypt_auth and fscrypt_file fields in inode traces Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 08/51] ceph: add support for fscrypt_auth/fscrypt_file to cap messages Jeff Layton
2022-03-23 16:55 ` Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 09/51] ceph: add ability to set fscrypt_auth via setattr Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 10/51] ceph: implement -o test_dummy_encryption mount option Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 11/51] ceph: decode alternate_name in lease info Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 12/51] ceph: add fscrypt ioctls Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 13/51] ceph: make the ioctl cmd more readable in debug log Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 14/51] ceph: make ceph_msdc_build_path use ref-walk Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 15/51] ceph: add encrypted fname handling to ceph_mdsc_build_path Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 16/51] ceph: send altname in MClientRequest Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 17/51] ceph: encode encrypted name in dentry release Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 18/51] ceph: properly set DCACHE_NOKEY_NAME flag in lookup Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 19/51] ceph: make d_revalidate call fscrypt revalidator for encrypted dentries Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 20/51] ceph: add helpers for converting names for userland presentation Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 21/51] ceph: fix base64 encoded name's length check in ceph_fname_to_usr() Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 22/51] ceph: add fscrypt support to ceph_fill_trace Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 23/51] ceph: pass the request to parse_reply_info_readdir() Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 24/51] ceph: add ceph_encode_encrypted_dname() helper Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 25/51] ceph: add support to readdir for encrypted filenames Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 26/51] ceph: create symlinks with encrypted and base64-encoded targets Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 27/51] ceph: make ceph_get_name decrypt filenames Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 28/51] ceph: add a new ceph.fscrypt.auth vxattr Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 29/51] ceph: add some fscrypt guardrails Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 30/51] ceph: don't allow changing layout on encrypted files/directories Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 31/51] libceph: add CEPH_OSD_OP_ASSERT_VER support Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 32/51] ceph: size handling for encrypted inodes in cap updates Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 33/51] ceph: fscrypt_file field handling in MClientRequest messages Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 34/51] ceph: get file size from fscrypt_file when present in inode traces Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 35/51] ceph: handle fscrypt fields in cap messages from MDS Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 36/51] ceph: add __ceph_get_caps helper support Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 37/51] ceph: add __ceph_sync_read " Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 38/51] ceph: add object version support for sync read Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 39/51] ceph: add infrastructure for file encryption and decryption Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 40/51] ceph: add truncate size handling support for fscrypt Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 41/51] libceph: allow ceph_osdc_new_request to accept a multi-op read Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 42/51] ceph: disable fallocate for encrypted inodes Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 43/51] ceph: disable copy offload on " Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 44/51] ceph: don't use special DIO path for " Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 45/51] ceph: align data in pages in ceph_sync_write Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 46/51] ceph: add read/modify/write to ceph_sync_write Jeff Layton
2022-03-22 14:13 ` Jeff Layton [this message]
2022-03-22 14:13 ` [RFC PATCH v11 48/51] ceph: add fscrypt decryption support to ceph_netfs_issue_op Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 49/51] ceph: set i_blkbits to crypto block size for encrypted inodes Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 50/51] ceph: add encryption support to writepage Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 51/51] ceph: fscrypt support for writepages Jeff Layton
2022-03-22 14:17 ` [RFC PATCH v11 00/51] ceph+fscrypt : full support Jeff Layton
2022-03-25 9:57 ` Jeff Layton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220322141316.41325-48-jlayton@kernel.org \
--to=jlayton@kernel.org \
--cc=ceph-devel@vger.kernel.org \
--cc=idryomov@gmail.com \
--cc=lhenriques@suse.de \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=xiubli@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox