From: Jeff Layton <jlayton@kernel.org>
To: idryomov@gmail.com, xiubli@redhat.com
Cc: ceph-devel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-fscrypt@vger.kernel.org, linux-kernel@vger.kernel.org,
lhenriques@suse.de
Subject: [RFC PATCH v11 08/51] ceph: add support for fscrypt_auth/fscrypt_file to cap messages
Date: Tue, 22 Mar 2022 10:12:33 -0400 [thread overview]
Message-ID: <20220322141316.41325-9-jlayton@kernel.org> (raw)
In-Reply-To: <20220322141316.41325-1-jlayton@kernel.org>
Add support for new version 12 cap messages that carry the new
fscrypt_auth and fscrypt_file fields from the inode.
Signed-off-by: Jeff Layton <jlayton@kernel.org>
---
fs/ceph/caps.c | 76 +++++++++++++++++++++++++++++++++++++++++---------
1 file changed, 63 insertions(+), 13 deletions(-)
diff --git a/fs/ceph/caps.c b/fs/ceph/caps.c
index 7d8ef67a1032..b0b7688331b4 100644
--- a/fs/ceph/caps.c
+++ b/fs/ceph/caps.c
@@ -13,6 +13,7 @@
#include "super.h"
#include "mds_client.h"
#include "cache.h"
+#include "crypto.h"
#include <linux/ceph/decode.h>
#include <linux/ceph/messenger.h>
@@ -1214,15 +1215,12 @@ struct cap_msg_args {
umode_t mode;
bool inline_data;
bool wake;
+ u32 fscrypt_auth_len;
+ u32 fscrypt_file_len;
+ u8 fscrypt_auth[sizeof(struct ceph_fscrypt_auth)]; // for context
+ u8 fscrypt_file[sizeof(u64)]; // for size
};
-/*
- * cap struct size + flock buffer size + inline version + inline data size +
- * osd_epoch_barrier + oldest_flush_tid
- */
-#define CAP_MSG_SIZE (sizeof(struct ceph_mds_caps) + \
- 4 + 8 + 4 + 4 + 8 + 4 + 4 + 4 + 8 + 8 + 4)
-
/* Marshal up the cap msg to the MDS */
static void encode_cap_msg(struct ceph_msg *msg, struct cap_msg_args *arg)
{
@@ -1238,7 +1236,7 @@ static void encode_cap_msg(struct ceph_msg *msg, struct cap_msg_args *arg)
arg->size, arg->max_size, arg->xattr_version,
arg->xattr_buf ? (int)arg->xattr_buf->vec.iov_len : 0);
- msg->hdr.version = cpu_to_le16(10);
+ msg->hdr.version = cpu_to_le16(12);
msg->hdr.tid = cpu_to_le64(arg->flush_tid);
fc = msg->front.iov_base;
@@ -1309,6 +1307,21 @@ static void encode_cap_msg(struct ceph_msg *msg, struct cap_msg_args *arg)
/* Advisory flags (version 10) */
ceph_encode_32(&p, arg->flags);
+
+ /* dirstats (version 11) - these are r/o on the client */
+ ceph_encode_64(&p, 0);
+ ceph_encode_64(&p, 0);
+
+#if IS_ENABLED(CONFIG_FS_ENCRYPTION)
+ /* fscrypt_auth and fscrypt_file (version 12) */
+ ceph_encode_32(&p, arg->fscrypt_auth_len);
+ ceph_encode_copy(&p, arg->fscrypt_auth, arg->fscrypt_auth_len);
+ ceph_encode_32(&p, arg->fscrypt_file_len);
+ ceph_encode_copy(&p, arg->fscrypt_file, arg->fscrypt_file_len);
+#else /* CONFIG_FS_ENCRYPTION */
+ ceph_encode_32(&p, 0);
+ ceph_encode_32(&p, 0);
+#endif /* CONFIG_FS_ENCRYPTION */
}
/*
@@ -1430,8 +1443,37 @@ static void __prep_cap(struct cap_msg_args *arg, struct ceph_cap *cap,
}
}
arg->flags = flags;
+#if IS_ENABLED(CONFIG_FS_ENCRYPTION)
+ if (ci->fscrypt_auth_len &&
+ WARN_ON_ONCE(ci->fscrypt_auth_len != sizeof(struct ceph_fscrypt_auth))) {
+ /* Don't set this if it isn't right size */
+ arg->fscrypt_auth_len = 0;
+ } else {
+ arg->fscrypt_auth_len = ci->fscrypt_auth_len;
+ memcpy(arg->fscrypt_auth, ci->fscrypt_auth,
+ min_t(size_t, ci->fscrypt_auth_len, sizeof(arg->fscrypt_auth)));
+ }
+ /* FIXME: use this to track "real" size */
+ arg->fscrypt_file_len = 0;
+#endif /* CONFIG_FS_ENCRYPTION */
}
+#define CAP_MSG_FIXED_FIELDS (sizeof(struct ceph_mds_caps) + \
+ 4 + 8 + 4 + 4 + 8 + 4 + 4 + 4 + 8 + 8 + 4 + 8 + 8 + 4 + 4)
+
+#if IS_ENABLED(CONFIG_FS_ENCRYPTION)
+static inline int cap_msg_size(struct cap_msg_args *arg)
+{
+ return CAP_MSG_FIXED_FIELDS + arg->fscrypt_auth_len +
+ arg->fscrypt_file_len;
+}
+#else
+static inline int cap_msg_size(struct cap_msg_args *arg)
+{
+ return CAP_MSG_FIXED_FIELDS;
+}
+#endif /* CONFIG_FS_ENCRYPTION */
+
/*
* Send a cap msg on the given inode.
*
@@ -1442,7 +1484,7 @@ static void __send_cap(struct cap_msg_args *arg, struct ceph_inode_info *ci)
struct ceph_msg *msg;
struct inode *inode = &ci->vfs_inode;
- msg = ceph_msg_new(CEPH_MSG_CLIENT_CAPS, CAP_MSG_SIZE, GFP_NOFS, false);
+ msg = ceph_msg_new(CEPH_MSG_CLIENT_CAPS, cap_msg_size(arg), GFP_NOFS, false);
if (!msg) {
pr_err("error allocating cap msg: ino (%llx.%llx) flushing %s tid %llu, requeuing cap.\n",
ceph_vinop(inode), ceph_cap_string(arg->dirty),
@@ -1468,10 +1510,6 @@ static inline int __send_flush_snap(struct inode *inode,
struct cap_msg_args arg;
struct ceph_msg *msg;
- msg = ceph_msg_new(CEPH_MSG_CLIENT_CAPS, CAP_MSG_SIZE, GFP_NOFS, false);
- if (!msg)
- return -ENOMEM;
-
arg.session = session;
arg.ino = ceph_vino(inode).ino;
arg.cid = 0;
@@ -1509,6 +1547,18 @@ static inline int __send_flush_snap(struct inode *inode,
arg.flags = 0;
arg.wake = false;
+ /*
+ * No fscrypt_auth changes from a capsnap. It will need
+ * to update fscrypt_file on size changes (TODO).
+ */
+ arg.fscrypt_auth_len = 0;
+ arg.fscrypt_file_len = 0;
+
+ msg = ceph_msg_new(CEPH_MSG_CLIENT_CAPS, cap_msg_size(&arg),
+ GFP_NOFS, false);
+ if (!msg)
+ return -ENOMEM;
+
encode_cap_msg(msg, &arg);
ceph_con_send(&arg.session->s_con, msg);
return 0;
--
2.35.1
next prev parent reply other threads:[~2022-03-22 14:18 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-22 14:12 [RFC PATCH v11 00/51] ceph+fscrypt : full support Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 01/51] vfs: export new_inode_pseudo Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 02/51] fscrypt: export fscrypt_base64url_encode and fscrypt_base64url_decode Jeff Layton
2022-03-23 14:33 ` Luís Henriques
2022-03-24 17:46 ` Eric Biggers
2022-03-25 9:59 ` Luís Henriques
2022-03-24 18:20 ` Colin Walters
2022-03-22 14:12 ` [RFC PATCH v11 03/51] fscrypt: export fscrypt_fname_encrypt and fscrypt_fname_encrypted_size Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 04/51] fscrypt: add fscrypt_context_for_new_inode Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 05/51] ceph: preallocate inode for ops that may create one Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 06/51] ceph: crypto context handling for ceph Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 07/51] ceph: parse new fscrypt_auth and fscrypt_file fields in inode traces Jeff Layton
2022-03-22 14:12 ` Jeff Layton [this message]
2022-03-23 16:55 ` [RFC PATCH v11 08/51] ceph: add support for fscrypt_auth/fscrypt_file to cap messages Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 09/51] ceph: add ability to set fscrypt_auth via setattr Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 10/51] ceph: implement -o test_dummy_encryption mount option Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 11/51] ceph: decode alternate_name in lease info Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 12/51] ceph: add fscrypt ioctls Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 13/51] ceph: make the ioctl cmd more readable in debug log Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 14/51] ceph: make ceph_msdc_build_path use ref-walk Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 15/51] ceph: add encrypted fname handling to ceph_mdsc_build_path Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 16/51] ceph: send altname in MClientRequest Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 17/51] ceph: encode encrypted name in dentry release Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 18/51] ceph: properly set DCACHE_NOKEY_NAME flag in lookup Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 19/51] ceph: make d_revalidate call fscrypt revalidator for encrypted dentries Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 20/51] ceph: add helpers for converting names for userland presentation Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 21/51] ceph: fix base64 encoded name's length check in ceph_fname_to_usr() Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 22/51] ceph: add fscrypt support to ceph_fill_trace Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 23/51] ceph: pass the request to parse_reply_info_readdir() Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 24/51] ceph: add ceph_encode_encrypted_dname() helper Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 25/51] ceph: add support to readdir for encrypted filenames Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 26/51] ceph: create symlinks with encrypted and base64-encoded targets Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 27/51] ceph: make ceph_get_name decrypt filenames Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 28/51] ceph: add a new ceph.fscrypt.auth vxattr Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 29/51] ceph: add some fscrypt guardrails Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 30/51] ceph: don't allow changing layout on encrypted files/directories Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 31/51] libceph: add CEPH_OSD_OP_ASSERT_VER support Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 32/51] ceph: size handling for encrypted inodes in cap updates Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 33/51] ceph: fscrypt_file field handling in MClientRequest messages Jeff Layton
2022-03-22 14:12 ` [RFC PATCH v11 34/51] ceph: get file size from fscrypt_file when present in inode traces Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 35/51] ceph: handle fscrypt fields in cap messages from MDS Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 36/51] ceph: add __ceph_get_caps helper support Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 37/51] ceph: add __ceph_sync_read " Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 38/51] ceph: add object version support for sync read Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 39/51] ceph: add infrastructure for file encryption and decryption Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 40/51] ceph: add truncate size handling support for fscrypt Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 41/51] libceph: allow ceph_osdc_new_request to accept a multi-op read Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 42/51] ceph: disable fallocate for encrypted inodes Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 43/51] ceph: disable copy offload on " Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 44/51] ceph: don't use special DIO path for " Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 45/51] ceph: align data in pages in ceph_sync_write Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 46/51] ceph: add read/modify/write to ceph_sync_write Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 47/51] ceph: plumb in decryption during sync reads Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 48/51] ceph: add fscrypt decryption support to ceph_netfs_issue_op Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 49/51] ceph: set i_blkbits to crypto block size for encrypted inodes Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 50/51] ceph: add encryption support to writepage Jeff Layton
2022-03-22 14:13 ` [RFC PATCH v11 51/51] ceph: fscrypt support for writepages Jeff Layton
2022-03-22 14:17 ` [RFC PATCH v11 00/51] ceph+fscrypt : full support Jeff Layton
2022-03-25 9:57 ` Jeff Layton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220322141316.41325-9-jlayton@kernel.org \
--to=jlayton@kernel.org \
--cc=ceph-devel@vger.kernel.org \
--cc=idryomov@gmail.com \
--cc=lhenriques@suse.de \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=xiubli@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox