[RFC,0/2] Add support for snapshot names encryption

Message ID	20220310172616.16212-1-lhenriques@suse.de (mailing list archive)
Headers	show Return-Path: <ceph-devel-owner@kernel.org> From: =?utf-8?q?Lu=C3=ADs_Henriques?= <lhenriques@suse.de> To: Jeff Layton <jlayton@kernel.org>, Xiubo Li <xiubli@redhat.com>, Ilya Dryomov <idryomov@gmail.com> Cc: ceph-devel@vger.kernel.org, linux-kernel@vger.kernel.org, =?utf-8?q?Lu?= =?utf-8?q?=C3=ADs_Henriques?= <lhenriques@suse.de> Subject: [RFC PATCH 0/2] Add support for snapshot names encryption Date: Thu, 10 Mar 2022 17:26:14 +0000 Message-Id: <20220310172616.16212-1-lhenriques@suse.de> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	Add support for snapshot names encryption \| expand [RFC,0/2] Add support for snapshot names encryption [RFC,1/2] ceph: add support for encrypted snapshot names [RFC,2/2] ceph: add support for handling encrypted snapshot names in subtree

Message ID

20220310172616.16212-1-lhenriques@suse.de (mailing list archive)

Headers

From: =?utf-8?q?Lu=C3=ADs_Henriques?= <lhenriques@suse.de>
To: Jeff Layton <jlayton@kernel.org>, Xiubo Li <xiubli@redhat.com>,
        Ilya Dryomov <idryomov@gmail.com>
Cc: ceph-devel@vger.kernel.org, linux-kernel@vger.kernel.org, =?utf-8?q?Lu?=
	=?utf-8?q?=C3=ADs_Henriques?= <lhenriques@suse.de>
Subject: [RFC PATCH 0/2] Add support for snapshot names encryption
Date: Thu, 10 Mar 2022 17:26:14 +0000
Message-Id: <20220310172616.16212-1-lhenriques@suse.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

Add support for snapshot names encryption | expand

Message

Luis Henriques March 10, 2022, 5:26 p.m. UTC

Hi!

So, I've changed this code back into and RFC as I'm not sure yet if this
is it's final form.  I think the 2 patches in this series should probably
be squashed into a single patch.  I decided to keep them separate as the
1st one is simple (it's the same patch I had already sent), and the 2nd
patch adds a lot more complexity to the whole thing.

So, I've looked at Xiubo initial patch for handling snapshots long names.
It was complex, of course, and it required extra MDS changes.  I *think*
my approach is slightly simpler, but I'm not entirely sure yet that I'm
handling every case.

In order to test this code the following PRs are required:

  mds: add protection from clients without fscrypt support #45073
  mds: use the whole string as the snapshot long name #45192
  mds: support alternate names for snapshots #45224
  mds: limit the snapshot names to 240 characters #45312

Comments are welcome, I'm still testing these patches and I do expect to
find that something is still missing.  And I do expect to find bugs.
These strings parsing scares me a lot, but I couldn't see a simpler
approach.

Luís Henriques (2):
  ceph: add support for encrypted snapshot names
  ceph: add support for handling encrypted snapshot names in subtree

 fs/ceph/crypto.c | 146 +++++++++++++++++++++++++++++++++++++++++------
 fs/ceph/crypto.h |   9 ++-
 fs/ceph/dir.c    |   9 +++
 fs/ceph/inode.c  |  13 +++++
 4 files changed, 156 insertions(+), 21 deletions(-)

Comments

Luis Henriques March 10, 2022, 5:34 p.m. UTC | #1

Luís Henriques <lhenriques@suse.de> writes:

> Hi!
>
> So, I've changed this code back into and RFC as I'm not sure yet if this
> is it's final form.  I think the 2 patches in this series should probably
> be squashed into a single patch.  I decided to keep them separate as the
> 1st one is simple (it's the same patch I had already sent), and the 2nd
> patch adds a lot more complexity to the whole thing.
>
> So, I've looked at Xiubo initial patch for handling snapshots long names.
> It was complex, of course, and it required extra MDS changes.  I *think*
> my approach is slightly simpler, but I'm not entirely sure yet that I'm
> handling every case.
>
> In order to test this code the following PRs are required:
>
>   mds: add protection from clients without fscrypt support #45073
>   mds: use the whole string as the snapshot long name #45192
>   mds: support alternate names for snapshots #45224
>   mds: limit the snapshot names to 240 characters #45312
>
> Comments are welcome, I'm still testing these patches and I do expect to
> find that something is still missing.  And I do expect to find bugs.
> These strings parsing scares me a lot, but I couldn't see a simpler
> approach.

Again, I forgot to mention in the cover-letter that handling
base64-encoded snapshots that start with '_' is still missing.  That's
next on my list.

Cheers,