Message ID | 20200914191707.380444-7-jlayton@kernel.org (mailing list archive) |
---|---|
State | Not Applicable |
Headers | show |
Series | ceph+fscrypt: context, filename and symlink support | expand |
On Mon, Sep 14, 2020 at 03:16:57PM -0400, Jeff Layton wrote: > Boilerplate ioctls for controlling encryption. > > Signed-off-by: Jeff Layton <jlayton@kernel.org> > --- > fs/ceph/ioctl.c | 25 +++++++++++++++++++++++++ > 1 file changed, 25 insertions(+) > > diff --git a/fs/ceph/ioctl.c b/fs/ceph/ioctl.c > index 6e061bf62ad4..381e44b2d60a 100644 > --- a/fs/ceph/ioctl.c > +++ b/fs/ceph/ioctl.c > @@ -6,6 +6,7 @@ > #include "mds_client.h" > #include "ioctl.h" > #include <linux/ceph/striper.h> > +#include <linux/fscrypt.h> > > /* > * ioctls > @@ -289,6 +290,30 @@ long ceph_ioctl(struct file *file, unsigned int cmd, unsigned long arg) > > case CEPH_IOC_SYNCIO: > return ceph_ioctl_syncio(file); > + > + case FS_IOC_SET_ENCRYPTION_POLICY: > + return fscrypt_ioctl_set_policy(file, (const void __user *)arg); > + > + case FS_IOC_GET_ENCRYPTION_POLICY: > + return fscrypt_ioctl_get_policy(file, (void __user *)arg); > + > + case FS_IOC_GET_ENCRYPTION_POLICY_EX: > + return fscrypt_ioctl_get_policy_ex(file, (void __user *)arg); > + > + case FS_IOC_ADD_ENCRYPTION_KEY: > + return fscrypt_ioctl_add_key(file, (void __user *)arg); > + > + case FS_IOC_REMOVE_ENCRYPTION_KEY: > + return fscrypt_ioctl_remove_key(file, (void __user *)arg); > + > + case FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS: > + return fscrypt_ioctl_remove_key_all_users(file, (void __user *)arg); > + > + case FS_IOC_GET_ENCRYPTION_KEY_STATUS: > + return fscrypt_ioctl_get_key_status(file, (void __user *)arg); > + > + case FS_IOC_GET_ENCRYPTION_NONCE: > + return fscrypt_ioctl_get_nonce(file, (void __user *)arg); Will you be implementing an encryption feature flag for ceph, similar to what ext4 and f2fs have? E.g., ext4 doesn't allow these ioctls unless the filesystem was formatted with '-O encrypt' (or 'tune2fs -O encrypt' was run later). There would be various problems if we didn't do that; for example, old versions of e2fsck would consider encrypted directories to be corrupted. - Eric
On Mon, 2020-09-14 at 17:45 -0700, Eric Biggers wrote: > On Mon, Sep 14, 2020 at 03:16:57PM -0400, Jeff Layton wrote: > > Boilerplate ioctls for controlling encryption. > > > > Signed-off-by: Jeff Layton <jlayton@kernel.org> > > --- > > fs/ceph/ioctl.c | 25 +++++++++++++++++++++++++ > > 1 file changed, 25 insertions(+) > > > > diff --git a/fs/ceph/ioctl.c b/fs/ceph/ioctl.c > > index 6e061bf62ad4..381e44b2d60a 100644 > > --- a/fs/ceph/ioctl.c > > +++ b/fs/ceph/ioctl.c > > @@ -6,6 +6,7 @@ > > #include "mds_client.h" > > #include "ioctl.h" > > #include <linux/ceph/striper.h> > > +#include <linux/fscrypt.h> > > > > /* > > * ioctls > > @@ -289,6 +290,30 @@ long ceph_ioctl(struct file *file, unsigned int cmd, unsigned long arg) > > > > case CEPH_IOC_SYNCIO: > > return ceph_ioctl_syncio(file); > > + > > + case FS_IOC_SET_ENCRYPTION_POLICY: > > + return fscrypt_ioctl_set_policy(file, (const void __user *)arg); > > + > > + case FS_IOC_GET_ENCRYPTION_POLICY: > > + return fscrypt_ioctl_get_policy(file, (void __user *)arg); > > + > > + case FS_IOC_GET_ENCRYPTION_POLICY_EX: > > + return fscrypt_ioctl_get_policy_ex(file, (void __user *)arg); > > + > > + case FS_IOC_ADD_ENCRYPTION_KEY: > > + return fscrypt_ioctl_add_key(file, (void __user *)arg); > > + > > + case FS_IOC_REMOVE_ENCRYPTION_KEY: > > + return fscrypt_ioctl_remove_key(file, (void __user *)arg); > > + > > + case FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS: > > + return fscrypt_ioctl_remove_key_all_users(file, (void __user *)arg); > > + > > + case FS_IOC_GET_ENCRYPTION_KEY_STATUS: > > + return fscrypt_ioctl_get_key_status(file, (void __user *)arg); > > + > > + case FS_IOC_GET_ENCRYPTION_NONCE: > > + return fscrypt_ioctl_get_nonce(file, (void __user *)arg); > > Will you be implementing an encryption feature flag for ceph, similar to what > ext4 and f2fs have? E.g., ext4 doesn't allow these ioctls unless the filesystem > was formatted with '-O encrypt' (or 'tune2fs -O encrypt' was run later). There > would be various problems if we didn't do that; for example, old versions of > e2fsck would consider encrypted directories to be corrupted. > Yes, we'll probably have something like that once the MDS support has settled. We'll want to disallow encryption when dealing with MDS's that don't support it, so I suspect we'll need to add a check for that in these ioctl calls. That feature bit hasn't been declared yet though, and this patchset is still _really_ rough. I'll add a comment to that effect for now though. Thanks!
diff --git a/fs/ceph/ioctl.c b/fs/ceph/ioctl.c index 6e061bf62ad4..381e44b2d60a 100644 --- a/fs/ceph/ioctl.c +++ b/fs/ceph/ioctl.c @@ -6,6 +6,7 @@ #include "mds_client.h" #include "ioctl.h" #include <linux/ceph/striper.h> +#include <linux/fscrypt.h> /* * ioctls @@ -289,6 +290,30 @@ long ceph_ioctl(struct file *file, unsigned int cmd, unsigned long arg) case CEPH_IOC_SYNCIO: return ceph_ioctl_syncio(file); + + case FS_IOC_SET_ENCRYPTION_POLICY: + return fscrypt_ioctl_set_policy(file, (const void __user *)arg); + + case FS_IOC_GET_ENCRYPTION_POLICY: + return fscrypt_ioctl_get_policy(file, (void __user *)arg); + + case FS_IOC_GET_ENCRYPTION_POLICY_EX: + return fscrypt_ioctl_get_policy_ex(file, (void __user *)arg); + + case FS_IOC_ADD_ENCRYPTION_KEY: + return fscrypt_ioctl_add_key(file, (void __user *)arg); + + case FS_IOC_REMOVE_ENCRYPTION_KEY: + return fscrypt_ioctl_remove_key(file, (void __user *)arg); + + case FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS: + return fscrypt_ioctl_remove_key_all_users(file, (void __user *)arg); + + case FS_IOC_GET_ENCRYPTION_KEY_STATUS: + return fscrypt_ioctl_get_key_status(file, (void __user *)arg); + + case FS_IOC_GET_ENCRYPTION_NONCE: + return fscrypt_ioctl_get_nonce(file, (void __user *)arg); } return -ENOTTY;
Boilerplate ioctls for controlling encryption. Signed-off-by: Jeff Layton <jlayton@kernel.org> --- fs/ceph/ioctl.c | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+)