git-server-git.apps.pok.os.sepia.ceph.com Git

author	Jeff Layton <jlayton@kernel.org>
	Fri, 7 Aug 2020 13:28:31 +0000 (09:28 -0400)
committer	Xiubo Li <xiubli@redhat.com>
	Thu, 18 Aug 2022 02:59:50 +0000 (10:59 +0800)
commit	c5f3cd4846b045f669027f1a662f348aa9349738
tree	6372441f372c53d96d5326584f7a479a88786587	tree \| snapshot
parent	52e3b6b52d39b846d419204b4399216302c04e43	commit \| diff

ceph: add encrypted fname handling to ceph_mdsc_build_path

Allow ceph_mdsc_build_path to encrypt and base64 encode the filename
when the parent is encrypted and we're sending the path to the MDS.

In most cases, we just encrypt the filenames and base64 encode them,
but when the name is longer than CEPH_NOHASH_NAME_MAX, we use a similar
scheme to fscrypt proper, and hash the remaning bits with sha256.

When doing this, we then send along the full crypttext of the name in
the new alternate_name field of the MClientRequest. The MDS can then
send that along in readdir responses and traces.

Reviewed-by: Xiubo Li <xiubli@redhat.com>
Signed-off-by: Jeff Layton <jlayton@kernel.org>

fs/ceph/crypto.c		diff \| blob \| history
fs/ceph/crypto.h		diff \| blob \| history
fs/ceph/mds_client.c		diff \| blob \| history