client: Breakout fscrypt get policy into method

Breakout fscrypt get policy into a method. Add
ceph_get_fscrypt_policy_v2 support.

Signed-off-by: Christopher Hoffman <choffman@redhat.com>

diff --git a/src/client/Client.cc b/src/client/Client.cc
index da81477da473d7d9ab109a2f3464d0156c2ddc1b..435d396e2068484f7ce95a0791a403c083c6d2d3 100644 (file)
--- a/src/client/Client.cc
+++ b/src/client/Client.cc
@@ -18349,6 +18349,28 @@ int Client::ll_set_fscrypt_policy_v2(Inode *in, const struct fscrypt_policy_v2&
   return 0;
 }
 
+int Client::get_fscrypt_policy_v2(int fd, struct fscrypt_policy_v2* policy)
+{
+  Fh *f = get_filehandle(fd);
+  if (!f) {
+    return -EBADF;
+  }
+
+  return ll_get_fscrypt_policy_v2(f->inode.get(), policy);
+}
+
+int Client::ll_get_fscrypt_policy_v2(Inode *in, struct fscrypt_policy_v2* policy)
+{
+  if (in->is_fscrypt_enabled()) {
+    in->fscrypt_ctx->convert_to(policy);
+    if (policy->version != 2) {
+      return EINVAL;
+    }
+    return 0;
+  }
+  return ENODATA;
+}
+
 int Client::is_encrypted(int fd, UserPerm& perms, char* enctag)
 {
   Fh *f = get_filehandle(fd);

diff --git a/src/client/Client.h b/src/client/Client.h
index 10cca9ce4333d250ccc7c4490004b90b6e5ae70b..57c45bbb35c80cf71cae23f35adbba57250e061f 100644 (file)
--- a/src/client/Client.h
+++ b/src/client/Client.h
@@ -387,6 +387,7 @@ public:
   int fcopyfile(const char *sname, const char *dname, UserPerm& perms, mode_t mode);
 
   int set_fscrypt_policy_v2(int fd, const struct fscrypt_policy_v2& policy);
+  int get_fscrypt_policy_v2(int fd, struct fscrypt_policy_v2* policy);
   int is_encrypted(int fd, UserPerm& perms, char* enctag);
 
   int mds_command(
@@ -750,6 +751,7 @@ public:
   }
 
   int ll_set_fscrypt_policy_v2(Inode *in, const struct fscrypt_policy_v2& policy);
+  int ll_get_fscrypt_policy_v2(Inode *in, struct fscrypt_policy_v2* policy);
 
   int ll_get_stripe_osd(struct Inode *in, uint64_t blockno,
                        file_layout_t* layout);

diff --git a/src/client/fuse_ll.cc b/src/client/fuse_ll.cc
index 9b448349dcef21064a4c072633bf98bf66ab4ec2..c8c50dac6ce9fc15b9128a230eefc82b22687e8e 100644 (file)
--- a/src/client/fuse_ll.cc
+++ b/src/client/fuse_ll.cc
@@ -974,7 +974,14 @@ static void fuse_ll_ioctl(fuse_req_t req, fuse_ino_t ino,
       Inode *in = fh->inode.get();
 
       if (in->is_fscrypt_enabled()) {
-        in->fscrypt_ctx->convert_to(&out_arg.policy.v2);
+
+        int r = cfuse->client->ll_get_fscrypt_policy_v2(in, &out_arg.policy.v2);
+
+        if (r < 0) {
+          fuse_reply_err(req, r);
+         break;
+        }
+
         out_arg.policy_size = sizeof(out_arg.policy);
 
         fuse_reply_ioctl(req, 0, &out_arg, sizeof(out_arg));

diff --git a/src/include/cephfs/libcephfs.h b/src/include/cephfs/libcephfs.h
index 0c134635371761dd979ca9ef622b439128b8897b..28d6c272d040f1228b0ba24626c6c4117718ac9d 100644 (file)
--- a/src/include/cephfs/libcephfs.h
+++ b/src/include/cephfs/libcephfs.h
@@ -2050,6 +2050,17 @@ int ceph_set_fscrypt_policy_v2(struct ceph_mount_info *cmount,
 int ceph_is_encrypted(struct ceph_mount_info *cmount,
                       int fd, char* enctag);
 
+/**
+ * Get encryption policy of a directory.
+ *
+ * @param cmount the ceph mount handle to use.
+ * @param fd open directory file descriptor
+ * @param policy pointer to to the fscrypt v2 policy
+ * @returns zero on success, other returns a negative error code.
+ */
+int ceph_get_fscrypt_policy_v2(struct ceph_mount_info *cmount,
+                               int fd, struct fscrypt_policy_v2 *policy);
+
 /* Low Level */
 struct Inode *ceph_ll_get_inode(struct ceph_mount_info *cmount,
                                vinodeno_t vino);

diff --git a/src/libcephfs.cc b/src/libcephfs.cc
index b39bbd38b8362ed0dca565fb0bfe7ae630793406..5924ae31c52aef0fc28cb1f7cd863fcca931d958 100644 (file)
--- a/src/libcephfs.cc
+++ b/src/libcephfs.cc
@@ -2552,6 +2552,15 @@ extern "C" int ceph_is_encrypted(struct ceph_mount_info *cmount,
   return cmount->get_client()->is_encrypted(fd, cmount->default_perms, enctag);
 }
 
+extern "C" int ceph_get_fscrypt_policy_v2(struct ceph_mount_info *cmount,
+                                          int fd, struct fscrypt_policy_v2 *policy)
+{
+  if (!cmount->is_mounted())
+    return -ENOTCONN;
+
+  return cmount->get_client()->get_fscrypt_policy_v2(fd, policy);
+}
+
 
 // This is deprecated, use ceph_ll_register_callbacks2 instead.
 extern "C" void ceph_ll_register_callbacks(class ceph_mount_info *cmount,