client, libcephfs: Expose fscrypt apis as low level

Add low level versions of fscrypt apis to support
protocols such as NFS.

Signed-off-by: Christopher Hoffman <choffman@redhat.com>

diff --git a/src/client/Client.cc b/src/client/Client.cc
index 435d396e2068484f7ce95a0791a403c083c6d2d3..1ebe5eca89b982977eceaee45516a8843fb47ba8 100644 (file)
--- a/src/client/Client.cc
+++ b/src/client/Client.cc
@@ -18378,7 +18378,11 @@ int Client::is_encrypted(int fd, UserPerm& perms, char* enctag)
     return -EBADF;
   }
 
-  Inode *in = f->inode.get();
+  return ll_is_encrypted(f->inode.get(), perms, enctag);
+}
+
+int Client::ll_is_encrypted(Inode *in, UserPerm& perms, char *enctag)
+{
   if (in->is_encrypted()) {
     int r = ll_getxattr(in, "user.ceph.subvolume.enctag", enctag, sizeof(enctag), perms);
     // dir can be encrypted and xattr DNE if it isn't setup via mgr subvolume

diff --git a/src/client/Client.h b/src/client/Client.h
index 57c45bbb35c80cf71cae23f35adbba57250e061f..3cee9219d789d5778b41273d49da828f395cd099 100644 (file)
--- a/src/client/Client.h
+++ b/src/client/Client.h
@@ -752,6 +752,7 @@ public:
 
   int ll_set_fscrypt_policy_v2(Inode *in, const struct fscrypt_policy_v2& policy);
   int ll_get_fscrypt_policy_v2(Inode *in, struct fscrypt_policy_v2* policy);
+  int ll_is_encrypted(Inode *in, UserPerm& perms, char* enctag);
 
   int ll_get_stripe_osd(struct Inode *in, uint64_t blockno,
                        file_layout_t* layout);

diff --git a/src/include/cephfs/libcephfs.h b/src/include/cephfs/libcephfs.h
index 28d6c272d040f1228b0ba24626c6c4117718ac9d..536857849b263a584a7c6a6fae044dfe0a3ce0d5 100644 (file)
--- a/src/include/cephfs/libcephfs.h
+++ b/src/include/cephfs/libcephfs.h
@@ -2214,6 +2214,14 @@ int ceph_ll_setlk(struct ceph_mount_info *cmount,
 
 int ceph_ll_lazyio(struct ceph_mount_info *cmount, Fh *fh, int enable);
 
+int ceph_ll_set_fscrypt_policy_v2(struct ceph_mount_info *cmount,
+                               Inode *in, const struct fscrypt_policy_v2 *policy);
+
+int ceph_ll_get_fscrypt_policy_v2(struct ceph_mount_info *cmount,
+                               Inode *in, struct fscrypt_policy_v2 *policy);
+
+int ceph_ll_is_encrypted(struct ceph_mount_info *cmount, Inode *in, char* enctag);
+
 /*
  * Delegation support
  *

diff --git a/src/libcephfs.cc b/src/libcephfs.cc
index 5924ae31c52aef0fc28cb1f7cd863fcca931d958..95d6c755d19caf970fee4efb9c9f8a4d292bba8b 100644 (file)
--- a/src/libcephfs.cc
+++ b/src/libcephfs.cc
@@ -2561,6 +2561,32 @@ extern "C" int ceph_get_fscrypt_policy_v2(struct ceph_mount_info *cmount,
   return cmount->get_client()->get_fscrypt_policy_v2(fd, policy);
 }
 
+extern "C" int ceph_ll_set_fscrypt_policy_v2(struct ceph_mount_info *cmount,
+                                          Inode *in, const struct fscrypt_policy_v2 *policy)
+{
+  if (!cmount->is_mounted())
+    return -ENOTCONN;
+
+  return cmount->get_client()->ll_set_fscrypt_policy_v2(in, *policy);
+}
+
+extern "C" int ceph_ll_get_fscrypt_policy_v2(struct ceph_mount_info *cmount,
+                                          Inode *in, struct fscrypt_policy_v2 *policy)
+{
+  if (!cmount->is_mounted())
+    return -ENOTCONN;
+
+  return cmount->get_client()->ll_get_fscrypt_policy_v2(in, policy);
+}
+
+extern "C" int ceph_ll_is_encrypted(struct ceph_mount_info *cmount,
+                                          Inode *in, char* enctag)
+{
+  if (!cmount->is_mounted())
+    return -ENOTCONN;
+
+  return cmount->get_client()->ll_is_encrypted(in, cmount->default_perms, enctag);
+}
 
 // This is deprecated, use ceph_ll_register_callbacks2 instead.
 extern "C" void ceph_ll_register_callbacks(class ceph_mount_info *cmount,