client, libcephfs: Expose fscrypt apis as low level

Add low level versions of fscrypt apis to support
protocols such as NFS.

Signed-off-by: Christopher Hoffman <choffman@redhat.com>

diff --git a/src/client/Client.cc b/src/client/Client.cc
index de5f07f608bd066f4a6b1be1d99d7cb5a8fef274..7b56f417498f9791707258c874a927c2effdf5c1 100644 (file)
--- a/src/client/Client.cc
+++ b/src/client/Client.cc
@@ -18260,7 +18260,11 @@ int Client::is_encrypted(int fd, UserPerm& perms, char* enctag)
     return -EBADF;
   }
 
-  Inode *in = f->inode.get();
+  return ll_is_encrypted(f->inode.get(), perms, enctag);
+}
+
+int Client::ll_is_encrypted(Inode *in, UserPerm& perms, char *enctag)
+{
   if (in->is_encrypted()) {
     int r = ll_getxattr(in, "user.ceph.subvolume.enctag", enctag, sizeof(enctag), perms);
     // dir can be encrypted and xattr DNE if it isn't setup via mgr subvolume

diff --git a/src/client/Client.h b/src/client/Client.h
index feafe4d1f9198fb7089f0a1d11edd79fc680ba1b..cf5d0941693e1c2a84c0afa8ea519a60bf1d71f6 100644 (file)
--- a/src/client/Client.h
+++ b/src/client/Client.h
@@ -713,6 +713,7 @@ public:
 
   int ll_set_fscrypt_policy_v2(Inode *in, const struct fscrypt_policy_v2& policy);
   int ll_get_fscrypt_policy_v2(Inode *in, struct fscrypt_policy_v2* policy);
+  int ll_is_encrypted(Inode *in, UserPerm& perms, char* enctag);
 
   int ll_get_stripe_osd(struct Inode *in, uint64_t blockno,
                        file_layout_t* layout);

diff --git a/src/include/cephfs/libcephfs.h b/src/include/cephfs/libcephfs.h
index 7cf7f77da4e1190b85fd14775974b45e02e491b3..4a5621873150f84df7d119fb12e9d1dfd44f5b9e 100644 (file)
--- a/src/include/cephfs/libcephfs.h
+++ b/src/include/cephfs/libcephfs.h
@@ -2211,6 +2211,14 @@ int ceph_ll_setlk(struct ceph_mount_info *cmount,
 
 int ceph_ll_lazyio(struct ceph_mount_info *cmount, Fh *fh, int enable);
 
+int ceph_ll_set_fscrypt_policy_v2(struct ceph_mount_info *cmount,
+                               Inode *in, const struct fscrypt_policy_v2 *policy);
+
+int ceph_ll_get_fscrypt_policy_v2(struct ceph_mount_info *cmount,
+                               Inode *in, struct fscrypt_policy_v2 *policy);
+
+int ceph_ll_is_encrypted(struct ceph_mount_info *cmount, Inode *in, char* enctag);
+
 /*
  * Delegation support
  *

diff --git a/src/libcephfs.cc b/src/libcephfs.cc
index fcf69ca802fcf01bf469c14dd0131804276d9b95..a2665a20e577d5ea33f3681ef8b9b1d592efdc3f 100644 (file)
--- a/src/libcephfs.cc
+++ b/src/libcephfs.cc
@@ -2551,6 +2551,32 @@ extern "C" int ceph_get_fscrypt_policy_v2(struct ceph_mount_info *cmount,
   return cmount->get_client()->get_fscrypt_policy_v2(fd, policy);
 }
 
+extern "C" int ceph_ll_set_fscrypt_policy_v2(struct ceph_mount_info *cmount,
+                                          Inode *in, const struct fscrypt_policy_v2 *policy)
+{
+  if (!cmount->is_mounted())
+    return -ENOTCONN;
+
+  return cmount->get_client()->ll_set_fscrypt_policy_v2(in, *policy);
+}
+
+extern "C" int ceph_ll_get_fscrypt_policy_v2(struct ceph_mount_info *cmount,
+                                          Inode *in, struct fscrypt_policy_v2 *policy)
+{
+  if (!cmount->is_mounted())
+    return -ENOTCONN;
+
+  return cmount->get_client()->ll_get_fscrypt_policy_v2(in, policy);
+}
+
+extern "C" int ceph_ll_is_encrypted(struct ceph_mount_info *cmount,
+                                          Inode *in, char* enctag)
+{
+  if (!cmount->is_mounted())
+    return -ENOTCONN;
+
+  return cmount->get_client()->ll_is_encrypted(in, cmount->default_perms, enctag);
+}
 
 // This is deprecated, use ceph_ll_register_callbacks2 instead.
 extern "C" void ceph_ll_register_callbacks(class ceph_mount_info *cmount,