client: Implement status for fscrypt key status

Fixes: https://tracker.ceph.com/issues/64130
Signed-off-by: Christopher Hoffman <choffman@redhat.com>

diff --git a/src/client/Client.cc b/src/client/Client.cc
index ab565615ad3d64c2fb50d18a603466b6b8d4d65b..80c4ea36b68cf8bfc0251323bbd5d1883380d5a7 100644 (file)
--- a/src/client/Client.cc
+++ b/src/client/Client.cc
@@ -18412,6 +18412,37 @@ int Client::ll_set_fscrypt_policy_v2(Inode *in, const struct fscrypt_policy_v2&
   return 0;
 }
 
+int Client::get_fscrypt_key_status(fscrypt_get_key_status_arg* arg) {
+  ceph_fscrypt_key_identifier kid;
+  int r = kid.init(arg->key_spec);
+  if (r < 0) {
+    return r;
+  }
+  unsigned int status = 0;
+  unsigned int status_flags = 0;
+  unsigned int user_count = 0;
+
+  FSCryptKeyHandlerRef kh;
+  r = fscrypt->get_key_store().find(kid, kh);
+
+  if (!kh){
+    status = FSCRYPT_KEY_STATUS_ABSENT;
+    goto out;
+  }
+
+  user_count = kh->get_users().size();
+
+  if (!kh->present) {
+      status = FSCRYPT_KEY_STATUS_INCOMPLETELY_REMOVED;
+  } else {
+    status = FSCRYPT_KEY_STATUS_PRESENT;
+  }
+out:
+  arg->status = status;
+  arg->status_flags = status_flags; //TODO: implement this
+  arg->user_count = user_count;
+  return 0;
+}
 
 // called before mount. 0 means infinite
 void Client::set_session_timeout(unsigned timeout)

diff --git a/src/client/Client.h b/src/client/Client.h
index 1c4b77753f68e6fae3a5b3905c81f7444945e9f7..43926b4d98e583a2988b95930ea129b20f05c126 100644 (file)
--- a/src/client/Client.h
+++ b/src/client/Client.h
@@ -382,6 +382,8 @@ public:
   /* fscrypt */
   int add_fscrypt_key(const char *key_data, int key_len, ceph_fscrypt_key_identifier *kid, int user = 0);
   int remove_fscrypt_key(fscrypt_remove_key_arg* kid, int user = 0);
+  int get_fscrypt_key_status(fscrypt_get_key_status_arg* arg);
+
   int set_fscrypt_policy_v2(int fd, const struct fscrypt_policy_v2& policy);
 
   int mds_command(

diff --git a/src/client/fuse_ll.cc b/src/client/fuse_ll.cc
index 17a6bb68c17c3d6f8e1c7b19df30c00e935e4f10..13db5595b4883a3b87b95f721e296485700a38e7 100644 (file)
--- a/src/client/fuse_ll.cc
+++ b/src/client/fuse_ll.cc
@@ -1118,29 +1118,7 @@ static void fuse_ll_ioctl(fuse_req_t req, fuse_ino_t ino,
         break;
       }
 
-      ceph_fscrypt_key_identifier kid;
-      int r = kid.init(arg->key_spec);
-      if (r < 0) {
-        fuse_reply_err(req, -r);
-        break;
-      }
-
-      FSCryptKeyHandlerRef kh;
-      r = cfuse->client->fscrypt->get_key_store().find(kid, kh);
-      if (r < 0 && r != -ENOENT) {
-        fuse_reply_err(req, -r);
-        break;
-      }
-
-      bool found = (r == 0 && kh->get_key());
-
-      generic_dout(0) << __FILE__ << ":" << __LINE__ << ": FS_IOC_GET_ENCRYPTION_KEY_STATUS found=" << found << dendl;
-
-      /* TODO: return correct info */
-      arg->status = (found ? FSCRYPT_KEY_STATUS_PRESENT : FSCRYPT_KEY_STATUS_ABSENT);
-      arg->status_flags = 0;//(found ? 0x1 : 0); /* FIXME */
-      //arg->status_flags = (found ? 0x1 : 0); /* FIXME */
-      arg->user_count = !!found; /* FIXME */
+      int r = cfuse->client->get_fscrypt_key_status(arg);
 
       fuse_reply_ioctl(req, 0, arg, sizeof(*arg));
     }

diff --git a/src/libcephfs.cc b/src/libcephfs.cc
index bcd8d18e2328b8e7f77fc97855081a3245cfe306..e35053dbb68423a025ab6eb685b68ccd3f8e18c3 100644 (file)
--- a/src/libcephfs.cc
+++ b/src/libcephfs.cc
@@ -2525,6 +2525,15 @@ extern "C" int ceph_remove_fscrypt_key(struct ceph_mount_info *cmount,
   return cmount->get_client()->remove_fscrypt_key(kid, user);
 }
 
+extern "C" int ceph_get_fscrypt_key_status(struct ceph_mount_info *cmount,
+                                       struct fscrypt_get_key_status_arg *arg)
+{
+  if (!cmount->is_mounted())
+    return -CEPHFS_ENOTCONN;
+
+  return cmount->get_client()->get_fscrypt_key_status(arg);
+}
+
 extern "C" int ceph_set_fscrypt_policy_v2(struct ceph_mount_info *cmount,
                                           int fd, const struct fscrypt_policy_v2 *policy)
 {