From: Christopher Hoffman Date: Tue, 24 Jun 2025 19:09:07 +0000 (+0000) Subject: client: Breakout fscrypt get policy into method X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=24fa0be2c9a77528f411a17bddb959d24fb350f3;p=ceph.git client: Breakout fscrypt get policy into method Breakout fscrypt get policy into a method. Add ceph_get_fscrypt_policy_v2 support. Signed-off-by: Christopher Hoffman --- diff --git a/src/client/Client.cc b/src/client/Client.cc index da81477da47..435d396e206 100644 --- a/src/client/Client.cc +++ b/src/client/Client.cc @@ -18349,6 +18349,28 @@ int Client::ll_set_fscrypt_policy_v2(Inode *in, const struct fscrypt_policy_v2& return 0; } +int Client::get_fscrypt_policy_v2(int fd, struct fscrypt_policy_v2* policy) +{ + Fh *f = get_filehandle(fd); + if (!f) { + return -EBADF; + } + + return ll_get_fscrypt_policy_v2(f->inode.get(), policy); +} + +int Client::ll_get_fscrypt_policy_v2(Inode *in, struct fscrypt_policy_v2* policy) +{ + if (in->is_fscrypt_enabled()) { + in->fscrypt_ctx->convert_to(policy); + if (policy->version != 2) { + return EINVAL; + } + return 0; + } + return ENODATA; +} + int Client::is_encrypted(int fd, UserPerm& perms, char* enctag) { Fh *f = get_filehandle(fd); diff --git a/src/client/Client.h b/src/client/Client.h index 10cca9ce433..57c45bbb35c 100644 --- a/src/client/Client.h +++ b/src/client/Client.h @@ -387,6 +387,7 @@ public: int fcopyfile(const char *sname, const char *dname, UserPerm& perms, mode_t mode); int set_fscrypt_policy_v2(int fd, const struct fscrypt_policy_v2& policy); + int get_fscrypt_policy_v2(int fd, struct fscrypt_policy_v2* policy); int is_encrypted(int fd, UserPerm& perms, char* enctag); int mds_command( @@ -750,6 +751,7 @@ public: } int ll_set_fscrypt_policy_v2(Inode *in, const struct fscrypt_policy_v2& policy); + int ll_get_fscrypt_policy_v2(Inode *in, struct fscrypt_policy_v2* policy); int ll_get_stripe_osd(struct Inode *in, uint64_t blockno, file_layout_t* layout); diff --git a/src/client/fuse_ll.cc b/src/client/fuse_ll.cc index 9b448349dce..c8c50dac6ce 100644 --- a/src/client/fuse_ll.cc +++ b/src/client/fuse_ll.cc @@ -974,7 +974,14 @@ static void fuse_ll_ioctl(fuse_req_t req, fuse_ino_t ino, Inode *in = fh->inode.get(); if (in->is_fscrypt_enabled()) { - in->fscrypt_ctx->convert_to(&out_arg.policy.v2); + + int r = cfuse->client->ll_get_fscrypt_policy_v2(in, &out_arg.policy.v2); + + if (r < 0) { + fuse_reply_err(req, r); + break; + } + out_arg.policy_size = sizeof(out_arg.policy); fuse_reply_ioctl(req, 0, &out_arg, sizeof(out_arg)); diff --git a/src/include/cephfs/libcephfs.h b/src/include/cephfs/libcephfs.h index 0c134635371..28d6c272d04 100644 --- a/src/include/cephfs/libcephfs.h +++ b/src/include/cephfs/libcephfs.h @@ -2050,6 +2050,17 @@ int ceph_set_fscrypt_policy_v2(struct ceph_mount_info *cmount, int ceph_is_encrypted(struct ceph_mount_info *cmount, int fd, char* enctag); +/** + * Get encryption policy of a directory. + * + * @param cmount the ceph mount handle to use. + * @param fd open directory file descriptor + * @param policy pointer to to the fscrypt v2 policy + * @returns zero on success, other returns a negative error code. + */ +int ceph_get_fscrypt_policy_v2(struct ceph_mount_info *cmount, + int fd, struct fscrypt_policy_v2 *policy); + /* Low Level */ struct Inode *ceph_ll_get_inode(struct ceph_mount_info *cmount, vinodeno_t vino); diff --git a/src/libcephfs.cc b/src/libcephfs.cc index b39bbd38b83..5924ae31c52 100644 --- a/src/libcephfs.cc +++ b/src/libcephfs.cc @@ -2552,6 +2552,15 @@ extern "C" int ceph_is_encrypted(struct ceph_mount_info *cmount, return cmount->get_client()->is_encrypted(fd, cmount->default_perms, enctag); } +extern "C" int ceph_get_fscrypt_policy_v2(struct ceph_mount_info *cmount, + int fd, struct fscrypt_policy_v2 *policy) +{ + if (!cmount->is_mounted()) + return -ENOTCONN; + + return cmount->get_client()->get_fscrypt_policy_v2(fd, policy); +} + // This is deprecated, use ceph_ll_register_callbacks2 instead. extern "C" void ceph_ll_register_callbacks(class ceph_mount_info *cmount,