Fix warnings/errors in ceph API tests that are present in FSCrypt.cc
src/client/FSCrypt.cc:90:6: error: variable 'olen' set but not used [-Werror,-Wunused-but-set-variable]
90 | int olen = 0;
| ^
src/client/FSCrypt.cc:91:6: error: variable 'line' set but not used [-Werror,-Wunused-but-set-variable]
91 | int line = 0;
| ^
src/client/FSCrypt.cc:945:2: error: is this the way to do it? [-Werror,-W#warnings]
945 | #warning is this the way to do it?
Signed-off-by: Christopher Hoffman <choffman@redhat.com>
Add fscrypt dummy encryption to client. This will allow
for mounting a cephfs volume without providing any fscrypt
information. This will allow for more straightforward setup
for development and test suites.
Signed-off-by: Christopher Hoffman <choffman@redhat.com>
Marcus Watts [Sat, 28 Jun 2025 00:56:05 +0000 (20:56 -0400)]
libcephfs: ll_set_fscrypt_policy_v2 - use in->dirstat
Better check for empty direcotry.
It turns out in->dirstat contains a count of files and subdirectories
from a directory, so all we have to do is make sure that's valid.
Rishabh Dave [Wed, 16 Jul 2025 16:04:18 +0000 (21:34 +0530)]
client: in fcopyfile(), update len to read only leftover fragment
fcopyfile() reads 1 MiB of data every time but when a fragment smaller
than 1 MiB is left, it still reads 1 MiB of data, causing to never meet
the condition of "off == size". This leads to an infinity loop which
continues to write until CephFS becomes full.
Resolves: rhbz#2379716 Fixes: https://tracker.ceph.com/issues/72238 Signed-off-by: Rishabh Dave <ridave@redhat.com>
During an fscrypt write a read may be needed to ensure changed
portion of file is merged with an existing data block. No need
to read unnecessarily when writes line up to fscrypt block and
span a whole block or more.
Signed-off-by: Christopher Hoffman <choffman@redhat.com>
Removed ifdef for a failure we encountered during rebase against
case sensitive feature
-https://github.com/ceph/ceph/pull/61137#discussion_r2006324762w
Add debug dout when entering WriteEncMgr::read
-https://github.com/ceph/ceph/pull/61137#discussion_r2008140457
Add comment to various lines
-https://github.com/ceph/ceph/pull/61137#discussion_r2006301120
-https://github.com/ceph/ceph/pull/61137#discussion_r2006247613
-https://github.com/ceph/ceph/pull/61137#discussion_r2006251232
During write_success mark FILE_WR as dirty
-https://github.com/ceph/ceph/pull/61137#discussion_r2008210365
Signed-off-by: Christopher Hoffman <choffman@redhat.com>
client: During fscrypt rmw (write) use correct read type
During fscrypt rmw use internal Client::_read to utilize
correct buffered or non buffered reads based on client wide
options. For example, if client_oc = false, use only
non-buffered reads in rmw.
Fixes: https://tracker.ceph.com/issues/72143 Signed-off-by: Christopher Hoffman <choffman@redhat.com>
In fscrypt decryption code path, ensure if a data block
is hit when there are holes present in adjacent blocks,
that we exit hole traversal and continue on to decrypt the block.
Fixes: https://tracker.ceph.com/issues/71602 Signed-off-by: Christopher Hoffman <choffman@redhat.com>
client, test: Remove FS_IOC_GETFLAGS and STATX_ATTR_ENCRYPTED
Remove previous work done to support FSCrypt encrypted in
FS_IOC_GETFLAGS which changes the structure of statx ABI.
This is due to backward compatibility issues.
Signed-off-by: Christopher Hoffman <choffman@redhat.com>
client: Skip fscrypt_last_block if in non-fscrypt mode
Skip reading and sending fscrypt_last_block if client_fscrypt_as
is false during do_setattr. Without the key, fscrypt truncate is
not possible on fscrypt block boundary.
Signed-off-by: Christopher Hoffman <choffman@redhat.com>
When looking up the effective_size and the client_fscrypt_as
option is false show the inode size value. This will allow for
reading raw encrypted data when no key is provided.
Signed-off-by: Christopher Hoffman <choffman@redhat.com>
Snapshot names are visible within the .snap directory
as dir entries. They can be created by a client that
has an fscrypt key present and also by the manager who
does not have any key. While the client with the key
can create an encrypted name the manager cannot.
Standardize functionality of these semantics to the
common of the two.
Signed-off-by: Christopher Hoffman <choffman@redhat.com>
During unwrap name, get_decrypted_fname parameters accepts
dname/b64 name and altname. If altname holds a value, this means
that a plaintext name will be built from altname. In this
case, dname/b64 name is irrelevant. In the case of empty altname,
build name from b64 name.
Fixes: https://tracker.ceph.com/issues/70995 Signed-off-by: Christopher Hoffman <choffman@redhat.com>
client: Add additional case for fscrypt enabled setattr
During setattr in fscrypt case, there's two cases that happen
1. A logical size is provided and then a vector must be populated.
2. A request from setxattr is received and fscrypt_file vector
is already set.
Also rework tests when setting fscrypt_file, to use logical sizes.
Signed-off-by: Christopher Hoffman <choffman@redhat.com>
client: When creating WriteEncMgr take into account client_oc
When determining if a write is buffered or not, take into account
the client_oc config. This option allows non-buffered writes when
caps normally used in buffered writes are present.
Fixes: https://tracker.ceph.com/issues/70568 Signed-off-by: Christopher Hoffman <choffman@redhat.com>
client: use path walk and on-the-fly enc/dec for fscrypt
The code before would encrypt/decrypt the dentry and store the result as the
dentry name. This would cause the client to have a different view of the dentry
names compared to the MDS. This created an unnecessary and complex divergence
that requires fixing the name in any code path involving the MDS.
Instead, maintain the same view as before with the MDS. The client uses the new
`Client::path_walk`, `Client::_wrap_name`, and `Client::_unwrap_name`
mechanisms to correctly change from the application's namespace (unencrypted /
case insensitve names) to the Client/MDS namespace.
The complication here is that the Client now needs to recompute the
encrypted/decrypted name for any path walk. This can and should be mitigated by
memoizing the results of the decryption/encryption. This is particularly
important as we can keep the decrypted names in a separate memory region that
is protected from core dump / trace inspection.
Signed-off-by: Patrick Donnelly <pdonnell@ibm.com>
Fix up a few things in read_sync path
1. File size may not be updated locally, do not check for trim read
2. Do not get_cap before RMW, each do_write takes care of having proper caps
Fixes: https://tracker.ceph.com/issues/69796 Signed-off-by: Christopher Hoffman <choffman@redhat.com>
client: During fscrypt write, ensure we get Fr cap
During fscrypt write will require Fr cap. It's best to ensure
this requirement is handled at the cap level instead of at the mode
level. Otherwise, O_WRONLY flag won't be enforced.
Signed-off-by: Christopher Hoffman <choffman@redhat.com>
fuse client, fscrypt, test: Implement and create tests for S_ENCRYPTED in inode i_flags
This PR adds test for S_ENCRYPTED bit in the i_flags field of Inode.
The test implements 2 quering methods: using FS_IOC_GETFLAGS and STATX_ATTR_ENCRYPTED
Fixes: https://tracker.ceph.com/issues/64129
Author: Igor Golikov <igolikov@ibm.com> Signed-off-by: Christopher Hoffman <choffman@redhat.com>
Add logic to support fscrypt last block. Includes sending
truncated last block data (decrypted->trunc->encrypted)
from client to mds. The server then writes the last block
on successful truncate.
Fixes: https://tracker.ceph.com/issues/69160 Signed-off-by: Christopher Hoffman <choffman@redhat.com>
projects / ceph-ci.git / log