Re: [RFC PATCH 0/2] Add support for snapshot names encryption

[Luís Henriques]

Luís Henriques <lhenriques@xxxxxxx> writes:

> Hi!
>
> So, I've changed this code back into and RFC as I'm not sure yet if this
> is it's final form.  I think the 2 patches in this series should probably
> be squashed into a single patch.  I decided to keep them separate as the
> 1st one is simple (it's the same patch I had already sent), and the 2nd
> patch adds a lot more complexity to the whole thing.
>
> So, I've looked at Xiubo initial patch for handling snapshots long names.
> It was complex, of course, and it required extra MDS changes.  I *think*
> my approach is slightly simpler, but I'm not entirely sure yet that I'm
> handling every case.
>
> In order to test this code the following PRs are required:
>
>   mds: add protection from clients without fscrypt support #45073
>   mds: use the whole string as the snapshot long name #45192
>   mds: support alternate names for snapshots #45224
>   mds: limit the snapshot names to 240 characters #45312
>
> Comments are welcome, I'm still testing these patches and I do expect to
> find that something is still missing.  And I do expect to find bugs.
> These strings parsing scares me a lot, but I couldn't see a simpler
> approach.

Again, I forgot to mention in the cover-letter that handling
base64-encoded snapshots that start with '_' is still missing.  That's
next on my list.

Cheers,
-- 
Luís

>
> Luís Henriques (2):
>   ceph: add support for encrypted snapshot names
>   ceph: add support for handling encrypted snapshot names in subtree
>
>  fs/ceph/crypto.c | 146 +++++++++++++++++++++++++++++++++++++++++------
>  fs/ceph/crypto.h |   9 ++-
>  fs/ceph/dir.c    |   9 +++
>  fs/ceph/inode.c  |  13 +++++
>  4 files changed, 156 insertions(+), 21 deletions(-)
>