diff mbox series

[v14,51/64] ceph: disable copy offload on encrypted inodes

Message ID	20220427191314.222867-52-jlayton@kernel.org
State	Superseded
Headers	show Return-Path: <ceph-devel-owner@kernel.org> From: Jeff Layton <jlayton@kernel.org> To: ceph-devel@vger.kernel.org Cc: xiubli@redhat.com, lhenriques@suse.de, idryomov@gmail.com Subject: [PATCH v14 51/64] ceph: disable copy offload on encrypted inodes Date: Wed, 27 Apr 2022 15:13:01 -0400 Message-Id: <20220427191314.222867-52-jlayton@kernel.org> In-Reply-To: <20220427191314.222867-1-jlayton@kernel.org> References: <20220427191314.222867-1-jlayton@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	[v14,01/64] libceph: add spinlock around osd->o_requests \| expand [v14,01/64] libceph: add spinlock around osd->o_requests [v14,03/64] libceph: add sparse read support to msgr2 crc state machine [v14,04/64] libceph: add sparse read support to OSD client [v14,05/64] libceph: support sparse reads on msgr2 secure codepath [v14,07/64] ceph: add new mount option to enable sparse reads [v14,10/64] fscrypt: add fscrypt_context_for_new_inode [v14,13/64] ceph: ensure that we accept a new context from MDS for new inodes [v14,14/64] ceph: add support for fscrypt_auth/fscrypt_file to cap messages [v14,16/64] ceph: decode alternate_name in lease info [v14,20/64] ceph: add base64 endcoding routines for encrypted names [v14,21/64] ceph: add encrypted fname handling to ceph_mdsc_build_path [v14,23/64] ceph: encode encrypted name in dentry release [v14,24/64] ceph: properly set DCACHE_NOKEY_NAME flag in lookup [v14,25/64] ceph: set DCACHE_NOKEY_NAME in atomic open [v14,27/64] ceph: add helpers for converting names for userland presentation [v14,28/64] ceph: fix base64 encoded name's length check in ceph_fname_to_usr() [v14,32/64] ceph: add support to readdir for encrypted filenames [v14,34/64] ceph: make ceph_get_name decrypt filenames [v14,37/64] ceph: don't allow changing layout on encrypted files/directories [v14,39/64] ceph: size handling for encrypted inodes in cap updates [v14,40/64] ceph: fscrypt_file field handling in MClientRequest messages [v14,41/64] ceph: get file size from fscrypt_file when present in inode traces [v14,42/64] ceph: handle fscrypt fields in cap messages from MDS [v14,45/64] ceph: add __ceph_sync_read helper support [v14,50/64] ceph: disable fallocate for encrypted inodes [v14,51/64] ceph: disable copy offload on encrypted inodes [v14,52/64] ceph: don't use special DIO path for encrypted inodes [v14,55/64] ceph: plumb in decryption during sync reads [v14,56/64] ceph: add fscrypt decryption support to ceph_netfs_issue_op [v14,57/64] ceph: set i_blkbits to crypto block size for encrypted inodes [v14,58/64] ceph: add encryption support to writepage [v14,62/64] ceph: add support for handling encrypted snapshot names [v14,64/64] ceph: prevent snapshots to be created in encrypted locked directories

Commit Message

Jeff Layton April 27, 2022, 7:13 p.m. UTC

If we have an encrypted inode, then the client will need to re-encrypt
the contents of the new object. Disable copy offload to or from
encrypted inodes.

Signed-off-by: Jeff Layton <jlayton@kernel.org>
---
 fs/ceph/file.c | 4 ++++
 1 file changed, 4 insertions(+)

diff mbox series

Patch

diff --git a/fs/ceph/file.c b/fs/ceph/file.c
index 1024dc57898d..483d7d016ad6 100644
--- a/fs/ceph/file.c
+++ b/fs/ceph/file.c
@@ -2536,6 +2536,10 @@  static ssize_t __ceph_copy_file_range(struct file *src_file, loff_t src_off,
 		return -EOPNOTSUPP;
 	}
 
+	/* Every encrypted inode gets its own key, so we can't offload them */
+	if (IS_ENCRYPTED(src_inode) || IS_ENCRYPTED(dst_inode))
+		return -EOPNOTSUPP;
+
 	if (len < src_ci->i_layout.object_size)
 		return -EOPNOTSUPP; /* no remote copy will be done */