Whamcloud - gitweb
LU-18087 enc: support encrypted names in changelogs
In order to support encrypted names in changelogs, we choose to have
the servers directly store the encoded+digested names in the
changelogs. This requires to add some knowledge of encrypted names on
server side, but that choice brings a number of benefits:
- as servers are storing changelog records, they have access to the
files' flags and can find out if files are encrypted or not. This
would not be possible on client side when reading changelogs,
because corresponding files might even no longer exist.
- no modifications are needed on client side, either in the kernel or
in userspace. As the API remains untouched, this is completely
transparent to applications that are consuming changelogs.
The file names retrieved from the changelogs are identical to the
names displayed when listing directories without the encryption key.
If names are not encrypted, they remain unchanged. If names are
encrypted, their digested+encoded form is presented.
Add sanity-sec test_73 to exercise this code.
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: If0de4bfa210f9067a7a934ac74863a77b19482db
Reviewed-on: https://review.whamcloud.com/c/fs/lustre-release/+/55916
Reviewed-by: Mikhail Pershin <mpershin@whamcloud.com>
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
git://git.whamcloud.com / fs / lustre-release.git / commit