Now that the encryption context is stored in an xattr named
"encryption.c" instead of "security.c", we need to fetch this xattr
explicitly in case of encrypted directory migration. Indeed, there is
no xattr handler in ldiskfs for this "encryption." xattr type, so it
is not returned when listing all xattrs to migrate.
Fixes:
4231fab66e ("LU-13717 sec: make client encryption compatible with ext4")
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: I628f9b253e86343db0b71f6a5b1ad2c5728ca38d
Reviewed-on: https://review.whamcloud.com/47201
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: Lai Siyao <lai.siyao@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
bool skip_linkea,
bool skip_dmv)
{
bool skip_linkea,
bool skip_dmv)
{
+ struct lu_attr *attr = MDD_ENV_VAR(env, cattr);
struct mdd_xattr_entry *entry;
struct mdd_xattr_entry *entry;
+ bool needencxattr = false;
+ bool encxattrfound = false;
char *xname;
int list_xsize;
int xlen;
char *xname;
int list_xsize;
int xlen;
if (list_xsize < 0)
RETURN(list_xsize);
if (list_xsize < 0)
RETURN(list_xsize);
+ if (attr->la_valid & LA_FLAGS &&
+ attr->la_flags & LUSTRE_ENCRYPT_FL) {
+ needencxattr = true;
+ list_xsize +=
+ strlen(LL_XATTR_NAME_ENCRYPTION_CONTEXT) + 1;
+ }
+
lu_buf_alloc(&xattrs->mx_namebuf, list_xsize);
if (xattrs->mx_namebuf.lb_buf == NULL)
RETURN(-ENOMEM);
lu_buf_alloc(&xattrs->mx_namebuf, list_xsize);
if (xattrs->mx_namebuf.lb_buf == NULL)
RETURN(-ENOMEM);
rem = rc;
rc = 0;
xname = xattrs->mx_namebuf.lb_buf;
rem = rc;
rc = 0;
xname = xattrs->mx_namebuf.lb_buf;
for (; rem > 0; xname += xlen, rem -= xlen) {
for (; rem > 0; xname += xlen, rem -= xlen) {
+ if (needencxattr &&
+ strcmp(xname, LL_XATTR_NAME_ENCRYPTION_CONTEXT) == 0)
+ encxattrfound = true;
xlen = strnlen(xname, rem - 1) + 1;
if (strcmp(XATTR_NAME_LMA, xname) == 0 ||
strcmp(XATTR_NAME_LMV, xname) == 0)
xlen = strnlen(xname, rem - 1) + 1;
if (strcmp(XATTR_NAME_LMA, xname) == 0 ||
strcmp(XATTR_NAME_LMV, xname) == 0)
list_add_tail(&entry->mxe_linkage, &xattrs->mx_list);
}
list_add_tail(&entry->mxe_linkage, &xattrs->mx_list);
}
+ if (needencxattr && !encxattrfound) {
+ xlen = strlen(LL_XATTR_NAME_ENCRYPTION_CONTEXT) + 1;
+ strncpy(xname, LL_XATTR_NAME_ENCRYPTION_CONTEXT, xlen);
+ rem = xlen;
+ GOTO(reloop, 0);
+ }
+
RETURN(0);
fini:
mdd_xattrs_fini(xattrs);
RETURN(0);
fini:
mdd_xattrs_fini(xattrs);
sync ; sync ; echo 3 > /proc/sys/vm/drop_caches
# migrate a non-empty encrypted dir
trace_cmd $LFS migrate -m 1 $dirname/d2
sync ; sync ; echo 3 > /proc/sys/vm/drop_caches
# migrate a non-empty encrypted dir
trace_cmd $LFS migrate -m 1 $dirname/d2
+ sync ; sync ; echo 3 > /proc/sys/vm/drop_caches
+ [ -f $dirname/d2/subf ] || error "migrate failed (1)"
+ [ $(cat $dirname/d2/subf) == "b" ] || error "migrate failed (2)"
$LFS setdirstripe -i 1 -c 1 $dirname/d3
dirname=$dirname/d3/subdir
$LFS setdirstripe -i 1 -c 1 $dirname/d3
dirname=$dirname/d3/subdir
stripe=$($LFS getdirstripe -i $scrambleddir)
[ $stripe -eq 1 ] ||
error "migrate $scrambleddir between MDTs failed (2)"
stripe=$($LFS getdirstripe -i $scrambleddir)
[ $stripe -eq 1 ] ||
error "migrate $scrambleddir between MDTs failed (2)"
+
+ # now, with the key
+ insert_enc_key
+ [ -f $dirname/subf ] ||
+ error "migrate $scrambleddir between MDTs failed (3)"
+ [ $(cat $dirname/subf) == "b" ] ||
+ error "migrate $scrambleddir between MDTs failed (4)"
}
run_test 59c "MDT migrate of encrypted files without key"
}
run_test 59c "MDT migrate of encrypted files without key"