EX-5427 sec: fix pcc detach of encrypted file

In case of 'lfs pcc detach' of an encrypted file, its page cache
pages must be trashed as they might contain cipher text because
of the pcc file being detached.

Improve sanity-pcc test_21j to exercise this use case.

Fixes: 393697cac0 ("EX-4182 sec: support of PCC-RO for encrypted files")
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: Ice13c5b4205c074d9b46e2175d18f8743dbe9c58
Reviewed-on: https://review.whamcloud.com/47766
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: Yingjin Qian <qian@ddn.com>
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>

diff --git a/lustre/llite/pcc.c b/lustre/llite/pcc.c
index 2253c29..6e8017f 100644 (file)
--- a/lustre/llite/pcc.c
+++ b/lustre/llite/pcc.c
@@ -1357,11 +1357,17 @@ static void pcc_inode_put(struct pcc_inode *pcci)
                struct inode *inode = &pcci->pcci_lli->lli_vfs_inode;
                struct inode *pcc_inode = pcci->pcci_path.dentry->d_inode;
 
-               if (inode && IS_ENCRYPTED(inode) && pcc_inode)
-                       /* get rid of all page cache pages for this inode,
+               if (inode && IS_ENCRYPTED(inode) && pcc_inode) {
+                       /* get rid of all page cache pages for this pcc inode,
                         * as they contain clear text data
                         */
                        truncate_inode_pages_final(pcc_inode->i_mapping);
+                       /* also get rid of pages cache pages for this Lustre
+                        * inode, as they might contain cipher text because
+                        * of the pcc file
+                        */
+                       truncate_inode_pages_final(inode->i_mapping);
+               }
 
                pcc_inode_fini(pcci);
        }

diff --git a/lustre/tests/sanity-pcc.sh b/lustre/tests/sanity-pcc.sh
index 704c1bb..eb45620 100644 (file)
--- a/lustre/tests/sanity-pcc.sh
+++ b/lustre/tests/sanity-pcc.sh
@@ -2152,6 +2152,20 @@ test_21j() {
        do_facet $SINGLEAGT cmp -bl -n 4096 $tmpfile $lpcc_path ||
                error "file $lpcc_path is corrupted (5)"
 
+       do_facet $SINGLEAGT cp $tmpfile ${file}_2
+       do_facet $SINGLEAGT $LFS getstripe ${file}_2
+       do_facet $SINGLEAGT $LFS pcc attach -r -i $HSM_ARCHIVE_NUMBER ${file}_2 ||
+               error "failed to PCC-RO attach file ${file}_2"
+       check_lpcc_state ${file}_2 "readonly"
+       echo "PCC-RO attach '${file}_2':"
+       do_facet $SINGLEAGT $LFS getstripe -v ${file}_2
+
+       do_facet $SINGLEAGT $LFS pcc detach ${file}_2 ||
+               error "failed to PCC-RO detach file ${file}_2"
+       do_facet $SINGLEAGT cmp -bl $tmpfile ${file}_2 ||
+               error "file ${file}_2 is corrupted (6)"
+       rm -f ${file}_2
+
        # remove fscrypt key from keyring
        key=$(do_facet $SINGLEAGT keyctl show |
                                  awk '$7 ~ "^fscrypt:" {print $1}')