git://git.whamcloud.com - fs/lustre-release.git/commit

author	Sebastien Buisson <sbuisson@ddn.com>
	Fri, 22 May 2020 07:27:48 +0000 (07:27 +0000)
committer	Oleg Drokin <green@whamcloud.com>
	Mon, 20 Jul 2020 05:20:28 +0000 (05:20 +0000)
commit	a71586d4ee8d6f039a413e2a0fd791db847a3c19
tree	ff830eefd7f69d15f35d8fe035072df8425a5398	tree \| snapshot
parent	2c62cef8ae4107602664271627cf03ff859f7b21	commit \| diff

LU-12275 sec: encryption support for DoM files

On client side, data read from DoM files do not go through the OSC
layer. So implement file decryption in ll_dom_finish_open() right
after file data has been put in cache pages.
On server side, DoM file size needs to be properly set on MDT when
content is encrypted. Pages are full of encrypted data, but inode size
must be apparent, clear text object size.
For reads of DoM encrypted files to work proprely, we also need to
make sure we send whole encryption units to client side.
Also add sanity-sec test_50 to exercise encryption of DoM files.

Test-Parameters: testlist=sanity-sec envdefinitions=ONLY="36 37 38 39 40 41 42 43 44 45 46 47 48 49 50" clientdistro=el8.1 fstype=ldiskfs mdscount=2 mdtcount=4
Test-Parameters: testlist=sanity-sec envdefinitions=ONLY="36 37 38 39 40 41 42 43 44 45 46 47 48 49 50" clientdistro=el8.1 fstype=zfs mdscount=2 mdtcount=4
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: I7721ca4085373a7a01b2062c37458a7136e646e0
Reviewed-on: https://review.whamcloud.com/38702
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: Mike Pershin <mpershin@whamcloud.com>
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>

lustre/llite/crypto.c		diff \| blob \| history
lustre/llite/file.c		diff \| blob \| history
lustre/llite/namei.c		diff \| blob \| history
lustre/mdt/mdt_io.c		diff \| blob \| history
lustre/tests/sanity-sec.sh		diff \| blob \| history