git://git.whamcloud.com - fs/lustre-release.git/commit

author	Sebastien Buisson <sbuisson@ddn.com>
	Thu, 17 Jun 2021 13:31:44 +0000 (15:31 +0200)
committer	Sebastien Buisson <sbuisson@ddn.com>
	Fri, 9 Jul 2021 11:59:48 +0000 (13:59 +0200)
commit	0af6d969c9a4666f936a889b3dbec2015d486f58
tree	c504ec03a7dccc3f32f46993a9b028d5bde863ac	tree \| snapshot
parent	ba48c1b022663c9b2fc4ea07567540b919844eb0	commit \| diff

LU-14677 sec: no encryption key migrate/extend/resync/split

Allow some layout operations on encrypted files, even when the
encryption key is not available:
- lfs migrate
- lfs mirror extend
- lfs mirror resync
- lfs mirror verify
- lfs mirror split
We allow these access patterns to applications that know what they are
doing, by using the specific flags O_FILE_ENC or O_FILE_ENC_NONDIRECT.
O_FILE_ENC_NONDIRECT has the same semantic as O_FILE_ENC, but it
allows access without O_DIRECT. This is reserved for cases where
cached data is wiped once IOs are finished, for instance via fadvise.

Also update sanity-sec test_40 and test_52 to exercise these access
patterns.

Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: Ieaeee0e5bf7643f18d775fe6daa5e31c2f349f8c

lustre/doc/lfs-migrate.1		diff \| blob \| history
lustre/doc/lfs-mirror-split.1		diff \| blob \| history
lustre/include/lustre/lustreapi.h		diff \| blob \| history
lustre/include/uapi/linux/lustre/lustre_user.h		diff \| blob \| history
lustre/llite/crypto.c		diff \| blob \| history
lustre/llite/dir.c		diff \| blob \| history
lustre/llite/file.c		diff \| blob \| history
lustre/llite/llite_internal.h		diff \| blob \| history
lustre/llite/llite_lib.c		diff \| blob \| history
lustre/llite/namei.c		diff \| blob \| history
lustre/osc/osc_request.c		diff \| blob \| history
lustre/tests/sanity-sec.sh		diff \| blob \| history
lustre/utils/lfs.c		diff \| blob \| history
lustre/utils/liblustreapi_layout.c		diff \| blob \| history