Objects in CRYPTO_HEADER area should not be subjected to encryption.
Unit tests needed adjustment because MockCryptoInterface is configured
with DATA_OFFSET = 4 * 1024 * 1024, thus disqualifying object 0.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
- readahead and PWL cache are limited to DATA area as explained in
the previous commit
- DATA area is assumed for the journal as encryption can't be used
with journaling anyway
To postpone the churn associated with passing area through
ImageDispatchInterface (where only WriteLogImageDispatch and
ImageDispatch care), add a new image dispatch flag.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
- DATA area is assumed at the API layer as there is no way to pass
an area
- DATA area is assumed by ImageWriteback because PWL cache persists
image extents as provided by the user without any kind of designator
and therefore can be active only in either area
- luks::FlattenRequest operates on CRYPTO_HEADER area
The passed area is acted upon in ImageDispatchSpec constructor in the
next commit.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Note that, as suggested by extents_to_file() signature, all returned
image extents would pertain to the same area. This means that an area
boundary must coincide with an object boundary.
luks::FormatRequest is actually more strict: crypto header area size is
set to a multiple of stripe period (i.e. one or more whole objects).
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Since remap in either direction can really be done only once, iterating
through image dispatch layers in ImageDispatcher::remap_extents() makes
no sense. For now, just replace the iteration with CryptoImageDispatch
lookup.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
These are still taking off and len separately which is inconsistent
with the rest of ImageDispatchSpec and also ImageDiscardRequest and
ImageWriteSameRequest.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
image_extents is already taken by rvalue reference.
CopyupRequest::create() callers are prepared for the move.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Commit e0da2a4e8cae ("qa/workunits/rbd: Add test to list snapshots of
consistency group") added bash-specific syntax.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Directly comparing the dicts doesn't work since the
"created" field was added in. We should instead make use
of the existing Devices equality function.
Fixes: https://tracker.ceph.com/issues/57999
Signed-off-by: Adam King <adking@redhat.com>
For both io path and common test cases in xfstests. Currently only
support the centos and ubuntu distros. But for rhel we couldn't
install the 'userspace-rcu-devel', 'device-mapper-devel' and
'libedit-devel' dependency packages.
Fixes: https://tracker.ceph.com/issues/58133
Signed-off-by: Xiubo Li <xiubli@redhat.com>
This will test the common fscrypt features such as the set_encpolicy,
get_encpolicy,etc only.
Will run the IO path test in another test suite.
Fixes: https://tracker.ceph.com/issues/58133
Signed-off-by: Xiubo Li <xiubli@redhat.com>
This will allow us to create a encrypted test directory to do the
I/O test.
More coplex fscrypt tests we will use the xfstest-dev later.
Fixes: https://tracker.ceph.com/issues/58133
Signed-off-by: Xiubo Li <xiubli@redhat.com>
We need to install the xfsprogs-dev from source to make the xfs_io
command to support the 'add_enckey'.
Currently we couldn't install 'userspace-rcu-devel', 'libedit-devel'
and 'device-mapper-devel' from rhel distos. So the file encyrpt test
cases will skip the rhel distos for now. And it works well on centos
and ubuntu.
Fixes: https://tracker.ceph.com/issues/58133
Signed-off-by: Xiubo Li <xiubli@redhat.com>
