CephFS Completes Multi-Year Effort Adding FSCRYPT Support

Written by Michael Larabel in Linux Storage on 6 September 2023 at 02:00 PM EDT. Add A Comment
LINUX STORAGE
The Ceph changes were submitted today for the ongoing Linux 6.6 merge window and with it comes one big shiny feature addition: support for making use of the FSCRYPT file-system encryption framework.

FSCRYPT has been in the mainline kernel for several years now and used by file-systems like EXT4 and F2FS. FSCRYPT provides for Linux native file encryption and can support some nifty features like different encryption keys for different directories on a per-file/directory basis. Adding to EXT4, F2FS, and UBIFS with mainline support for this feature (also referred to as CONFIG_FS_ENCRYPTION), is now CephFS supporting FSCRYPT.

This work has been ongoing for quite a while and prior kernels have brought some pieces of CephFS while for Linux 6.6 it's largely over the finish line. Ilya Dryomov explained in today's Ceph pull request:
"Mixed with some fixes and cleanups, this brings in reasonably complete fscrypt support to CephFS! The list of things which don't work with encryption should be fairly short, mostly around the edges: fallocate (not supported well in CephFS to begin with), copy_file_range (requires re-encryption), non-default striping patterns.

This was a multi-year effort principally by Jeff Layton with assistance from Xiubo Li, Luís Henriques and others, including several dependant changes in the MDS, netfs helper library and fscrypt framework itself."

Linux 6.6 is shaping up to be quite an exciting kernel update.
Add A Comment
Related News
Linux Fixes Regression That Broke File Names With ❤️ & Other Special Characters
OpenZFS 2.2.7 Released With Linux 6.12 Support, Many Fixes
Optimizing Linux MD Bitmap Code Yields 89% Throughput Boost For Quad SSDs
NFS Server Scalability Improvement & Other NFS Enhancements For Linux 6.13
IO_uring Enjoys Hybrid IO Polling & Ring Resizing With Linux 6.13
exFAT Driver With Linux 6.13 Reduces FAT Chain Traversal For Better Performance
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
Linus Torvalds Comes Out Against "Completely Broken" x86_64 Feature Levels
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs
Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal
COSMIC Alpha 4 Released For System76's Rust-Based Desktop
GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd
KDE Starts December By Landing A Number Of New Features