git.ipfire.org Git - thirdparty/samba.git/commit

author	John Mulligan <jmulligan@redhat.com>
	Wed, 6 Aug 2025 17:32:50 +0000 (13:32 -0400)
committer	Anoop C S <anoopcs@samba.org>
	Tue, 20 Jan 2026 05:49:35 +0000 (05:49 +0000)
commit	29f4d89cb6467da98ddf45a09d9995c4467a67bc
tree	ac110f0be45c176bd4e53afdb97d27b897e5544a	tree \| snapshot
parent	4c25fb47e0b8de7c18bcb8b7409603b9c35e7df7	commit \| diff

vfs_ceph_new: add keybridge and ceph fscrypt support

Add support for CephFS's new fscrypt feature. Fetch the key material
using the new keybridge varlink local RPC API.

Adds the following configuration parameters for the vfs_ceph_new module:
```
ceph_new:keybridge socket = unix:/run/keybridge.sock
ceph_new:keybridge scope = mem
ceph_new:keybridge name = test
ceph_new:keybridge kind = B64
ceph_new:fscrypt = keybridge
```

Where the various keybridge parameters configure what keybridge server
to use and what key to fetch. The `ceph_new:fscrypt` parameter defaults to
'disabled' and can be set to 'keybridge'. An enum is used here in case
we ever need to support something other than keybridge in the future.

Pair-Programmed-With: Shachar Sharon <ssharon@redhat.com>
Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Signed-off-by: John Mulligan <jmulligan@redhat.com>
Reviewed-by: Gunther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>