storage: add flag to indicate encrypted data chunk

Add method and flag to indicate that a data chunk is encrypted or not. Signed-off-by: Jiang Liu <gerry@linux.alibaba.com>
dragonflyoss · Mar 31, 2023 · 1c2a0f8 · 1c2a0f8
1 parent 06d2292
commit 1c2a0f8
Show file tree

Hide file tree

Showing 8 changed files with 64 additions and 0 deletions.
diff --git a/rafs/src/metadata/cached_v5.rs b/rafs/src/metadata/cached_v5.rs
@@ -733,6 +733,10 @@ impl BlobChunkInfo for CachedChunkInfoV5 {
         self.flags.contains(BlobChunkFlags::COMPRESSED)
     }
 
+    fn is_encrypted(&self) -> bool {
+        false
+    }
+
     fn as_any(&self) -> &dyn Any {
         self
     }

diff --git a/rafs/src/metadata/direct_v5.rs b/rafs/src/metadata/direct_v5.rs
@@ -842,6 +842,10 @@ impl BlobChunkInfo for DirectChunkInfoV5 {
             .contains(BlobChunkFlags::COMPRESSED)
     }
 
+    fn is_encrypted(&self) -> bool {
+        false
+    }
+
     fn as_any(&self) -> &dyn Any {
         self
     }

diff --git a/rafs/src/metadata/direct_v6.rs b/rafs/src/metadata/direct_v6.rs
@@ -1424,6 +1424,13 @@ impl BlobChunkInfo for DirectChunkInfoV6 {
             .contains(BlobChunkFlags::COMPRESSED)
     }
 
+    fn is_encrypted(&self) -> bool {
+        let state = self.state();
+        self.v5_chunk(&state)
+            .flags
+            .contains(BlobChunkFlags::ENCYPTED)
+    }
+
     fn as_any(&self) -> &dyn Any {
         self
     }
@@ -1500,6 +1507,10 @@ impl BlobChunkInfo for PlainChunkInfoV6 {
         false
     }
 
+    fn is_encrypted(&self) -> bool {
+        false
+    }
+
     fn as_any(&self) -> &dyn Any {
         self
     }

diff --git a/rafs/src/metadata/md_v5.rs b/rafs/src/metadata/md_v5.rs
@@ -241,6 +241,10 @@ impl BlobChunkInfo for V5IoChunk {
         self.flags.contains(BlobChunkFlags::COMPRESSED)
     }
 
+    fn is_encrypted(&self) -> bool {
+        false
+    }
+
     fn as_any(&self) -> &dyn Any {
         self
     }

diff --git a/storage/src/device.rs b/storage/src/device.rs
@@ -521,6 +521,8 @@ bitflags! {
         const COMPRESSED = 0x0000_0001;
         /// Chunk is a hole, with all data as zero.
         const _HOLECHUNK = 0x0000_0002;
+        /// Chunk data is encrypted.
+        const ENCYPTED = 0x0000_0004;
     }
 }
 
@@ -582,6 +584,9 @@ pub trait BlobChunkInfo: Any + Sync + Send {
     /// data may be stored in the compressed data blob for those chunks.
     fn is_compressed(&self) -> bool;
 
+    /// Check whether the chunk is encrypted or not.
+    fn is_encrypted(&self) -> bool;
+
     fn as_any(&self) -> &dyn Any;
 }
 
@@ -631,6 +636,10 @@ impl BlobChunkInfo for BlobIoChunk {
         self.0.is_compressed()
     }
 
+    fn is_encrypted(&self) -> bool {
+        self.0.is_encrypted()
+    }
+
     fn as_any(&self) -> &dyn Any {
         self
     }

diff --git a/storage/src/meta/chunk_info_v1.rs b/storage/src/meta/chunk_info_v1.rs
@@ -83,6 +83,10 @@ impl BlobMetaChunkInfo for BlobChunkInfoV1Ondisk {
         self.uncomp_info = u64::to_le(size_low | offset | size_high);
     }
 
+    fn is_encrypted(&self) -> bool {
+        false
+    }
+
     fn is_compressed(&self) -> bool {
         self.compressed_size() != self.uncompressed_size()
     }

diff --git a/storage/src/meta/chunk_info_v2.rs b/storage/src/meta/chunk_info_v2.rs
@@ -14,6 +14,7 @@ const CHUNK_V2_UNCOMP_OFFSET_SHIFT: u64 = 12;
 const CHUNK_V2_UNCOMP_SIZE_SHIFT: u64 = 32;
 const CHUNK_V2_FLAG_MASK: u64 = 0xff << 56;
 const CHUNK_V2_FLAG_COMPRESSED: u64 = 0x1 << 56;
+const CHUNK_V2_FLAG_ENCRYPTED: u64 = 0x2 << 56;
 const CHUNK_V2_FLAG_ZRAN: u64 = 0x2 << 56;
 const CHUNK_V2_FLAG_VALID: u64 = 0x3 << 56;
 
@@ -38,6 +39,15 @@ impl BlobChunkInfoV2Ondisk {
         }
     }
 
+    #[allow(unused)]
+    pub(crate) fn set_encrypted(&mut self, encrypted: bool) {
+        if encrypted {
+            self.uncomp_info |= u64::to_le(CHUNK_V2_FLAG_ENCRYPTED);
+        } else {
+            self.uncomp_info &= u64::to_le(!CHUNK_V2_FLAG_ENCRYPTED);
+        }
+    }
+
     pub(crate) fn set_zran(&mut self, zran: bool) {
         if zran {
             self.uncomp_info |= u64::to_le(CHUNK_V2_FLAG_ZRAN);
@@ -118,6 +128,10 @@ impl BlobMetaChunkInfo for BlobChunkInfoV2Ondisk {
         self.uncomp_info |= u64::to_le((size - 1) << CHUNK_V2_UNCOMP_SIZE_SHIFT);
     }
 
+    fn is_encrypted(&self) -> bool {
+        u64::from_le(self.uncomp_info) & CHUNK_V2_FLAG_ENCRYPTED != 0
+    }
+
     fn is_compressed(&self) -> bool {
         u64::from_le(self.uncomp_info) & CHUNK_V2_FLAG_COMPRESSED != 0
     }

diff --git a/storage/src/meta/mod.rs b/storage/src/meta/mod.rs
@@ -1159,6 +1159,13 @@ impl BlobMetaChunkArray {
         }
     }
 
+    fn is_encrypted(&self, index: usize) -> bool {
+        match self {
+            BlobMetaChunkArray::V1(v) => v[index].is_encrypted(),
+            BlobMetaChunkArray::V2(v) => v[index].is_encrypted(),
+        }
+    }
+
     fn _get_chunk_index_nocheck<T: BlobMetaChunkInfo>(
         chunks: &[T],
         addr: u64,
@@ -1597,6 +1604,10 @@ impl BlobChunkInfo for BlobMetaChunk {
         self.meta.chunk_info_array.is_compressed(self.chunk_index)
     }
 
+    fn is_encrypted(&self) -> bool {
+        self.meta.chunk_info_array.is_encrypted(self.chunk_index)
+    }
+
     fn as_any(&self) -> &dyn Any {
         self
     }
@@ -1666,6 +1677,9 @@ pub trait BlobMetaChunkInfo {
         round_up_4k(self.uncompressed_end())
     }
 
+    /// Check whether chunk data is encrypted or not.
+    fn is_encrypted(&self) -> bool;
+
     /// Check whether the blob chunk is compressed or not.
     ///
     /// Assume the image builder guarantee that compress_size < uncompress_size if the chunk is
-Original file line number
+Diff line change
@@ Expand Up / @@ -733,6 +733,10 @@ impl BlobChunkInfo for CachedChunkInfoV5 { @@
             self.flags.contains(BlobChunkFlags::COMPRESSED)
         }
+        fn is_encrypted(&self) -> bool {
+            false
+        }
         fn as_any(&self) -> &dyn Any {
             self
         }
@@ Expand Down @@