Upgrade to latest v17 release. New runtime dependencies on lua, cryptsetup and thrift. Refreshed patch context.
Signed-off-by: Sakib Sajal <[email protected]> --- ...mpressor.h-fix-snappy-compiler-error.patch | 30 ---- ...h-fix-build-errors-for-cross-compile.patch | 134 ++++++++------- ...001-cmake-add-support-for-python3.10.patch | 34 ---- ...001-fix-host-library-paths-were-used.patch | 30 ++-- .../ceph/ceph/CVE-2021-3979.patch | 158 ------------------ .../ceph/{ceph_15.2.15.bb => ceph_17.2.3.bb} | 14 +- 6 files changed, 98 insertions(+), 302 deletions(-) delete mode 100644 recipes-extended/ceph/ceph/0001-SnappyCompressor.h-fix-snappy-compiler-error.patch delete mode 100644 recipes-extended/ceph/ceph/0001-cmake-add-support-for-python3.10.patch delete mode 100644 recipes-extended/ceph/ceph/CVE-2021-3979.patch rename recipes-extended/ceph/{ceph_15.2.15.bb => ceph_17.2.3.bb} (91%) diff --git a/recipes-extended/ceph/ceph/0001-SnappyCompressor.h-fix-snappy-compiler-error.patch b/recipes-extended/ceph/ceph/0001-SnappyCompressor.h-fix-snappy-compiler-error.patch deleted file mode 100644 index 2ebd32d..0000000 --- a/recipes-extended/ceph/ceph/0001-SnappyCompressor.h-fix-snappy-compiler-error.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 85bde55627cfbb35d8b4735dec32bf33fa30079f Mon Sep 17 00:00:00 2001 -From: Saul Wold <[email protected]> -Date: Fri, 28 May 2021 10:16:07 -0700 -Subject: [PATCH] SnappyCompressor.h: fix snappy compiler error - -snappy quietly changed public type - -Known issue in ceph: https://tracker.ceph.com/issues/50934 - -Upstream-Status: Pending - -Signed-off-by: Saul Wold <[email protected]> - ---- - src/compressor/snappy/SnappyCompressor.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/compressor/snappy/SnappyCompressor.h b/src/compressor/snappy/SnappyCompressor.h -index 0cfb819c..2fbe35b7 100644 ---- a/src/compressor/snappy/SnappyCompressor.h -+++ b/src/compressor/snappy/SnappyCompressor.h -@@ -96,7 +96,7 @@ class SnappyCompressor : public Compressor { - if (qat_enabled) - return qat_accel.decompress(p, compressed_len, dst); - #endif -- snappy::uint32 res_len = 0; -+ uint32_t res_len = 0; - BufferlistSource source_1(p, compressed_len); - if (!snappy::GetUncompressedLength(&source_1, &res_len)) { - return -1; diff --git a/recipes-extended/ceph/ceph/0001-ceph-fix-build-errors-for-cross-compile.patch b/recipes-extended/ceph/ceph/0001-ceph-fix-build-errors-for-cross-compile.patch index 4d54549..0c8883d 100644 --- a/recipes-extended/ceph/ceph/0001-ceph-fix-build-errors-for-cross-compile.patch +++ b/recipes-extended/ceph/ceph/0001-ceph-fix-build-errors-for-cross-compile.patch @@ -1,4 +1,4 @@ -From 4712fe18405ffea31405308357a8e7fca358bcce Mon Sep 17 00:00:00 2001 +From 12b98e9c7e6cb82636a07c3e3e0c1cd5e9db6b37 Mon Sep 17 00:00:00 2001 From: Dengke Du <[email protected]> Date: Mon, 11 Mar 2019 09:14:09 +0800 Subject: [PATCH] ceph: fix build errors for cross compile @@ -15,20 +15,33 @@ Adjust context for v14.2.3 Signed-off-by: He Zhe <[email protected]> Signed-off-by: Sakib Sajal <[email protected]> --- - cmake/modules/Distutils.cmake | 25 +++++-------------------- - cmake/modules/FindRocksDB.cmake | 4 ++-- - src/compressor/zstd/CMakeLists.txt | 2 +- - src/pybind/cephfs/setup.py | 8 -------- - src/pybind/rados/setup.py | 8 -------- - src/pybind/rbd/setup.py | 8 -------- - src/pybind/rgw/setup.py | 8 -------- - 7 files changed, 8 insertions(+), 55 deletions(-) + cmake/modules/BuildZstd.cmake | 2 +- + cmake/modules/Distutils.cmake | 25 +++++-------------------- + cmake/modules/FindRocksDB.cmake | 4 ++-- + src/pybind/cephfs/setup.py | 14 -------------- + src/pybind/rados/setup.py | 10 ---------- + src/pybind/rbd/setup.py | 14 -------------- + src/pybind/rgw/setup.py | 14 -------------- + 7 files changed, 8 insertions(+), 75 deletions(-) +diff --git a/cmake/modules/BuildZstd.cmake b/cmake/modules/BuildZstd.cmake +index 799b14b281d..79a113160fb 100644 +--- a/cmake/modules/BuildZstd.cmake ++++ b/cmake/modules/BuildZstd.cmake +@@ -8,7 +8,7 @@ function(build_Zstd) + CMAKE_ARGS -DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER} + -DCMAKE_C_COMPILER=${CMAKE_C_COMPILER} + -DCMAKE_C_FLAGS=${ZSTD_C_FLAGS} +- -DCMAKE_AR=${CMAKE_AR} ++ -DCMAKE_SYSROOT=${CMAKE_SYSROOT} + -DCMAKE_POSITION_INDEPENDENT_CODE=${ENABLE_SHARED} + BINARY_DIR ${CMAKE_CURRENT_BINARY_DIR}/libzstd + BUILD_COMMAND ${CMAKE_COMMAND} --build <BINARY_DIR> --target libzstd_static diff --git a/cmake/modules/Distutils.cmake b/cmake/modules/Distutils.cmake -index 5fe929499d..802eb37e32 100644 +index 1916363382f..b48985d6d4b 100644 --- a/cmake/modules/Distutils.cmake +++ b/cmake/modules/Distutils.cmake -@@ -18,17 +18,8 @@ function(distutils_install_module name) +@@ -29,17 +29,8 @@ function(distutils_install_module name) cmake_parse_arguments(DU "" "INSTALL_SCRIPT" "" ${ARGN}) install(CODE " set(options --prefix=${CMAKE_INSTALL_PREFIX}) @@ -39,25 +52,25 @@ index 5fe929499d..802eb37e32 100644 - list(APPEND options - --root=\$ENV{DESTDIR} - --single-version-externally-managed) -- if(NOT \"${DU_INSTALL_SCRIPT}\" STREQUAL \"\") -- list(APPEND options --install-script=${DU_INSTALL_SCRIPT}) -- endif() +- endif() +- if(NOT \"${DU_INSTALL_SCRIPT}\" STREQUAL \"\") +- list(APPEND options --install-script=${DU_INSTALL_SCRIPT}) - endif() + list(APPEND options --root=${CMAKE_DESTDIR}) + list(APPEND options --install-lib=${PYTHON_SITEPACKAGES_DIR}) execute_process( COMMAND ${Python3_EXECUTABLE} setup.py install \${options} -@@ -50,7 +41,7 @@ function(distutils_add_cython_module target name src) - # Note: no quotes, otherwise distutils will execute "/usr/bin/ccache gcc" - # CMake's implicit conversion between strings and lists is wonderful, isn't it? - string(REPLACE " " ";" cflags ${CMAKE_C_FLAGS}) -- list(APPEND cflags -iquote${CMAKE_SOURCE_DIR}/src/include -w) -+ list(APPEND cflags -iquote${CMAKE_SOURCE_DIR}/src/include -w --sysroot=${CMAKE_SYSROOT}) +@@ -65,7 +56,7 @@ function(distutils_add_cython_module target name src) + if(DU_DISABLE_VTA AND HAS_VTA) + list(APPEND PY_CFLAGS -fno-var-tracking-assignments) + endif() +- list(APPEND PY_CPPFLAGS -iquote${CMAKE_SOURCE_DIR}/src/include -w) ++ list(APPEND PY_CPPFLAGS -iquote${CMAKE_SOURCE_DIR}/src/include -w --sysroot=${CMAKE_SYSROOT}) # This little bit of magic wipes out __Pyx_check_single_interpreter() # Note: this is reproduced in distutils_install_cython_module - list(APPEND cflags -D'void0=dead_function\(void\)') -@@ -108,14 +99,8 @@ function(distutils_install_cython_module name) + list(APPEND PY_CPPFLAGS -D'void0=dead_function\(void\)') +@@ -136,14 +127,8 @@ function(distutils_install_cython_module name) set(ENV{CEPH_LIBDIR} \"${CMAKE_LIBRARY_OUTPUT_DIRECTORY}\") set(options --prefix=${CMAKE_INSTALL_PREFIX}) @@ -75,7 +88,7 @@ index 5fe929499d..802eb37e32 100644 COMMAND ${Python3_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/setup.py diff --git a/cmake/modules/FindRocksDB.cmake b/cmake/modules/FindRocksDB.cmake -index c5dd3dfaf6..be38597af2 100644 +index c5dd3dfaf67..be38597af27 100644 --- a/cmake/modules/FindRocksDB.cmake +++ b/cmake/modules/FindRocksDB.cmake @@ -9,9 +9,9 @@ @@ -90,32 +103,25 @@ index c5dd3dfaf6..be38597af2 100644 if(ROCKSDB_INCLUDE_DIR AND EXISTS "${ROCKSDB_INCLUDE_DIR}/rocksdb/version.h") foreach(ver "MAJOR" "MINOR" "PATCH") -diff --git a/src/compressor/zstd/CMakeLists.txt b/src/compressor/zstd/CMakeLists.txt -index a5ebdaf538..a234068150 100644 ---- a/src/compressor/zstd/CMakeLists.txt -+++ b/src/compressor/zstd/CMakeLists.txt -@@ -9,7 +9,7 @@ ExternalProject_Add(zstd_ext - CMAKE_ARGS -DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER} - -DCMAKE_C_COMPILER=${CMAKE_C_COMPILER} - -DCMAKE_C_FLAGS=${ZSTD_C_FLAGS} -- -DCMAKE_AR=${CMAKE_AR} -+ -DCMAKE_SYSROOT=${CMAKE_SYSROOT} - -DCMAKE_POSITION_INDEPENDENT_CODE=${ENABLE_SHARED} - -G${CMAKE_GENERATOR} - BINARY_DIR ${CMAKE_CURRENT_BINARY_DIR}/libzstd diff --git a/src/pybind/cephfs/setup.py b/src/pybind/cephfs/setup.py -index 19ae6c329a..c9a25ccfff 100755 +index f6c2025f75d..923a7e324b6 100755 --- a/src/pybind/cephfs/setup.py +++ b/src/pybind/cephfs/setup.py -@@ -135,14 +135,6 @@ def check_sanity(): +@@ -135,20 +135,6 @@ def check_sanity(): finally: shutil.rmtree(tmp_dir) - --if 'BUILD_DOC' in os.environ.keys(): -- pass +-if 'BUILD_DOC' in os.environ or 'READTHEDOCS' in os.environ: +- ext_args = {} +- cython_constants = dict(BUILD_DOC=True) +- cythonize_args = dict(compile_time_env=cython_constants) -elif check_sanity(): -- pass +- ext_args = get_python_flags(['cephfs']) +- cython_constants = dict(BUILD_DOC=False) +- include_path = [os.path.join(os.path.dirname(__file__), "..", "rados")] +- cythonize_args = dict(compile_time_env=cython_constants, +- include_path=include_path) -else: - sys.exit(1) - @@ -123,18 +129,20 @@ index 19ae6c329a..c9a25ccfff 100755 try: from Cython.Build import cythonize diff --git a/src/pybind/rados/setup.py b/src/pybind/rados/setup.py -index e2c5696404..4e99d26721 100755 +index 62b54d26b6c..5eb0dce6f94 100755 --- a/src/pybind/rados/setup.py +++ b/src/pybind/rados/setup.py -@@ -134,14 +134,6 @@ def check_sanity(): +@@ -130,16 +130,6 @@ def check_sanity(): finally: shutil.rmtree(tmp_dir) - --if 'BUILD_DOC' in os.environ.keys(): -- pass +-if 'BUILD_DOC' in os.environ or 'READTHEDOCS' in os.environ: +- ext_args = {} +- cython_constants = dict(BUILD_DOC=True) -elif check_sanity(): -- pass +- ext_args = get_python_flags(['rados']) +- cython_constants = dict(BUILD_DOC=False) -else: - sys.exit(1) - @@ -142,18 +150,24 @@ index e2c5696404..4e99d26721 100755 try: from Cython.Build import cythonize diff --git a/src/pybind/rbd/setup.py b/src/pybind/rbd/setup.py -index 634484f140..f5bbbdab4f 100755 +index 1f20c3ed42f..6437a62815c 100755 --- a/src/pybind/rbd/setup.py +++ b/src/pybind/rbd/setup.py -@@ -133,14 +133,6 @@ def check_sanity(): +@@ -133,20 +133,6 @@ def check_sanity(): finally: shutil.rmtree(tmp_dir) - --if 'BUILD_DOC' in os.environ.keys(): -- pass +-if 'BUILD_DOC' in os.environ or 'READTHEDOCS' in os.environ: +- ext_args = {} +- cython_constants = dict(BUILD_DOC=True) +- cythonize_args = dict(compile_time_env=cython_constants) -elif check_sanity(): -- pass +- ext_args = get_python_flags(['rados', 'rbd']) +- cython_constants = dict(BUILD_DOC=False) +- include_path = [os.path.join(os.path.dirname(__file__), "..", "rados")] +- cythonize_args = dict(compile_time_env=cython_constants, +- include_path=include_path) -else: - sys.exit(1) - @@ -161,18 +175,24 @@ index 634484f140..f5bbbdab4f 100755 try: from Cython.Build import cythonize diff --git a/src/pybind/rgw/setup.py b/src/pybind/rgw/setup.py -index eb1591a460..b9f2428cf9 100755 +index ed45399d394..c8094e000fb 100755 --- a/src/pybind/rgw/setup.py +++ b/src/pybind/rgw/setup.py -@@ -134,14 +134,6 @@ def check_sanity(): +@@ -134,20 +134,6 @@ def check_sanity(): finally: shutil.rmtree(tmp_dir) - --if 'BUILD_DOC' in os.environ.keys(): -- pass +-if 'BUILD_DOC' in os.environ or 'READTHEDOCS' in os.environ: +- ext_args = {} +- cython_constants = dict(BUILD_DOC=True) +- cythonize_args = dict(compile_time_env=cython_constants) -elif check_sanity(): -- pass +- ext_args = get_python_flags(['rados', 'rgw']) +- cython_constants = dict(BUILD_DOC=False) +- include_path = [os.path.join(os.path.dirname(__file__), "..", "rados")] +- cythonize_args = dict(compile_time_env=cython_constants, +- include_path=include_path) -else: - sys.exit(1) - @@ -180,5 +200,5 @@ index eb1591a460..b9f2428cf9 100755 try: from Cython.Build import cythonize -- -2.20.1 +2.25.1 diff --git a/recipes-extended/ceph/ceph/0001-cmake-add-support-for-python3.10.patch b/recipes-extended/ceph/ceph/0001-cmake-add-support-for-python3.10.patch deleted file mode 100644 index 94c4b8a..0000000 --- a/recipes-extended/ceph/ceph/0001-cmake-add-support-for-python3.10.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 1060f2e4362ebd6db23870d442dcd158d219ee92 Mon Sep 17 00:00:00 2001 -From: Yanfei Xu <[email protected]> -Date: Tue, 10 Nov 2020 17:17:30 +0800 -Subject: [PATCH] cmake: add support for python 3.9 and 3.10 - -add support for python3.9. - -Signed-off-by: Yanfei Xu <[email protected]> - -Add support for python 3.10. - -Upstream-Status: Submitted [https://github.com/ceph/ceph/pull/43630] - -Signed-off-by: Kai Kang <[email protected]> ---- - cmake/modules/FindPython/Support.cmake | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/cmake/modules/FindPython/Support.cmake b/cmake/modules/FindPython/Support.cmake -index 6584699b79..c05bbe3306 100644 ---- a/cmake/modules/FindPython/Support.cmake -+++ b/cmake/modules/FindPython/Support.cmake -@@ -17,7 +17,7 @@ if (NOT DEFINED _${_PYTHON_PREFIX}_REQUIRED_VERSION_MAJOR) - message (FATAL_ERROR "FindPython: INTERNAL ERROR") - endif() - if (_${_PYTHON_PREFIX}_REQUIRED_VERSION_MAJOR EQUAL 3) -- set(_${_PYTHON_PREFIX}_VERSIONS 3.8 3.7 3.6 3.5 3.4 3.3 3.2 3.1 3.0) -+ set(_${_PYTHON_PREFIX}_VERSIONS 3.10 3.9 3.8 3.7 3.6 3.5 3.4 3.3 3.2 3.1 3.0) - elseif (_${_PYTHON_PREFIX}_REQUIRED_VERSION_MAJOR EQUAL 2) - set(_${_PYTHON_PREFIX}_VERSIONS 2.7 2.6 2.5 2.4 2.3 2.2 2.1 2.0) - else() --- -2.18.2 - diff --git a/recipes-extended/ceph/ceph/0001-fix-host-library-paths-were-used.patch b/recipes-extended/ceph/ceph/0001-fix-host-library-paths-were-used.patch index 310bfa4..47498a2 100644 --- a/recipes-extended/ceph/ceph/0001-fix-host-library-paths-were-used.patch +++ b/recipes-extended/ceph/ceph/0001-fix-host-library-paths-were-used.patch @@ -1,4 +1,4 @@ -From bbf1cba8feb0e43492a1f6a6b31d024117cad262 Mon Sep 17 00:00:00 2001 +From 35cf12fea8274e85f29723e56f424a17af569907 Mon Sep 17 00:00:00 2001 From: Hongxu Jia <[email protected]> Date: Mon, 13 Apr 2020 23:35:41 -0700 Subject: [PATCH] fix host library paths were used @@ -16,11 +16,11 @@ Signed-off-by: Hongxu Jia <[email protected]> 4 files changed, 20 insertions(+), 4 deletions(-) diff --git a/src/pybind/cephfs/setup.py b/src/pybind/cephfs/setup.py -index c9a25ccf..972f936c 100755 +index 923a7e324b6..a894fb20766 100755 --- a/src/pybind/cephfs/setup.py +++ b/src/pybind/cephfs/setup.py @@ -63,9 +63,13 @@ def get_python_flags(libs): - distutils.sysconfig.get_config_vars('LIBS', 'SYSLIBS')), []) + filter(lambda lib: lib.startswith('-l'), py_libs)] compiler = new_compiler() distutils.sysconfig.customize_compiler(compiler) + libpl = distutils.sysconfig.get_config_var('LIBPL') @@ -31,15 +31,15 @@ index c9a25ccf..972f936c 100755 include_dirs=[distutils.sysconfig.get_python_inc()], - library_dirs=distutils.sysconfig.get_config_vars('LIBDIR', 'LIBPL'), + library_dirs=[distutils.sysconfig.get_config_var('LIBDIR'), libpl], - libraries=libs + [lib.replace('-l', '') for lib in py_libs], + libraries=libs + py_libs, extra_compile_args=filter_unsupported_flags( compiler.compiler[0], diff --git a/src/pybind/rados/setup.py b/src/pybind/rados/setup.py -index 4e99d267..de24f766 100755 +index 5eb0dce6f94..877200b1629 100755 --- a/src/pybind/rados/setup.py +++ b/src/pybind/rados/setup.py -@@ -66,9 +66,13 @@ def get_python_flags(libs): - distutils.sysconfig.get_config_vars('LIBS', 'SYSLIBS')), []) +@@ -62,9 +62,13 @@ def get_python_flags(libs): + filter(lambda lib: lib.startswith('-l'), py_libs)] compiler = new_compiler() distutils.sysconfig.customize_compiler(compiler) + libpl = distutils.sysconfig.get_config_var('LIBPL') @@ -50,15 +50,15 @@ index 4e99d267..de24f766 100755 include_dirs=[distutils.sysconfig.get_python_inc()], - library_dirs=distutils.sysconfig.get_config_vars('LIBDIR', 'LIBPL'), + library_dirs=[distutils.sysconfig.get_config_var('LIBDIR'), libpl], - libraries=libs + [lib.replace('-l', '') for lib in py_libs], + libraries=libs + py_libs, extra_compile_args=filter_unsupported_flags( compiler.compiler[0], diff --git a/src/pybind/rbd/setup.py b/src/pybind/rbd/setup.py -index f5bbbdab..a1f70e1d 100755 +index 6437a62815c..d17d85e2b51 100755 --- a/src/pybind/rbd/setup.py +++ b/src/pybind/rbd/setup.py @@ -63,9 +63,13 @@ def get_python_flags(libs): - distutils.sysconfig.get_config_vars('LIBS', 'SYSLIBS')), []) + filter(lambda lib: lib.startswith('-l'), py_libs)] compiler = new_compiler() distutils.sysconfig.customize_compiler(compiler) + libpl = distutils.sysconfig.get_config_var('LIBPL') @@ -69,15 +69,15 @@ index f5bbbdab..a1f70e1d 100755 include_dirs=[distutils.sysconfig.get_python_inc()], - library_dirs=distutils.sysconfig.get_config_vars('LIBDIR', 'LIBPL'), + library_dirs=[distutils.sysconfig.get_config_var('LIBDIR'), libpl], - libraries=libs + [lib.replace('-l', '') for lib in py_libs], + libraries=libs + py_libs, extra_compile_args=filter_unsupported_flags( compiler.compiler[0], diff --git a/src/pybind/rgw/setup.py b/src/pybind/rgw/setup.py -index b9f2428c..f5119f73 100755 +index c8094e000fb..22eb6f2b1bc 100755 --- a/src/pybind/rgw/setup.py +++ b/src/pybind/rgw/setup.py @@ -64,9 +64,13 @@ def get_python_flags(libs): - distutils.sysconfig.get_config_vars('LIBS', 'SYSLIBS')), []) + filter(lambda lib: lib.startswith('-l'), py_libs)] compiler = new_compiler() distutils.sysconfig.customize_compiler(compiler) + libpl = distutils.sysconfig.get_config_var('LIBPL') @@ -88,9 +88,9 @@ index b9f2428c..f5119f73 100755 include_dirs=[distutils.sysconfig.get_python_inc()], - library_dirs=distutils.sysconfig.get_config_vars('LIBDIR', 'LIBPL'), + library_dirs=[distutils.sysconfig.get_config_var('LIBDIR'), libpl], - libraries=libs + [lib.replace('-l', '') for lib in py_libs], + libraries=libs + py_libs, extra_compile_args=filter_unsupported_flags( compiler.compiler[0], -- -2.21.0 +2.25.1 diff --git a/recipes-extended/ceph/ceph/CVE-2021-3979.patch b/recipes-extended/ceph/ceph/CVE-2021-3979.patch deleted file mode 100644 index 081b32b..0000000 --- a/recipes-extended/ceph/ceph/CVE-2021-3979.patch +++ /dev/null @@ -1,158 +0,0 @@ -From 47c33179f9a15ae95cc1579a421be89378602656 Mon Sep 17 00:00:00 2001 -From: Guillaume Abrioux <[email protected]> -Date: Tue, 25 Jan 2022 10:25:53 +0100 -Subject: [PATCH] ceph-volume: honour osd_dmcrypt_key_size option - -ceph-volume doesn't honour osd_dmcrypt_key_size. -It means the default size is always applied. - -It also changes the default value in `get_key_size_from_conf()` - -From cryptsetup manpage: - -> For XTS mode you can optionally set a key size of 512 bits with the -s option. - -Using more than 512bits will end up with the following error message: - -``` -Key size in XTS mode must be 256 or 512 bits. -``` - -Fixes: https://tracker.ceph.com/issues/54006 - -Signed-off-by: Guillaume Abrioux <[email protected]> - -Upstream-Status: Backport - github.com/ceph/ceph.git - equivalent to cherry-pick of commit 47c33179f9a15ae95cc1579a421be89378602656 - -CVE: CVE-2021-3979 - -Signed-off-by: Joe Slater <[email protected]> ---- - .../ceph_volume/tests/util/test_encryption.py | 41 +++++++++++++------ - .../ceph_volume/util/encryption.py | 34 ++++++++++----- - 2 files changed, 51 insertions(+), 24 deletions(-) - -diff --git a/src/ceph-volume/ceph_volume/tests/util/test_encryption.py b/src/ceph-volume/ceph_volume/tests/util/test_encryption.py -index e1420b440d3..c86dc50b7c7 100644 ---- a/src/ceph-volume/ceph_volume/tests/util/test_encryption.py -+++ b/src/ceph-volume/ceph_volume/tests/util/test_encryption.py -@@ -1,5 +1,31 @@ - from ceph_volume.util import encryption -+import base64 - -+class TestGetKeySize(object): -+ def test_get_size_from_conf_default(self, conf_ceph_stub): -+ conf_ceph_stub(''' -+ [global] -+ fsid=asdf -+ ''') -+ assert encryption.get_key_size_from_conf() == '512' -+ -+ def test_get_size_from_conf_custom(self, conf_ceph_stub): -+ conf_ceph_stub(''' -+ [global] -+ fsid=asdf -+ [osd] -+ osd_dmcrypt_key_size=256 -+ ''') -+ assert encryption.get_key_size_from_conf() == '256' -+ -+ def test_get_size_from_conf_custom_invalid(self, conf_ceph_stub): -+ conf_ceph_stub(''' -+ [global] -+ fsid=asdf -+ [osd] -+ osd_dmcrypt_key_size=1024 -+ ''') -+ assert encryption.get_key_size_from_conf() == '512' - - class TestStatus(object): - -@@ -37,17 +63,6 @@ class TestDmcryptClose(object): - - class TestDmcryptKey(object): - -- def test_dmcrypt_with_default_size(self, conf_ceph_stub): -- conf_ceph_stub('[global]\nfsid=asdf-lkjh') -- result = encryption.create_dmcrypt_key() -- assert len(result) == 172 -- -- def test_dmcrypt_with_custom_size(self, conf_ceph_stub): -- conf_ceph_stub(''' -- [global] -- fsid=asdf -- [osd] -- osd_dmcrypt_size=8 -- ''') -+ def test_dmcrypt(self): - result = encryption.create_dmcrypt_key() -- assert len(result) == 172 -+ assert len(base64.b64decode(result)) == 128 -diff --git a/src/ceph-volume/ceph_volume/util/encryption.py b/src/ceph-volume/ceph_volume/util/encryption.py -index 72a0ccf121e..2a2c03337b6 100644 ---- a/src/ceph-volume/ceph_volume/util/encryption.py -+++ b/src/ceph-volume/ceph_volume/util/encryption.py -@@ -9,21 +9,29 @@ from .disk import lsblk, device_family, get_part_entry_type - - logger = logging.getLogger(__name__) - -- --def create_dmcrypt_key(): -+def get_key_size_from_conf(): - """ -- Create the secret dm-crypt key used to decrypt a device. -+ Return the osd dmcrypt key size from config file. -+ Default is 512. - """ -- # get the customizable dmcrypt key size (in bits) from ceph.conf fallback -- # to the default of 1024 -- dmcrypt_key_size = conf.ceph.get_safe( -+ default_key_size = '512' -+ key_size = conf.ceph.get_safe( - 'osd', - 'osd_dmcrypt_key_size', -- default=1024, -- ) -- # The size of the key is defined in bits, so we must transform that -- # value to bytes (dividing by 8) because we read in bytes, not bits -- random_string = os.urandom(int(dmcrypt_key_size / 8)) -+ default='512') -+ -+ if key_size not in ['256', '512']: -+ logger.warning(("Invalid value set for osd_dmcrypt_key_size ({}). " -+ "Falling back to {}bits".format(key_size, default_key_size))) -+ return default_key_size -+ -+ return key_size -+ -+def create_dmcrypt_key(): -+ """ -+ Create the secret dm-crypt key (KEK) used to encrypt/decrypt the Volume Key. -+ """ -+ random_string = os.urandom(128) - key = base64.b64encode(random_string).decode('utf-8') - return key - -@@ -38,6 +46,8 @@ def luks_format(key, device): - command = [ - 'cryptsetup', - '--batch-mode', # do not prompt -+ '--key-size', -+ get_key_size_from_conf(), - '--key-file', # misnomer, should be key - '-', # because we indicate stdin for the key here - 'luksFormat', -@@ -83,6 +93,8 @@ def luks_open(key, device, mapping): - """ - command = [ - 'cryptsetup', -+ '--key-size', -+ get_key_size_from_conf(), - '--key-file', - '-', - '--allow-discards', # allow discards (aka TRIM) requests for device --- -2.35.1 - diff --git a/recipes-extended/ceph/ceph_15.2.15.bb b/recipes-extended/ceph/ceph_17.2.3.bb similarity index 91% rename from recipes-extended/ceph/ceph_15.2.15.bb rename to recipes-extended/ceph/ceph_17.2.3.bb index f2ece8c..6b27a00 100644 --- a/recipes-extended/ceph/ceph_15.2.15.bb +++ b/recipes-extended/ceph/ceph_17.2.3.bb @@ -2,7 +2,7 @@ SUMMARY = "User space components of the Ceph file system" LICENSE = "LGPL-2.1-only & GPL-2.0-only & Apache-2.0 & MIT" LIC_FILES_CHKSUM = "file://COPYING-LGPL2.1;md5=fbc093901857fcd118f065f900982c24 \ file://COPYING-GPL2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ - file://COPYING;md5=4eb012c221c5fd4b760029a2981a6754 \ + file://COPYING;md5=5351120989d78252e65dc1a2a92e3617 \ " inherit cmake pkgconfig python3native python3-dir systemd # Disable python pybind support for ceph temporary, when corss compiling pybind, @@ -12,20 +12,17 @@ SRC_URI = "http://download.ceph.com/tarballs/ceph-${PV}.tar.gz \ file://0001-ceph-fix-build-errors-for-cross-compile.patch \ file://0001-fix-host-library-paths-were-used.patch \ file://ceph.conf \ - file://0001-cmake-add-support-for-python3.10.patch \ - file://0001-SnappyCompressor.h-fix-snappy-compiler-error.patch \ file://0001-buffer.h-add-missing-header-file-due-to-gcc-upgrade.patch \ file://0002-common-fix-FTBFS-due-to-dout-need_dynamic-on-GCC-12.patch \ - file://CVE-2021-3979.patch \ " -SRC_URI[sha256sum] = "5dccdaff2ebe18d435b32bfc06f8b5f474bf6ac0432a6a07d144b7c56700d0bf" +SRC_URI[sha256sum] = "3dd0c7b3cb740abd38eeb0a44078ca5ae6ad96050a7290ac82883e106592a3fa" -DEPENDS = "boost bzip2 curl expat gperf-native \ - keyutils libaio libibverbs lz4 \ +DEPENDS = "boost bzip2 cryptsetup curl expat gperf-native \ + keyutils libaio libibverbs lua lz4 \ nspr nss \ oath openldap openssl \ - python3 python3-cython-native rabbitmq-c rocksdb snappy udev \ + python3 python3-cython-native rabbitmq-c rocksdb snappy thrift udev \ valgrind xfsprogs zlib \ " SYSTEMD_SERVICE:${PN} = " \ @@ -67,6 +64,7 @@ EXTRA_OECMAKE = "-DWITH_MANPAGE=OFF \ -DPython3_EXECUTABLE=${PYTHON} \ -DWITH_RADOSGW_KAFKA_ENDPOINT=OFF \ -DWITH_REENTRANT_STRSIGNAL=ON \ + -DWITH_RADOSGW_LUA_PACKAGES=OFF \ " CXXFLAGS += "${HOST_CC_ARCH} ${TOOLCHAIN_OPTIONS}" -- 2.33.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#7600): https://lists.yoctoproject.org/g/meta-virtualization/message/7600 Mute This Topic: https://lists.yoctoproject.org/mt/93507782/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/meta-virtualization/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
