/// <summary>Create a new encryption zone.</summary>
/// <remarks>
/// Create a new encryption zone.
/// <p/>
/// Called while holding the FSDirectory lock.
/// </remarks>
/// <exception cref="System.IO.IOException"/>
internal virtual XAttr CreateEncryptionZone(string src, CipherSuite suite, CryptoProtocolVersion
version, string keyName)
{
System.Diagnostics.Debug.Assert(dir.HasWriteLock());
INodesInPath srcIIP = dir.GetINodesInPath4Write(src, false);
if (dir.IsNonEmptyDirectory(srcIIP))
{
throw new IOException("Attempt to create an encryption zone for a non-empty directory."
);
}
if (srcIIP != null && srcIIP.GetLastINode() != null && !srcIIP.GetLastINode().IsDirectory
())
{
throw new IOException("Attempt to create an encryption zone for a file.");
}
EncryptionZoneManager.EncryptionZoneInt ezi = GetEncryptionZoneForPath(srcIIP);
if (ezi != null)
{
throw new IOException("Directory " + src + " is already in an " + "encryption zone. ("
+ GetFullPathName(ezi) + ")");
}
HdfsProtos.ZoneEncryptionInfoProto proto = PBHelper.Convert(suite, version, keyName
);
XAttr ezXAttr = XAttrHelper.BuildXAttr(HdfsServerConstants.CryptoXattrEncryptionZone
, proto.ToByteArray());
IList <XAttr> xattrs = Lists.NewArrayListWithCapacity(1);
xattrs.AddItem(ezXAttr);
// updating the xattr will call addEncryptionZone,
// done this way to handle edit log loading
FSDirXAttrOp.UnprotectedSetXAttrs(dir, src, xattrs, EnumSet.Of(XAttrSetFlag.Create
));
return(ezXAttr);
}
/// <exception cref="System.IO.IOException"/>
internal static INode UnprotectedSetXAttrs(FSDirectory fsd, string src, IList <XAttr
> xAttrs, EnumSet <XAttrSetFlag> flag)
{
System.Diagnostics.Debug.Assert(fsd.HasWriteLock());
INodesInPath iip = fsd.GetINodesInPath4Write(FSDirectory.NormalizePath(src), true
);
INode inode = FSDirectory.ResolveLastINode(iip);
int snapshotId = iip.GetLatestSnapshotId();
IList <XAttr> existingXAttrs = XAttrStorage.ReadINodeXAttrs(inode);
IList <XAttr> newXAttrs = SetINodeXAttrs(fsd, existingXAttrs, xAttrs, flag);
bool isFile = inode.IsFile();
foreach (XAttr xattr in newXAttrs)
{
string xaName = XAttrHelper.GetPrefixName(xattr);
/*
* If we're adding the encryption zone xattr, then add src to the list
* of encryption zones.
*/
if (HdfsServerConstants.CryptoXattrEncryptionZone.Equals(xaName))
{
HdfsProtos.ZoneEncryptionInfoProto ezProto = HdfsProtos.ZoneEncryptionInfoProto.ParseFrom
(xattr.GetValue());
fsd.ezManager.AddEncryptionZone(inode.GetId(), PBHelper.Convert(ezProto.GetSuite(
)), PBHelper.Convert(ezProto.GetCryptoProtocolVersion()), ezProto.GetKeyName());
}
if (!isFile && HdfsServerConstants.SecurityXattrUnreadableBySuperuser.Equals(xaName
))
{
throw new IOException("Can only set '" + HdfsServerConstants.SecurityXattrUnreadableBySuperuser
+ "' on a file.");
}
}
XAttrStorage.UpdateINodeXAttrs(inode, newXAttrs, snapshotId);
return(inode);
}
