+
+/* Make an encryption pass over a cloud log segment to encrypt private data in
+ * it. */
+void bluesky_cloudlog_encrypt(GString *segment, BlueSkyCryptKeys *keys)
+{
+ char *data = segment->str;
+ size_t remaining_size = segment->len;
+
+ while (remaining_size >= sizeof(struct cloudlog_header)) {
+ struct cloudlog_header *header = (struct cloudlog_header *)data;
+ size_t item_size = sizeof(struct cloudlog_header)
+ + GUINT32_FROM_LE(header->size1)
+ + GUINT32_FROM_LE(header->size2)
+ + GUINT32_FROM_LE(header->size3);
+ if (item_size > remaining_size)
+ break;
+ bluesky_crypt_block_encrypt(data, item_size, keys);
+
+ data += item_size;
+ remaining_size -= item_size;
+ }
+}
+
+/* Make an decryption pass over a cloud log segment to decrypt items which were
+ * encrypted. Also computes a list of all offsets which at which valid
+ * cloud log items are found and adds those offsets to items (if non-NULL).
+ *
+ * If allow_unauth is set to true, then allow a limited set of unauthenticated
+ * items that may have been rewritten by a file system cleaner. These include
+ * the checkpoint and inode map records only; other items must still pass
+ * authentication. */
+void bluesky_cloudlog_decrypt(char *segment, size_t len,
+ BlueSkyCryptKeys *keys,
+ BlueSkyRangeset *items,
+ gboolean allow_unauth)
+{
+ char *data = segment;
+ size_t remaining_size = len;
+ size_t offset = 0;
+
+ while (remaining_size >= sizeof(struct cloudlog_header)) {
+ struct cloudlog_header *header = (struct cloudlog_header *)data;
+ size_t item_size = sizeof(struct cloudlog_header)
+ + GUINT32_FROM_LE(header->size1)
+ + GUINT32_FROM_LE(header->size2)
+ + GUINT32_FROM_LE(header->size3);
+ if (item_size > remaining_size)
+ break;
+ if (bluesky_crypt_block_decrypt(data, item_size, keys, allow_unauth)) {
+ if (items != NULL) {
+ if (bluesky_verbose)
+ g_print(" data item at %zx\n", offset);
+ bluesky_rangeset_insert(items, offset, item_size,
+ GINT_TO_POINTER(TRUE));
+ }
+ } else {
+ g_warning("Unauthenticated data at offset %zd", offset);
+ if (items != NULL) {
+ bluesky_rangeset_insert(items, offset, item_size,
+ GINT_TO_POINTER(TRUE));
+ }
+ }
+
+ data += item_size;
+ offset += item_size;
+ remaining_size -= item_size;
+ }
+}
+
+void bluesky_cloudlog_threads_init(BlueSkyFS *fs)
+{
+ fs->unref_queue = g_async_queue_new();
+ g_thread_create(cloudlog_unref_thread, fs->unref_queue, FALSE, NULL);
+ fetch_pool = g_thread_pool_new(background_fetch_task, NULL, 40, FALSE,
+ NULL);
+}