rebase: bump github.com/ceph/go-ceph from 0.31.0 to 0.32.0

Bumps [github.com/ceph/go-ceph](https://github.com/ceph/go-ceph) from 0.31.0 to 0.32.0.
- [Release notes](https://github.com/ceph/go-ceph/releases)
- [Changelog](https://github.com/ceph/go-ceph/blob/master/docs/release-process.md)
- [Commits](https://github.com/ceph/go-ceph/compare/v0.31.0...v0.32.0)

---
updated-dependencies:
- dependency-name: github.com/ceph/go-ceph
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

vendor/github.com/ceph/go-ceph/rbd/encryption_load2.go

@@ -0,0 +1,105 @@
+//go:build !octopus && !pacific && !quincy && ceph_preview
+
+package rbd
+
+// #cgo LDFLAGS: -lrbd
+// /* force XSI-complaint strerror_r() */
+// #define _POSIX_C_SOURCE 200112L
+// #undef _GNU_SOURCE
+// #include <stdlib.h>
+// #include <errno.h>
+// #include <rbd/librbd.h>
+import "C"
+
+import (
+	"unsafe"
+)
+
+type encryptionOptions2 interface {
+	EncryptionOptions
+	writeEncryptionSpec(spec *C.rbd_encryption_spec_t) func()
+}
+
+func (opts EncryptionOptionsLUKS1) writeEncryptionSpec(spec *C.rbd_encryption_spec_t) func() {
+	/* only C memory should be attached to spec */
+	cPassphrase := (*C.char)(C.CBytes(opts.Passphrase))
+	cOptsSize := C.size_t(C.sizeof_rbd_encryption_luks1_format_options_t)
+	cOpts := (*C.rbd_encryption_luks1_format_options_t)(C.malloc(cOptsSize))
+	cOpts.alg = C.rbd_encryption_algorithm_t(opts.Alg)
+	cOpts.passphrase = cPassphrase
+	cOpts.passphrase_size = C.size_t(len(opts.Passphrase))
+
+	spec.format = C.RBD_ENCRYPTION_FORMAT_LUKS1
+	spec.opts = C.rbd_encryption_options_t(cOpts)
+	spec.opts_size = cOptsSize
+	return func() {
+		C.free(unsafe.Pointer(cOpts.passphrase))
+		C.free(unsafe.Pointer(cOpts))
+	}
+}
+
+func (opts EncryptionOptionsLUKS2) writeEncryptionSpec(spec *C.rbd_encryption_spec_t) func() {
+	/* only C memory should be attached to spec */
+	cPassphrase := (*C.char)(C.CBytes(opts.Passphrase))
+	cOptsSize := C.size_t(C.sizeof_rbd_encryption_luks2_format_options_t)
+	cOpts := (*C.rbd_encryption_luks2_format_options_t)(C.malloc(cOptsSize))
+	cOpts.alg = C.rbd_encryption_algorithm_t(opts.Alg)
+	cOpts.passphrase = cPassphrase
+	cOpts.passphrase_size = C.size_t(len(opts.Passphrase))
+
+	spec.format = C.RBD_ENCRYPTION_FORMAT_LUKS2
+	spec.opts = C.rbd_encryption_options_t(cOpts)
+	spec.opts_size = cOptsSize
+	return func() {
+		C.free(unsafe.Pointer(cOpts.passphrase))
+		C.free(unsafe.Pointer(cOpts))
+	}
+}
+
+// EncryptionLoad2 enables IO on an open encrypted image. Multiple encryption
+// option values can be passed to this call in a slice. For more information
+// about how items in the slice are applied to images, and possibly ancestor
+// images refer to the documentation in the C api for rbd_encryption_load2.
+//
+// Implements:
+//
+//	int rbd_encryption_load2(rbd_image_t image,
+//	                         const rbd_encryption_spec_t *specs,
+//	                         size_t spec_count);
+func (image *Image) EncryptionLoad2(opts []EncryptionOptions) error {
+	if image.image == nil {
+		return ErrImageNotOpen
+	}
+	for _, o := range opts {
+		if _, ok := o.(encryptionOptions2); !ok {
+			// this should not happen unless someone adds a new type
+			// implementing EncryptionOptions but fails to add a
+			// writeEncryptionSpec such that the type is not also implementing
+			// encryptionOptions2.
+			return getError(C.EINVAL)
+		}
+	}
+
+	length := len(opts)
+	cspecs := (*C.rbd_encryption_spec_t)(C.malloc(
+		C.size_t(C.sizeof_rbd_encryption_spec_t * length)))
+	specs := unsafe.Slice(cspecs, length)
+	freeFuncs := make([]func(), length)
+
+	for idx, option := range opts {
+		f := option.(encryptionOptions2).writeEncryptionSpec(&specs[idx])
+		freeFuncs[idx] = f
+	}
+	defer func() {
+		for _, f := range freeFuncs {
+			f()
+		}
+		C.free(unsafe.Pointer(cspecs))
+	}()
+
+	ret := C.rbd_encryption_load2(
+		image.image,
+		cspecs,
+		C.size_t(length))
+	return getError(ret)
+}