I recently found a blog describing ext4 crypto: http://blog.quarkslab.com/a-glimpse-of-ext4-filesystem-level-encryption.html that reported several problems with the ext4 crypto code. Sadly, it doesn't seem that these issues were reported to the list, only the blog, so I'm not sure if any of the crypto developers are aware of them? I looked through the Git commit logs, and don't see any significant patches to the crypto code since before 4.1 was released, so I'd guess these issues are still open? Is there anything that could be done about the leakage of the file size for encrypted inodes without the decryption key? It seems that it would at least be possible to return the size rounded up to the end of the block, to at least disguise the file sizes a bit without losing the file data if there is some valid reason to copy it encrypted (some garbage bytes would be left at the end of the file when decrypted). Cheers, Andreas -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
