[GIT PULL] fscrypt updates for 5.6

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following changes since commit fd6988496e79a6a4bdb514a4655d2920209eb85d:

  Linux 5.5-rc4 (2019-12-29 15:29:16 -0800)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/fs/fscrypt/fscrypt.git tags/fscrypt-for-linus

for you to fetch changes up to edc440e3d27fb31e6f9663cf413fad97d714c060:

  fscrypt: improve format of no-key names (2020-01-22 14:50:03 -0800)

----------------------------------------------------------------

- Extend the FS_IOC_ADD_ENCRYPTION_KEY ioctl to allow the raw key to be
  provided via a keyring key.

- Prepare for the new dirhash method (SipHash of plaintext name) that
  will be used by directories that are both encrypted and casefolded.

- Switch to a new format for "no-key names" that prepares for the new
  dirhash method, and also fixes a longstanding bug where multiple
  filenames could map to the same no-key name.

- Allow the crypto algorithms used by fscrypt to be built as loadable
  modules when the fscrypt-capable filesystems are.

- Optimize fscrypt_zeroout_range().

- Various cleanups.

----------------------------------------------------------------
Daniel Rosenberg (3):
      fscrypt: don't allow v1 policies with casefolding
      fscrypt: derive dirhash key for casefolded directories
      fscrypt: improve format of no-key names

Eric Biggers (22):
      fscrypt: support passing a keyring key to FS_IOC_ADD_ENCRYPTION_KEY
      fscrypt: use crypto_skcipher_driver_name()
      fscrypt: verify that the crypto_skcipher has the correct ivsize
      fscrypt: constify struct fscrypt_hkdf parameter to fscrypt_hkdf_expand()
      fscrypt: constify inode parameter to filename encryption functions
      fscrypt: move fscrypt_d_revalidate() to fname.c
      fscrypt: introduce fscrypt_needs_contents_encryption()
      fscrypt: split up fscrypt_supported_policy() by policy version
      fscrypt: check for appropriate use of DIRECT_KEY flag earlier
      fscrypt: move fscrypt_valid_enc_modes() to policy.c
      fscrypt: remove fscrypt_is_direct_key_policy()
      fscrypt: don't check for ENOKEY from fscrypt_get_encryption_info()
      fscrypt: include <linux/ioctl.h> in UAPI header
      fscrypt: remove redundant bi_status check
      fscrypt: optimize fscrypt_zeroout_range()
      fscrypt: document gfp_flags for bounce page allocation
      ubifs: use IS_ENCRYPTED() instead of ubifs_crypt_is_encrypted()
      fscrypt: don't print name of busy file when removing key
      fscrypt: add "fscrypt_" prefix to fname_encrypt()
      fscrypt: clarify what is meant by a per-file key
      ubifs: don't trigger assertion on invalid no-key filename
      ubifs: allow both hash and disk name to be provided in no-key names

Herbert Xu (1):
      fscrypt: Allow modular crypto algorithms

 Documentation/filesystems/fscrypt.rst |  75 ++++++--
 fs/crypto/Kconfig                     |  22 ++-
 fs/crypto/bio.c                       | 114 ++++++++----
 fs/crypto/crypto.c                    |  57 +-----
 fs/crypto/fname.c                     | 316 +++++++++++++++++++++++++++-------
 fs/crypto/fscrypt_private.h           |  58 +++----
 fs/crypto/hkdf.c                      |   2 +-
 fs/crypto/hooks.c                     |  47 ++++-
 fs/crypto/keyring.c                   | 147 +++++++++++++---
 fs/crypto/keysetup.c                  | 102 ++++++-----
 fs/crypto/keysetup_v1.c               |  19 +-
 fs/crypto/policy.c                    | 170 ++++++++++++------
 fs/ext4/Kconfig                       |   1 +
 fs/ext4/dir.c                         |   2 +-
 fs/f2fs/Kconfig                       |   1 +
 fs/f2fs/dir.c                         |   2 +-
 fs/inode.c                            |   3 +-
 fs/ubifs/Kconfig                      |   1 +
 fs/ubifs/dir.c                        |  16 +-
 fs/ubifs/file.c                       |   4 +-
 fs/ubifs/journal.c                    |  10 +-
 fs/ubifs/key.h                        |   1 -
 fs/ubifs/ubifs.h                      |   7 -
 include/linux/fscrypt.h               | 122 +++++--------
 include/uapi/linux/fscrypt.h          |  14 +-
 25 files changed, 864 insertions(+), 449 deletions(-)



[Index of Archives]     [Reiser Filesystem Development]     [Ceph FS]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux FS]     [Yosemite National Park]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Device Mapper]     [Linux Media]

  Powered by Linux