Re: [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: "Theodore Y. Ts'o" <tytso@xxxxxxx>, linux-fscrypt@xxxxxxxxxxxxxxx, linux-fsdevel@xxxxxxxxxxxxxxx, linux-ext4@xxxxxxxxxxxxxxx, linux-f2fs-devel@xxxxxxxxxxxxxxxxxxxxx, linux-mtd@xxxxxxxxxxxxxxxxxxx, linux-api@xxxxxxxxxxxxxxx, linux-crypto@xxxxxxxxxxxxxxx, keyrings@xxxxxxxxxxxxxxx, Paul Crowley <paulcrowley@xxxxxxxxxx>, Satya Tangirala <satyat@xxxxxxxxxx>
Subject: Re: [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
From: Eric Biggers <ebiggers@xxxxxxxxxx>
Date: Thu, 1 Aug 2019 11:46:47 -0700
In-reply-to: <20190801183554.GA223822@gmail.com>
Mail-followup-to: "Theodore Y. Ts'o" <tytso@xxxxxxx>, linux-fscrypt@xxxxxxxxxxxxxxx, linux-fsdevel@xxxxxxxxxxxxxxx, linux-ext4@xxxxxxxxxxxxxxx, linux-f2fs-devel@xxxxxxxxxxxxxxxxxxxxx, linux-mtd@xxxxxxxxxxxxxxxxxxx, linux-api@xxxxxxxxxxxxxxx, linux-crypto@xxxxxxxxxxxxxxx, keyrings@xxxxxxxxxxxxxxx, Paul Crowley <paulcrowley@xxxxxxxxxx>, Satya Tangirala <satyat@xxxxxxxxxx>
References: <20190726224141.14044-1-ebiggers@kernel.org> <20190726224141.14044-8-ebiggers@kernel.org> <20190728192417.GG6088@mit.edu> <20190729195827.GF169027@gmail.com> <20190731183802.GA687@sol.localdomain> <20190731233843.GA2769@mit.edu> <20190801011140.GB687@sol.localdomain> <20190801053108.GD2769@mit.edu> <20190801183554.GA223822@gmail.com>
User-agent: Mutt/1.10.1 (2018-07-13)

On Thu, Aug 01, 2019 at 11:35:56AM -0700, Eric Biggers wrote:
> 
> "fscrypt lock" actually doesn't exist yet; it's a missing feature.  My patch to
> the fscrypt tool adds it.  So we get to decide on the semantics.  We don't want
> to require root, though; so for v2 policy keys, the real semantics have to be
> that "fscrypt lock" registers the key for the user, and "fscrypt unlock"
> unregisters it for the user.
> 

I meant the other way around, of course: "fscrypt unlock" registers the key for
the user, and "fscrypt lock" unregisters it for the user.

- Eric

References:
- [PATCH v7 00/16] fscrypt: key management improvements
  - From: Eric Biggers
- [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
  - From: Eric Biggers
- Re: [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
  - From: Theodore Y. Ts'o
- Re: [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
  - From: Eric Biggers
- Re: [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
  - From: Eric Biggers
- Re: [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
  - From: Theodore Y. Ts'o
- Re: [f2fs-dev] [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
  - From: Eric Biggers
- Re: [f2fs-dev] [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
  - From: Theodore Y. Ts'o
- Re: [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
  - From: Eric Biggers

Prev by Date: Re: [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
Next by Date: Re: [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
Previous by thread: Re: [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
Next by thread: Re: [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
Index(es):
- Date
- Thread

[Index of Archives] [linux Cryptography] [Asterisk App Development] [PJ SIP] [Gnu Gatekeeper] [IETF Sipping] [Info Cyrus] [ALSA User] [Fedora Linux Users] [Linux SCTP] [DCCP] [Gimp] [Yosemite News] [Deep Creek Hot Springs] [Yosemite Campsites] [ISDN Cause Codes]