This patch set constitutes the 0.1.6 release of the eCryptfs cryptographic filesystem: http://ecryptfs.sourceforge.net/ eCryptfs is a kernel-native stacked cryptographic filesystem for Linux. It is derived from Erez Zadok's Cryptfs, implemented through the FiST framework for generating stacked filesystems. eCryptfs extends Cryptfs to provide a framework for advanced key management and policy features. The initial release includes support for mount-wide passphrase only. eCryptfs stores cryptographic metadata in the header of each file written, so that encrypted files can be copied between the lower filesystems of hosts; the file will be decryptable through eCryptfs with the proper key, and there is no need to keep track of any additional information aside from what is already in the encrypted file itself. We think of eCryptfs as a sort of ``pgpfs.'' This patch set implements the design reflected in the document sent to the LKML on March 24th (subject ``eCryptfs Design Document''), with two modifications per responses to that document. The first modification is that extents are fixed to 4096-byte regions rather than whatever the page size of the host happens to be. In cases where the page size is larger than 4096 bytes and where the pages are not aligned, eCryptfs crosses page boundaries in the lower file while processing the 4096-byte extents. The second modification is that the header region occupies either 8192 bytes or the page size of the host on which the file is created, whichever is larger. This maximizes the probability that pages will be aligned between the unencrypted and encrypted data, which is not a requirement, but it helps with performance. This patch set was produced and tested against the 2.6.17-rc3-mm1 release of the kernel. Thanks, Phillip - To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
