CC'ing linux-fsdevel ;-\ Am 14.02.2017 um 11:38 schrieb Richard Weinberger: > Hi! > > AFACT fscrypt was designed for the Android/ChromeOS use-case to encrypt a home directory. > For this case using keys of type logon makes perfectly sense. > But there are cases where other types would be useful. > Please consider the case where the whole filesystem is encrypted and an initramfs loads > the encryption master key. Here a logon key is not suitable since different users might need > it. > > I suggest adding support for different types to fscrypt_get_crypt_info(). > I.e. such that a filesystem can indicate in ->s_cop that a "global" key ring > should be used. > > What do you think? > > Thanks, > //richard >
