提交 · e2881b1b51d871a72911faf2fc7e090655940506 · OpenHarmony / kernel_linux

19 5月, 2015 2 次提交

ext4 crypto: separate kernel and userspace structure for the key · e2881b1b

由 Theodore Ts'o 提交于 5月 18, 2015

Use struct ext4_encryption_key only for the master key passed via the
kernel keyring.

For internal kernel space users, we now use struct ext4_crypt_info.
This will allow us to put information from the policy structure so we
can cache it and avoid needing to constantly looking up the extended
attribute.  We will do this in a spearate patch.  This patch is mostly
mechnical to make it easier for patch review.
Signed-off-by: NTheodore Ts'o <tytso@mit.edu>

e2881b1b

T
ext4 crypto: don't allocate a page when encrypting/decrypting file names · d2299590
由 Theodore Ts'o 提交于 5月 18, 2015
```
Signed-off-by: NTheodore Ts'o <tytso@mit.edu>
```
d2299590

02 5月, 2015 1 次提交

ext4 crypto: add padding to filenames before encrypting · a44cd7a0

由 Theodore Ts'o 提交于 5月 01, 2015

This obscures the length of the filenames, to decrease the amount of
information leakage. By default, we pad the filenames to the next 4
byte boundaries. This costs nothing, since the directory entries are
aligned to 4 byte boundaries anyway. Filenames can also be padded to
8, 16, or 32 bytes, which will consume more directory space.

Change-Id: Ibb7a0fb76d2c48e2061240a709358ff40b14f322
Signed-off-by: NTheodore Ts'o <tytso@mit.edu>

a44cd7a0

16 4月, 2015 1 次提交

ext4 crypto: add symlink encryption · f348c252

由 Theodore Ts'o 提交于 4月 16, 2015

Signed-off-by: NUday Savagaonkar <savagaon@google.com>
Signed-off-by: NTheodore Ts'o <tytso@mit.edu>

f348c252

12 4月, 2015 3 次提交

ext4 crypto: filename encryption facilities · d5d0e8c7

由 Michael Halcrow 提交于 4月 12, 2015

Signed-off-by: NUday Savagaonkar <savagaon@google.com>
Signed-off-by: NIldar Muslukhov <ildarm@google.com>
Signed-off-by: NMichael Halcrow <mhalcrow@google.com>
Signed-off-by: NTheodore Ts'o <tytso@mit.edu>

d5d0e8c7

ext4 crypto: add encryption key management facilities · 88bd6ccd

由 Michael Halcrow 提交于 4月 12, 2015

Signed-off-by: NMichael Halcrow <mhalcrow@google.com>
Signed-off-by: NIldar Muslukhov <muslukhovi@gmail.com>
Signed-off-by: NTheodore Ts'o <tytso@mit.edu>

88bd6ccd

ext4 crypto: add ext4 encryption facilities · b30ab0e0

由 Michael Halcrow 提交于 4月 12, 2015

On encrypt, we will re-assign the buffer_heads to point to a bounce
page rather than the control_page (which is the original page to write
that contains the plaintext). The block I/O occurs against the bounce
page.  On write completion, we re-assign the buffer_heads to the
original plaintext page.

On decrypt, we will attach a read completion callback to the bio
struct. This read completion will decrypt the read contents in-place
prior to setting the page up-to-date.

The current encryption mode, AES-256-XTS, lacks cryptographic
integrity. AES-256-GCM is in-plan, but we will need to devise a
mechanism for handling the integrity data.
Signed-off-by: NMichael Halcrow <mhalcrow@google.com>
Signed-off-by: NIldar Muslukhov <ildarm@google.com>
Signed-off-by: NTheodore Ts'o <tytso@mit.edu>

b30ab0e0

11 4月, 2015 1 次提交

ext4 crypto: add encryption policy and password salt support · 9bd8212f

由 Michael Halcrow 提交于 4月 11, 2015

Signed-off-by: NMichael Halcrow <mhalcrow@google.com>
Signed-off-by: NTheodore Ts'o <tytso@mit.edu>
Signed-off-by: NIldar Muslukhov <muslukhovi@gmail.com>

9bd8212f

OpenHarmony / kernel_linux 上一次同步 4 年多

OpenHarmony / kernel_linux
上一次同步 4 年多