| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 14 Aug 2019 15:37:25 -0700
From: Eric Biggers <ebiggers@...nel.org>
To: linux-fscrypt@...r.kernel.org
Cc: Satya Tangirala <satyat@...gle.com>, Theodore Ts'o <tytso@....edu>,
linux-api@...r.kernel.org, linux-f2fs-devel@...ts.sourceforge.net,
keyrings@...r.kernel.org, linux-mtd@...ts.infradead.org,
linux-crypto@...r.kernel.org, linux-fsdevel@...r.kernel.org,
Jaegeuk Kim <jaegeuk@...nel.org>, linux-ext4@...r.kernel.org,
Paul Crowley <paulcrowley@...gle.com>
Subject: Re: [PATCH v8 00/20] fscrypt: key management improvements
On Mon, Aug 05, 2019 at 09:25:01AM -0700, Eric Biggers wrote:
> Hello,
>
> [Note: I'd like to apply this for v5.4. Additional review is greatly
> appreciated, especially of the API before it's set in stone. Thanks!]
>
> This patchset makes major improvements to how keys are added, removed,
> and derived in fscrypt, aka ext4/f2fs/ubifs encryption. It does this by
> adding new ioctls that add and remove encryption keys directly to/from
> the filesystem, and by adding a new encryption policy version ("v2")
> where the user-provided keys are only used as input to HKDF-SHA512 and
> are identified by their cryptographic hash.
>
> All new APIs and all cryptosystem changes are documented in
> Documentation/filesystems/fscrypt.rst. Userspace can use the new key
> management ioctls with existing encrypted directories, but migrating to
> v2 encryption policies is needed for the full benefits.
>
I've applied this patchset to the fscrypt tree for 5.4.
- Eric
Powered by blists - more mailing lists