[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20200128014653.GA960@sol.localdomain>
Date: Mon, 27 Jan 2020 17:46:53 -0800
From: Eric Biggers <ebiggers@...nel.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: linux-fscrypt@...r.kernel.org, linux-ext4@...r.kernel.org,
linux-f2fs-devel@...ts.sourceforge.net,
linux-mtd@...ts.infradead.org, linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org, Theodore Ts'o <tytso@....edu>,
Jaegeuk Kim <jaegeuk@...nel.org>,
Daniel Rosenberg <drosen@...gle.com>
Subject: [GIT PULL] fscrypt updates for 5.6
The following changes since commit fd6988496e79a6a4bdb514a4655d2920209eb85d:
Linux 5.5-rc4 (2019-12-29 15:29:16 -0800)
are available in the Git repository at:
https://git.kernel.org/pub/scm/fs/fscrypt/fscrypt.git tags/fscrypt-for-linus
for you to fetch changes up to edc440e3d27fb31e6f9663cf413fad97d714c060:
fscrypt: improve format of no-key names (2020-01-22 14:50:03 -0800)
----------------------------------------------------------------
- Extend the FS_IOC_ADD_ENCRYPTION_KEY ioctl to allow the raw key to be
provided via a keyring key.
- Prepare for the new dirhash method (SipHash of plaintext name) that
will be used by directories that are both encrypted and casefolded.
- Switch to a new format for "no-key names" that prepares for the new
dirhash method, and also fixes a longstanding bug where multiple
filenames could map to the same no-key name.
- Allow the crypto algorithms used by fscrypt to be built as loadable
modules when the fscrypt-capable filesystems are.
- Optimize fscrypt_zeroout_range().
- Various cleanups.
----------------------------------------------------------------
Daniel Rosenberg (3):
fscrypt: don't allow v1 policies with casefolding
fscrypt: derive dirhash key for casefolded directories
fscrypt: improve format of no-key names
Eric Biggers (22):
fscrypt: support passing a keyring key to FS_IOC_ADD_ENCRYPTION_KEY
fscrypt: use crypto_skcipher_driver_name()
fscrypt: verify that the crypto_skcipher has the correct ivsize
fscrypt: constify struct fscrypt_hkdf parameter to fscrypt_hkdf_expand()
fscrypt: constify inode parameter to filename encryption functions
fscrypt: move fscrypt_d_revalidate() to fname.c
fscrypt: introduce fscrypt_needs_contents_encryption()
fscrypt: split up fscrypt_supported_policy() by policy version
fscrypt: check for appropriate use of DIRECT_KEY flag earlier
fscrypt: move fscrypt_valid_enc_modes() to policy.c
fscrypt: remove fscrypt_is_direct_key_policy()
fscrypt: don't check for ENOKEY from fscrypt_get_encryption_info()
fscrypt: include <linux/ioctl.h> in UAPI header
fscrypt: remove redundant bi_status check
fscrypt: optimize fscrypt_zeroout_range()
fscrypt: document gfp_flags for bounce page allocation
ubifs: use IS_ENCRYPTED() instead of ubifs_crypt_is_encrypted()
fscrypt: don't print name of busy file when removing key
fscrypt: add "fscrypt_" prefix to fname_encrypt()
fscrypt: clarify what is meant by a per-file key
ubifs: don't trigger assertion on invalid no-key filename
ubifs: allow both hash and disk name to be provided in no-key names
Herbert Xu (1):
fscrypt: Allow modular crypto algorithms
Documentation/filesystems/fscrypt.rst | 75 ++++++--
fs/crypto/Kconfig | 22 ++-
fs/crypto/bio.c | 114 ++++++++----
fs/crypto/crypto.c | 57 +-----
fs/crypto/fname.c | 316 +++++++++++++++++++++++++++-------
fs/crypto/fscrypt_private.h | 58 +++----
fs/crypto/hkdf.c | 2 +-
fs/crypto/hooks.c | 47 ++++-
fs/crypto/keyring.c | 147 +++++++++++++---
fs/crypto/keysetup.c | 102 ++++++-----
fs/crypto/keysetup_v1.c | 19 +-
fs/crypto/policy.c | 170 ++++++++++++------
fs/ext4/Kconfig | 1 +
fs/ext4/dir.c | 2 +-
fs/f2fs/Kconfig | 1 +
fs/f2fs/dir.c | 2 +-
fs/inode.c | 3 +-
fs/ubifs/Kconfig | 1 +
fs/ubifs/dir.c | 16 +-
fs/ubifs/file.c | 4 +-
fs/ubifs/journal.c | 10 +-
fs/ubifs/key.h | 1 -
fs/ubifs/ubifs.h | 7 -
include/linux/fscrypt.h | 122 +++++--------
include/uapi/linux/fscrypt.h | 14 +-
25 files changed, 864 insertions(+), 449 deletions(-)
Powered by blists - more mailing lists