linux/fs/ecryptfs
Michael Halcrow f4aad16adf eCryptfs: add key list structure; search keyring
Add support structures for handling multiple keys.  The list in crypt_stat
contains the key identifiers for all of the keys that should be used for
encrypting each file's File Encryption Key (FEK).  For now, each inode
inherits this list from the mount-wide crypt_stat struct, via the
ecryptfs_copy_mount_wide_sigs_to_inode_sigs() function.

This patch also removes the global key tfm from the mount-wide crypt_stat
struct, instead keeping a list of tfm's meant for dealing with the various
inode FEK's.  eCryptfs will now search the user's keyring for FEK's parsed
from the existing file metadata, so the user can make keys available at any
time before or after mounting.

Now that multiple FEK packets can be written to the file metadata, we need to
be more meticulous about size limits.  The updates to the code for writing out
packets to the file metadata makes sizes and limits more explicit, uniformly
expressed, and (hopefully) easier to follow.

Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Cc: David Howells <dhowells@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-16 09:43:10 -07:00
..
crypto.c eCryptfs: add key list structure; search keyring 2007-10-16 09:43:10 -07:00
debug.c [PATCH] eCryptfs: open-code flag checking and manipulation 2007-02-12 09:48:37 -08:00
dentry.c [PATCH] eCryptfs: fix possible NULL ptr deref in ecryptfs_d_release() 2007-03-16 19:25:05 -07:00
ecryptfs_kernel.h eCryptfs: add key list structure; search keyring 2007-10-16 09:43:10 -07:00
file.c sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
inode.c revert "eCryptfs: fix lookup error for special files" 2007-08-31 01:42:22 -07:00
keystore.c eCryptfs: add key list structure; search keyring 2007-10-16 09:43:10 -07:00
main.c eCryptfs: add key list structure; search keyring 2007-10-16 09:43:10 -07:00
Makefile [PATCH] eCryptfs: Public key; packet management 2007-02-12 09:48:36 -08:00
messaging.c Detach sched.h from mm.h 2007-05-21 09:18:19 -07:00
mmap.c fs: remove some AOP_TRUNCATED_PAGE 2007-10-16 09:42:58 -07:00
netlink.c [NET]: make netlink user -> kernel interface synchronious 2007-10-10 21:15:29 -07:00
super.c [PATCH] Mark struct super_operations const 2007-02-12 09:48:47 -08:00