git.apps.os.sepia.ceph.com Git - fscrypt.git/commit

author	Eric Biggers <ebiggers@google.com>
	Mon, 16 Dec 2019 03:31:39 +0000 (19:31 -0800)
committer	Eric Biggers <ebiggers@google.com>
	Sun, 5 Jan 2020 18:02:13 +0000 (10:02 -0800)
commit	42e0dfe85ec7a75a2fa30c417d57eae60b5a881d
tree	ffa9fb08a5bbe51ec23bf219ef206ddc81799453	tree \| snapshot
parent	2b25de6d445faefc28629603dd754aec9f744e60	commit \| diff

Keyring support for v2 encryption policies

Implement adding/removing v2 encryption policy keys to/from the kernel.
The kernel requires that the new ioctls FS_IOC_ADD_ENCRYPTION_KEY and
FS_IOC_REMOVE_ENCRYPTION_KEY be used for this.  Root is not required.

However, non-root support brings an extra complication: the kernel keeps
track of which users have called FS_IOC_ADD_ENCRYPTION_KEY for the same
key.  FS_IOC_REMOVE_ENCRYPTION_KEY only works as one of these users, and
it only removes the calling user's claim to the key; the key is only
truly removed when the last claim is removed.

Implement the following behavior:

- 'fscrypt unlock' and pam_fscrypt add the key for the user, even if
  other user(s) have it added already.  This behavior is needed so that
  another user can't remove the key out from under the user.

- 'fscrypt lock' and pam_fscrypt remove the key for the user.  However,
  if the key wasn't truly removed because other users still have it
  added, 'fscrypt lock' prints a warning.

- 'fscrypt status' shows whether the directory is unlocked for anyone.

README.md		diff \| blob \| history
actions/context.go		diff \| blob \| history
actions/policy.go		diff \| blob \| history
cmd/fscrypt/commands.go		diff \| blob \| history
cmd/fscrypt/errors.go		diff \| blob \| history
cmd/fscrypt/flags.go		diff \| blob \| history
cmd/fscrypt/status.go		diff \| blob \| history
keyring/fs_keyring.go		diff \| blob \| history
keyring/keyring.go		diff \| blob \| history
keyring/keyring_test.go		diff \| blob \| history
pam_fscrypt/pam_fscrypt.go		diff \| blob \| history