git.apps.os.sepia.ceph.com Git - fscrypt.git/commit

author	Eric Biggers <ebiggers@google.com>
	Mon, 16 Dec 2019 03:31:39 +0000 (19:31 -0800)
committer	Eric Biggers <ebiggers@google.com>
	Sun, 5 Jan 2020 18:02:13 +0000 (10:02 -0800)
commit	6ffc9457945a9484d2757cc4b01de35426502d0a
tree	e9838735ddb17c595123a1e30cee56fc534de4bc	tree \| snapshot
parent	462d166d5355d33a05271d24de4d52f30dd62f67	commit \| diff

keyring: support filesystem keyring with v1 encryption policies

Linux v5.4 and later allows fscrypt keys to be added/removed directly
to/from the filesystem via the new ioctls FS_IOC_ADD_ENCRYPTION_KEY and
FS_IOC_REMOVE_ENCRYPTION_KEY.  Among other benefits, these fix the key
visibility problems that many users have been running into, where system
services and containers can't access encrypted files.

Allow the user to opt-in to using these new ioctls for their existing
encrypted directories by setting in their /etc/fscrypt.conf:

"use_fs_keyring_for_v1_policies": true

Note that it can't really be on by default, since for v1 policies the
ioctls require root, whereas user keyrings don't.  I.e., setting this to
true means that users will need to use 'sudo fscrypt unlock', not
'fscrypt unlock'.  v2 policies won't have this restriction.

actions/context.go		diff \| blob \| history
actions/policy.go		diff \| blob \| history
cmd/fscrypt/status.go		diff \| blob \| history
keyring/fs_keyring.go	[new file with mode: 0644]	blob
keyring/keyring.go		diff \| blob \| history
keyring/keyring_test.go		diff \| blob \| history
keyring/user_keyring.go		diff \| blob \| history
metadata/config_test.go		diff \| blob \| history
metadata/metadata.pb.go		diff \| blob \| history
metadata/metadata.proto		diff \| blob \| history