#define FS_IOC_GET_ENCRYPTION_PWSALT _IOW('f', 20, __u8[16])
#define FS_IOC_GET_ENCRYPTION_POLICY _IOW('f', 21, struct fscrypt_policy_v1)
#define FS_IOC_GET_ENCRYPTION_POLICY_EX _IOWR('f', 22, __u8[9]) /* size + version */
+#define FS_IOC_GET_ENCRYPTION_POLICY_EX_RESTRICTED _IOWR('f', 22, struct fscrypt_get_policy_ex_arg) /* size + version */
#define FS_IOC_ADD_ENCRYPTION_KEY _IOWR('f', 23, struct fscrypt_add_key_arg)
#define FS_IOC_ADD_ENCRYPTION_KEY64 _IOWR('f', 23, struct fscrypt_add_key64_arg)
#define FS_IOC_REMOVE_ENCRYPTION_KEY _IOWR('f', 24, struct fscrypt_remove_key_arg)
package metadata
+/*
+#include "../keyring/fscrypt_uapi.h"
+
+long long fs_ioc_get_encryption_policy_ex_restricted = FS_IOC_GET_ENCRYPTION_POLICY_EX_RESTRICTED;
+
+*/
+import "C"
+
import (
"encoding/hex"
"fmt"
arg.Size = uint64(unsafe.Sizeof(arg.Policy))
policyPtr := util.Ptr(arg.Policy[:])
err = getPolicyIoctl(file, unix.FS_IOC_GET_ENCRYPTION_POLICY_EX, unsafe.Pointer(&arg))
+ if err == unix.ERANGE {
+ err = getPolicyIoctl(file, uintptr(C.fs_ioc_get_encryption_policy_ex_restricted), unsafe.Pointer(&arg))
+ }
if err == unix.ENOTTY {
// Fall back to the old version of the ioctl. This works for v1 policies only.
err = getPolicyIoctl(file, unix.FS_IOC_GET_ENCRYPTION_POLICY, policyPtr)
projects / fscrypt.git / commitdiff