__u8 master_key_identifier[FSCRYPT_KEY_IDENTIFIER_SIZE];
};
+struct fscrypt_policy_arg {
+ union {
+ struct fscrypt_policy_v1 v1;
+ struct fscrypt_policy_v2 v2;
+ } policy;
+}; /* output */
+
/* Struct passed to FS_IOC_GET_ENCRYPTION_POLICY_EX */
struct fscrypt_get_policy_ex_arg {
__u64 policy_size; /* input/output */
};
#define FS_IOC_SET_ENCRYPTION_POLICY _IOR('f', 19, struct fscrypt_policy_v1)
+#define FS_IOC_SET_ENCRYPTION_POLICY_RESTRICTED _IOWR('f', 19, struct fscrypt_policy_arg)
#define FS_IOC_GET_ENCRYPTION_PWSALT _IOW('f', 20, __u8[16])
#define FS_IOC_GET_ENCRYPTION_POLICY _IOW('f', 21, struct fscrypt_policy_v1)
#define FS_IOC_GET_ENCRYPTION_POLICY_EX _IOWR('f', 22, __u8[9]) /* size + version */
#include "../keyring/fscrypt_uapi.h"
long long fs_ioc_get_encryption_policy_ex_restricted = FS_IOC_GET_ENCRYPTION_POLICY_EX_RESTRICTED;
+long long fs_ioc_set_encryption_policy_restricted = FS_IOC_SET_ENCRYPTION_POLICY_RESTRICTED;
*/
import "C"
}
func setPolicy(file *os.File, arg unsafe.Pointer) error {
+ log.Printf("FS_IOC_SET_ENCRYPTION_KEY");
_, _, errno := unix.Syscall(unix.SYS_IOCTL, file.Fd(), unix.FS_IOC_SET_ENCRYPTION_POLICY, uintptr(arg))
+ if errno == unix.EINVAL {
+ log.Printf("FS_IOC_SET_ENCRYPTION_KEY_RESTRICTED");
+ _, _, errno = unix.Syscall(unix.SYS_IOCTL, file.Fd(), uintptr(C.fs_ioc_set_encryption_policy_restricted), uintptr(arg))
+ }
if errno != 0 {
return errno
}
projects / fscrypt.git / commitdiff