From: Eric Biggers <ebiggers3@gmail.com> To: linux-fscrypt@vger.kernel.org Cc: linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-mtd@lists.infradead.org, linux-api@vger.kernel.org, keyrings@vger.kernel.org, "Theodore Y . Ts'o" <tytso@mit.edu>, Jaegeuk Kim <jaegeuk@kernel.org>, Gwendal Grignou <gwendal@chromium.org>, Ryo Hashimoto <hashimoto@chromium.org>, Sarthak Kukreti <sarthakkukreti@chromium.org>, Nick Desaulniers <ndesaulniers@google.com>, Michael Halcrow <mhalcrow@google.com>, Eric Biggers <ebiggers@google.com> Subject: [RFC PATCH 12/25] ext4 crypto: wire up new ioctls for managing encryption keys Date: Mon, 23 Oct 2017 14:40:45 -0700 [thread overview] Message-ID: <20171023214058.128121-13-ebiggers3@gmail.com> (raw) In-Reply-To: <20171023214058.128121-1-ebiggers3@gmail.com> From: Eric Biggers <ebiggers@google.com> Signed-off-by: Eric Biggers <ebiggers@google.com> --- fs/ext4/ioctl.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/fs/ext4/ioctl.c b/fs/ext4/ioctl.c index afb66d4ab5cf..b8a6765a556f 100644 --- a/fs/ext4/ioctl.c +++ b/fs/ext4/ioctl.c @@ -978,6 +978,21 @@ long ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) case EXT4_IOC_GET_ENCRYPTION_POLICY: return fscrypt_ioctl_get_policy(filp, (void __user *)arg); + case FS_IOC_ADD_ENCRYPTION_KEY: + if (!ext4_has_feature_encrypt(sb)) + return -EOPNOTSUPP; + return fscrypt_ioctl_add_key(filp, (void __user *)arg); + + case FS_IOC_REMOVE_ENCRYPTION_KEY: + if (!ext4_has_feature_encrypt(sb)) + return -EOPNOTSUPP; + return fscrypt_ioctl_remove_key(filp, (const void __user *)arg); + + case FS_IOC_GET_ENCRYPTION_KEY_STATUS: + if (!ext4_has_feature_encrypt(sb)) + return -EOPNOTSUPP; + return fscrypt_ioctl_get_key_status(filp, (void __user *)arg); + case EXT4_IOC_FSGETXATTR: { struct fsxattr fa; @@ -1102,6 +1117,9 @@ long ext4_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg) case EXT4_IOC_SET_ENCRYPTION_POLICY: case EXT4_IOC_GET_ENCRYPTION_PWSALT: case EXT4_IOC_GET_ENCRYPTION_POLICY: + case FS_IOC_ADD_ENCRYPTION_KEY: + case FS_IOC_REMOVE_ENCRYPTION_KEY: + case FS_IOC_GET_ENCRYPTION_KEY_STATUS: case EXT4_IOC_SHUTDOWN: case FS_IOC_GETFSMAP: break; -- 2.15.0.rc0.271.g36b669edcc-goog
WARNING: multiple messages have this Message-ID (diff)
From: Eric Biggers <ebiggers3@gmail.com> To: linux-fscrypt@vger.kernel.org Cc: linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-mtd@lists.infradead.org, linux-api@vger.kernel.org, keyrings@vger.kernel.org, "Theodore Y . Ts'o" <tytso@mit.edu>, Jaegeuk Kim <jaegeuk@kernel.org>, Gwendal Grignou <gwendal@chromium.org>, Ryo Hashimoto <hashimoto@chromium.org>, Sarthak Kukreti <sarthakkukreti@chromium.org>, Nick Desaulniers <ndesaulniers@google.com>, Michael Halcrow <mhalcrow@google.com>, Eric Biggers <ebiggers@google.com> Subject: [RFC PATCH 12/25] ext4 crypto: wire up new ioctls for managing encryption keys Date: Mon, 23 Oct 2017 21:40:45 +0000 [thread overview] Message-ID: <20171023214058.128121-13-ebiggers3@gmail.com> (raw) In-Reply-To: <20171023214058.128121-1-ebiggers3@gmail.com> From: Eric Biggers <ebiggers@google.com> Signed-off-by: Eric Biggers <ebiggers@google.com> --- fs/ext4/ioctl.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/fs/ext4/ioctl.c b/fs/ext4/ioctl.c index afb66d4ab5cf..b8a6765a556f 100644 --- a/fs/ext4/ioctl.c +++ b/fs/ext4/ioctl.c @@ -978,6 +978,21 @@ long ext4_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) case EXT4_IOC_GET_ENCRYPTION_POLICY: return fscrypt_ioctl_get_policy(filp, (void __user *)arg); + case FS_IOC_ADD_ENCRYPTION_KEY: + if (!ext4_has_feature_encrypt(sb)) + return -EOPNOTSUPP; + return fscrypt_ioctl_add_key(filp, (void __user *)arg); + + case FS_IOC_REMOVE_ENCRYPTION_KEY: + if (!ext4_has_feature_encrypt(sb)) + return -EOPNOTSUPP; + return fscrypt_ioctl_remove_key(filp, (const void __user *)arg); + + case FS_IOC_GET_ENCRYPTION_KEY_STATUS: + if (!ext4_has_feature_encrypt(sb)) + return -EOPNOTSUPP; + return fscrypt_ioctl_get_key_status(filp, (void __user *)arg); + case EXT4_IOC_FSGETXATTR: { struct fsxattr fa; @@ -1102,6 +1117,9 @@ long ext4_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg) case EXT4_IOC_SET_ENCRYPTION_POLICY: case EXT4_IOC_GET_ENCRYPTION_PWSALT: case EXT4_IOC_GET_ENCRYPTION_POLICY: + case FS_IOC_ADD_ENCRYPTION_KEY: + case FS_IOC_REMOVE_ENCRYPTION_KEY: + case FS_IOC_GET_ENCRYPTION_KEY_STATUS: case EXT4_IOC_SHUTDOWN: case FS_IOC_GETFSMAP: break; -- 2.15.0.rc0.271.g36b669edcc-goog
next prev parent reply other threads:[~2017-10-23 21:40 UTC|newest] Thread overview: 92+ messages / expand[flat|nested] mbox.gz Atom feed top 2017-10-23 21:40 [RFC PATCH 00/25] fscrypt: filesystem-level keyring and v2 policy support Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` [RFC PATCH 01/25] fs, fscrypt: move uapi definitions to new header <linux/fscrypt.h> Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-27 18:01 ` Michael Halcrow 2017-10-27 18:01 ` Michael Halcrow 2017-10-23 21:40 ` [RFC PATCH 02/25] fscrypt: use FSCRYPT_ prefix for uapi constants Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-27 18:02 ` Michael Halcrow 2017-10-27 18:02 ` Michael Halcrow via Linux-f2fs-devel 2017-10-27 18:02 ` Michael Halcrow 2017-10-23 21:40 ` [RFC PATCH 03/25] fscrypt: use FSCRYPT_* definitions, not FS_* Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-27 18:06 ` Michael Halcrow 2017-10-27 18:06 ` Michael Halcrow 2017-10-27 18:06 ` Michael Halcrow 2017-10-23 21:40 ` [RFC PATCH 04/25] fscrypt: refactor finding and deriving key Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-27 18:23 ` Michael Halcrow 2017-10-27 18:23 ` Michael Halcrow 2017-10-23 21:40 ` [RFC PATCH 05/25] fs: add ->s_master_keys to struct super_block Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-27 18:26 ` Michael Halcrow 2017-10-27 18:26 ` Michael Halcrow 2017-10-27 18:26 ` Michael Halcrow 2017-10-23 21:40 ` [RFC PATCH 06/25] fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY ioctl Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-27 20:14 ` Michael Halcrow 2017-10-27 20:14 ` Michael Halcrow 2017-10-23 21:40 ` [RFC PATCH 07/25] fs/inode.c: export inode_lru_list_del() Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-27 20:28 ` Michael Halcrow 2017-10-27 20:28 ` Michael Halcrow 2017-10-27 20:28 ` Michael Halcrow 2017-10-23 21:40 ` [RFC PATCH 08/25] fs/inode.c: rename and export dispose_list() Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` [RFC PATCH 09/25] fs/dcache.c: add shrink_dcache_inode() Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` [RFC PATCH 10/25] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` [RFC PATCH 11/25] fscrypt: add FS_IOC_GET_ENCRYPTION_KEY_STATUS ioctl Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers [this message] 2017-10-23 21:40 ` [RFC PATCH 12/25] ext4 crypto: wire up new ioctls for managing encryption keys Eric Biggers 2017-10-23 21:40 ` [RFC PATCH 13/25] f2fs " Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` [RFC PATCH 14/25] ubifs " Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` [RFC PATCH 15/25] fscrypt: add UAPI definitions to get/set v2 encryption policies Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` [RFC PATCH 16/25] fscrypt: implement basic handling of " Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` [RFC PATCH 17/25] fscrypt: add an HKDF-SHA512 implementation Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` [RFC PATCH 18/25] fscrypt: allow adding and removing keys for v2 encryption policies Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` [RFC PATCH 19/25] fscrypt: use HKDF-SHA512 to derive the per-file keys for v2 policies Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` [RFC PATCH 20/25] fscrypt: allow unprivileged users to add/remove " Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` [RFC PATCH 21/25] fscrypt: require that key be added when setting a v2 encryption policy Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` [RFC PATCH 22/25] ext4 crypto: wire up FS_IOC_GET_ENCRYPTION_POLICY_EX Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` [RFC PATCH 23/25] f2fs " Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` [RFC PATCH 24/25] ubifs " Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` [RFC PATCH 25/25] fscrypt: document the new ioctls and policy version Eric Biggers 2017-10-23 21:40 ` Eric Biggers 2017-10-23 21:40 ` Eric Biggers
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20171023214058.128121-13-ebiggers3@gmail.com \ --to=ebiggers3@gmail.com \ --cc=ebiggers@google.com \ --cc=gwendal@chromium.org \ --cc=hashimoto@chromium.org \ --cc=jaegeuk@kernel.org \ --cc=keyrings@vger.kernel.org \ --cc=linux-api@vger.kernel.org \ --cc=linux-ext4@vger.kernel.org \ --cc=linux-f2fs-devel@lists.sourceforge.net \ --cc=linux-fscrypt@vger.kernel.org \ --cc=linux-fsdevel@vger.kernel.org \ --cc=linux-mtd@lists.infradead.org \ --cc=mhalcrow@google.com \ --cc=ndesaulniers@google.com \ --cc=sarthakkukreti@chromium.org \ --cc=tytso@mit.edu \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.