From: Eric Biggers <ebiggers@kernel.org>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: linux-fscrypt@vger.kernel.org, linux-ext4@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net,
linux-mtd@lists.infradead.org, linux-fsdevel@vger.kernel.org,
linux-kernel@vger.kernel.org, Theodore Ts'o <tytso@mit.edu>,
Jaegeuk Kim <jaegeuk@kernel.org>,
Daniel Rosenberg <drosen@google.com>
Subject: [GIT PULL] fscrypt updates for 5.6
Date: Mon, 27 Jan 2020 17:46:53 -0800 [thread overview]
Message-ID: <20200128014653.GA960@sol.localdomain> (raw)
The following changes since commit fd6988496e79a6a4bdb514a4655d2920209eb85d:
Linux 5.5-rc4 (2019-12-29 15:29:16 -0800)
are available in the Git repository at:
https://git.kernel.org/pub/scm/fs/fscrypt/fscrypt.git tags/fscrypt-for-linus
for you to fetch changes up to edc440e3d27fb31e6f9663cf413fad97d714c060:
fscrypt: improve format of no-key names (2020-01-22 14:50:03 -0800)
----------------------------------------------------------------
- Extend the FS_IOC_ADD_ENCRYPTION_KEY ioctl to allow the raw key to be
provided via a keyring key.
- Prepare for the new dirhash method (SipHash of plaintext name) that
will be used by directories that are both encrypted and casefolded.
- Switch to a new format for "no-key names" that prepares for the new
dirhash method, and also fixes a longstanding bug where multiple
filenames could map to the same no-key name.
- Allow the crypto algorithms used by fscrypt to be built as loadable
modules when the fscrypt-capable filesystems are.
- Optimize fscrypt_zeroout_range().
- Various cleanups.
----------------------------------------------------------------
Daniel Rosenberg (3):
fscrypt: don't allow v1 policies with casefolding
fscrypt: derive dirhash key for casefolded directories
fscrypt: improve format of no-key names
Eric Biggers (22):
fscrypt: support passing a keyring key to FS_IOC_ADD_ENCRYPTION_KEY
fscrypt: use crypto_skcipher_driver_name()
fscrypt: verify that the crypto_skcipher has the correct ivsize
fscrypt: constify struct fscrypt_hkdf parameter to fscrypt_hkdf_expand()
fscrypt: constify inode parameter to filename encryption functions
fscrypt: move fscrypt_d_revalidate() to fname.c
fscrypt: introduce fscrypt_needs_contents_encryption()
fscrypt: split up fscrypt_supported_policy() by policy version
fscrypt: check for appropriate use of DIRECT_KEY flag earlier
fscrypt: move fscrypt_valid_enc_modes() to policy.c
fscrypt: remove fscrypt_is_direct_key_policy()
fscrypt: don't check for ENOKEY from fscrypt_get_encryption_info()
fscrypt: include <linux/ioctl.h> in UAPI header
fscrypt: remove redundant bi_status check
fscrypt: optimize fscrypt_zeroout_range()
fscrypt: document gfp_flags for bounce page allocation
ubifs: use IS_ENCRYPTED() instead of ubifs_crypt_is_encrypted()
fscrypt: don't print name of busy file when removing key
fscrypt: add "fscrypt_" prefix to fname_encrypt()
fscrypt: clarify what is meant by a per-file key
ubifs: don't trigger assertion on invalid no-key filename
ubifs: allow both hash and disk name to be provided in no-key names
Herbert Xu (1):
fscrypt: Allow modular crypto algorithms
Documentation/filesystems/fscrypt.rst | 75 ++++++--
fs/crypto/Kconfig | 22 ++-
fs/crypto/bio.c | 114 ++++++++----
fs/crypto/crypto.c | 57 +-----
fs/crypto/fname.c | 316 +++++++++++++++++++++++++++-------
fs/crypto/fscrypt_private.h | 58 +++----
fs/crypto/hkdf.c | 2 +-
fs/crypto/hooks.c | 47 ++++-
fs/crypto/keyring.c | 147 +++++++++++++---
fs/crypto/keysetup.c | 102 ++++++-----
fs/crypto/keysetup_v1.c | 19 +-
fs/crypto/policy.c | 170 ++++++++++++------
fs/ext4/Kconfig | 1 +
fs/ext4/dir.c | 2 +-
fs/f2fs/Kconfig | 1 +
fs/f2fs/dir.c | 2 +-
fs/inode.c | 3 +-
fs/ubifs/Kconfig | 1 +
fs/ubifs/dir.c | 16 +-
fs/ubifs/file.c | 4 +-
fs/ubifs/journal.c | 10 +-
fs/ubifs/key.h | 1 -
fs/ubifs/ubifs.h | 7 -
include/linux/fscrypt.h | 122 +++++--------
include/uapi/linux/fscrypt.h | 14 +-
25 files changed, 864 insertions(+), 449 deletions(-)
next reply other threads:[~2020-01-28 1:46 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-28 1:46 Eric Biggers [this message]
2020-01-28 23:40 ` [GIT PULL] fscrypt updates for 5.6 pr-tracker-bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200128014653.GA960@sol.localdomain \
--to=ebiggers@kernel.org \
--cc=drosen@google.com \
--cc=jaegeuk@kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mtd@lists.infradead.org \
--cc=torvalds@linux-foundation.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).