diff options
author | Eric Biggers <ebiggers@google.com> | 2019-08-04 19:35:47 -0700 |
---|---|---|
committer | Eric Biggers <ebiggers@google.com> | 2019-08-12 19:18:50 -0700 |
commit | 78a1b96bcf7a0721c7852bb1475218c3cbef884a (patch) | |
tree | c06a3abc722cba1df017467e0865c86671fb4ba8 /include/uapi/linux/fscrypt.h | |
parent | 23c688b54016eed15d39f4387ca9da241e165922 (diff) | |
download | linux-stable-78a1b96bcf7a0721c7852bb1475218c3cbef884a.tar.gz linux-stable-78a1b96bcf7a0721c7852bb1475218c3cbef884a.tar.bz2 linux-stable-78a1b96bcf7a0721c7852bb1475218c3cbef884a.zip |
fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS ioctl
Add a root-only variant of the FS_IOC_REMOVE_ENCRYPTION_KEY ioctl which
removes all users' claims of the key, not just the current user's claim.
I.e., it always removes the key itself, no matter how many users have
added it.
This is useful for forcing a directory to be locked, without having to
figure out which user ID(s) the key was added under. This is planned to
be used by a command like 'sudo fscrypt lock DIR --all-users' in the
fscrypt userspace tool (http://github.com/google/fscrypt).
Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Diffstat (limited to 'include/uapi/linux/fscrypt.h')
-rw-r--r-- | include/uapi/linux/fscrypt.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/uapi/linux/fscrypt.h b/include/uapi/linux/fscrypt.h index b9fb775e3db8..39ccfe9311c3 100644 --- a/include/uapi/linux/fscrypt.h +++ b/include/uapi/linux/fscrypt.h @@ -148,6 +148,7 @@ struct fscrypt_get_key_status_arg { #define FS_IOC_GET_ENCRYPTION_POLICY_EX _IOWR('f', 22, __u8[9]) /* size + version */ #define FS_IOC_ADD_ENCRYPTION_KEY _IOWR('f', 23, struct fscrypt_add_key_arg) #define FS_IOC_REMOVE_ENCRYPTION_KEY _IOWR('f', 24, struct fscrypt_remove_key_arg) +#define FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS _IOWR('f', 25, struct fscrypt_remove_key_arg) #define FS_IOC_GET_ENCRYPTION_KEY_STATUS _IOWR('f', 26, struct fscrypt_get_key_status_arg) /**********************************************************************/ |