diff options
author | Michael Halcrow <mhalcrow@google.com> | 2015-04-11 07:48:01 -0400 |
---|---|---|
committer | Theodore Ts'o <tytso@mit.edu> | 2015-04-11 07:48:01 -0400 |
commit | 9bd8212f981ea6375911fe055382ad7529be5b28 (patch) | |
tree | 1ff145c6d5986d4687230ca4918ae8d5dece40bc /fs/ext4/ext4_crypto.h | |
parent | 887e2c452255fbfdc8bdb891ff2066fb26908466 (diff) | |
download | linux-9bd8212f981ea6375911fe055382ad7529be5b28.tar.gz linux-9bd8212f981ea6375911fe055382ad7529be5b28.tar.bz2 linux-9bd8212f981ea6375911fe055382ad7529be5b28.zip |
ext4 crypto: add encryption policy and password salt support
Signed-off-by: Michael Halcrow <mhalcrow@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Ildar Muslukhov <muslukhovi@gmail.com>
Diffstat (limited to 'fs/ext4/ext4_crypto.h')
-rw-r--r-- | fs/ext4/ext4_crypto.h | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/fs/ext4/ext4_crypto.h b/fs/ext4/ext4_crypto.h new file mode 100644 index 000000000000..a69d2ba54bee --- /dev/null +++ b/fs/ext4/ext4_crypto.h @@ -0,0 +1,49 @@ +/* + * linux/fs/ext4/ext4_crypto.h + * + * Copyright (C) 2015, Google, Inc. + * + * This contains encryption header content for ext4 + * + * Written by Michael Halcrow, 2015. + */ + +#ifndef _EXT4_CRYPTO_H +#define _EXT4_CRYPTO_H + +#include <linux/fs.h> + +#define EXT4_KEY_DESCRIPTOR_SIZE 8 + +/* Policy provided via an ioctl on the topmost directory */ +struct ext4_encryption_policy { + char version; + char contents_encryption_mode; + char filenames_encryption_mode; + char master_key_descriptor[EXT4_KEY_DESCRIPTOR_SIZE]; +} __attribute__((__packed__)); + +#define EXT4_ENCRYPTION_CONTEXT_FORMAT_V1 1 +#define EXT4_KEY_DERIVATION_NONCE_SIZE 16 + +/** + * Encryption context for inode + * + * Protector format: + * 1 byte: Protector format (1 = this version) + * 1 byte: File contents encryption mode + * 1 byte: File names encryption mode + * 1 byte: Reserved + * 8 bytes: Master Key descriptor + * 16 bytes: Encryption Key derivation nonce + */ +struct ext4_encryption_context { + char format; + char contents_encryption_mode; + char filenames_encryption_mode; + char reserved; + char master_key_descriptor[EXT4_KEY_DESCRIPTOR_SIZE]; + char nonce[EXT4_KEY_DERIVATION_NONCE_SIZE]; +} __attribute__((__packed__)); + +#endif /* _EXT4_CRYPTO_H */ |