summaryrefslogtreecommitdiffstats
path: root/fs/ext4/ext4_crypto.h
diff options
context:
space:
mode:
authorMichael Halcrow <mhalcrow@google.com>2015-04-11 07:48:01 -0400
committerTheodore Ts'o <tytso@mit.edu>2015-04-11 07:48:01 -0400
commit9bd8212f981ea6375911fe055382ad7529be5b28 (patch)
tree1ff145c6d5986d4687230ca4918ae8d5dece40bc /fs/ext4/ext4_crypto.h
parent887e2c452255fbfdc8bdb891ff2066fb26908466 (diff)
downloadlinux-9bd8212f981ea6375911fe055382ad7529be5b28.tar.gz
linux-9bd8212f981ea6375911fe055382ad7529be5b28.tar.bz2
linux-9bd8212f981ea6375911fe055382ad7529be5b28.zip
ext4 crypto: add encryption policy and password salt support
Signed-off-by: Michael Halcrow <mhalcrow@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Ildar Muslukhov <muslukhovi@gmail.com>
Diffstat (limited to 'fs/ext4/ext4_crypto.h')
-rw-r--r--fs/ext4/ext4_crypto.h49
1 files changed, 49 insertions, 0 deletions
diff --git a/fs/ext4/ext4_crypto.h b/fs/ext4/ext4_crypto.h
new file mode 100644
index 000000000000..a69d2ba54bee
--- /dev/null
+++ b/fs/ext4/ext4_crypto.h
@@ -0,0 +1,49 @@
+/*
+ * linux/fs/ext4/ext4_crypto.h
+ *
+ * Copyright (C) 2015, Google, Inc.
+ *
+ * This contains encryption header content for ext4
+ *
+ * Written by Michael Halcrow, 2015.
+ */
+
+#ifndef _EXT4_CRYPTO_H
+#define _EXT4_CRYPTO_H
+
+#include <linux/fs.h>
+
+#define EXT4_KEY_DESCRIPTOR_SIZE 8
+
+/* Policy provided via an ioctl on the topmost directory */
+struct ext4_encryption_policy {
+ char version;
+ char contents_encryption_mode;
+ char filenames_encryption_mode;
+ char master_key_descriptor[EXT4_KEY_DESCRIPTOR_SIZE];
+} __attribute__((__packed__));
+
+#define EXT4_ENCRYPTION_CONTEXT_FORMAT_V1 1
+#define EXT4_KEY_DERIVATION_NONCE_SIZE 16
+
+/**
+ * Encryption context for inode
+ *
+ * Protector format:
+ * 1 byte: Protector format (1 = this version)
+ * 1 byte: File contents encryption mode
+ * 1 byte: File names encryption mode
+ * 1 byte: Reserved
+ * 8 bytes: Master Key descriptor
+ * 16 bytes: Encryption Key derivation nonce
+ */
+struct ext4_encryption_context {
+ char format;
+ char contents_encryption_mode;
+ char filenames_encryption_mode;
+ char reserved;
+ char master_key_descriptor[EXT4_KEY_DESCRIPTOR_SIZE];
+ char nonce[EXT4_KEY_DERIVATION_NONCE_SIZE];
+} __attribute__((__packed__));
+
+#endif /* _EXT4_CRYPTO_H */