aboutsummaryrefslogtreecommitdiffstats
path: root/fs/partitions
diff options
context:
space:
mode:
authorMichael Halcrow <mhalcrow@us.ibm.com>2007-10-16 04:27:53 -0400
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-10-16 12:43:10 -0400
commitf4aad16adfb8f0a2d666fdf8af4bd0dff2ce75e4 (patch)
tree42e7f191d1a3a1e1375af24acc5c336b30c5c4d1 /fs/partitions
parentcce76f9b9696a59974be9ed43478c000c57e597a (diff)
eCryptfs: add key list structure; search keyring
Add support structures for handling multiple keys. The list in crypt_stat contains the key identifiers for all of the keys that should be used for encrypting each file's File Encryption Key (FEK). For now, each inode inherits this list from the mount-wide crypt_stat struct, via the ecryptfs_copy_mount_wide_sigs_to_inode_sigs() function. This patch also removes the global key tfm from the mount-wide crypt_stat struct, instead keeping a list of tfm's meant for dealing with the various inode FEK's. eCryptfs will now search the user's keyring for FEK's parsed from the existing file metadata, so the user can make keys available at any time before or after mounting. Now that multiple FEK packets can be written to the file metadata, we need to be more meticulous about size limits. The updates to the code for writing out packets to the file metadata makes sizes and limits more explicit, uniformly expressed, and (hopefully) easier to follow. Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: David Howells <dhowells@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs/partitions')
0 files changed, 0 insertions, 0 deletions