From: "André Draszik" <git@andred.net>
To: linux-kernel@vger.kernel.org
Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>,
David Howells <dhowells@redhat.com>,
James Morris <james.l.morris@oracle.com>,
"Serge E. Hallyn" <serge@hallyn.com>,
"Theodore Y. Ts'o" <tytso@mit.edu>,
Jaegeuk Kim <jaegeuk@kernel.org>,
Kees Cook <keescook@chromium.org>,
linux-integrity@vger.kernel.org, keyrings@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-fscrypt@vger.kernel.org
Subject: [PATCH 2/3] fscrypt: add support for the encrypted key type
Date: Wed, 10 Jan 2018 12:44:17 +0000 [thread overview]
Message-ID: <20180110124418.24385-2-git@andred.net> (raw)
In-Reply-To: <20180110124418.24385-1-git@andred.net>
We now try to acquire the key according to the
encryption policy from both key types, 'logon'
as well as 'encrypted'.
Signed-off-by: André Draszik <git@andred.net>
Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: David Howells <dhowells@redhat.com>
Cc: James Morris <james.l.morris@oracle.com>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Cc: "Theodore Y. Ts'o" <tytso@mit.edu>
Cc: Jaegeuk Kim <jaegeuk@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: linux-integrity@vger.kernel.org
Cc: keyrings@vger.kernel.org
Cc: linux-security-module@vger.kernel.org
Cc: linux-fscrypt@vger.kernel.org
---
fs/crypto/keyinfo.c | 58 +++++++++++++++++++++++++++++++++++------------------
1 file changed, 38 insertions(+), 20 deletions(-)
diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c
index 5e6e846f5a24..023fa19fec48 100644
--- a/fs/crypto/keyinfo.c
+++ b/fs/crypto/keyinfo.c
@@ -10,6 +10,7 @@
*/
#include <keys/user-type.h>
+#include <keys/encrypted-type.h>
#include <linux/scatterlist.h>
#include <linux/ratelimit.h>
#include <crypto/aes.h>
@@ -66,14 +67,20 @@ static int derive_key_aes(u8 deriving_key[FS_AES_128_ECB_KEY_SIZE],
return res;
}
-static int validate_user_key(struct fscrypt_info *crypt_info,
+static inline struct key *fscrypt_get_encrypted_key(const char *sig)
+{
+ if (IS_ENABLED(CONFIG_ENCRYPTED_KEYS))
+ return request_key(&key_type_encrypted, sig, NULL);
+ return ERR_PTR(-ENOKEY);
+}
+
+static int validate_keyring_key(struct fscrypt_info *crypt_info,
struct fscrypt_context *ctx, u8 *raw_key,
const char *prefix, int min_keysize)
{
char *description;
struct key *keyring_key;
struct fscrypt_key *master_key;
- const struct user_key_payload *ukp;
int res;
description = kasprintf(GFP_NOFS, "%s%*phN", prefix,
@@ -83,28 +90,39 @@ static int validate_user_key(struct fscrypt_info *crypt_info,
return -ENOMEM;
keyring_key = request_key(&key_type_logon, description, NULL);
+ if (IS_ERR(keyring_key))
+ keyring_key = fscrypt_get_encrypted_key(description);
kfree(description);
if (IS_ERR(keyring_key))
return PTR_ERR(keyring_key);
down_read(&keyring_key->sem);
- if (keyring_key->type != &key_type_logon) {
+ if (keyring_key->type = &key_type_logon) {
+ const struct user_key_payload *ukp;
+
+ ukp = user_key_payload_locked(keyring_key);
+ if (!ukp) {
+ /* key was revoked before we acquired its semaphore */
+ res = -EKEYREVOKED;
+ goto out;
+ }
+ if (ukp->datalen != sizeof(struct fscrypt_key)) {
+ res = -EINVAL;
+ goto out;
+ }
+ master_key = (struct fscrypt_key *)ukp->data;
+ } else if (keyring_key->type = &key_type_encrypted) {
+ const struct encrypted_key_payload *ekp;
+
+ ekp = keyring_key->payload.data[0];
+ master_key = (struct fscrypt_key *)ekp->payload_data;
+ } else {
printk_once(KERN_WARNING
- "%s: key type must be logon\n", __func__);
+ "%s: key type must be logon or encrypted\n",
+ __func__);
res = -ENOKEY;
goto out;
}
- ukp = user_key_payload_locked(keyring_key);
- if (!ukp) {
- /* key was revoked before we acquired its semaphore */
- res = -EKEYREVOKED;
- goto out;
- }
- if (ukp->datalen != sizeof(struct fscrypt_key)) {
- res = -EINVAL;
- goto out;
- }
- master_key = (struct fscrypt_key *)ukp->data;
BUILD_BUG_ON(FS_AES_128_ECB_KEY_SIZE != FS_KEY_DERIVATION_NONCE_SIZE);
if (master_key->size < min_keysize || master_key->size > FS_MAX_KEY_SIZE
@@ -302,12 +320,12 @@ int fscrypt_get_encryption_info(struct inode *inode)
if (!raw_key)
goto out;
- res = validate_user_key(crypt_info, &ctx, raw_key, FS_KEY_DESC_PREFIX,
- keysize);
+ res = validate_keyring_key(crypt_info, &ctx, raw_key,
+ FS_KEY_DESC_PREFIX, keysize);
if (res && inode->i_sb->s_cop->key_prefix) {
- int res2 = validate_user_key(crypt_info, &ctx, raw_key,
- inode->i_sb->s_cop->key_prefix,
- keysize);
+ int res2 = validate_keyring_key(crypt_info, &ctx, raw_key,
+ inode->i_sb->s_cop->key_prefix,
+ keysize);
if (res2) {
if (res2 = -ENOKEY)
res = -ENOKEY;
--
2.15.1
--
To unsubscribe from this list: send the line "unsubscribe keyrings" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
WARNING: multiple messages have this Message-ID (diff)
From: "André Draszik" <git@andred.net>
To: linux-kernel@vger.kernel.org
Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>,
David Howells <dhowells@redhat.com>,
James Morris <james.l.morris@oracle.com>,
"Serge E. Hallyn" <serge@hallyn.com>,
"Theodore Y. Ts'o" <tytso@mit.edu>,
Jaegeuk Kim <jaegeuk@kernel.org>,
Kees Cook <keescook@chromium.org>,
linux-integrity@vger.kernel.org, keyrings@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-fscrypt@vger.kernel.org
Subject: [PATCH 2/3] fscrypt: add support for the encrypted key type
Date: Wed, 10 Jan 2018 12:44:17 +0000 [thread overview]
Message-ID: <20180110124418.24385-2-git@andred.net> (raw)
In-Reply-To: <20180110124418.24385-1-git@andred.net>
We now try to acquire the key according to the
encryption policy from both key types, 'logon'
as well as 'encrypted'.
Signed-off-by: André Draszik <git@andred.net>
Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: David Howells <dhowells@redhat.com>
Cc: James Morris <james.l.morris@oracle.com>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Cc: "Theodore Y. Ts'o" <tytso@mit.edu>
Cc: Jaegeuk Kim <jaegeuk@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: linux-integrity@vger.kernel.org
Cc: keyrings@vger.kernel.org
Cc: linux-security-module@vger.kernel.org
Cc: linux-fscrypt@vger.kernel.org
---
fs/crypto/keyinfo.c | 58 +++++++++++++++++++++++++++++++++++------------------
1 file changed, 38 insertions(+), 20 deletions(-)
diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c
index 5e6e846f5a24..023fa19fec48 100644
--- a/fs/crypto/keyinfo.c
+++ b/fs/crypto/keyinfo.c
@@ -10,6 +10,7 @@
*/
#include <keys/user-type.h>
+#include <keys/encrypted-type.h>
#include <linux/scatterlist.h>
#include <linux/ratelimit.h>
#include <crypto/aes.h>
@@ -66,14 +67,20 @@ static int derive_key_aes(u8 deriving_key[FS_AES_128_ECB_KEY_SIZE],
return res;
}
-static int validate_user_key(struct fscrypt_info *crypt_info,
+static inline struct key *fscrypt_get_encrypted_key(const char *sig)
+{
+ if (IS_ENABLED(CONFIG_ENCRYPTED_KEYS))
+ return request_key(&key_type_encrypted, sig, NULL);
+ return ERR_PTR(-ENOKEY);
+}
+
+static int validate_keyring_key(struct fscrypt_info *crypt_info,
struct fscrypt_context *ctx, u8 *raw_key,
const char *prefix, int min_keysize)
{
char *description;
struct key *keyring_key;
struct fscrypt_key *master_key;
- const struct user_key_payload *ukp;
int res;
description = kasprintf(GFP_NOFS, "%s%*phN", prefix,
@@ -83,28 +90,39 @@ static int validate_user_key(struct fscrypt_info *crypt_info,
return -ENOMEM;
keyring_key = request_key(&key_type_logon, description, NULL);
+ if (IS_ERR(keyring_key))
+ keyring_key = fscrypt_get_encrypted_key(description);
kfree(description);
if (IS_ERR(keyring_key))
return PTR_ERR(keyring_key);
down_read(&keyring_key->sem);
- if (keyring_key->type != &key_type_logon) {
+ if (keyring_key->type == &key_type_logon) {
+ const struct user_key_payload *ukp;
+
+ ukp = user_key_payload_locked(keyring_key);
+ if (!ukp) {
+ /* key was revoked before we acquired its semaphore */
+ res = -EKEYREVOKED;
+ goto out;
+ }
+ if (ukp->datalen != sizeof(struct fscrypt_key)) {
+ res = -EINVAL;
+ goto out;
+ }
+ master_key = (struct fscrypt_key *)ukp->data;
+ } else if (keyring_key->type == &key_type_encrypted) {
+ const struct encrypted_key_payload *ekp;
+
+ ekp = keyring_key->payload.data[0];
+ master_key = (struct fscrypt_key *)ekp->payload_data;
+ } else {
printk_once(KERN_WARNING
- "%s: key type must be logon\n", __func__);
+ "%s: key type must be logon or encrypted\n",
+ __func__);
res = -ENOKEY;
goto out;
}
- ukp = user_key_payload_locked(keyring_key);
- if (!ukp) {
- /* key was revoked before we acquired its semaphore */
- res = -EKEYREVOKED;
- goto out;
- }
- if (ukp->datalen != sizeof(struct fscrypt_key)) {
- res = -EINVAL;
- goto out;
- }
- master_key = (struct fscrypt_key *)ukp->data;
BUILD_BUG_ON(FS_AES_128_ECB_KEY_SIZE != FS_KEY_DERIVATION_NONCE_SIZE);
if (master_key->size < min_keysize || master_key->size > FS_MAX_KEY_SIZE
@@ -302,12 +320,12 @@ int fscrypt_get_encryption_info(struct inode *inode)
if (!raw_key)
goto out;
- res = validate_user_key(crypt_info, &ctx, raw_key, FS_KEY_DESC_PREFIX,
- keysize);
+ res = validate_keyring_key(crypt_info, &ctx, raw_key,
+ FS_KEY_DESC_PREFIX, keysize);
if (res && inode->i_sb->s_cop->key_prefix) {
- int res2 = validate_user_key(crypt_info, &ctx, raw_key,
- inode->i_sb->s_cop->key_prefix,
- keysize);
+ int res2 = validate_keyring_key(crypt_info, &ctx, raw_key,
+ inode->i_sb->s_cop->key_prefix,
+ keysize);
if (res2) {
if (res2 == -ENOKEY)
res = -ENOKEY;
--
2.15.1
WARNING: multiple messages have this Message-ID (diff)
From: "André Draszik" <git@andred.net>
To: linux-kernel@vger.kernel.org
Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>,
David Howells <dhowells@redhat.com>,
James Morris <james.l.morris@oracle.com>,
"Serge E. Hallyn" <serge@hallyn.com>,
"Theodore Y. Ts'o" <tytso@mit.edu>,
Jaegeuk Kim <jaegeuk@kernel.org>,
Kees Cook <keescook@chromium.org>,
linux-integrity@vger.kernel.org, keyrings@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-fscrypt@vger.kernel.org
Subject: [PATCH 2/3] fscrypt: add support for the encrypted key type
Date: Wed, 10 Jan 2018 12:44:17 +0000 [thread overview]
Message-ID: <20180110124418.24385-2-git@andred.net> (raw)
In-Reply-To: <20180110124418.24385-1-git@andred.net>
We now try to acquire the key according to the
encryption policy from both key types, 'logon'
as well as 'encrypted'.
Signed-off-by: Andre Draszik <git@andred.net>
Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: David Howells <dhowells@redhat.com>
Cc: James Morris <james.l.morris@oracle.com>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Cc: "Theodore Y. Ts'o" <tytso@mit.edu>
Cc: Jaegeuk Kim <jaegeuk@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: linux-integrity@vger.kernel.org
Cc: keyrings@vger.kernel.org
Cc: linux-security-module@vger.kernel.org
Cc: linux-fscrypt@vger.kernel.org
---
fs/crypto/keyinfo.c | 58 +++++++++++++++++++++++++++++++++++------------------
1 file changed, 38 insertions(+), 20 deletions(-)
diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c
index 5e6e846f5a24..023fa19fec48 100644
--- a/fs/crypto/keyinfo.c
+++ b/fs/crypto/keyinfo.c
@@ -10,6 +10,7 @@
*/
#include <keys/user-type.h>
+#include <keys/encrypted-type.h>
#include <linux/scatterlist.h>
#include <linux/ratelimit.h>
#include <crypto/aes.h>
@@ -66,14 +67,20 @@ static int derive_key_aes(u8 deriving_key[FS_AES_128_ECB_KEY_SIZE],
return res;
}
-static int validate_user_key(struct fscrypt_info *crypt_info,
+static inline struct key *fscrypt_get_encrypted_key(const char *sig)
+{
+ if (IS_ENABLED(CONFIG_ENCRYPTED_KEYS))
+ return request_key(&key_type_encrypted, sig, NULL);
+ return ERR_PTR(-ENOKEY);
+}
+
+static int validate_keyring_key(struct fscrypt_info *crypt_info,
struct fscrypt_context *ctx, u8 *raw_key,
const char *prefix, int min_keysize)
{
char *description;
struct key *keyring_key;
struct fscrypt_key *master_key;
- const struct user_key_payload *ukp;
int res;
description = kasprintf(GFP_NOFS, "%s%*phN", prefix,
@@ -83,28 +90,39 @@ static int validate_user_key(struct fscrypt_info *crypt_info,
return -ENOMEM;
keyring_key = request_key(&key_type_logon, description, NULL);
+ if (IS_ERR(keyring_key))
+ keyring_key = fscrypt_get_encrypted_key(description);
kfree(description);
if (IS_ERR(keyring_key))
return PTR_ERR(keyring_key);
down_read(&keyring_key->sem);
- if (keyring_key->type != &key_type_logon) {
+ if (keyring_key->type == &key_type_logon) {
+ const struct user_key_payload *ukp;
+
+ ukp = user_key_payload_locked(keyring_key);
+ if (!ukp) {
+ /* key was revoked before we acquired its semaphore */
+ res = -EKEYREVOKED;
+ goto out;
+ }
+ if (ukp->datalen != sizeof(struct fscrypt_key)) {
+ res = -EINVAL;
+ goto out;
+ }
+ master_key = (struct fscrypt_key *)ukp->data;
+ } else if (keyring_key->type == &key_type_encrypted) {
+ const struct encrypted_key_payload *ekp;
+
+ ekp = keyring_key->payload.data[0];
+ master_key = (struct fscrypt_key *)ekp->payload_data;
+ } else {
printk_once(KERN_WARNING
- "%s: key type must be logon\n", __func__);
+ "%s: key type must be logon or encrypted\n",
+ __func__);
res = -ENOKEY;
goto out;
}
- ukp = user_key_payload_locked(keyring_key);
- if (!ukp) {
- /* key was revoked before we acquired its semaphore */
- res = -EKEYREVOKED;
- goto out;
- }
- if (ukp->datalen != sizeof(struct fscrypt_key)) {
- res = -EINVAL;
- goto out;
- }
- master_key = (struct fscrypt_key *)ukp->data;
BUILD_BUG_ON(FS_AES_128_ECB_KEY_SIZE != FS_KEY_DERIVATION_NONCE_SIZE);
if (master_key->size < min_keysize || master_key->size > FS_MAX_KEY_SIZE
@@ -302,12 +320,12 @@ int fscrypt_get_encryption_info(struct inode *inode)
if (!raw_key)
goto out;
- res = validate_user_key(crypt_info, &ctx, raw_key, FS_KEY_DESC_PREFIX,
- keysize);
+ res = validate_keyring_key(crypt_info, &ctx, raw_key,
+ FS_KEY_DESC_PREFIX, keysize);
if (res && inode->i_sb->s_cop->key_prefix) {
- int res2 = validate_user_key(crypt_info, &ctx, raw_key,
- inode->i_sb->s_cop->key_prefix,
- keysize);
+ int res2 = validate_keyring_key(crypt_info, &ctx, raw_key,
+ inode->i_sb->s_cop->key_prefix,
+ keysize);
if (res2) {
if (res2 == -ENOKEY)
res = -ENOKEY;
--
2.15.1
WARNING: multiple messages have this Message-ID (diff)
From: git@andred.net (André Draszik)
To: linux-security-module@vger.kernel.org
Subject: [PATCH 2/3] fscrypt: add support for the encrypted key type
Date: Wed, 10 Jan 2018 12:44:17 +0000 [thread overview]
Message-ID: <20180110124418.24385-2-git@andred.net> (raw)
In-Reply-To: <20180110124418.24385-1-git@andred.net>
We now try to acquire the key according to the
encryption policy from both key types, 'logon'
as well as 'encrypted'.
Signed-off-by: Andr? Draszik <git@andred.net>
Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: David Howells <dhowells@redhat.com>
Cc: James Morris <james.l.morris@oracle.com>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Cc: "Theodore Y. Ts'o" <tytso@mit.edu>
Cc: Jaegeuk Kim <jaegeuk@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: linux-integrity at vger.kernel.org
Cc: keyrings at vger.kernel.org
Cc: linux-security-module at vger.kernel.org
Cc: linux-fscrypt at vger.kernel.org
---
fs/crypto/keyinfo.c | 58 +++++++++++++++++++++++++++++++++++------------------
1 file changed, 38 insertions(+), 20 deletions(-)
diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c
index 5e6e846f5a24..023fa19fec48 100644
--- a/fs/crypto/keyinfo.c
+++ b/fs/crypto/keyinfo.c
@@ -10,6 +10,7 @@
*/
#include <keys/user-type.h>
+#include <keys/encrypted-type.h>
#include <linux/scatterlist.h>
#include <linux/ratelimit.h>
#include <crypto/aes.h>
@@ -66,14 +67,20 @@ static int derive_key_aes(u8 deriving_key[FS_AES_128_ECB_KEY_SIZE],
return res;
}
-static int validate_user_key(struct fscrypt_info *crypt_info,
+static inline struct key *fscrypt_get_encrypted_key(const char *sig)
+{
+ if (IS_ENABLED(CONFIG_ENCRYPTED_KEYS))
+ return request_key(&key_type_encrypted, sig, NULL);
+ return ERR_PTR(-ENOKEY);
+}
+
+static int validate_keyring_key(struct fscrypt_info *crypt_info,
struct fscrypt_context *ctx, u8 *raw_key,
const char *prefix, int min_keysize)
{
char *description;
struct key *keyring_key;
struct fscrypt_key *master_key;
- const struct user_key_payload *ukp;
int res;
description = kasprintf(GFP_NOFS, "%s%*phN", prefix,
@@ -83,28 +90,39 @@ static int validate_user_key(struct fscrypt_info *crypt_info,
return -ENOMEM;
keyring_key = request_key(&key_type_logon, description, NULL);
+ if (IS_ERR(keyring_key))
+ keyring_key = fscrypt_get_encrypted_key(description);
kfree(description);
if (IS_ERR(keyring_key))
return PTR_ERR(keyring_key);
down_read(&keyring_key->sem);
- if (keyring_key->type != &key_type_logon) {
+ if (keyring_key->type == &key_type_logon) {
+ const struct user_key_payload *ukp;
+
+ ukp = user_key_payload_locked(keyring_key);
+ if (!ukp) {
+ /* key was revoked before we acquired its semaphore */
+ res = -EKEYREVOKED;
+ goto out;
+ }
+ if (ukp->datalen != sizeof(struct fscrypt_key)) {
+ res = -EINVAL;
+ goto out;
+ }
+ master_key = (struct fscrypt_key *)ukp->data;
+ } else if (keyring_key->type == &key_type_encrypted) {
+ const struct encrypted_key_payload *ekp;
+
+ ekp = keyring_key->payload.data[0];
+ master_key = (struct fscrypt_key *)ekp->payload_data;
+ } else {
printk_once(KERN_WARNING
- "%s: key type must be logon\n", __func__);
+ "%s: key type must be logon or encrypted\n",
+ __func__);
res = -ENOKEY;
goto out;
}
- ukp = user_key_payload_locked(keyring_key);
- if (!ukp) {
- /* key was revoked before we acquired its semaphore */
- res = -EKEYREVOKED;
- goto out;
- }
- if (ukp->datalen != sizeof(struct fscrypt_key)) {
- res = -EINVAL;
- goto out;
- }
- master_key = (struct fscrypt_key *)ukp->data;
BUILD_BUG_ON(FS_AES_128_ECB_KEY_SIZE != FS_KEY_DERIVATION_NONCE_SIZE);
if (master_key->size < min_keysize || master_key->size > FS_MAX_KEY_SIZE
@@ -302,12 +320,12 @@ int fscrypt_get_encryption_info(struct inode *inode)
if (!raw_key)
goto out;
- res = validate_user_key(crypt_info, &ctx, raw_key, FS_KEY_DESC_PREFIX,
- keysize);
+ res = validate_keyring_key(crypt_info, &ctx, raw_key,
+ FS_KEY_DESC_PREFIX, keysize);
if (res && inode->i_sb->s_cop->key_prefix) {
- int res2 = validate_user_key(crypt_info, &ctx, raw_key,
- inode->i_sb->s_cop->key_prefix,
- keysize);
+ int res2 = validate_keyring_key(crypt_info, &ctx, raw_key,
+ inode->i_sb->s_cop->key_prefix,
+ keysize);
if (res2) {
if (res2 == -ENOKEY)
res = -ENOKEY;
--
2.15.1
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2018-01-10 12:44 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-10 12:44 [PATCH 1/3] encrypted-keys: add fscrypt format support André Draszik
2018-01-10 12:44 ` André Draszik
2018-01-10 12:44 ` André Draszik
2018-01-10 12:44 ` André Draszik
2018-01-10 12:44 ` André Draszik [this message]
2018-01-10 12:44 ` [PATCH 2/3] fscrypt: add support for the encrypted key type André Draszik
2018-01-10 12:44 ` André Draszik
2018-01-10 12:44 ` André Draszik
2018-01-10 12:44 ` [PATCH 3/3] encrypted-keys: document new fscrypt key format André Draszik
2018-01-10 12:44 ` André Draszik
2018-01-10 12:44 ` André Draszik
2018-01-10 12:44 ` André Draszik
2018-01-11 4:48 ` Eric Biggers
2018-01-11 4:48 ` Eric Biggers
2018-01-11 4:48 ` Eric Biggers
2018-01-11 4:48 ` Eric Biggers
2018-01-11 4:48 ` Eric Biggers
2018-01-17 14:38 ` André Draszik
2018-01-17 14:38 ` André Draszik
2018-01-17 14:38 ` André Draszik
2018-01-17 14:38 ` André Draszik
2018-01-17 18:05 ` Theodore Ts'o
2018-01-17 18:05 ` Theodore Ts'o
2018-01-17 18:05 ` Theodore Ts'o
2018-01-17 18:05 ` Theodore Ts'o
2018-01-17 18:05 ` Theodore Ts'o
2018-01-19 9:16 ` André Draszik
2018-01-19 9:16 ` André Draszik
2018-01-19 9:16 ` André Draszik
2018-01-19 9:16 ` André Draszik
2018-01-11 4:00 ` [PATCH 1/3] encrypted-keys: add fscrypt format support Eric Biggers
2018-01-11 4:00 ` Eric Biggers
2018-01-11 4:00 ` Eric Biggers
2018-01-11 4:00 ` Eric Biggers
2018-01-11 4:00 ` Eric Biggers
2018-01-17 14:13 ` [PATCH v2 1/2] fscrypt: add support for the encrypted key type André Draszik
2018-01-17 14:13 ` [PATCH v2 2/2] fscrypt: update documentation for encrypted key support André Draszik
2018-01-18 0:39 ` [PATCH v2 1/2] fscrypt: add support for the encrypted key type Eric Biggers
2018-01-18 0:39 ` Eric Biggers
2018-01-17 14:29 ` [PATCH 1/3] encrypted-keys: add fscrypt format support André Draszik
2018-01-17 14:29 ` André Draszik
2018-01-17 14:29 ` André Draszik
2018-01-17 14:29 ` André Draszik
2018-01-18 0:18 ` Eric Biggers
2018-01-18 0:18 ` Eric Biggers
2018-01-18 0:18 ` Eric Biggers
2018-01-18 0:18 ` Eric Biggers
2018-01-18 0:18 ` Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180110124418.24385-2-git@andred.net \
--to=git@andred.net \
--cc=dhowells@redhat.com \
--cc=jaegeuk@kernel.org \
--cc=james.l.morris@oracle.com \
--cc=keescook@chromium.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=serge@hallyn.com \
--cc=tytso@mit.edu \
--cc=zohar@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.