Re: [ANNOUNCE] e2fsprogs v1.46.0

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Eric Biggers <ebiggers@kernel.org>
To: Theodore Ts'o <tytso@mit.edu>
Cc: linux-ext4@vger.kernel.org
Subject: Re: [ANNOUNCE] e2fsprogs v1.46.0
Date: Tue, 2 Feb 2021 13:12:21 -0800	[thread overview]
Message-ID: <YBnANYriLeiVUM1K@gmail.com> (raw)
In-Reply-To: <YBmMlwBaoC58CARb@mit.edu>

On Tue, Feb 02, 2021 at 12:32:07PM -0500, Theodore Ts'o wrote:
> E2fsprogs now supports the stable_inodes (COMPAT_STABLE_INODES) feature.
> This needed to support the siphash file system encryption algorithm,
> which calculates the initial vector (IV) for encryption based on the
> UUID and the inode number.  This means that we can't renumber inodes
> (for example, when shrinking a file system) and the UUID can't be
> changed without breaking the ability to decrypt the encryption.

Note that in the new encryption formats which stable_inodes allows, the
encryption algorithm is still AES-256-XTS, not SipHash.  (SipHash is a hash
function, not an encryption algorithm.)  It's the key derivation and IV
generation method that change.

> E2fsprogs now supports file systems which have both file system
> encryption and the casefold feature enabled.  This requires Linux
> version 5.10.

The kernel patches for encrypt + casefold on ext4 haven't been merged yet.  So
this combination actually won't be supported until Linux 5.12 at the earliest.

- Eric

next prev parent reply	other threads:[~2021-02-02 21:13 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-02-02 17:32 [ANNOUNCE] e2fsprogs v1.46.0 Theodore Ts'o
2021-02-02 21:12 ` Eric Biggers [this message]
2021-02-03 11:43 ` Andreas Dilger
2021-02-03 11:43   ` Andreas Dilger

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YBnANYriLeiVUM1K@gmail.com \
    --to=ebiggers@kernel.org \
    --cc=linux-ext4@vger.kernel.org \
    --cc=tytso@mit.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.