From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from bombadil.infradead.org ([198.137.202.9]:34067 "EHLO bombadil.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756529AbcCUPjj (ORCPT ); Mon, 21 Mar 2016 11:39:39 -0400 Date: Mon, 21 Mar 2016 08:39:38 -0700 From: Christoph Hellwig To: Jaegeuk Kim Cc: Christoph Hellwig , linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net Subject: Re: [PATCH] f2fs: support access control via key management Message-ID: <20160321153938.GB27230@infradead.org> References: <1457571168-56724-1-git-send-email-jaegeuk@kernel.org> <20160315072422.GB11669@infradead.org> <20160315163725.GA78436@jaegeuk.gateway> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20160315163725.GA78436@jaegeuk.gateway> Sender: linux-fsdevel-owner@vger.kernel.org List-ID: On Tue, Mar 15, 2016 at 09:37:25AM -0700, Jaegeuk Kim wrote: > I agree that I must follow FS convention here. > But, in order to make this clear out, could you please elaborate why this is not > allowed? > > I wrote this patch totally based on per-file encryption in which users cannot > access their files if they have no right key. > The only difference is that this controls user access with a key only, neither > encrypting file data nor dentries. > > This was initiated by UX in android letting nobody be able to access the files > that owner wants to protect by passcode or fingerprint. > > Does it make no sense to support this by filesystems? I don't think it does. But if you want to argue for it you should a) support it in the VFS b) document the exact semantics c) ensure linux-man and linux-api are on the Cc list.