diff options
author | Sascha Hauer <s.hauer@pengutronix.de> | 2018-09-07 14:36:45 +0200 |
---|---|---|
committer | Richard Weinberger <richard@nod.at> | 2018-10-23 13:49:01 +0200 |
commit | d8a22773a12c6d78ee758c9e530f3a488bb7cb29 (patch) | |
tree | 0c294033e71684c115bd30677155c3c1533751e3 /Documentation/filesystems | |
parent | ubifs: Do not update inode size in-place in authenticated mode (diff) | |
download | linux-d8a22773a12c6d78ee758c9e530f3a488bb7cb29.tar.xz linux-d8a22773a12c6d78ee758c9e530f3a488bb7cb29.zip |
ubifs: Enable authentication support
With the preparations all being done this patch now enables authentication
support for UBIFS. Authentication is enabled when the newly introduced
auth_key and auth_hash_name mount options are passed. auth_key provides
the key which is used for authentication whereas auth_hash_name provides
the hashing algorithm used for this FS. Passing these options make
authentication mandatory and only UBIFS images that can be authenticated
with the given key are allowed.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: Richard Weinberger <richard@nod.at>
Diffstat (limited to 'Documentation/filesystems')
-rw-r--r-- | Documentation/filesystems/ubifs.txt | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/Documentation/filesystems/ubifs.txt b/Documentation/filesystems/ubifs.txt index a0a61d2f389f..acc80442a3bb 100644 --- a/Documentation/filesystems/ubifs.txt +++ b/Documentation/filesystems/ubifs.txt @@ -91,6 +91,13 @@ chk_data_crc do not skip checking CRCs on data nodes compr=none override default compressor and set it to "none" compr=lzo override default compressor and set it to "lzo" compr=zlib override default compressor and set it to "zlib" +auth_key= specify the key used for authenticating the filesystem. + Passing this option makes authentication mandatory. + The passed key must be present in the kernel keyring + and must be of type 'logon' +auth_hash_name= The hash algorithm used for authentication. Used for + both hashing and for creating HMACs. Typical values + include "sha256" or "sha512" Quick usage instructions |