fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS ioctl - linux

diff options

author	Eric Biggers <ebiggers@google.com>	2019-08-05 04:35:47 +0200
committer	Eric Biggers <ebiggers@google.com>	2019-08-13 04:18:50 +0200
commit	78a1b96bcf7a0721c7852bb1475218c3cbef884a (patch)
tree	c06a3abc722cba1df017467e0865c86671fb4ba8 /certs
parent	fscrypt: allow unprivileged users to add/remove keys for v2 policies (diff)
download	linux-78a1b96bcf7a0721c7852bb1475218c3cbef884a.tar.xz linux-78a1b96bcf7a0721c7852bb1475218c3cbef884a.zip

fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS ioctl

Add a root-only variant of the FS_IOC_REMOVE_ENCRYPTION_KEY ioctl which removes all users' claims of the key, not just the current user's claim. I.e., it always removes the key itself, no matter how many users have added it. This is useful for forcing a directory to be locked, without having to figure out which user ID(s) the key was added under. This is planned to be used by a command like 'sudo fscrypt lock DIR --all-users' in the fscrypt userspace tool (http://github.com/google/fscrypt). Reviewed-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com>

Diffstat (limited to 'certs')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: