diff options
author | Michael Halcrow <mhalcrow@google.com> | 2015-04-12 06:43:56 +0200 |
---|---|---|
committer | Theodore Ts'o <tytso@mit.edu> | 2015-04-12 06:43:56 +0200 |
commit | b30ab0e03407d2aa2d9316cba199c757e4bfc8ad (patch) | |
tree | 900754eb3fe069f90bb5ea2c1df1ed88cf701eb5 /fs/ext4/Makefile | |
parent | ext4 crypto: add encryption policy and password salt support (diff) | |
download | linux-b30ab0e03407d2aa2d9316cba199c757e4bfc8ad.tar.xz linux-b30ab0e03407d2aa2d9316cba199c757e4bfc8ad.zip |
ext4 crypto: add ext4 encryption facilities
On encrypt, we will re-assign the buffer_heads to point to a bounce
page rather than the control_page (which is the original page to write
that contains the plaintext). The block I/O occurs against the bounce
page. On write completion, we re-assign the buffer_heads to the
original plaintext page.
On decrypt, we will attach a read completion callback to the bio
struct. This read completion will decrypt the read contents in-place
prior to setting the page up-to-date.
The current encryption mode, AES-256-XTS, lacks cryptographic
integrity. AES-256-GCM is in-plan, but we will need to devise a
mechanism for handling the integrity data.
Signed-off-by: Michael Halcrow <mhalcrow@google.com>
Signed-off-by: Ildar Muslukhov <ildarm@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Diffstat (limited to 'fs/ext4/Makefile')
-rw-r--r-- | fs/ext4/Makefile | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/ext4/Makefile b/fs/ext4/Makefile index 3886ee45f556..1b1c5619523d 100644 --- a/fs/ext4/Makefile +++ b/fs/ext4/Makefile @@ -12,4 +12,4 @@ ext4-y := balloc.o bitmap.o dir.o file.o fsync.o ialloc.o inode.o page-io.o \ ext4-$(CONFIG_EXT4_FS_POSIX_ACL) += acl.o ext4-$(CONFIG_EXT4_FS_SECURITY) += xattr_security.o -ext4-$(CONFIG_EXT4_FS_ENCRYPTION) += crypto_policy.o +ext4-$(CONFIG_EXT4_FS_ENCRYPTION) += crypto_policy.o crypto.o |