summaryrefslogtreecommitdiffstats
path: root/fs/ext4/crypto_policy.c
diff options
context:
space:
mode:
authorTheodore Ts'o <tytso@mit.edu>2015-04-16 07:56:00 +0200
committerTheodore Ts'o <tytso@mit.edu>2015-04-16 07:56:00 +0200
commit6ddb2447846a8ece111e316a2863c2355023682d (patch)
treee56b2d3100baf35e7d99d79ff411c28bf8c5f4c2 /fs/ext4/crypto_policy.c
parentext4 crypto: add symlink encryption (diff)
downloadlinux-6ddb2447846a8ece111e316a2863c2355023682d.tar.xz
linux-6ddb2447846a8ece111e316a2863c2355023682d.zip
ext4 crypto: enable encryption feature flag
Also add the test dummy encryption mode flag so we can more easily test the encryption patches using xfstests. Signed-off-by: Michael Halcrow <mhalcrow@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Diffstat (limited to 'fs/ext4/crypto_policy.c')
-rw-r--r--fs/ext4/crypto_policy.c18
1 files changed, 15 insertions, 3 deletions
diff --git a/fs/ext4/crypto_policy.c b/fs/ext4/crypto_policy.c
index 749ed6e91e50..30eaf9e9864a 100644
--- a/fs/ext4/crypto_policy.c
+++ b/fs/ext4/crypto_policy.c
@@ -169,13 +169,25 @@ int ext4_inherit_context(struct inode *parent, struct inode *child)
EXT4_XATTR_NAME_ENCRYPTION_CONTEXT,
&ctx, sizeof(ctx));
- if (res != sizeof(ctx))
- return -ENOENT;
-
+ if (res != sizeof(ctx)) {
+ if (DUMMY_ENCRYPTION_ENABLED(EXT4_SB(parent->i_sb))) {
+ ctx.format = EXT4_ENCRYPTION_CONTEXT_FORMAT_V1;
+ ctx.contents_encryption_mode =
+ EXT4_ENCRYPTION_MODE_AES_256_XTS;
+ ctx.filenames_encryption_mode =
+ EXT4_ENCRYPTION_MODE_AES_256_CTS;
+ memset(ctx.master_key_descriptor, 0x42,
+ EXT4_KEY_DESCRIPTOR_SIZE);
+ res = 0;
+ } else {
+ goto out;
+ }
+ }
get_random_bytes(ctx.nonce, EXT4_KEY_DERIVATION_NONCE_SIZE);
res = ext4_xattr_set(child, EXT4_XATTR_INDEX_ENCRYPTION,
EXT4_XATTR_NAME_ENCRYPTION_CONTEXT, &ctx,
sizeof(ctx), 0);
+out:
if (!res)
ext4_set_inode_flag(child, EXT4_INODE_ENCRYPT);
return res;