aha/fs/ecryptfs
Michael Halcrow 9c79f34f7e eCryptfs: Filename Encryption: Tag 70 packets
This patchset implements filename encryption via a passphrase-derived
mount-wide Filename Encryption Key (FNEK) specified as a mount parameter.
Each encrypted filename has a fixed prefix indicating that eCryptfs should
try to decrypt the filename.  When eCryptfs encounters this prefix, it
decodes the filename into a tag 70 packet and then decrypts the packet
contents using the FNEK, setting the filename to the decrypted filename.
Both unencrypted and encrypted filenames can reside in the same lower
filesystem.

Because filename encryption expands the length of the filename during the
encoding stage, eCryptfs will not properly handle filenames that are
already near the maximum filename length.

In the present implementation, eCryptfs must be able to produce a match
against the lower encrypted and encoded filename representation when given
a plaintext filename.  Therefore, two files having the same plaintext name
will encrypt and encode into the same lower filename if they are both
encrypted using the same FNEK.  This can be changed by finding a way to
replace the prepended bytes in the blocked-aligned filename with random
characters; they are hashes of the FNEK right now, so that it is possible
to deterministically map from a plaintext filename to an encrypted and
encoded filename in the lower filesystem.  An implementation using random
characters will have to decode and decrypt every single directory entry in
any given directory any time an event occurs wherein the VFS needs to
determine whether a particular file exists in the lower directory and the
decrypted and decoded filenames have not yet been extracted for that
directory.

Thanks to Tyler Hicks and David Kleikamp for assistance in the development
of this patchset.

This patch:

A tag 70 packet contains a filename encrypted with a Filename Encryption
Key (FNEK).  This patch implements functions for writing and parsing tag
70 packets.  This patch also adds definitions and extends structures to
support filename encryption.

Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com>
Cc: Dustin Kirkland <dustin.kirkland@gmail.com>
Cc: Eric Sandeen <sandeen@redhat.com>
Cc: Tyler Hicks <tchicks@us.ibm.com>
Cc: David Kleikamp <shaggy@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-01-06 15:59:21 -08:00
..
crypto.c eCryptfs: Filename Encryption: Tag 70 packets 2009-01-06 15:59:21 -08:00
debug.c eCryptfs: update comment and debug statement 2007-10-16 09:43:11 -07:00
dentry.c eCryptfs: Swap dput() and mntput() 2008-03-19 18:53:36 -07:00
ecryptfs_kernel.h eCryptfs: Filename Encryption: Tag 70 packets 2009-01-06 15:59:21 -08:00
file.c add a vfs_fsync helper 2009-01-05 11:54:28 -05:00
inode.c inode->i_op is never NULL 2009-01-05 11:54:28 -05:00
keystore.c eCryptfs: Filename Encryption: Tag 70 packets 2009-01-06 15:59:21 -08:00
kthread.c CRED: Pass credentials through dentry_open() 2008-11-14 10:39:22 +11:00
main.c CRED: Pass credentials through dentry_open() 2008-11-14 10:39:22 +11:00
Makefile eCryptfs: remove netlink transport 2008-10-16 11:21:39 -07:00
messaging.c User namespaces: set of cleanups (v2) 2008-11-24 18:57:41 -05:00
miscdev.c User namespaces: set of cleanups (v2) 2008-11-24 18:57:41 -05:00
mmap.c fs: symlink write_begin allocation context fix 2009-01-04 13:33:20 -08:00
read_write.c eCryptfs: remove unnecessary page decrypt call 2008-06-06 11:29:09 -07:00
super.c ecryptfs: remove debug as mount option, and warn if set via modprobe 2008-02-06 10:41:12 -08:00