• Jaegeuk Kim's avatar
    fscrypto/f2fs: allow fs-specific key prefix for fs encryption · b5a7aef1
    Jaegeuk Kim authored
    This patch allows fscrypto to handle a second key prefix given by filesystem.
    The main reason is to provide backward compatibility, since previously f2fs
    used "f2fs:" as a crypto prefix instead of "fscrypt:".
    Later, ext4 should also provide key_prefix() to give "ext4:".
    
    One concern decribed by Ted would be kinda double check overhead of prefixes.
    In x86, for example, validate_user_key consumes 8 ms after boot-up, which turns
    out derive_key_aes() consumed most of the time to load specific crypto module.
    After such the cold miss, it shows almost zero latencies, which treats as a
    negligible overhead.
    Note that request_key() detects wrong prefix in prior to derive_key_aes() even.
    
    Cc: Ted Tso <tytso@mit.edu>
    Cc: stable@vger.kernel.org # v4.6
    Signed-off-by: default avatarJaegeuk Kim <jaegeuk@kernel.org>
    b5a7aef1
Name
Last commit
Last update
..
Kconfig Loading commit data...
Makefile Loading commit data...
crypto.c Loading commit data...
fname.c Loading commit data...
keyinfo.c Loading commit data...
policy.c Loading commit data...