• Jaegeuk Kim's avatar
    fscrypto/f2fs: allow fs-specific key prefix for fs encryption · b5a7aef1
    Jaegeuk Kim authored
    This patch allows fscrypto to handle a second key prefix given by filesystem.
    The main reason is to provide backward compatibility, since previously f2fs
    used "f2fs:" as a crypto prefix instead of "fscrypt:".
    Later, ext4 should also provide key_prefix() to give "ext4:".
    One concern decribed by Ted would be kinda double check overhead of prefixes.
    In x86, for example, validate_user_key consumes 8 ms after boot-up, which turns
    out derive_key_aes() consumed most of the time to load specific crypto module.
    After such the cold miss, it shows almost zero latencies, which treats as a
    negligible overhead.
    Note that request_key() detects wrong prefix in prior to derive_key_aes() even.
    Cc: Ted Tso <tytso@mit.edu>
    Cc: stable@vger.kernel.org # v4.6
    Signed-off-by: default avatarJaegeuk Kim <jaegeuk@kernel.org>
Last commit
Last update
Kconfig Loading commit data...
Makefile Loading commit data...
crypto.c Loading commit data...
fname.c Loading commit data...
keyinfo.c Loading commit data...
policy.c Loading commit data...