linux/fs/crypto
Eric Biggers 78a1b96bcf fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS ioctl
Add a root-only variant of the FS_IOC_REMOVE_ENCRYPTION_KEY ioctl which
removes all users' claims of the key, not just the current user's claim.
I.e., it always removes the key itself, no matter how many users have
added it.

This is useful for forcing a directory to be locked, without having to
figure out which user ID(s) the key was added under.  This is planned to
be used by a command like 'sudo fscrypt lock DIR --all-users' in the
fscrypt userspace tool (http://github.com/google/fscrypt).

Reviewed-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Eric Biggers <ebiggers@google.com>
2019-08-12 19:18:50 -07:00
..
bio.c fscrypt: decrypt only the needed blocks in __fscrypt_decrypt_bio() 2019-05-28 10:27:53 -07:00
crypto.c fscrypt: v2 encryption policy support 2019-08-12 19:18:50 -07:00
fname.c fscrypt: v2 encryption policy support 2019-08-12 19:18:50 -07:00
fscrypt_private.h fscrypt: allow unprivileged users to add/remove keys for v2 policies 2019-08-12 19:18:50 -07:00
hkdf.c fscrypt: add an HKDF-SHA512 implementation 2019-08-12 19:18:50 -07:00
hooks.c fscrypt: make fscrypt_msg() take inode instead of super_block 2019-08-12 19:04:44 -07:00
Kconfig fscrypt: add an HKDF-SHA512 implementation 2019-08-12 19:18:50 -07:00
keyring.c fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS ioctl 2019-08-12 19:18:50 -07:00
keysetup_v1.c fscrypt: v2 encryption policy support 2019-08-12 19:18:50 -07:00
keysetup.c fscrypt: allow unprivileged users to add/remove keys for v2 policies 2019-08-12 19:18:50 -07:00
Makefile fscrypt: add an HKDF-SHA512 implementation 2019-08-12 19:18:50 -07:00
policy.c fscrypt: v2 encryption policy support 2019-08-12 19:18:50 -07:00