Re: [PATCH v7 06/16] fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY ioctl

[PATCH v7 00/16] fscrypt: key management improvements · Eric Biggers <ebiggers@kernel.org> · 2019-07-26
[PATCH v7 01/16] fs, fscrypt: move uapi definitions to new header <linux/fscrypt.h> · Eric Biggers <ebiggers@kernel.org> · 2019-07-26
Re: [PATCH v7 01/16] fs, fscrypt: move uapi definitions to new header <linux/fscrypt.h> · "Theodore Y. Ts'o" <tytso@mit.edu> · 2019-07-28
[PATCH v7 03/16] fscrypt: use FSCRYPT_* definitions, not FS_* · Eric Biggers <ebiggers@kernel.org> · 2019-07-26
[PATCH v7 04/16] fscrypt: add ->ci_inode to fscrypt_info · Eric Biggers <ebiggers@kernel.org> · 2019-07-26
Re: [PATCH v7 04/16] fscrypt: add ->ci_inode to fscrypt_info · "Theodore Y. Ts'o" <tytso@mit.edu> · 2019-07-28
[PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl · Eric Biggers <ebiggers@kernel.org> · 2019-07-26
Re: [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl · "Theodore Y. Ts'o" <tytso@mit.edu> · 2019-07-28
Re: [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl · Eric Biggers <ebiggers@kernel.org> · 2019-07-29
Re: [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl · Eric Biggers <ebiggers@kernel.org> · 2019-07-31
Re: [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl · "Theodore Y. Ts'o" <tytso@mit.edu> · 2019-07-31
Re: [f2fs-dev] [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl · Eric Biggers <ebiggers@kernel.org> · 2019-08-01
Re: [f2fs-dev] [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl · "Theodore Y. Ts'o" <tytso@mit.edu> · 2019-08-01
Re: [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl · Eric Biggers <ebiggers@kernel.org> · 2019-08-01
Re: [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl · Eric Biggers <ebiggers@kernel.org> · 2019-08-01
Re: [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl · Eric Biggers <ebiggers@kernel.org> · 2019-08-01
Re: [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl · Eric Biggers <ebiggers@kernel.org> · 2019-08-02
Re: [PATCH v7 07/16] fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl · "Theodore Y. Ts'o" <tytso@mit.edu> · 2019-08-12
[PATCH v7 12/16] fscrypt: require that key be added when setting a v2 encryption policy · Eric Biggers <ebiggers@kernel.org> · 2019-07-26
Re: [PATCH v7 12/16] fscrypt: require that key be added when setting a v2 encryption policy · "Theodore Y. Ts'o" <tytso@mit.edu> · 2019-07-28
[PATCH v7 09/16] fscrypt: add an HKDF-SHA512 implementation · Eric Biggers <ebiggers@kernel.org> · 2019-07-26
Re: [PATCH v7 09/16] fscrypt: add an HKDF-SHA512 implementation · "Theodore Y. Ts'o" <tytso@mit.edu> · 2019-07-28
Re: [PATCH v7 09/16] fscrypt: add an HKDF-SHA512 implementation · Eric Biggers <ebiggers@kernel.org> · 2019-07-29
Re: [PATCH v7 09/16] fscrypt: add an HKDF-SHA512 implementation · James Bottomley <James.Bottomley@HansenPartnership.com> · 2019-07-29
[PATCH v7 13/16] ext4: wire up new fscrypt ioctls · Eric Biggers <ebiggers@kernel.org> · 2019-07-26
Re: [PATCH v7 13/16] ext4: wire up new fscrypt ioctls · "Theodore Y. Ts'o" <tytso@mit.edu> · 2019-07-28
[PATCH v7 14/16] f2fs: wire up new fscrypt ioctls · Eric Biggers <ebiggers@kernel.org> · 2019-07-26
Re: [PATCH v7 14/16] f2fs: wire up new fscrypt ioctls · Jaegeuk Kim <jaegeuk@kernel.org> · 2019-07-30
Re: [PATCH v7 14/16] f2fs: wire up new fscrypt ioctls · Chao Yu <hidden> · 2019-08-02
Re: [PATCH v7 14/16] f2fs: wire up new fscrypt ioctls · Eric Biggers <ebiggers@kernel.org> · 2019-08-02
[f2fs-dev] [PATCH v7 14/16] f2fs: wire up new fscrypt ioctls · Chao Yu <chao@kernel.org> · 2019-08-04
[PATCH v7 15/16] ubifs: wire up new fscrypt ioctls · Eric Biggers <ebiggers@kernel.org> · 2019-07-26
Re: [PATCH v7 15/16] ubifs: wire up new fscrypt ioctls · "Theodore Y. Ts'o" <tytso@mit.edu> · 2019-07-30
[PATCH v7 16/16] fscrypt: document the new ioctls and policy version · Eric Biggers <ebiggers@kernel.org> · 2019-07-26
Re: [PATCH v7 16/16] fscrypt: document the new ioctls and policy version · "Theodore Y. Ts'o" <tytso@mit.edu> · 2019-07-29
Re: [PATCH v7 16/16] fscrypt: document the new ioctls and policy version · Eric Biggers <ebiggers@kernel.org> · 2019-07-29
[PATCH v7 06/16] fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY ioctl · Eric Biggers <ebiggers@kernel.org> · 2019-07-26
Re: [PATCH v7 06/16] fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY ioctl · "Theodore Y. Ts'o" <tytso@mit.edu> · 2019-07-28
Re: [PATCH v7 06/16] fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY ioctl · Eric Biggers <ebiggers@kernel.org> · 2019-07-29
Re: [PATCH v7 06/16] fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY ioctl · "Theodore Y. Ts'o" <tytso@mit.edu> · 2019-07-29
[PATCH v7 11/16] fscrypt: allow unprivileged users to add/remove keys for v2 policies · Eric Biggers <ebiggers@kernel.org> · 2019-07-26
Re: [PATCH v7 11/16] fscrypt: allow unprivileged users to add/remove keys for v2 policies · "Theodore Y. Ts'o" <tytso@mit.edu> · 2019-07-28
[PATCH v7 10/16] fscrypt: v2 encryption policy support · Eric Biggers <ebiggers@kernel.org> · 2019-07-26
Re: [PATCH v7 10/16] fscrypt: v2 encryption policy support · "Theodore Y. Ts'o" <tytso@mit.edu> · 2019-07-28
Re: [PATCH v7 10/16] fscrypt: v2 encryption policy support · Eric Biggers <ebiggers@kernel.org> · 2019-07-29
[PATCH v7 05/16] fscrypt: refactor v1 policy key setup into keysetup_legacy.c · Eric Biggers <ebiggers@kernel.org> · 2019-07-26
Re: [PATCH v7 05/16] fscrypt: refactor v1 policy key setup into keysetup_legacy.c · "Theodore Y. Ts'o" <tytso@mit.edu> · 2019-07-28
Re: [PATCH v7 05/16] fscrypt: refactor v1 policy key setup into keysetup_legacy.c · Eric Biggers <ebiggers@kernel.org> · 2019-07-29
[PATCH v7 08/16] fscrypt: add FS_IOC_GET_ENCRYPTION_KEY_STATUS ioctl · Eric Biggers <ebiggers@kernel.org> · 2019-07-26
Re: [PATCH v7 08/16] fscrypt: add FS_IOC_GET_ENCRYPTION_KEY_STATUS ioctl · "Theodore Y. Ts'o" <tytso@mit.edu> · 2019-07-28
[PATCH v7 02/16] fscrypt: use FSCRYPT_ prefix for uapi constants · Eric Biggers <ebiggers@kernel.org> · 2019-07-26

From: "Theodore Y. Ts'o" <tytso@mit.edu>
Date: 2019-07-29 20:15:16
Also in: keyrings, linux-crypto, linux-ext4, linux-f2fs-devel, linux-fscrypt, linux-fsdevel

On Mon, Jul 29, 2019 at 12:46:45PM -0700, Eric Biggers wrote:

quoted

For that matter, we could just add a new ioctl which returns the file
system's keyring id.  That way an application program won't have to
try to figure out what a file's underlying sb->s_id happens to be.
(Especially if things like overlayfs are involved.)

Keep in mind that the new ioctls (FS_IOC_ADD_ENCRYPTION_KEY,
FS_IOC_REMOVE_ENCRYPTION_KEY, FS_IOC_GET_ENCRYPTION_KEY_STATUS) don't take the
keyring ID as a parameter, since it's already known from the filesystem the
ioctl is executed on.  So there actually isn't much that can be done with the
keyring ID.  But sure, if it's needed later we can add an API to get it.

Yeah, I was thinking about for testing/debugging purposes so that we
could use keyctl to examine the per-file system keyring and see what
keys are attached to a file system.  This is only going to be usable
by root, so I guess we can just try to figure it out by going through
/proc/keys and searching by sb->s_id.  If there are ambiguities that
make this hard to do, we can add an interface to make this easier.

     	       	      	     - Ted

______________________________________________________
Linux MTD discussion mailing list
http://lists.infradead.org/mailman/listinfo/linux-mtd/

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help