Lines Matching full:filesystem
2 Filesystem-level encryption (fscrypt)
25 Unlike dm-crypt, fscrypt operates at the filesystem level rather than
28 filesystem. This is useful for multi-user systems where each user's
30 However, except for filenames, fscrypt does not encrypt filesystem
33 Unlike eCryptfs, which is a stacked filesystem, fscrypt is integrated
66 if an attacker is able to manipulate the filesystem offline prior to
67 an authorized user later accessing the filesystem.
157 access. Because of filesystem caching, the wrong key will then be
252 filesystem's inode table, and there didn't appear to be any
288 number, and filesystem UUID. This normally results in all files
292 Consequently, shrinking the filesystem may not be allowed.
472 to the filesystem block size. On some filesystems, users can select
484 filesystem blocks into a smaller number of filesystem blocks.
634 filesystem block size, inclusively. The default value of 0 selects
635 the filesystem block size.
638 data unit size smaller than the filesystem block size for
690 Note that the ext4 filesystem does not allow the root directory to be
692 filesystem with one key should consider using dm-crypt instead.
712 - ``ENOTTY``: this type of filesystem does not implement encryption
714 support for filesystems, or the filesystem superblock has not
716 ext4 filesystem, CONFIG_FS_ENCRYPTION must be enabled in the
721 the root directory of an ext4 filesystem
722 - ``EROFS``: the filesystem is readonly
769 - ``ENOTTY``: this type of filesystem does not implement encryption,
773 support for this filesystem, or the filesystem superblock has not
799 Getting the per-filesystem salt
804 generated 16-byte value stored in the filesystem superblock. This
829 the filesystem, making all files on the filesystem which were
831 It can be executed on any file or directory on the target filesystem,
832 but using the filesystem's root directory is recommended. It takes in
898 allow re-adding keys after a filesystem is unmounted and re-mounted,
935 - ``ENOTTY``: this type of filesystem does not implement encryption
937 support for this filesystem, or the filesystem superblock has not
982 with a filesystem-specific prefix such as "ext4:". However, the
983 filesystem-specific prefixes are deprecated and should not be used in
1009 encryption key from the filesystem, and possibly removes the key
1011 filesystem, but using the filesystem's root directory is recommended.
1080 - ``ENOTTY``: this type of filesystem does not implement encryption
1082 support for this filesystem, or the filesystem superblock has not
1107 the target filesystem, but using the filesystem's root directory is
1158 - ``ENOTTY``: this type of filesystem does not implement encryption
1160 support for this filesystem, or the filesystem superblock has not
1169 the filesystem-level keyring, i.e. the keyring managed by
1212 - The ext4 filesystem does not support data journaling with encrypted
1219 EXT4 filesystem with a 4K block size, unencrypted symlinks can be up
1229 Some filesystem operations may be performed on encrypted regular
1314 when mounting the filesystem.
1325 Currently fscrypt always uses the filesystem block size (which is
1341 the filesystem must be mounted with ``-o inlinecrypt`` and inline
1345 * The I/O request must be fully aligned to the filesystem block size.
1348 must be multiples of this value. Note that the filesystem block
1429 filename hashes. When a ->lookup() is requested, the filesystem
1437 impossible for the filesystem's fsck tool to optimize encrypted
1440 asked to do a ->lookup() with the key, the filesystem just encrypts
1447 the filesystem just base64url-decodes the user-supplied name to get
1454 filesystem-specific hash(es) needed for directory lookups. This
1455 allows the filesystem to still, with a high degree of confidence, map
1469 filesystem test suite. First, run all the tests in the "encrypt"
1470 group on the relevant filesystem(s). One can also run the tests
1496 kvm-xfstests, use the "encrypt" filesystem configuration::