ext4 crypto: add padding to filenames before encrypting
This obscures the length of the filenames, to decrease the amount of
information leakage. By default, we pad the filenames to the next 4
byte boundaries. This costs nothing, since the directory entries are
aligned to 4 byte boundaries anyway. Filenames can also be padded to
8, 16, or 32 bytes, which will consume more directory space.
Change-Id: Ibb7a0fb76d2c48e2061240a709358ff40b14f322
Signed-off-by: 
Theodore Ts'o <tytso@mit.edu>
Showing
- fs/ext4/crypto_fname.c 10 additions, 2 deletionsfs/ext4/crypto_fname.c
- fs/ext4/crypto_key.c 1 addition, 0 deletionsfs/ext4/crypto_key.c
- fs/ext4/crypto_policy.c 9 additions, 5 deletionsfs/ext4/crypto_policy.c
- fs/ext4/ext4.h 1 addition, 0 deletionsfs/ext4/ext4.h
- fs/ext4/ext4_crypto.h 10 additions, 1 deletionfs/ext4/ext4_crypto.h
Loading
Please register or sign in to comment