ext4 crypto: add padding to filenames before encrypting This obscures the length of the filenames, to decrease the amount of information leakage. By default, we pad the filenames to the next 4 byte boundaries. This costs nothing, since the directory entries are aligned to 4 byte boundaries anyway. Filenames can also be padded to 8, 16, or 32 bytes, which will consume more directory space. Change-Id: Ibb7a0fb76d2c48e2061240a709358ff40b14f322 Signed-off-by: Theodore Ts'o <tytso@mit.edu>

commit: a44cd7a05496d60fd2ba8cca080e3db8f481549b [log] [tgz]
author: Theodore Ts'o <tytso@mit.edu> Fri May 01 16:56:50 2015 -0400
committer: Theodore Ts'o <tytso@mit.edu> Fri May 01 16:56:50 2015 -0400
tree: dd8d05d845817e4a429804d8ffe09dd68b6881e6
parent: 5de0b4d0cd153c471640b13aae6ae6d18d0a4603 [diff] [blame]
diff --git a/fs/ext4/crypto_key.c b/fs/ext4/crypto_key.c
index c8392af..52170d0 100644
--- a/fs/ext4/crypto_key.c
+++ b/fs/ext4/crypto_key.c

@@ -110,6 +110,7 @@
 	}
 	res = 0;
 
+	ei->i_crypt_policy_flags = ctx.flags;
 	if (S_ISREG(inode->i_mode))
 		crypt_key->mode = ctx.contents_encryption_mode;
 	else if (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode))
commit	a44cd7a05496d60fd2ba8cca080e3db8f481549b	[log] [tgz]
author	Theodore Ts'o <tytso@mit.edu>	Fri May 01 16:56:50 2015 -0400
committer	Theodore Ts'o <tytso@mit.edu>	Fri May 01 16:56:50 2015 -0400
tree	dd8d05d845817e4a429804d8ffe09dd68b6881e6
parent	5de0b4d0cd153c471640b13aae6ae6d18d0a4603 [diff] [blame]