ext4 crypto: add padding to filenames before encrypting This obscures the length of the filenames, to decrease the amount of information leakage. By default, we pad the filenames to the next 4 byte boundaries. This costs nothing, since the directory entries are aligned to 4 byte boundaries anyway. Filenames can also be padded to 8, 16, or 32 bytes, which will consume more directory space. Change-Id: Ibb7a0fb76d2c48e2061240a709358ff40b14f322 Signed-off-by: Theodore Ts'o <tytso@mit.edu>

commit: a44cd7a05496d60fd2ba8cca080e3db8f481549b [log] [tgz]
author: Theodore Ts'o <tytso@mit.edu> Fri May 01 16:56:50 2015 -0400
committer: Theodore Ts'o <tytso@mit.edu> Fri May 01 16:56:50 2015 -0400
tree: dd8d05d845817e4a429804d8ffe09dd68b6881e6
parent: 5de0b4d0cd153c471640b13aae6ae6d18d0a4603 [diff] [blame]
diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h
index dfb1138..bca1bdc 100644
--- a/fs/ext4/ext4.h
+++ b/fs/ext4/ext4.h

@@ -911,6 +911,7 @@
 
 	/* on-disk additional length */
 	__u16 i_extra_isize;
+	char i_crypt_policy_flags;
 
 	/* Indicate the inline data space. */
 	u16 i_inline_off;
commit	a44cd7a05496d60fd2ba8cca080e3db8f481549b	[log] [tgz]
author	Theodore Ts'o <tytso@mit.edu>	Fri May 01 16:56:50 2015 -0400
committer	Theodore Ts'o <tytso@mit.edu>	Fri May 01 16:56:50 2015 -0400
tree	dd8d05d845817e4a429804d8ffe09dd68b6881e6
parent	5de0b4d0cd153c471640b13aae6ae6d18d0a4603 [diff] [blame]