• Eric Biggers's avatar
    fscrypt: add a documentation file for filesystem-level encryption · f4f864c1
    Eric Biggers authored
    Perhaps long overdue, add a documentation file for filesystem-level
    encryption, a.k.a. fscrypt or fs/crypto/, to the Documentation
    directory.  The new file is based loosely on the latest version of the
    "EXT4 Encryption Design Document (public version)" Google Doc, but with
    many improvements made, including:
    
    - Reflect the reality that it is not specific to ext4 anymore.
    - More thoroughly document the design and user-visible API/behavior.
    - Replace outdated information, such as the outdated explanation of how
      encrypted filenames are hashed for indexed directories and how
      encrypted filenames are presented to userspace without the key.
      (This was changed just before release.)
    
    For now the focus is on the design and user-visible API/behavior, not on
    how to add encryption support to a filesystem --- since the internal API
    is still pretty messy and any standalone documentation for it would
    become outdated as things get refactored over time.
    Reviewed-by: default avatarMichael Halcrow <mhalcrow@google.com>
    Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
    Signed-off-by: default avatarTheodore Ts'o <tytso@mit.edu>
    f4f864c1
fscrypt.rst 28.1 KB