fscrypt.git/actions, branch 0.2.2 Go tool for managing Linux filesystem encryption security: Change user keyring lookup algorithm 2017-09-01T07:53:07+00:00 Joseph Richey joerichey94@gmail.com 2017-09-01T07:53:07+00:00 1ce72a7367967152948dbe332ea8d9834f194c27 Now instead of spawning a seperate thread we alternate between changing the euid and ruid to both find the keyring and link it to the process keyring. Note that we also ensure that the user keyring is linked into the root keyring whenever possible. 
Now instead of spawning a seperate thread we alternate between changing
the euid and ruid to both find the keyring and link it to the process
keyring. Note that we also ensure that the user keyring is linked into
the root keyring whenever possible.
actions: context now hold a target user.User 2017-08-31T01:00:04+00:00 Joe Richey joerichey@google.com 2017-08-31T01:00:04+00:00 dad0a047cefc79cbe664afc07d69db6b8bf123bd This user is used with policies to interface with the keryings and with protectors to indicate which user's login passphrase should be used to protectors of type pam_passphrase. 
This user is used with policies to interface with the keryings and with
protectors to indicate which user's login passphrase should be used to
protectors of type pam_passphrase.
Various small nits a helper functions for PAM 2017-08-22T18:51:31+00:00 Joe Richey joerichey@google.com joerichey@google.com 2017-07-19T22:40:35+00:00 f3f1d2f98de26e8180c56d87aaad0e4e98fb4e47 






cmd/fscrypt: purge command now clears cache
2017-08-18T05:49:44+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-08-16T01:11:29+00:00

151e8965fa3a9c8f65e316430f9df0fa763fb02d












crypto: Switch from session to user keyring
2017-08-15T20:16:08+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-08-15T19:06:11+00:00

5e8dfc196020693d2a9dc809cf6bc87096ddc09f












actions: calculate password hash difficulty correctly
2017-08-07T17:05:53+00:00

Eric Biggers
ebiggers@google.com

2017-08-07T17:05:53+00:00

297b46e65415c7d032844b39e7504bb862e2ea28

'fscrypt setup' is supposed to calibrate the Argon2 password hashing
difficulty to 1s by default, but actually it was setting it to only 1s /
num_cpus because the hashing is done with all CPUs and it is timed using
the CLOCK_PROCESS_CPUTIME_ID clock, which measures the time spent by all
threads in the process.  Fix this by dividing the elapsed time by
HashingCosts.Parallelism, which is used as the number of threads.





'fscrypt setup' is supposed to calibrate the Argon2 password hashing
difficulty to 1s by default, but actually it was setting it to only 1s /
num_cpus because the hashing is done with all CPUs and it is timed using
the CLOCK_PROCESS_CPUTIME_ID clock, which measures the time spent by all
threads in the process.  Fix this by dividing the elapsed time by
HashingCosts.Parallelism, which is used as the number of threads.







tests: Unit tests and Integration tests work
2017-07-19T04:08:02+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-07-19T04:08:02+00:00

3afdd84a5c0cea217043e9d32ce61e9f6bccf18b

Now the testing functions will skip the integration tests if a testing
filesystem is not specified.





Now the testing functions will skip the integration tests if a testing
filesystem is not specified.







actions: Fixed flaky hashing test
2017-07-18T06:29:27+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-07-18T06:29:27+00:00

17f7dd867d0fd450377c6862c0782483d39ae408












Small fixes so "make lint" doesn't complain.
2017-07-18T06:16:00+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-07-18T06:16:00+00:00

744dbff34969ef612b219cde5b8f116f3ae3d26f












actions: Add tests for policy unlocking
2017-07-17T19:32:03+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-07-17T19:32:03+00:00

3bbb2b60498ec937ad736e698ce4afcb452a4644