fscrypt.git/metadata/metadata.proto, branch 0.2.1 Go tool for managing Linux filesystem encryption Travis.yml and Makefile now run integration tests. 2017-07-19T04:07:01+00:00 Joe Richey joerichey@google.com joerichey@google.com 2017-07-18T18:04:50+00:00 f898a826ab24e03019323ade6a8785e2bf463a41 






metadata: change encryption mode names
2017-06-16T05:32:35+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-06-08T17:41:55+00:00

d5f89f8fcc5172be183fb02b802fa23ed3e9f8fa

As new encryption modes are being added to the kernel that use 128 bit
keys (see https://patchwork.kernel.org/patch/9741913), we will need the
encryption modes to be more descriptive.

This change breaks backwards compatibility for the protobuf, but that's
fine because we have not released yet.

Change-Id: Ifb58d3d5a42db491f1e5393c12f3d260d9a091de





As new encryption modes are being added to the kernel that use 128 bit
keys (see https://patchwork.kernel.org/patch/9741913), we will need the
encryption modes to be more descriptive.

This change breaks backwards compatibility for the protobuf, but that's
fine because we have not released yet.

Change-Id: Ifb58d3d5a42db491f1e5393c12f3d260d9a091de







metadata: reorganize and add consistency checks
2017-05-31T19:35:28+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-05-24T01:38:38+00:00

44c2c7aeda3de09a405ed06aadacbc2c0c7f2a67

This commit adds in IsValid() checks for the metadata structures that
let us enforce stronger invariants than those imposed by the protobuf
package. The main uses of this will be to check that metadata is valid
before writing it to the filesystem, and to check that the filesystem
contains valid metadata before returning it to the user. These functions
also will log the exact reason if the validity checks fail.

To have these checks in the metadata package, all of the various
constants have been moved to a single metadata/constants.go file. The
uses of these constants were changed accordingly.

Finally, this commit standardizes our use of errors so that they always
begin with an appropriate prefix.

Change-Id: I99008e2ee803ebe5f6236eb8d83fc83efcd22718





This commit adds in IsValid() checks for the metadata structures that
let us enforce stronger invariants than those imposed by the protobuf
package. The main uses of this will be to check that metadata is valid
before writing it to the filesystem, and to check that the filesystem
contains valid metadata before returning it to the user. These functions
also will log the exact reason if the validity checks fail.

To have these checks in the metadata package, all of the various
constants have been moved to a single metadata/constants.go file. The
uses of these constants were changed accordingly.

Finally, this commit standardizes our use of errors so that they always
begin with an appropriate prefix.

Change-Id: I99008e2ee803ebe5f6236eb8d83fc83efcd22718







metadata: get and set policies from go
2017-05-02T20:39:18+00:00

Joe Richey
joerichey@google.com

2017-03-02T18:38:33+00:00

a683ab55245aa44ada5059f8e9816adbd94198ff

This commit adds in the ability to get and set policy data from go using
the GetPolicy and SetPolicy functions. This is done via a patch of the
x/sys/unix package that exposes the filesystem encryption structures.

Note that not all the fields of the PolicyData protocol buffer are
needed to get and set policies. The wrapped_policy_keys are not used and
will be written and read by other components of fscrypt.

To run the policy tests, the environment variable BASE_TEST_DIR must be
set to a directory for testing on a filesystem that supports encryption.

Change-Id: I13b1d983356845f3ffc1945cedf53234218f32e5





This commit adds in the ability to get and set policy data from go using
the GetPolicy and SetPolicy functions. This is done via a patch of the
x/sys/unix package that exposes the filesystem encryption structures.

Note that not all the fields of the PolicyData protocol buffer are
needed to get and set policies. The wrapped_policy_keys are not used and
will be written and read by other components of fscrypt.

To run the policy tests, the environment variable BASE_TEST_DIR must be
set to a directory for testing on a filesystem that supports encryption.

Change-Id: I13b1d983356845f3ffc1945cedf53234218f32e5







metadata: introduce protobuf structures
2017-05-02T20:39:18+00:00

Joe Richey
joerichey@google.com

2017-03-02T18:15:23+00:00

2ccea6496efc054c21c5ed397f3caff8d4992957

This commit adds in the metadata package. The primary purpose of this
package is to provide the on-disk metadata structures in the form of
protocol buffers. This includes:
	- Policy metadata structure
	- Protector metadata structure
	- Config file structure
	- All necessary sub-structures (wrapped keys, parameters, etc)

This commit also adds in an example usage of the Config structure, which
represents the structure of the global config file. All the package
does at this point is convert between the Config structure and a JSON
representation.

Here we introduce govendor, which is described more in the README. This
means we will have all of our Go dependencies in the vendor
subdirectory. This means we will have no Go source dependencies, only
dependencies on the build tools (Go and govendor). The README describes
this in detail.

Note that we commit the generated files.
  see: https://blog.golang.org/generate

Change-Id: Iaacd46666b5d3e4e865a0f4045dd63ed7e3d6f96





This commit adds in the metadata package. The primary purpose of this
package is to provide the on-disk metadata structures in the form of
protocol buffers. This includes:
	- Policy metadata structure
	- Protector metadata structure
	- Config file structure
	- All necessary sub-structures (wrapped keys, parameters, etc)

This commit also adds in an example usage of the Config structure, which
represents the structure of the global config file. All the package
does at this point is convert between the Config structure and a JSON
representation.

Here we introduce govendor, which is described more in the README. This
means we will have all of our Go dependencies in the vendor
subdirectory. This means we will have no Go source dependencies, only
dependencies on the build tools (Go and govendor). The README describes
this in detail.

Note that we commit the generated files.
  see: https://blog.golang.org/generate

Change-Id: Iaacd46666b5d3e4e865a0f4045dd63ed7e3d6f96