aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-08-31Fixed linter issuesJoe Richey
2017-08-30cmd/fscrypt: Add --user flag for running as rootJoe Richey
The --user flag can now be used to have the targe user (the one whose keyring and password will be used in fscrypt) be different than the calling user. Very usefull for things like sudo fscrypt purge /media/joerichey/usb --user=joerichey which will now have privileges to drop caches, but will properly clear the keys from the user's keyring.
2017-08-30pam_fscrypt: Added logging and use of new pam APIJoe Richey
2017-08-30actions: context now hold a target user.UserJoe Richey
This user is used with policies to interface with the keryings and with protectors to indicate which user's login passphrase should be used to protectors of type pam_passphrase.
2017-08-30crypto: Updated to include user parameterJoe Richey
2017-08-30pam: Handle holds data for calling and PAM usersJoe Richey
The functions are now changed to (Start|Stop)AsPamUser to indicate that they handle privilege modification and keyring setup.
2017-08-30security: Rewrite of keryings and permissionsJoe Richey
The keyring lookup functions no longer read from /proc/keys. Now they simply spawn a thread, drop privs, and check with GetKeyringID and KEY_SPEC_USER_KEYRING. See userKeyringID() for more info. The privileges functions have also been changed. Now the concept of setting privileges is seperate form the concept of setting up the keyrings.
2017-08-30util: Added parsing and effective user functionsJoseph Richey
2017-08-30gitignore: Update to include VSCode filesJoseph Richey
2017-08-29Go formatter "gofmt" -> "goimports"Joseph Richey
2017-08-29pam_fscrypt: Handle empty arguments listJoseph Richey
2017-08-29cmd/fscrypt: Stop dropping/raising for sudoJoseph Richey
2017-08-29Merge pull request #49 from google/miscJoseph Richey
Fix a wide variety of small issues and update documentation
2017-08-29Merge pull request #48 from google/contribJoseph Richey
Update CONTRIBUTING.md to explain how issues will work
2017-08-29Merge pull request #47 from google/build_tagsJoseph Richey
Makefile: Build version flag no longer needs repo
2017-08-29README: Clarified boot related encryption issuesJoe Richey
2017-08-29CONTRIBUTING: typoJoe Richey
2017-08-29crypto: Handle when "ulimit -l" is too lowJoe Richey
2017-08-29Fixed typosJoe Richey
2017-08-29Added +build linux,cgo flagsJoe Richey
2017-08-29CONTRIBUTING: Make it clear how issues workJoe Richey
2017-08-29Makefile: Build version flag no longer needs repoJoe Richey
2017-08-28Merge pull request #44 from mhalcrow/masterJoseph Richey
Fix typo (once -> one).
2017-08-25Fix typo (once -> one).Michael Halcrow
2017-08-24Merge pull request #25 from google/fixv0.2.00.2.0Joseph Richey
fscrypt PAM module
2017-08-24Updated documentation for PAM module helpJoseph Richey
2017-08-23security: fscrypt now possesses the user keyringJoseph Richey
2017-08-23pam_fscrypt: Session accounting completedJoe Richey joerichey@google.com
2017-08-23Added some documentation and improved security APIJoe Richey joerichey@google.com
2017-08-22pam_fscrypt: lock all PAM policies w/ flagJoe Richey joerichey@google.com
2017-08-22pam_fscrypt: Updated module to use new APIsJoe Richey joerichey@google.com
2017-08-22security: Moved cache dropping functionJoe Richey joerichey@google.com
2017-08-22Updated documentation and build system for PAMJoe Richey joerichey@google.com
2017-08-22pam_fscrypt: The actual PAM module and configJoe Richey joerichey@google.com
2017-08-22Various small nits a helper functions for PAMJoe Richey joerichey@google.com
2017-08-22Merge pull request #39 from google/purgeJoseph Richey
Purge command now clears cache
2017-08-22security: Fixed typo and improved error handlingJoe Richey joerichey@google.com
2017-08-17cmd/fscrypt: purge command now clears cacheJoe Richey joerichey@google.com
2017-08-15Merge pull request #37 from google/keyringJoseph Richey
crypto: Switch from session to user keyring
2017-08-15Merge pull request #36 from google/memoryJoseph Richey
util: Slice/Pointer conversion fits in MatInt32
2017-08-15crypto: Switch from session to user keyringJoe Richey joerichey@google.com
2017-08-13util: Slice/Pointer conversion fits in MatInt32Joseph Richey
2017-08-07Merge pull request #33 from ebiggers/fix_hashing_calibrationJoseph Richey
actions: calculate password hash difficulty correctly
2017-08-07Merge pull request #32 from ebiggers/ErrKeyFileLength_fixJoseph Richey
cmd/fscrypt: fix help message for ErrKeyFileLength
2017-08-07actions: calculate password hash difficulty correctlyEric Biggers
'fscrypt setup' is supposed to calibrate the Argon2 password hashing difficulty to 1s by default, but actually it was setting it to only 1s / num_cpus because the hashing is done with all CPUs and it is timed using the CLOCK_PROCESS_CPUTIME_ID clock, which measures the time spent by all threads in the process. Fix this by dividing the elapsed time by HashingCosts.Parallelism, which is used as the number of threads.
2017-08-07cmd/fscrypt: fix help message for ErrKeyFileLengthEric Biggers
The key file for the raw_key source is required to contain a wrapping key (32 bytes), not a policy key (64 bytes).
2017-07-25Merge pull request #30 from google/josephlr-patch-1Joseph Richey
README reformatting
2017-07-25README reformattingJoseph Richey
The version badge was broken. This fixes it and inlines the version in the top line.
2017-07-23Merge pull request #29 from google/docsJoseph Richey
Fixed cloning instructions
2017-07-23README: Fixed cloning documentationJoseph Richey
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-10 19:38:15 +0000