| Age | Commit message (Collapse) | Author |
|---|
|
v2 encryption policies are now recommended, due to various security and
usability advantages over v1 policies. Many people have been running
into the usability problems with v1, so it's desirable to get people
onto v2 without having to manually opt-in.
Therefore, when 'fscrypt setup' creates /etc/fscrypt.conf, enable
policy_version 2 automatically if the kernel supports it.
I decided to go with this solution over the policy_version "auto" I
suggested originally because this way is simpler, it can still be
changed to "auto" later if desired, and "auto" might require changing
how we parse the config file (since currently the config file is mapped
directly to a protobuf where policy_version is an 'int' and is shared
with EncryptionOptions).
Resolves https://github.com/google/fscrypt/issues/182
|
|
|
|
This commit changes how we handle InvalidInput and System errors.
Instead of having formatting functions, the now just wrap a string and
should be created with fmt.Sprintf or similar. We also move all of the
error related code into a single place.
Finally, the utils package gets additional functionality with MinInt64
and GetUsername, and the UnderlyingError function gets better logging.
Note that this will break packages that depend on it. For instance,
metadata and crypto currently do not build. This is fixed in a later
commit.
Change-Id: I819e4d1970604456a5b4b6a7c86426f180a6d092
|
|
This commit adds in the util package. This package provides
two functions for creating errors. These functions are:
- InvalidInputErrorF - bad input from user or caller
- SystemErrorF - low level failure
It also adds in a small function for converting Go byte slices into C
void pointers. This will be very useful for interoperating with C.
Change-Id: I87ad7946dd5fa26e28927590aff4bcc9fd5ce4f7
|
