Linux kernel source tree https://git.amat.us/linux/atom/Documentation/security?h=v3.2 2011-09-27T16:08:04Z 2011-09-27T16:08:04Z Paul Bolle pebolle@tiscali.nl 2011-08-15T00:02:26Z urn:sha1:395cf9691d72173d8cdaa613c5f0255f993af94b There are numerous broken references to Documentation files (in other Documentation files, in comments, etc.). These broken references are caused by typo's in the references, and by renames or removals of the Documentation files. Some broken references are simply odd. Fix these broken references, sometimes by dropping the irrelevant text they were part of. Signed-off-by: Paul Bolle <pebolle@tiscali.nl> Signed-off-by: Jiri Kosina <jkosina@suse.cz> 2011-06-30T09:08:14Z Mimi Zohar zohar@linux.vnet.ibm.com 2011-06-29T18:53:56Z urn:sha1:ad599f9cf0187e823bc92bc83f3867a38fa266b9 Move keys-ecryptfs.txt to Documentation/security. Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org> 2011-06-27T13:11:17Z Roberto Sassu roberto.sassu@polito.it 2011-06-27T11:45:44Z urn:sha1:79a73d188726b473ca3bf483244bc96096831905 The 'encrypted' key type defines its own payload format which contains a symmetric key randomly generated that cannot be used directly to mount an eCryptfs filesystem, because it expects an authentication token structure. This patch introduces the new format 'ecryptfs' that allows to store an authentication token structure inside the encrypted key payload containing a randomly generated symmetric key, as the same for the format 'default'. More details about the usage of encrypted keys with the eCryptfs filesystem can be found in the file 'Documentation/keys-ecryptfs.txt'. Signed-off-by: Roberto Sassu <roberto.sassu@polito.it> Acked-by: Gianluca Ramunno <ramunno@polito.it> Acked-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> 2011-06-27T13:10:45Z Roberto Sassu roberto.sassu@polito.it 2011-06-27T11:45:42Z urn:sha1:4e561d388feff18e4b798cef6a1a84a2cc7f20c2 This patch introduces a new parameter, called 'format', that defines the format of data stored by encrypted keys. The 'default' format identifies encrypted keys containing only the symmetric key, while other formats can be defined to support additional information. The 'format' parameter is written in the datablob produced by commands 'keyctl print' or 'keyctl pipe' and is integrity protected by the HMAC. Signed-off-by: Roberto Sassu <roberto.sassu@polito.it> Acked-by: Gianluca Ramunno <ramunno@polito.it> Acked-by: David Howells <dhowells@redhat.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> 2011-05-19T22:59:38Z Randy Dunlap randy.dunlap@oracle.com 2011-05-19T22:59:38Z urn:sha1:d410fa4ef99112386de5f218dd7df7b4fca910b4 move LSM-, credentials-, and keys-related files from Documentation/ to Documentation/security/, add Documentation/security/00-INDEX, and update all occurrences of Documentation/<moved_file> to Documentation/security/<moved_file>.