fscrypt: improve a few comments
Improve a few comments. These were extracted from the patch "fscrypt: add support for hardware-wrapped keys" (https://lore.kernel.org/r/20211021181608.54127-4-ebiggers@kernel.org). Link: https://lore.kernel.org/r/20211026021042.6581-1-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com>
This commit is contained in:
Родитель
7f595d6a6c
Коммит
b7e072f9b7
|
@ -20,6 +20,11 @@
|
|||
|
||||
#define FSCRYPT_FILE_NONCE_SIZE 16
|
||||
|
||||
/*
|
||||
* Minimum size of an fscrypt master key. Note: a longer key will be required
|
||||
* if ciphers with a 256-bit security strength are used. This is just the
|
||||
* absolute minimum, which applies when only 128-bit encryption is used.
|
||||
*/
|
||||
#define FSCRYPT_MIN_KEY_SIZE 16
|
||||
|
||||
#define FSCRYPT_CONTEXT_V1 1
|
||||
|
@ -413,7 +418,11 @@ struct fscrypt_master_key_secret {
|
|||
*/
|
||||
struct fscrypt_hkdf hkdf;
|
||||
|
||||
/* Size of the raw key in bytes. Set even if ->raw isn't set. */
|
||||
/*
|
||||
* Size of the raw key in bytes. This remains set even if ->raw was
|
||||
* zeroized due to no longer being needed. I.e. we still remember the
|
||||
* size of the key even if we don't need to remember the key itself.
|
||||
*/
|
||||
u32 size;
|
||||
|
||||
/* For v1 policy keys: the raw key. Wiped for v2 policy keys. */
|
||||
|
|
|
@ -122,8 +122,9 @@ err_free_tfm:
|
|||
|
||||
/*
|
||||
* Prepare the crypto transform object or blk-crypto key in @prep_key, given the
|
||||
* raw key, encryption mode, and flag indicating which encryption implementation
|
||||
* (fs-layer or blk-crypto) will be used.
|
||||
* raw key, encryption mode (@ci->ci_mode), flag indicating which encryption
|
||||
* implementation (fs-layer or blk-crypto) will be used (@ci->ci_inlinecrypt),
|
||||
* and IV generation method (@ci->ci_policy.flags).
|
||||
*/
|
||||
int fscrypt_prepare_key(struct fscrypt_prepared_key *prep_key,
|
||||
const u8 *raw_key, const struct fscrypt_info *ci)
|
||||
|
|
Загрузка…
Ссылка в новой задаче