#define EXT4_ENCRYPTION_MODE_AES_256_XTS 1
#define EXT4_ENCRYPTION_MODE_AES_256_GCM 2
#define EXT4_ENCRYPTION_MODE_AES_256_CBC 3
+#define EXT4_ENCRYPTION_MODE_AES_256_CTS 4
#define EXT4_AES_256_XTS_KEY_SIZE 64
#define EXT4_AES_256_GCM_KEY_SIZE 32
#define EXT4_AES_256_CBC_KEY_SIZE 32
+#define EXT4_AES_256_CTS_KEY_SIZE 32
#define EXT4_MAX_KEY_SIZE 64
#define EXT4_KEY_DESCRIPTOR_SIZE 8
#define EXT2FS_KEY_DESC_PREFIX "ext4:"
#define EXT2FS_KEY_DESC_PREFIX_SIZE 5
-#define EXT4_IOC_ENCRYPTION_POLICY _IOW('f', 19, struct ext4_encryption_policy)
+#define EXT4_IOC_SET_ENCRYPTION_POLICY _IOR('f', 19, struct ext4_encryption_policy)
static void validate_paths(int argc, char *argv[], int path_start_index)
{
policy.contents_encryption_mode =
EXT4_ENCRYPTION_MODE_AES_256_XTS;
policy.filenames_encryption_mode =
- EXT4_ENCRYPTION_MODE_AES_256_CBC;
+ EXT4_ENCRYPTION_MODE_AES_256_CTS;
memcpy(policy.master_key_descriptor, salt->key_desc,
EXT4_KEY_DESCRIPTOR_SIZE);
- rc = ioctl(fd, EXT4_IOC_ENCRYPTION_POLICY, &policy);
+ rc = ioctl(fd, EXT4_IOC_SET_ENCRYPTION_POLICY, &policy);
close(fd);
if (rc) {
printf("Error [%s] setting policy.\nThe key descriptor "
fs->super->s_encrypt_algos[0] =
EXT4_ENCRYPTION_MODE_AES_256_XTS;
fs->super->s_encrypt_algos[1] =
- EXT4_ENCRYPTION_MODE_AES_256_CBC;
+ EXT4_ENCRYPTION_MODE_AES_256_CTS;
}
if (EXT2_HAS_RO_COMPAT_FEATURE(fs->super,
git://git.whamcloud.com / tools / e2fsprogs.git / commitdiff