v1.1.0

The release notes can now be found in the NEWS file.

Stable v1 release of fscryptctl

fscryptctl is now stable with release v1.0.0

Minimum Kernel Version

As fscryptctl now uses v2 encryption policies, it must be used with Linux kernel 5.4 or later.

New Features

• Support for v2 fscrypt kernel policies (#16) fixing several user issues:
  • Increased security around key derivation. Compromise of per-file key no longer leads to master key compromise.
  • Removed any dependencies on user/session keyrings
  • Unlocked directories are now visible to all users/processes (provided they have appropriate permissions)
  • Removed potential Denial-of-Service attack by non-root users
• All key operations are now performed relative to a mountpoint
• New Commands
  • fscryptctl remove_key: all users can now easily remove keys
    • The root-only option --all-users can be used to remove a key for all users at once
  • fscryptctl key_status: the status of a key can be checked
• fscrypt insert_key renamed to fscrypt add_key
• Key identifiers are now 32-character hex strings (16 bytes)
  • Pre-v1 fscryptctl referred to key "descriptors" which were 16-character hex strings (8 bytes)
• Optimization policy flags:
  • --direct-key: Optimizes Adiantum encryption
  • --iv-ino-lblk-64: Optimizes for UFS inline crypto hardware

Removed Features

• fscryptctl no longer supports v1 encryption policies
  • These policies can be insecure
  • These policies are hard to use correctly
  • These policies have different semantics from v2 policies, making it hard to have a single interface to both
• Users wishing to continue using v1 policies should use a pre-v1.0.0 release of fscryptctl

Release fscryptctl with V1 policy support

This release of fscryptctl only includes support for V1 policies. For V2 policies, users will need to use v1.0 or later.

For more information about V1 and V2 fscrypt policies, see the Linux kernel documentation.