Google Git
Sign in
fuchsia / integration / 3ba1be5ed76e93be47e09820d071baf40f114ebd
commit3ba1be5ed76e93be47e09820d071baf40f114ebd[log] [tgz]
authorNikita Jindal <nikitajindal@fuchsia.infra.roller.google.com>Mon Oct 07 21:14:22 2024 +0000
committerCopybara-Service <copybara-worker@google.com>Mon Oct 07 14:17:47 2024 -0700
treefa106a1af914e16404b642fc4d9473ddd2194b2f
parent75074dbf3a77b2790b233ac7724c7ab3e320793c [diff]
[roll] Roll fuchsia [fxfs] Change the Crypt protocols to use u128 wrapping key ids

Previously, fshost was the only component adding wrapping keys with ids
0 and 1. With fscrypt, Starnix also needs the ability to add arbitrary
user wrapping keys. Starnix maintains 16-byte identifiers that it
derives from the user master key passed in on FS_IOC_ADD_ENCRYPTION_KEY.
In order to avoid passing the 16-byte identifier through a second KDF
(to produce an 8-byte wrapping key id), we have just expanded the
wrapping key id space so that the 16-byte fscrypt key identifier can be
used as the wrapping key id.

Fxfs has already changed its object records to store u128 wrapping key
ids (namely in the key records and the ObjectKind::Directory records).
This change updates the Crypt and CryptManagement protocols to deal with
u128 wrapping key ids.

Original-Bug: b/361105712
Original-Reviewed-on: https://fuchsia-review.googlesource.com/c/fuchsia/+/1108581
Original-Revision: 50fb8f87abd1845654ceecf36922f04b78a210ef
GitOrigin-RevId: 322954f0cd453180348e4e7e9e52b14f779f680f
Change-Id: I83623a9f4d2ac133ecd5360958a0da6a365a6df5
1 file changed
tree: fa106a1af914e16404b642fc4d9473ddd2194b2f
  1. ctf/
  2. git-hooks/
  3. infra/
  4. third_party/
  5. cts
  6. firmware
  7. flower
  8. jiri.lock
  9. MILESTONE
  10. minimal
  11. prebuilts
  12. README.md
  13. stem
  14. test_durations
  15. toolchain
README.md

Integration

This repository contains Fuchsia's Global Integration manifest files.

Making changes

All changes should be made to the internal version of this repository. Our infrastructure automatically updates this version when the internal one changes.

Currently all changes must be made by a Google employee. Non-Google employees wishing to make a change can ask for assistance in one of the communication channels documented at get involved.

Obtaining the source

First install Jiri.

Next run:

$ jiri init
$ jiri import minimal https://fuchsia.googlesource.com/integration
$ jiri update

Third party

Third party projects should have their own subdirectory in ./third_party.