Can 0.2.6 or later get back-ported into focal fossa?
Since Focal Fossa is on kernel 5.4, it would be great if a version of fscrypt could be made available which supports v2 encryption policies. With the current encryption policy support, there are known limitations with the kernel keyring when utilizing namespaces. This has caused problems as highlighted here: https:/
With encryption policy v2, this should be resolved, however in order to take advantage of this new support in the 5.4 kernel, a version of fscrypt is required which supports the new encryption policy format.
Currently Focal Fossa still has 0.2.5 as the latest version available, which is the last version which does not support the new policy format. Version 0.2.6 supports it, but requires it to be enabled in a config file. Version 0.2.7 or later enables it by default if the current kernel supports it.
It would be great if the new security policy version could be used in Focal Fossa as this issue has been a significant issue when dealing with fs level encryption.
Question information
- Language:
- English Edit question
- Status:
- Answered
- For:
- Ubuntu fscrypt Edit question
- Assignee:
- No assignee Edit question
- Last query:
- Last reply:
Can you help with this problem?
Provide an answer of your own, or ask Bernie Bernstein for more information if necessary.