Kconfig 1.5 KB

12345678910111213141516171819202122232425262728293031323334353637383940
  1. # SPDX-License-Identifier: GPL-2.0-only
  2. config FS_ENCRYPTION
  3. bool "FS Encryption (Per-file encryption)"
  4. select CRYPTO
  5. select CRYPTO_SKCIPHER
  6. select CRYPTO_LIB_SHA256
  7. select CRYPTO_LIB_SHA512
  8. select KEYS
  9. help
  10. Enable encryption of files and directories. This
  11. feature is similar to ecryptfs, but it is more memory
  12. efficient since it avoids caching the encrypted and
  13. decrypted pages in the page cache. Currently Ext4,
  14. F2FS, UBIFS, and CephFS make use of this feature.
  15. # Filesystems supporting encryption must select this if FS_ENCRYPTION. This
  16. # allows the algorithms to be built as modules when all the filesystems are,
  17. # whereas selecting them from FS_ENCRYPTION would force them to be built-in.
  18. #
  19. # Note: this option only pulls in the algorithms that filesystem encryption
  20. # needs "by default". If userspace will use "non-default" encryption modes such
  21. # as Adiantum encryption, then those other modes need to be explicitly enabled
  22. # in the crypto API; see Documentation/filesystems/fscrypt.rst for details.
  23. #
  24. # Also note that this option only pulls in the generic implementations of the
  25. # algorithms, not any per-architecture optimized implementations. It is
  26. # strongly recommended to enable optimized implementations too.
  27. config FS_ENCRYPTION_ALGS
  28. tristate
  29. select CRYPTO_AES
  30. select CRYPTO_CBC
  31. select CRYPTO_CTS
  32. select CRYPTO_ECB
  33. select CRYPTO_XTS
  34. config FS_ENCRYPTION_INLINE_CRYPT
  35. bool "Enable fscrypt to use inline crypto"
  36. depends on FS_ENCRYPTION && BLK_INLINE_ENCRYPTION
  37. help
  38. Enable fscrypt to use inline encryption hardware if available.