Talk:Ext4

Storing salt in the ext4 filesystem superblock for file-based encryption seem to be deprecated. I got this info from https://docs.kernel.org/filesystems/fscrypt.html#getting-the-per-filesystem-salt (ioctl FS_IOC_GET_ENCRYPTION_PWSALT). On last kernel I wasn't able to decrypt directory (no salt error) but on last LTS there is not problem. Someone with more knowledge should check it out

—This unsigned comment is by Ps756 (talk) 19:36, 12 April 2019‎. Please sign your posts with ~~~~!

FS_IOC_GET_ENCRYPTION_PWSALT still works, it's just "deprecated", so I'm not sure what exactly caused your problem. Some old kernels had a bug where they allowed you to use the encryption ioctls without actually enabling the encryption feature, so maybe that's it.

Anyway, since the e4crypt tool itself is also deprecated and no longer being updated (as it was really meant more as a demonstration, not as a proper user interface to filesystem encryption), I've updated the article to recommend using fscrypt instead. fscrypt stores its metadata in files, so it doesn't use the FS_IOC_GET_ENCRYPTION_PWSALT ioctl.

Synchronicity (talk) 06:26, 23 September 2019 (UTC)Reply[reply]