#define EXT4_ENCRYPTION_MODE_AES_256_XTS 1
#define EXT4_ENCRYPTION_MODE_AES_256_CTS 4
+#define EXT4_ENCRYPTION_MODE_PRIVATE 127
// ext4enc:TODO Get value from somewhere sensible
#define EXT4_IOC_SET_ENCRYPTION_POLICY _IOR('f', 19, struct ext4_encryption_policy)
ext4_encryption_policy eep;
eep.version = 0;
- eep.contents_encryption_mode = EXT4_ENCRYPTION_MODE_AES_256_XTS;
+ eep.contents_encryption_mode = EXT4_ENCRYPTION_MODE_PRIVATE;
eep.filenames_encryption_mode = EXT4_ENCRYPTION_MODE_AES_256_CTS;
eep.flags = 0;
memcpy(eep.master_key_descriptor, policy, EXT4_KEY_DESCRIPTOR_SIZE);
close(fd);
if ((eep.version != 0)
- || (eep.contents_encryption_mode != EXT4_ENCRYPTION_MODE_AES_256_XTS)
+ || (eep.contents_encryption_mode != EXT4_ENCRYPTION_MODE_PRIVATE)
|| (eep.filenames_encryption_mode != EXT4_ENCRYPTION_MODE_AES_256_CTS)
|| (eep.flags != 0)) {
LOG(ERROR) << "Failed to find matching encryption policy for " << directory;