F Parent topic: F

fs_crypto_enable_option()

Enable encryption support on a filesystem

Synopsis:

#include <fs_crypto_api.h>
#include <sys/fs_crypto.h>

int fs_crypto_enable_option( const char *path,
                             uint32_t option,
                             uint32_t domain,
                             int *preply );

Arguments:

path
The path to the filesystem's mountpoint.
option
The option to enable. The only option currently defined is:
  • FS_CRYPTO_ENABLE_WHOLE_DISK — encrypt the entire disk as one domain, specified by the domain argument. All plain-text files are assumed to have been tagged for migration. All plain-text files are hidden so that they can't be viewed or accessed.
domain
The domain (if required for the option).
preply
A pointer to a location where the function can store additional success or error information.

Library:

libfscrypto

Use the -l fscrypto option to qcc to link against this library.

Description:

The fs_crypto_enable_option() function enables encryption support on a volume that wasn't set up for it at formatting time.

Note:
  • In order to use filesystem encryption, download the Encrypted Filesystem package from the QNX Software Center.
  • You must be in the group that owns the filesystem's mountpoint in order to enable encryption.

This function sets the variable pointed to by preply to one of the following values:

FS_CRYPTO_REPLY_ALREADY
Encryption was already enabled on the filesystem.
FS_CRYPTO_REPLY_COMPLETE
Encryption is now enabled on the filesystem.
FS_CRYPTO_REPLY_INVALID
The command wasn't completed successfully.
FS_CRYPTO_REPLY_READONLY
The filesystem is read-only.
FS_CRYPTO_REPLY_UNKNOWN_DOMAIN
The domain (if required by the option) doesn't exist.

Returns:

EOK
Success.
EBADFSYS
Corrupted filesystem detected.
ENOTDIR
The path isn't a directory.
ENOTSUP
The filesystem doesn't support encryption.
EROFS
The filesystem is mounted read-only.

This function can also return any of the errors indicated by devctl(), open64(), fstat64(), or fstatvfs64().

Classification:

QNX Neutrino

Safety:  
Cancellation point Yes
Interrupt handler No
Signal handler No
Thread Yes
Related concepts
Encryption (System Architecture)
Related reference
fs_crypto_check()
fs_crypto_domain_add()
fs_crypto_domain_add_dynamic()
fs_crypto_domain_add_flags()
fs_crypto_domain_hard_lock()
fs_crypto_domain_key_change()
fs_crypto_domain_key_check()
fs_crypto_domain_key_size()
fs_crypto_domain_lock()
fs_crypto_domain_lock_dynamic()
fs_crypto_domain_query()
fs_crypto_domain_remove()
fs_crypto_domain_remove_dynamic()
fs_crypto_domain_unlock()
fs_crypto_domain_unlock_dynamic()
fs_crypto_domain_whitelist_configure()
fs_crypto_domain_whitelist_ctrl()
fs_crypto_domain_whitelist_ctrl_access_grant()
fs_crypto_domain_whitelist_ctrl_access_revoke()
fs_crypto_domain_whitelist_get_flags()
fs_crypto_domain_whitelist_set_flags()
fs_crypto_enable()
fs_crypto_file_get_domain()
fs_crypto_file_set_domain()
fs_crypto_key_gen()
fs_crypto_migrate_control()
fs_crypto_migrate_path()
fs_crypto_migrate_status()
fs_crypto_migrate_tag()
fs_crypto_set_logging()
fsencrypt (Utilities Reference)
Parent topic: F