Timeline for Can one clear "encrypt" feature on an ext4 filesystem?
Current License: CC BY-SA 4.0
5 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| May 12, 2020 at 21:03 | comment | added | Stephen Kitt | It’s just a precaution. I imagine the flag is only toggled, and all the data remains, but I haven’t checked. (It might be the case that fsck clears any encrypted data if the flag is disabled, although I don’t see anything like that in the source code so I suspect it doesn’t.) | |
| May 12, 2020 at 20:41 | comment | added | Cyker | About Answer 2: Having to run fsck makes that command look really risky. And I assume that command simply disables encryption/decryption processing by removing a flag, but encryption-related metadata (nonces, etc.) are still kept on the filesystem? | |
| May 12, 2020 at 11:02 | comment | added | frostschutz | Also both mke2fs and tune2fs have code to set additional flags (encryption algorithm) in the superblock when enabling the feature; debugfs does not and simply ignores the clear flag restrictions. So there is no deliberate implementation of this feature in debugfs and enabling the flag with it doesn't do the same thing as mke2fs/tune2fs either. | |
| May 12, 2020 at 10:59 | comment | added | frostschutz | I'm not sure if there is a strong reason why tune2fs doesn't allow flag removal; guess it could be simply due to confusion, since forcefully removing the flag does not actually stop the encryption at all. | |
| May 12, 2020 at 9:08 | history | answered | Stephen Kitt | CC BY-SA 4.0 |