EXT4 With Linux 5.13 Looks Like It Will Support Casefolding With Encryption Enabled

While EXT4 supports both case-folding for optional case insensitive filenames and does support file-system encryption, at the moment those features are mutually exclusive. But it looks like the upcoming Linux 5.13 kernel will allow casefolding and encryption to be active at the same time.

Queued this week into the EXT4 file-system's "dev" tree was ext4: handle casefolding with encryption.

That work allows for encryption to happen with casefolding. Google's Daniel Rosenberg who worked on the change explained, "Since the name on disk is case preserving, and also encrypted, we can no longer just recompute the hash on the fly. Additionally, to avoid leaking extra information from the hash of the unencrypted name, we use siphash via an fscrypt v2 policy. The hash is stored at the end of the directory entry for all entries inside of an encrypted and casefolded directory apart from those that deal with '.' and '..'. This way, the change is backwards compatible with existing ext4 filesystems."

Earlier this year the FSCRYPT file-system encryption framework was working on casefolding integration. The F2FS file-system has supported case-folding and encryption together since Linux 5.11. EXT4's turn looks to be with Linux 5.13.