doc: ReSTify keys-ecryptfs.txt

Adjusts for ReST markup and moves under keys security devel index. Cc: David Howells <dhowells@redhat.com> Cc: Tyler Hicks <tyhicks@canonical.com> Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Jonathan Corbet <corbet@lwn.net>

doc: ReSTify keys-ecryptfs.txt
Adjusts for ReST markup and moves under keys security devel index. Cc: David Howells <dhowells@redhat.com> Cc: Tyler Hicks <tyhicks@canonical.com> Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Jonathan Corbet <corbet@lwn.net>
09f5412c · Kees Cook · Jonathan Corbet · b68101a1 · 09f5412c · 09f5412c
Commit 09f5412c authored May 13, 2017 by Kees Cook Committed by Jonathan Corbet May 18, 2017
3 changed files
--- a/Documentation/security/00-INDEX
+++ b/Documentation/security/00-INDEX
 00-INDEX
 	- this file.
-keys-ecryptfs.txt
-	- description of the encryption keys for the ecryptfs filesystem.
 keys-request-key.txt
 	- description of the kernel key request service.
 keys-trusted-encrypted.txt

--- a/Documentation/security/keys-ecryptfs.txt
+++ b/Documentation/security/keys-ecryptfs.txt
-		Encrypted keys for the eCryptfs filesystem
+==========================================
+Encrypted keys for the eCryptfs filesystem
+==========================================
 ECryptfs is a stacked filesystem which transparently encrypts and decrypts each
 file using a randomly generated File Encryption Key (FEK).
@@ -35,20 +37,23 @@ controlled environment.  Another advantage is that the key is not exposed to
 threats of malicious software, because it is available in clear form only at
 kernel level.
-Usage:
+Usage::
   keyctl add encrypted name "new ecryptfs key-type:master-key-name keylen" ring
   keyctl add encrypted name "load hex_blob" ring
   keyctl update keyid "update key-type:master-key-name"
-name:= '<16 hexadecimal characters>'
+Where::
-key-type:= 'trusted' | 'user'
-keylen:= 64
+	name:= '<16 hexadecimal characters>'
+	key-type:= 'trusted' | 'user'
+	keylen:= 64
 Example of encrypted key usage with the eCryptfs filesystem:
 Create an encrypted key "1000100010001000" of length 64 bytes with format
-'ecryptfs' and save it using a previously loaded user key "test":
+'ecryptfs' and save it using a previously loaded user key "test"::
    $ keyctl add encrypted 1000100010001000 "new ecryptfs user:test 64" @u
    19184530
@@ -62,7 +67,7 @@ Create an encrypted key "1000100010001000" of length 64 bytes with format
    $ keyctl pipe 19184530 > ecryptfs.blob
 Mount an eCryptfs filesystem using the created encrypted key "1000100010001000"
-into the '/secret' directory:
+into the '/secret' directory::
    $ mount -i -t ecryptfs -oecryptfs_sig=1000100010001000,\
      ecryptfs_cipher=aes,ecryptfs_key_bytes=32 /secret /secret
--- a/Documentation/security/keys/index.rst
+++ b/Documentation/security/keys/index.rst
@@ -6,3 +6,4 @@ Kernel Keys
   :maxdepth: 1
   core
+   ecryptfs