# Storage encryption

Source: [https://docs.qualcomm.com/doc/80-70014-11/topic/file-based-encryption.html](https://docs.qualcomm.com/doc/80-70014-11/topic/file-based-encryption.html)

Storage encryption enhances security by supporting the transparent encryption of
        files and directories.

The Qualcomm platform supports storage encryption with the [Inline crypto engine](https://docs.qualcomm.com/doc/80-70014-11/topic/crypto-core.html#crypto-core__section_glj_gfy_lzb) and a hardware-wrapped
            key. It provides better efficiency and enhanced key protection.

The storage encryption feature allows:

- Provision of standard keys ranging from 32 bytes to 64 bytes for content
                encryption.
- Encryption of filenames and file content with separate keys.
- Generation of 32‑byte key identifiers.

The Qualcomm platform UFS storage driver is added to support the `fscrypt`
            API.

Note: The eMMC support will be made
                available in a future release.

For more information on the `fscrypt` API, see the kernel documentation at
                Documentation/ filesystems/fscrypt.rst.

For related kernel documentation, see the following files:

- Inline encryption: `Documentation/block/inline-encryption.rst`
- IOCTL support for storage encryption:
                    `Documentation/userspace-api/ioctl/ioctl- number.rst`

You can invoke the storage encryption functionality using the open-source
                `fscryptctl` tool, which can be found at [https://github.com/google/fscryptctl](https://github.com/google/fscryptctl).

**Parent Topic:** [Features](https://docs.qualcomm.com/doc/80-70014-11/topic/features.html)

Last Published: Aug 06, 2024

[Previous Topic
Storage security](https://docs.qualcomm.com/bundle/publicresource/80-70014-11/topics/secure-file-system.md) [Next Topic
SMC invoke](https://docs.qualcomm.com/bundle/publicresource/80-70014-11/topics/smcinvoke.md)