Ext4 encryption

1) It makes it easier for us to later on migrate to allowing multiple users access to a file. Example: Alice owns a file which is encrypted in a unique key which is derived from Alice's logon key plus a unique per-file nonce. In the future, when we support public key crypto, Alice wants to allow Bob to access the file as well; so we can update the policy structure to include the per-file key encrypted using Bob's public key. If all of the files owned by Alice are encrypted directly by Alice's logon key, we wouldn't be able to do this without decrypting and re-encrypting the file in a new unique key (since otherwise Bob would have access to all of Alice's files).

2) It simplifies the XTS Tweak Value (think IV or ESSIV value if we were using CBC mode), since we can just use the logical block number of the file as the basis for the generation of the XTS Tweak value or CBC IV value. If all of the files are encrypted directly with the same key, we would have to do something such as include the inode number as part of the XTS Tweak / IV value. That in turn would break the ability to resize file systems (since sometimes the inode number could change on for some files after a resize2fs shrink operation).