Jason A. Donenfeld <Jason@xxxxxxxxx> wrote: > So long as that ->update function: > 1. Deletes the old on-disk data. > 2. Deletes the old key from the inode. > 3. Generates a new key using get_random_bytes. > 4. Stores that new key in the inode. > 5. Encrypts the updated data afresh with the new key. > 6. Puts the updated data onto disk, > > then this is fine with me, and feel free to have my Acked-by if you > want. But if it doesn't do that -- i.e. if it tries to reuse the old > key or similar -- then this isn't fine. But it sounds like from what > you've described that things are actually fine, in which case, I guess > it makes sense to apply your patch ontop of mine and commit these. Yep. It calls big_key_destroy(), which clears away the old stuff just as when a key is being destroyed, then generic_key_instantiate() just as when a key is being set up. The key ID and the key metadata (ownership, perms, expiry) are maintained, but the payload is just completely replaced. David
