On Tue, Nov 05, 2019 at 08:05:19PM -0800, Eric Biggers wrote: > If we really wanted to optimize fscrypt_get_encryption_info(), I think we > probably shouldn't try to microoptimize fscrypt_supported_policy(), but rather > take advantage of the fact that fscrypt_has_permitted_context() already ran. > E.g., we could cache the xattr, or skip both the keyring lookup and > fscrypt_supported_policy() by grabbing them from the parent directory. Yes, good point. Certainly, if the parent is encrypted, given that we force files to have the same policy as the containing directory, there's no point calling fscrypt_supported_policy. And if we're using a policy which isn't using per-inode keys, then we can certainly just grab the key from the parent directory. - Ted
