On Mon, Sep 05, 2022 at 08:35:19PM -0400, Sweet Tea Dorminy wrote: > With the introduction of extent-based file content encryption, filenames > and file contents might no longer use the same IV generation scheme, and > so should not upass the same logical block number to > fscrypt_generate_iv(). In preparation, start passing U64_MAX as the > block number for filename IV generation, and make fscrypt_generate_iv() > translate this to 0 if extent-based encryption is not being used. > > Signed-off-by: Sweet Tea Dorminy <sweettea-kernel@xxxxxxxxxx> I had to go look at how you used this, because it seemed superflous to me, but it's because later you put the IV generation stuff above this particular bit of code. You say that we set it to 0 if extent-based encryption is not being used, but looking at this in vimdiff I don't know where that's going to be. So perhaps something like I will be adding code to generate IV's for extent-based encryption before falling through to the other policy types, and I will check for U64_MAX to skip the extent-based generation. At this point we'll want to switch back to 0 for filenames. Or some other such description. Thanks, Josef
|