On Tue, Aug 08, 2023 at 01:08:08PM -0400, Sweet Tea Dorminy wrote:
> +/**
> + * enum fscrypt_prepared_key_type - records a prepared key's ownership
> + *
> + * @FSCRYPT_KEY_PER_INFO: this prepared key is allocated for a specific info
> + * and is never shared.
> + * @FSCRYPT_KEY_DIRECT_V1: this prepared key is embedded in a fscrypt_direct_key
> + * used in v1 direct key policies.
> + * @FSCRYPT_KEY_MASTER_KEY: this prepared key is a per-mode and policy key,
> + * part of a fscrypt_master_key, shared between all
> + * users of this master key having this mode and
> + * policy.
> + */
> +enum fscrypt_prepared_key_type {
> + FSCRYPT_KEY_PER_INFO = 1,
> + FSCRYPT_KEY_DIRECT_V1,
> + FSCRYPT_KEY_MASTER_KEY,
> +} __packed;
FSCRYPT_KEY_MASTER_KEY seems misnamed, since it's not for master keys. It's for
what the code elsewhere calls a per-mode key. So maybe FSCRYPT_KEY_PER_MODE?
I think your intent was for the name to reflect the struct that the
fscrypt_prepared_key is embedded in. I don't think that's obvious as-is. If
you want to name it that way, it should be made super clear, like this:
enum fscrypt_prepared_key_owner {
FSCRYPT_KEY_OWNED_BY_INFO = 1,
FSCRYPT_KEY_OWNED_BY_DIRECT_V1,
FSCRYPT_KEY_OWNED_BY_MASTER_KEY,
};
But, I think I'm leaning towards your proposal with
s/FSCRYPT_KEY_MASTER_KEY/FSCRYPT_KEY_PER_MODE/.
- Eric
|