Re: [PATCH 01/12] common/encrypt: separate data and inode nonces

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Oct 10, 2023 at 04:25:54PM -0400, Josef Bacik wrote:
> From: Sweet Tea Dorminy <sweettea-kernel@xxxxxxxxxx>
> 
> btrfs will have different inode and data nonces, so we need to be
> specific about which nonce each use needs. For now, there is no
> difference in the two functions.
> 
> Signed-off-by: Sweet Tea Dorminy <sweettea-kernel@xxxxxxxxxx>
> ---
>  common/encrypt    | 33 ++++++++++++++++++++++++++-------
>  tests/f2fs/002    |  2 +-
>  tests/generic/613 |  4 ++--
>  3 files changed, 29 insertions(+), 10 deletions(-)
> 
> diff --git a/common/encrypt b/common/encrypt
> index 1a77e23b..04b6e5ac 100644
> --- a/common/encrypt
> +++ b/common/encrypt
> @@ -488,7 +488,7 @@ _add_fscrypt_provisioning_key()
>  # Retrieve the encryption nonce of the given inode as a hex string.  The nonce
>  # was randomly generated by the filesystem and isn't exposed directly to
>  # userspace.  But it can be read using the filesystem's debugging tools.
> -_get_encryption_nonce()
> +_get_encryption_file_nonce()
>  {
>  	local device=$1
>  	local inode=$2
> @@ -532,15 +532,34 @@ _get_encryption_nonce()
>  			}'
>  		;;
>  	*)
> -		_fail "_get_encryption_nonce() isn't implemented on $FSTYP"
> +		_fail "_get_encryption_file_nonce() isn't implemented on $FSTYP"
>  		;;
>  	esac
>  }
>  
> -# Require support for _get_encryption_nonce()
> +# Retrieve the encryption nonce used to encrypt the data of the given inode as
> +# a hex string.  The nonce was randomly generated by the filesystem and isn't
> +# exposed directly to userspace.  But it can be read using the filesystem's
> +# debugging tools.
> +_get_encryption_data_nonce()
> +{
> +	local device=$1
> +	local inode=$2
> +
> +	case $FSTYP in
> +	ext4|f2fs)
> +		_get_encryption_file_nonce $device $inode
> +		;;
> +	*)
> +		_fail "_get_encryption_data_nonce() isn't implemented on $FSTYP"
> +		;;
> +	esac
> +}

Shouldn't this be _get_encryption_extent_nonce(), taking the offset of the
extent as a parameter?

Also I think it would sound better as _get_extent_encryption_nonce(), and
likewise _get_file_encryption_nonce().

- Eric



[Index of Archives]     [linux Cryptography]     [Asterisk App Development]     [PJ SIP]     [Gnu Gatekeeper]     [IETF Sipping]     [Info Cyrus]     [ALSA User]     [Fedora Linux Users]     [Linux SCTP]     [DCCP]     [Gimp]     [Yosemite News]     [Deep Creek Hot Springs]     [Yosemite Campsites]     [ISDN Cause Codes]

  Powered by Linux