On Tue, Feb 7, 2023 at 10:36 AM Eric Biggers <ebiggers@xxxxxxxxxx> wrote:
>
> Also note that keys are normally added using an ioctl, which can only be
> executed after the filesystem was mounted. The only exception is the key
> associated with the "test_dummy_encryption" mount option.
Could we perhaps then replace the
fscrypt_destroy_keyring(s);
with a more specific
fscrypt_destroy_dummy_keyring(s);
thing, that would only handle the dummy encryption case?
Ot could we just *fix* the dummy encryption test to actually work like
real encryption cases, so that it doesn't have this bogus case?
> By the way, the following code is in generic_shutdown_super(), and not in
> __put_super(), for a very similar reason:
Well, but that isn't a problem, exactly because that code isn't in
__put_super().
Put another way: the problem with the dummy encryption appears to be
exactly that it doesn't actually act like any real encryption would,
and then triggers that "this whole sequence gets called even under the
spinlock, even though it's documented to not be valid for that case,
because we added a bogus test-case that doesn't actually match
reality".
Looking at Jens' reply to the other cases, Dan's tool seems to be on
the money here except for this self-inflicted bogus crypto key thing.
Linus
