On Fri, 2019-08-02 at 15:23 -0500, Tyler Hicks wrote: > That wasn't the conclusion that I came to. I prefer Robert's proposed > change to trusted.ko. > > How do you propose that this be fixed in eCryptfs? > > Removing encrypted_key support from eCryptfs is the only way that I can > see to fix the bug in eCryptfs. That support has been there since 2011. > I'm not sure of the number of users that would be broken by removing > encrypted_key support. I don't think the number is high but I can't say > that confidently. Looking at the documentation [1] it is stated that "Encrypted keys do not depend on a TPM, and are faster, as they use AES for encryption/decryption." Why would you need to remove support for encrypted keys? Isn't it a regression in encrypted keys to hard depend on trusted keys given what the documentation says? > Roberto, what was your use case when you added encrypted_key support to > eCryptfs back then? Are you aware of any users of eCryptfs + > encrypted_keys? > > Jarkko, removing a long-standing feature is potentially more disruptive > to users than adding a workaround to trusted.ko which already requires a > similar workaround. I don't think that I agree with you on the proper > fix here. There is nothing to disagree or agree. I just try to get the picture since ecryptfs is relatively alien to me. [1] https://www.kernel.org/doc/html/v4.13/security/keys/trusted-encrypted.html /Jarkko
