Received: by 2002:a25:d7c1:0:0:0:0:0 with SMTP id o184csp2705201ybg; Thu, 24 Oct 2019 13:53:44 -0700 (PDT) X-Google-Smtp-Source: APXvYqza9XYMbgBnjxhWgveQUzyLo8+D5VvM6U+FZqKs4g0SsaAyp6tZeRmVZkWHLQQszA06MNns X-Received: by 2002:a50:ac3c:: with SMTP id v57mr169149edc.300.1571950424819; Thu, 24 Oct 2019 13:53:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1571950424; cv=none; d=google.com; s=arc-20160816; b=GJGcrvxyCf3XOi7Di5MCB+MmmG0xEQjt8KdvWKrmQv+Aoqmu4MKnQPBJdm5ra7VG8x +ulhWJk43ftRwa2FtsQINHMBCnZwgOJbz84UJ2YZ+Tbq8W1+u705L8ufWCUip3eqLaDn fnjK6ZCQGCSQyXYwpDWYqTMh4pDhNZPwfGK1/hKSzIAsaius0swoX2A0BD4f85YhWa9E MaFWode8DKpoElf/EDp5cC/8tMpbhTwjR1WYa/G02wFiVnse78f6UuuHPohznehXMS88 RJVjFdaA8ICB+v23/ZSBdfHX/IX35jDzqEv6J6vGyn9R/7J1pq9ZbFtobmtbcQVbKne7 k22A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:to :from:date:dkim-signature; bh=UuKLDbpQvbMotGXcc+uLQ0Vocvzd2LHIJ9vtxHOU5vU=; b=wofcnH7FBhZH8ErhYkX9x7+3SZA4KcnxF7DSiLy8NvWvdNP+5BnPy1hwpTlBVk/3rr B3BbNLSi3KE+p6CFjdWigFQUkrHm3SdRMqsiHuWymXKqSUiLvrm3hqSgcdOJ57NNMkul fHZ5/00E4yP6cp3caJ9oLV6xCeLSQYzHvYE4Ct6NtGRqEpk44ANX+w5TJi6EfUOfkDlc UW51KkYA6CnFY7DRt/sN8L/qfR4UKNsY2z4gJfH/QJqvbkijbzlbaMMIsq3YJpq/flW0 KZCu8Y8nsOZEyo6dY8LAbTtiH1yNm+5hFAsZHgga8XXN/b5fs9ktGhz69Mox1Qetxeoc /1sA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@infradead.org header.s=bombadil.20170209 header.b=i6E3AhTx; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j26si5475694ejd.138.2019.10.24.13.53.19; Thu, 24 Oct 2019 13:53:44 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@infradead.org header.s=bombadil.20170209 header.b=i6E3AhTx; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2437867AbfJXHEh (ORCPT + 99 others); Thu, 24 Oct 2019 03:04:37 -0400 Received: from bombadil.infradead.org ([198.137.202.133]:60208 "EHLO bombadil.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727635AbfJXHEh (ORCPT ); Thu, 24 Oct 2019 03:04:37 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20170209; h=In-Reply-To:Content-Type:MIME-Version :References:Message-ID:Subject:To:From:Date:Sender:Reply-To:Cc: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=UuKLDbpQvbMotGXcc+uLQ0Vocvzd2LHIJ9vtxHOU5vU=; b=i6E3AhTxU7PiiGoZzHX1bpT6K 7IRuf91wXcARc4dhTksYxqxPdfUSlbB4q7yGugACfQTvkbN8suN7Yd9H8ZiWfzixEAaJEUoGg497V 8lWSw8TWXat6lhpSQCxuXB0JIQp15oSX7lw7dgZ6tsSiYPOWh+odehSxcdiZJEy7yrEN1UoQISKC+ KihqDHF2wWd5cKKq/bFaRJ4aOtR9PXq7IR4CzsUOxkrN9XW5Z5UkWpZkzqAoSh6m6C8RzC/j/5MRy CLVwiG+QvZ8C4mNC7/+ocWKE0wCHvQZXxoKj2reDkv5OQNW6+OzL+JyxSmVy2pIlCdVqbRt89NrZ1 P+5IiNmTw==; Received: from hch by bombadil.infradead.org with local (Exim 4.92.3 #3 (Red Hat Linux)) id 1iNXAf-0004zo-44; Thu, 24 Oct 2019 07:04:33 +0000 Date: Thu, 24 Oct 2019 00:04:33 -0700 From: Christoph Hellwig To: Christoph Hellwig , "Theodore Y. Ts'o" , Satya Tangirala , Paul Lawrence , Dave Chinner , linux-f2fs-devel@lists.sourceforge.net, linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org, Jaegeuk Kim , linux-ext4@vger.kernel.org, Paul Crowley Subject: Re: [PATCH 1/3] fscrypt: add support for inline-encryption-optimized policies Message-ID: <20191024070433.GB16652@infradead.org> References: <20191021230355.23136-1-ebiggers@kernel.org> <20191021230355.23136-2-ebiggers@kernel.org> <20191022052712.GA2083@dread.disaster.area> <20191022060004.GA333751@sol.localdomain> <20191022133001.GA23268@mit.edu> <20191023092718.GA23274@infradead.org> <20191023125701.GA2460@mit.edu> <20191024012759.GA32358@infradead.org> <20191024024459.GA743@sol.localdomain> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20191024024459.GA743@sol.localdomain> User-Agent: Mutt/1.12.1 (2019-06-15) X-SRS-Rewrite: SMTP reverse-path rewritten from by bombadil.infradead.org. See http://www.infradead.org/rpr.html Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org On Wed, Oct 23, 2019 at 07:44:59PM -0700, Eric Biggers wrote: > Would you be happy with something that more directly describes the change the > flag makes Yes. > , like FSCRYPT_POLICY_FLAG_CONTENTS_IV_INO_LBLK_64? I.e., the IVs for > contents encryption are 64-bit and contain the inode and logical block numbers. > > Actually, we could use the same key derivation and IV generation for directories > and symlinks too, which would result in just FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64. > (lblk is 0 when encrypting a filename.) I think not making it crazy verbose is a helpful, but at the same time it should be somewhat descriptive. > Although, in general it would be nice to name the settings in ways that are > easier for people not intimately familiar with the crypto to understand... For the andoid case the actual users won't ever really see it, and if you set up the thing yourself it probably helps a lot to try to understand what your are doing.