Hi Ted,

On Mon, Jan 02, 2017 at 03:43:43PM -0500, Theodore Ts'o wrote:

The following patch is smaller (and causes a net reduction in code).
It also uses allows us to properly test the context inheritance code,
by completely removing any test_dummy_encryption specific hacks from
fscrypt_inherit_context().

The suggested userspace shell script fragment works on big-endian
systems, and uses fixed key instead of a random one.  The latter is
useful for test sequences where it is useful to validate a file system
that had been previously created using an older kernel.

I'm fine with your proposed version, though I'm not convinced it's really any
better than mine, since it basically just moves the "hack" from
fscrypt_inherit_context() to fscrypt_get_encryption_info().  The reason I
preferred it in fscrypt_inherit_context() was that allowing
fscrypt_get_encryption_info() to work on unencrypted files is kind of weird and
could allow for confusing scenarios where a previously existing unencrypted file
is accidentally treated as an encrypted one --- though that would require a
missing ext4_encrypted_inode() check of course.

Thanks,

Eric