From: Anssi Hannula <anssi.hannula@iki.fi>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Theodore Ts'o <tytso@mit.edu>,
Andreas Dilger <adilger.kernel@dilger.ca>,
linux-ext4@vger.kernel.org, Michael Halcrow <mhalcrow@google.com>
Subject: Re: ext4 crypto: Do not select from EXT4_FS_ENCRYPTION
Date: Sun, 03 May 2015 15:34:14 +0300 [thread overview]
Message-ID: <554615C6.1060107@iki.fi> (raw)
In-Reply-To: <20150501001855.GA31516@gondor.apana.org.au>
Hi,
01.05.2015, 03:18, Herbert Xu kirjoitti:
> This patch adds a tristate EXT4_ENCRYPTION to do the selections
> for EXT4_FS_ENCRYPTION because selecting from a bool causes all
> the selected options to be built-in, even if EXT4 itself is a
> module.
Hmm, are you sure?
Since CONFIG_EXT4_FS_ENCRYPTION itself depends on CONFIG_EXT4_FS, the
selector for the selected options becomes (CONFIG_EXT4_FS_ENCRYPTION &&
CONFIG_EXT4_FS && CONFIG_BLOCK).
Per my testing on git master (without this patch), if EXT4_FS=m and
EXT4_FS_ENCRYPTION=y, both "built-in" and "module" options are allowed
for the selected options (checked CONFIG_ENCRYPTED_KEYS myself).
So selector "(A=y && B=m)" results in requirement ">=m", which seems
reasonable (otherwise even just CONFIG_BLOCK=y would force them to y).
Am I missing something or this patch unneeded?
> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
>
> diff --git a/fs/ext4/Kconfig b/fs/ext4/Kconfig
> index 18228c2..024f228 100644
> --- a/fs/ext4/Kconfig
> +++ b/fs/ext4/Kconfig
> @@ -64,8 +64,8 @@ config EXT4_FS_SECURITY
> If you are not using a security module that requires using
> extended attributes for file security labels, say N.
>
> -config EXT4_FS_ENCRYPTION
> - bool "Ext4 Encryption"
> +config EXT4_ENCRYPTION
> + tristate "Ext4 Encryption"
> depends on EXT4_FS
> select CRYPTO_AES
> select CRYPTO_CBC
> @@ -81,6 +81,11 @@ config EXT4_FS_ENCRYPTION
> efficient since it avoids caching the encrypted and
> decrypted pages in the page cache.
>
> +config EXT4_FS_ENCRYPTION
> + bool
> + default y
> + depends on EXT4_ENCRYPTION
> +
> config EXT4_DEBUG
> bool "EXT4 debugging support"
> depends on EXT4_FS
>
--
Anssi Hannula
next prev parent reply other threads:[~2015-05-03 13:07 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-01 0:18 ext4 crypto: Do not select from EXT4_FS_ENCRYPTION Herbert Xu
2015-05-02 13:40 ` Theodore Ts'o
2015-05-03 12:34 ` Anssi Hannula [this message]
2015-05-03 17:53 ` Theodore Ts'o
2015-05-03 18:29 ` Anssi Hannula
2015-05-03 21:11 ` Theodore Ts'o
2015-05-04 1:00 ` Herbert Xu
2015-05-04 1:37 ` Theodore Ts'o
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=554615C6.1060107@iki.fi \
--to=anssi.hannula@iki.fi \
--cc=adilger.kernel@dilger.ca \
--cc=herbert@gondor.apana.org.au \
--cc=linux-ext4@vger.kernel.org \
--cc=mhalcrow@google.com \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.