From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6D007C4332F for ; Fri, 18 Nov 2022 13:15:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S242028AbiKRNPP (ORCPT ); Fri, 18 Nov 2022 08:15:15 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39994 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241473AbiKRNPM (ORCPT ); Fri, 18 Nov 2022 08:15:12 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5D2E05801D for ; Fri, 18 Nov 2022 05:14:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1668777248; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=DwgnOjsBwuRm3KvaCsNzS6B7/KxJyL7ZVpx0OHwNOwA=; b=R4lvEJUwYZibNnazRzwH66GuBgnzt97h+bYWQtRMJ2i3zS232kwfZRp1U7Hf6Wtlchdqya E132DDLTNl2zW3WE7b+1GMDlZ99NnwuBAySagLU3ZwBcy8D92+rg0fFxpmYYJOzX6v3dcK 2Rv+CzmuHMxJxyAvghYXVXF+EYJZRpE= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-154-gGjGeDE0NEeha0WFuDPt1Q-1; Fri, 18 Nov 2022 08:14:02 -0500 X-MC-Unique: gGjGeDE0NEeha0WFuDPt1Q-1 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id AD4F1811E75; Fri, 18 Nov 2022 13:14:01 +0000 (UTC) Received: from localhost (unknown [10.39.208.23]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 65BF640C83EC; Fri, 18 Nov 2022 13:14:01 +0000 (UTC) Date: Fri, 18 Nov 2022 14:13:58 +0100 From: Niels de Vos To: Christoph Hellwig Cc: Theodore Ts'o , linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, Xiubo Li , Marcel Lauhoff Subject: Re: [RFC 0/4] fs: provide per-filesystem options to disable fscrypt Message-ID: References: <20221110141225.2308856-1-ndevos@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Scanned-By: MIMEDefang 3.1 on 10.11.54.1 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Nov 13, 2022 at 10:02:37PM -0800, Christoph Hellwig wrote: > On Thu, Nov 10, 2022 at 05:47:10PM +0100, Niels de Vos wrote: > > And, there actually are options like CONFIG_EXT4_FS_POSIX_ACL and > > CONFIG_EXT4_FS_SECURITY. Because these exist already, I did not expect > > too much concerns with proposing a CONFIG_EXT4_FS_ENCRYPTION... > > ext4 is a little weird there as most file systems don't do that. > So I think these should go away for ext4 as well. Yeah, I understand that there is a preference for reducing the number of Kconfig options for filesystems. That indeed would make it a little easier for users, so I am supportive of that as well. > > Note that even with the additional options, enabling only > > CONFIG_FS_ENCRYPTION causes all the filesystems that support fscrypt to > > have it enabled. For users there is no change, except that they now have > > an option to disable fscrypt support per filesystem. > > But why would you do that anyay? An other mail in this thread contains a description about that. It is more about being able to provide a kernel build that is fully tested, and enabling more options (or being unable to disable features) increases the testing efforts that are needed. However, as Ted pointed out, there are other features that can not be disabled or limited per filesystem, so there will always be a gap in what can practically be tested. Thanks, Niels