ecryptfs: Drop TODO comment in ecryptfs_derive_iv

Remove the TODO from 2006. eCryptfs is generally not receiving new
features and changing the IV derivation is only likely to happen to
address security concerns in the future.

Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
[tyhicks: Add the reasoning to the commit message]
Signed-off-by: Tyler Hicks <code@tyhicks.com>

diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index a7511acc593e4a8bdc72935f5c969973f2c12e7c..dd3e2f1e2544449f89c1a4138207d1a57494fc10 100644 (file)
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -89,10 +89,6 @@ void ecryptfs_derive_iv(char *iv, struct ecryptfs_crypt_stat *crypt_stat,
                ecryptfs_printk(KERN_DEBUG, "root iv:\n");
                ecryptfs_dump_hex(crypt_stat->root_iv, crypt_stat->iv_bytes);
        }
-       /* TODO: It is probably secure to just cast the least
-        * significant bits of the root IV into an unsigned long and
-        * add the offset to that rather than go through all this
-        * hashing business. -Halcrow */
        memcpy(src, crypt_stat->root_iv, crypt_stat->iv_bytes);
        memset((src + crypt_stat->iv_bytes), 0, 16);
        snprintf((src + crypt_stat->iv_bytes), 16, "%lld", offset);