]> git.ipfire.org Git - thirdparty/linux.git/commitdiff
ecryptfs: Drop TODO comment in ecryptfs_derive_iv
authorThorsten Blum <thorsten.blum@linux.dev>
Mon, 30 Mar 2026 10:35:17 +0000 (12:35 +0200)
committerTyler Hicks <code@tyhicks.com>
Thu, 2 Apr 2026 22:27:52 +0000 (17:27 -0500)
Remove the TODO from 2006. eCryptfs is generally not receiving new
features and changing the IV derivation is only likely to happen to
address security concerns in the future.

Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
[tyhicks: Add the reasoning to the commit message]
Signed-off-by: Tyler Hicks <code@tyhicks.com>
fs/ecryptfs/crypto.c

index a7511acc593e4a8bdc72935f5c969973f2c12e7c..dd3e2f1e2544449f89c1a4138207d1a57494fc10 100644 (file)
@@ -89,10 +89,6 @@ void ecryptfs_derive_iv(char *iv, struct ecryptfs_crypt_stat *crypt_stat,
                ecryptfs_printk(KERN_DEBUG, "root iv:\n");
                ecryptfs_dump_hex(crypt_stat->root_iv, crypt_stat->iv_bytes);
        }
-       /* TODO: It is probably secure to just cast the least
-        * significant bits of the root IV into an unsigned long and
-        * add the offset to that rather than go through all this
-        * hashing business. -Halcrow */
        memcpy(src, crypt_stat->root_iv, crypt_stat->iv_bytes);
        memset((src + crypt_stat->iv_bytes), 0, 16);
        snprintf((src + crypt_stat->iv_bytes), 16, "%lld", offset);