Commit cd3b3094 authored by Thorsten Blum's avatar Thorsten Blum Committed by Tyler Hicks
Browse files

ecryptfs: Drop TODO comment in ecryptfs_derive_iv 



Remove the TODO from 2006. eCryptfs is generally not receiving new
features and changing the IV derivation is only likely to happen to
address security concerns in the future.

Signed-off-by: default avatarThorsten Blum <thorsten.blum@linux.dev>
[tyhicks: Add the reasoning to the commit message]
Signed-off-by: default avatarTyler Hicks <code@tyhicks.com>
parent c8717a7f

fs/ecryptfs/crypto.c

+0 −4
Original line number Diff line number Diff line
@@ -89,10 +89,6 @@ void ecryptfs_derive_iv(char *iv, struct ecryptfs_crypt_stat *crypt_stat, 
		ecryptfs_printk(KERN_DEBUG, "root iv:\n");

		ecryptfs_dump_hex(crypt_stat->root_iv, crypt_stat->iv_bytes);

	}

	/* TODO: It is probably secure to just cast the least

	 * significant bits of the root IV into an unsigned long and

	 * add the offset to that rather than go through all this

	 * hashing business. -Halcrow */

	memcpy(src, crypt_stat->root_iv, crypt_stat->iv_bytes);

	memset((src + crypt_stat->iv_bytes), 0, 16);

	snprintf((src + crypt_stat->iv_bytes), 16, "%lld", offset);