diff options
| author | Eric Biggers <ebiggers@google.com> | 2020-03-17 21:10:58 -0700 |
|---|---|---|
| committer | Eric Biggers <ebiggers@google.com> | 2020-03-23 13:20:27 -0700 |
| commit | ae886a89f541a74255c9a41f7fa504a82ee6413e (patch) | |
| tree | 1f9cac402e1d2d85406f2c2e6dcb459d559aef3c /metadata/config_test.go | |
| parent | b43cb6970da16fea7aa2c073a83891909a2833b1 (diff) | |
Simplify choosing the key description prefix
There's no real need to allow users to choose the key description prefix
(a.k.a. the "service"), since on ext4 and f2fs we can just use "ext4"
and "f2fs" for compatibility with all kernels both old and new, and on
other filesystems we can just use "fscrypt". So, let's do that.
Since this removes the point of the "--legacy" option to 'fscrypt setup'
and the "compatibility" field in /etc/fscrypt.conf, remove those too.
Specifically, we start ignoring the "compatibility" in existing config
files and not writing it to new ones. The corresponding protobuf field
number and name are reserved. We stop accepting the "--legacy" option
at all, although since it was default true and there was no real reason
for anyone to change it to false, probably no one will notice. If
anyone does, they should just stop specifying the option.
Note that this change only affects user keyrings and thus only affects
v1 encryption policies, which are deprecated in favor of v2 anyway.
Diffstat (limited to 'metadata/config_test.go')
| -rw-r--r-- | metadata/config_test.go | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/metadata/config_test.go b/metadata/config_test.go index 83c1eb0..52f83f2 100644 --- a/metadata/config_test.go +++ b/metadata/config_test.go @@ -33,8 +33,7 @@ var testConfig = &Config{ Memory: 1 << 12, Parallelism: 8, }, - Compatibility: "", - Options: DefaultOptions, + Options: DefaultOptions, } var testConfigString = `{ @@ -44,7 +43,6 @@ var testConfigString = `{ "memory": "4096", "parallelism": "8" }, - "compatibility": "", "options": { "padding": "32", "contents": "AES_256_XTS", @@ -81,7 +79,7 @@ func TestRead(t *testing.T) { } // Makes sure we can parse a legacy config file that doesn't have the fields -// that were added later. +// that were added later and that has the removed "compatibility" field. func TestOptionalFields(t *testing.T) { contents := `{ "source": "custom_passphrase", @@ -90,7 +88,7 @@ func TestOptionalFields(t *testing.T) { "memory": "4096", "parallelism": "8" }, - "compatibility": "", + "compatibility": "legacy", "options": { "padding": "32", "contents": "AES_256_XTS", |