Merge branch 'merge.nfs-fs_parse.1' of git://git.kernel.org/pub/scm/linux/kernel...

[linux.git] / fs / crypto / keysetup_v1.c

diff --git a/fs/crypto/keysetup_v1.c b/fs/crypto/keysetup_v1.c
index 5298ef22aa8598c849981b45cfa7b5cff799861a..801b48c0cd7f356031bfb6ff2345a52ad3be61e0 100644 (file)
--- a/fs/crypto/keysetup_v1.c
+++ b/fs/crypto/keysetup_v1.c
@@ -9,7 +9,7 @@
  * This file implements compatibility functions for the original encryption
  * policy version ("v1"), including:
  *
- * - Deriving per-file keys using the AES-128-ECB based KDF
+ * - Deriving per-file encryption keys using the AES-128-ECB based KDF
  *   (rather than the new method of using HKDF-SHA512)
  *
  * - Retrieving fscrypt master keys from process-subscribed keyrings
@@ -253,23 +253,8 @@ fscrypt_get_direct_key(const struct fscrypt_info *ci, const u8 *raw_key)
 static int setup_v1_file_key_direct(struct fscrypt_info *ci,
                                    const u8 *raw_master_key)
 {
-       const struct fscrypt_mode *mode = ci->ci_mode;
        struct fscrypt_direct_key *dk;
 
-       if (!fscrypt_mode_supports_direct_key(mode)) {
-               fscrypt_warn(ci->ci_inode,
-                            "Direct key mode not allowed with %s",
-                            mode->friendly_name);
-               return -EINVAL;
-       }
-
-       if (ci->ci_policy.v1.contents_encryption_mode !=
-           ci->ci_policy.v1.filenames_encryption_mode) {
-               fscrypt_warn(ci->ci_inode,
-                            "Direct key mode not allowed with different contents and filenames modes");
-               return -EINVAL;
-       }
-
        dk = fscrypt_get_direct_key(ci, raw_master_key);
        if (IS_ERR(dk))
                return PTR_ERR(dk);
@@ -298,7 +283,7 @@ static int setup_v1_file_key_derived(struct fscrypt_info *ci,
        if (err)
                goto out;
 
-       err = fscrypt_set_derived_key(ci, derived_key);
+       err = fscrypt_set_per_file_enc_key(ci, derived_key);
 out:
        kzfree(derived_key);
        return err;