This problem does not happen when I boot the 4.4.0 kernel, but consistently happens with the 4.5.0 kernel.How to reproduce:
- start docker daemon
- start docker container `docker start <id>`
- switch to shell inside the docker container `docker exec -it <id> bash`
- create a file `touch a`
- try to read it `cat a` => this fails with "Operation not permitted". In fact, any file read operation fails
"journalcrl -f" on the host shows "EXT4-fs warning (device sdb1): ext4_file_open:387: Inconsistent encryption contexts: 1379030/12058997".I'm using overlayfs for docker on top of ext4. Googling for "Inconsistent encryption contexts" leads to https://lkml.org/lkml/2016/3/10/713, which leads to https://lkml.org/lkml/2016/3/14/274. That patch mentioned there never made it into the kernel, but the patch I referenced seems to be the logical successor (renamed some things, and also fixes nfs).