On Tue, May 26, 2015 at 09:56:17AM +0200, Stephan Mueller wrote: > > Actually, I mean the real in-kernel crypto API: the IKE daemon would set up > the SA via XFRM where the rfc4106(gcm(aes)) cipher is set, is it not? So, user > space is responsible to set the right IPSEC cipher. > > As that user space cipher name is now changed, user space would need to be > aware of that modification, would it not? No the change was done in a backwards compatible way. So if you allocate rfc4106(gcm(aes)) and use the givencrypt interface (not encrypt) then you still get the old behaviour. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html