Hi Ted,
On 05/24/2018 06:25 PM, Theodore Y. Ts'o wrote:
On Thu, May 24, 2018 at 05:08:41PM -0500, Denis Kenzior wrote:
Actually for the use case we have, speed is something pretty low on the
priority list; not having to deal with userspace crypto library dependencies
was a goal in and of itself. Each one has its own issues and you can never
support just one. Using AF_ALG has been rather... liberating.
Which is probably why Eric used the word, "laziness". You might use a
different word, but the decisoin was one that was more driven by
convenience than kernel security....
Err, this is a bit uncalled for.
But seriously, how is it a fault of the 'random person on the mailing
list' that AF_ALG exists and is being used for its (seemingly intended)
purpose?
I'm not really here to criticize or judge the past. AF_ALG exists now.
It is being used. Can we just make it better? Or are we going to
whinge at every user that tries to use (and improve) kernel features
that (some) people disagree with because it can 'compromise' kernel
security?
Also, if speed isn't a worry, why not just a single software-only
implementation of SHA1, and be done with it? It's what I did in
e2fsprogs for e4crypt.
If things were that simple, we would definitely not be having this
exchange. Lets just say we use just about every feature that crypto
subsystem provides in some way.
Regards,
-Denis