On Thu, May 24, 2018 at 5:11 AM, Stephan Mueller <smueller@xxxxxxxxxx> wrote: > Am Donnerstag, 24. Mai 2018, 10:33:07 CEST schrieb Rafael J. Wysocki: > > Hi Rafael, > >> So the problem is that Yu would like to use this for hibernation encryption >> done entirely in the kernel. > > But why do you need to perform PBKDF in kernel space? I may be mis-parsing things, but using audited kernel code is a matter of governance and good security engineering. I don't believe it is not a matter of laziness. If he/she were to add their own userland code then he would surely be criticized for rolling his own implementation. Jeff