On Thu, Jul 18, 2019 at 01:19:41PM +0200, Milan Broz wrote: > > Also, I would like to avoid another "just because it is nicer" module dependence (XTS->XEX->ECB). > Last time (when XTS was reimplemented using ECB) we have many reports with initramfs > missing ECB module preventing boot from AES-XTS encrypted root after kernel upgrade... > Just saying. (Despite the last time it was keyring what broke encrypted boot ;-) > > (That said, I will try to find some volunteer to help with CTS in XTS implementation, if needed.) Well the main advantage of doing it on top of the existing xts is that you can retain the existing ARM implementations without any changes. This would also apply to any existing xts drivers that also don't implement CTS (I'm not aware of the status on these so someone will need to check them one by one). But if you were going to volunteer to change them all in one swoop then it wouldn't matter. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt