On Nov 29, 2021, at 19:27, Eric Biggers <ebiggers@xxxxxxxxxx> wrote: > On Wed, Nov 24, 2021 at 12:06:45PM -0800, Chang S. Bae wrote: >> >> == Non Use Cases == >> >> Bare metal disk encryption is the only use case intended by these patches. > > If that's the case, why are so many encryption modes being added (ECB, CTR, CBC, > and XTS)? Wouldn't just XTS be sufficient? Right, it would reduce the crypt library changes significantly. But it is clueless whether XTS is sufficient to support DM-crypt, because a user may select the kernel’s crypto API via ‘capi:', [1]. >> * PATCH10-15: For the x86 crypto library, it first prepares the AES-NI code >> to accommodate the new AES implementation. Then incrementally add base >> functions and various modes support -- ECB, CBC, CTR, and XTS. The code >> was found to pass the crypto test. > > Did you test with CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y? Yes. Thanks, Chang [1] https://gitlab.com/cryptsetup/cryptsetup/-/wikis/DMCrypt
