Re: [PATCH v3 00/15] x86: Support Key Locker

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Nov 29, 2021, at 23:23, Eric Biggers <ebiggers@xxxxxxxxxx> wrote:
> On Tue, Nov 30, 2021 at 06:36:15AM +0000, Bae, Chang Seok wrote:
>> On Nov 29, 2021, at 19:27, Eric Biggers <ebiggers@xxxxxxxxxx> wrote:
>>> On Wed, Nov 24, 2021 at 12:06:45PM -0800, Chang S. Bae wrote:
>>>> 
>>>> == Non Use Cases ==
>>>> 
>>>> Bare metal disk encryption is the only use case intended by these patches.
>>> 
>>> If that's the case, why are so many encryption modes being added (ECB, CTR, CBC,
>>> and XTS)?  Wouldn't just XTS be sufficient?
>> 
>> Right, it would reduce the crypt library changes significantly. But it is
>> clueless whether XTS is sufficient to support DM-crypt, because a user may
>> select the kernel’s crypto API via ‘capi:', [1].
> 
> Just because dm-crypt allows you to create a ECB or CTR encrypted disk does not
> mean that it is a good idea.

Okay, it sounds like at least ECB and CTR supports are not practically needed.

I have no problem trimming down to exclude them.

Thanks,
Chang




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux