Hi Eric,
On 12/2/22 3:14 AM, Eric Biggers wrote:
From: Eric Biggers <ebiggers@xxxxxxxxxx>
Add a paragraph about SM4, like there is for the other modes.
Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx>
---
Documentation/filesystems/fscrypt.rst | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst
index c0784ec055530..ef183387da208 100644
--- a/Documentation/filesystems/fscrypt.rst
+++ b/Documentation/filesystems/fscrypt.rst
@@ -370,6 +370,12 @@ CONFIG_CRYPTO_HCTR2 must be enabled. Also, fast implementations of XCTR and
POLYVAL should be enabled, e.g. CRYPTO_POLYVAL_ARM64_CE and
CRYPTO_AES_ARM64_CE_BLK for ARM64.
+SM4 is a Chinese block cipher that is an alternative to AES. It has
+not seen as much security review as AES, and it only has a 128-bit key
+size. It may be useful in cases where its use is mandated.
+Otherwise, it should not be used. For SM4 support to be available, it
+also needs to be enabled in the kernel crypto API.
+
Looks good to me, this description is appropriate.
Reviewed-by: Tianjia Zhang <tianjia.zhang@xxxxxxxxxxxxxxxxx>
Thanks,
Tianjia
New encryption modes can be added relatively easily, without changes
to individual filesystems. However, authenticated encryption (AE)
modes are not currently supported because of the difficulty of dealing
