Re: [PATCH 3/4] dm crypt: switch to EBOIV crypto API template

[PATCH 0/4] crypto: switch to crypto API for EBOIV generation · Gilad Ben-Yossef <gilad@benyossef.com> · 2020-10-26
[PATCH 1/4] crypto: add eboiv as a crypto API template · Gilad Ben-Yossef <gilad@benyossef.com> · 2020-10-26
Re: [PATCH 1/4] crypto: add eboiv as a crypto API template · Eric Biggers <ebiggers@kernel.org> · 2020-10-26
Re: [PATCH 1/4] crypto: add eboiv as a crypto API template · Eric Biggers <ebiggers@kernel.org> · 2020-10-26
Re: [PATCH 1/4] crypto: add eboiv as a crypto API template · Gilad Ben-Yossef <gilad@benyossef.com> · 2020-10-27
[PATCH 2/4] crypto: add eboiv(cbc(aes)) test vectors · Gilad Ben-Yossef <gilad@benyossef.com> · 2020-10-26
[PATCH 3/4] dm crypt: switch to EBOIV crypto API template · Gilad Ben-Yossef <gilad@benyossef.com> · 2020-10-26
Re: [PATCH 3/4] dm crypt: switch to EBOIV crypto API template · Eric Biggers <ebiggers@kernel.org> · 2020-10-26
Re: [PATCH 3/4] dm crypt: switch to EBOIV crypto API template · Milan Broz <hidden> · 2020-10-26
Re: [PATCH 3/4] dm crypt: switch to EBOIV crypto API template · Eric Biggers <ebiggers@kernel.org> · 2020-10-26
Re: [PATCH 3/4] dm crypt: switch to EBOIV crypto API template · Herbert Xu <herbert@gondor.apana.org.au> · 2020-10-26
Re: [PATCH 3/4] dm crypt: switch to EBOIV crypto API template · Herbert Xu <herbert@gondor.apana.org.au> · 2020-10-26
Re: [PATCH 3/4] dm crypt: switch to EBOIV crypto API template · Gilad Ben-Yossef <gilad@benyossef.com> · 2020-10-28
Re: [PATCH 3/4] dm crypt: switch to EBOIV crypto API template · Herbert Xu <herbert@gondor.apana.org.au> · 2020-10-29
Re: [PATCH 3/4] dm crypt: switch to EBOIV crypto API template · Milan Broz <hidden> · 2020-10-26
Re: [PATCH 3/4] dm crypt: switch to EBOIV crypto API template · Gilad Ben-Yossef <gilad@benyossef.com> · 2020-10-27
Re: [PATCH 3/4] dm crypt: switch to EBOIV crypto API template · Milan Broz <hidden> · 2020-10-27
[PATCH 4/4] crypto: ccree: re-introduce ccree eboiv support · Gilad Ben-Yossef <gilad@benyossef.com> · 2020-10-26

From: Herbert Xu <herbert@gondor.apana.org.au>
Date: 2020-10-26 18:42:15
Also in: dm-devel, linux-crypto, lkml

On Mon, Oct 26, 2020 at 11:39:36AM -0700, Eric Biggers wrote:

CONFIG_DM_CRYPT can either select every weird combination of algorithms anyone
can ever be using, or it can select some defaults and require any other needed
algorithms to be explicitly selected.

In reality, dm-crypt has never even selected any particular block ciphers, even
AES.  Nor has it ever selected XTS.  So it's actually always made users (or
kernel distributors) explicitly select algorithms.  Why the Bitlocker support
suddenly different?

I'd think a lot of dm-crypt users don't want to bloat their kernels with random
legacy algorithms.

The point is that people rebuilding their kernel can end up with a
broken system.  Just set a default on EBOIV if dm-crypt is on.

Cheers,
-- 
Email: Herbert Xu [off-list ref]
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help