All of lore.kernel.org
 help / color / mirror / Atom feed
From: Eric Biggers <ebiggers@kernel.org>
To: linux-xfs@vger.kernel.org
Cc: fstests@vger.kernel.org, linux-fscrypt@vger.kernel.org
Subject: [PATCH v2 1/8] xfs_io/encrypt: remove unimplemented encryption modes
Date: Thu, 19 Sep 2019 17:18:15 -0700	[thread overview]
Message-ID: <20190920001822.257411-2-ebiggers@kernel.org> (raw)
In-Reply-To: <20190920001822.257411-1-ebiggers@kernel.org>

From: Eric Biggers <ebiggers@google.com>

Although mode numbers were originally reserved for AES-256-GCM and
AES-256-CBC, these were never implemented in the kernel, and there are
no plans to do so anymore.  These mode numbers may be used for something
else in the future.  Also, xfstests (the only known user of the xfs_io
encryption commands) doesn't try to use them.  Finally, most of the
fscrypt constants have been given new names in the UAPI header, but the
unused constants have not been given new names since userspace should
just stop referencing them instead.

So remove them from xfs_io.

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 io/encrypt.c | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/io/encrypt.c b/io/encrypt.c
index 7a0b2465..70c9e5eb 100644
--- a/io/encrypt.c
+++ b/io/encrypt.c
@@ -49,8 +49,6 @@ struct fscrypt_policy {
 
 #define FS_ENCRYPTION_MODE_INVALID	0
 #define FS_ENCRYPTION_MODE_AES_256_XTS	1
-#define FS_ENCRYPTION_MODE_AES_256_GCM	2
-#define FS_ENCRYPTION_MODE_AES_256_CBC	3
 #define FS_ENCRYPTION_MODE_AES_256_CTS	4
 #endif /* FS_ENCRYPTION_MODE_AES_256_XTS */
 
@@ -74,7 +72,7 @@ set_encpolicy_help(void)
 " -v VERSION -- version of policy structure\n"
 "\n"
 " MODE can be numeric or one of the following predefined values:\n"
-"    AES-256-XTS, AES-256-CTS, AES-256-GCM, AES-256-CBC\n"
+"    AES-256-XTS, AES-256-CTS\n"
 " FLAGS and VERSION must be numeric.\n"
 "\n"
 " Note that it's only possible to set an encryption policy on an empty\n"
@@ -88,8 +86,6 @@ static const struct {
 } available_modes[] = {
 	{FS_ENCRYPTION_MODE_AES_256_XTS, "AES-256-XTS"},
 	{FS_ENCRYPTION_MODE_AES_256_CTS, "AES-256-CTS"},
-	{FS_ENCRYPTION_MODE_AES_256_GCM, "AES-256-GCM"},
-	{FS_ENCRYPTION_MODE_AES_256_CBC, "AES-256-CBC"},
 };
 
 static bool
-- 
2.23.0.351.gc4317032e6-goog

  reply	other threads:[~2019-09-20  0:20 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-09-20  0:18 [PATCH v2 0/8] xfsprogs: support fscrypt API additions in xfs_io Eric Biggers
2019-09-20  0:18 ` Eric Biggers [this message]
2019-09-20  0:18 ` [PATCH v2 2/8] xfs_io/encrypt: update to UAPI definitions from Linux v5.4 Eric Biggers
2019-09-20  0:18 ` [PATCH v2 3/8] xfs_io/encrypt: add new encryption modes Eric Biggers
2019-09-20  0:18 ` [PATCH v2 4/8] xfs_io/encrypt: extend 'get_encpolicy' to support v2 policies Eric Biggers
2019-09-20  0:18 ` [PATCH v2 5/8] xfs_io/encrypt: extend 'set_encpolicy' " Eric Biggers
2019-09-20  0:18 ` [PATCH v2 6/8] xfs_io/encrypt: add 'add_enckey' command Eric Biggers
2019-09-20  0:18 ` [PATCH v2 7/8] xfs_io/encrypt: add 'rm_enckey' command Eric Biggers
2019-09-24 22:39   ` Eric Sandeen
2019-09-25 23:11     ` Eric Biggers
2019-09-20  0:18 ` [PATCH v2 8/8] xfs_io/encrypt: add 'enckey_status' command Eric Biggers

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190920001822.257411-2-ebiggers@kernel.org \
    --to=ebiggers@kernel.org \
    --cc=fstests@vger.kernel.org \
    --cc=linux-fscrypt@vger.kernel.org \
    --cc=linux-xfs@vger.kernel.org \
    --subject='Re: [PATCH v2 1/8] xfs_io/encrypt: remove unimplemented encryption modes' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.