* [PATCH] fscrypt: add additional documentation for SM4 support
@ 2022-12-01 19:14 Eric Biggers
2022-12-02 12:08 ` Tianjia Zhang
0 siblings, 1 reply; 2+ messages in thread
From: Eric Biggers @ 2022-12-01 19:14 UTC (permalink / raw)
To: linux-fscrypt; +Cc: linux-doc, Tianjia Zhang
From: Eric Biggers <ebiggers@google.com>
Add a paragraph about SM4, like there is for the other modes.
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
Documentation/filesystems/fscrypt.rst | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst
index c0784ec055530..ef183387da208 100644
--- a/Documentation/filesystems/fscrypt.rst
+++ b/Documentation/filesystems/fscrypt.rst
@@ -370,6 +370,12 @@ CONFIG_CRYPTO_HCTR2 must be enabled. Also, fast implementations of XCTR and
POLYVAL should be enabled, e.g. CRYPTO_POLYVAL_ARM64_CE and
CRYPTO_AES_ARM64_CE_BLK for ARM64.
+SM4 is a Chinese block cipher that is an alternative to AES. It has
+not seen as much security review as AES, and it only has a 128-bit key
+size. It may be useful in cases where its use is mandated.
+Otherwise, it should not be used. For SM4 support to be available, it
+also needs to be enabled in the kernel crypto API.
+
New encryption modes can be added relatively easily, without changes
to individual filesystems. However, authenticated encryption (AE)
modes are not currently supported because of the difficulty of dealing
--
2.38.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] fscrypt: add additional documentation for SM4 support
2022-12-01 19:14 [PATCH] fscrypt: add additional documentation for SM4 support Eric Biggers
@ 2022-12-02 12:08 ` Tianjia Zhang
0 siblings, 0 replies; 2+ messages in thread
From: Tianjia Zhang @ 2022-12-02 12:08 UTC (permalink / raw)
To: Eric Biggers, linux-fscrypt; +Cc: linux-doc
Hi Eric,
On 12/2/22 3:14 AM, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
>
> Add a paragraph about SM4, like there is for the other modes.
>
> Signed-off-by: Eric Biggers <ebiggers@google.com>
> ---
> Documentation/filesystems/fscrypt.rst | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/Documentation/filesystems/fscrypt.rst b/Documentation/filesystems/fscrypt.rst
> index c0784ec055530..ef183387da208 100644
> --- a/Documentation/filesystems/fscrypt.rst
> +++ b/Documentation/filesystems/fscrypt.rst
> @@ -370,6 +370,12 @@ CONFIG_CRYPTO_HCTR2 must be enabled. Also, fast implementations of XCTR and
> POLYVAL should be enabled, e.g. CRYPTO_POLYVAL_ARM64_CE and
> CRYPTO_AES_ARM64_CE_BLK for ARM64.
>
> +SM4 is a Chinese block cipher that is an alternative to AES. It has
> +not seen as much security review as AES, and it only has a 128-bit key
> +size. It may be useful in cases where its use is mandated.
> +Otherwise, it should not be used. For SM4 support to be available, it
> +also needs to be enabled in the kernel crypto API.
> +
Looks good to me, this description is appropriate.
Reviewed-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Thanks,
Tianjia
> New encryption modes can be added relatively easily, without changes
> to individual filesystems. However, authenticated encryption (AE)
> modes are not currently supported because of the difficulty of dealing
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-12-02 12:08 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-12-01 19:14 [PATCH] fscrypt: add additional documentation for SM4 support Eric Biggers
2022-12-02 12:08 ` Tianjia Zhang
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.