From: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
To: Eric Biggers <ebiggers@kernel.org>
Cc: "Theodore Y. Ts o" <tytso@mit.edu>,
Jaegeuk Kim <jaegeuk@kernel.org>,
Jonathan Corbet <corbet@lwn.net>, Jens Axboe <axboe@kernel.dk>,
Ard Biesheuvel <ardb@kernel.org>,
linux-fscrypt@vger.kernel.org, linux-doc@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-block@vger.kernel.org
Subject: Re: [PATCH v3 2/2] fscrypt: Add SM4 XTS/CTS symmetric algorithm support
Date: Mon, 28 Nov 2022 15:35:37 +0800 [thread overview]
Message-ID: <e0461754-39c4-a9e1-6ca1-381659e4a2d7@linux.alibaba.com> (raw)
In-Reply-To: <Y4EIR+n8aKutuLo0@sol.localdomain>
Hi Eric,
On 11/26/22 2:24 AM, Eric Biggers wrote:
> On Fri, Nov 25, 2022 at 08:16:30PM +0800, Tianjia Zhang wrote:
>> diff --git a/fs/crypto/policy.c b/fs/crypto/policy.c
>> index 46757c3052ef..8e69bc0c35cd 100644
>> --- a/fs/crypto/policy.c
>> +++ b/fs/crypto/policy.c
>> @@ -71,6 +71,10 @@ static bool fscrypt_valid_enc_modes_v1(u32 contents_mode, u32 filenames_mode)
>> filenames_mode == FSCRYPT_MODE_AES_128_CTS)
>> return true;
>>
>> + if (contents_mode == FSCRYPT_MODE_SM4_XTS &&
>> + filenames_mode == FSCRYPT_MODE_SM4_CTS)
>> + return true;
>> +
>> if (contents_mode == FSCRYPT_MODE_ADIANTUM &&
>> filenames_mode == FSCRYPT_MODE_ADIANTUM)
>> return true;
>
> Sorry, one more thing I didn't notice before. Since this is a new feature,
> please only allow it in fscrypt_valid_enc_modes_v2(), not in
> fscrypt_valid_enc_modes_v1(). That's what we did for AES-256-XTS +
> AES-256-HCTR2 recently. There should be no need to add new features to
> v1 encryption policies, which have been deprecated for several years.
>
> - Eric
Thanks for reminder, it makes sense to only support the new algorithm in
v2 policy, which I will do this.
BR,
Tianjia
next prev parent reply other threads:[~2022-11-28 7:35 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-25 12:16 [PATCH v3 0/2] Add SM4 XTS symmetric algorithm for blk-crypto and fscrypt Tianjia Zhang
2022-11-25 12:16 ` [PATCH v3 1/2] blk-crypto: Add support for SM4-XTS blk crypto mode Tianjia Zhang
2022-11-25 18:35 ` Eric Biggers
2022-11-25 18:37 ` Jens Axboe
2022-11-28 13:26 ` Bagas Sanjaya
2022-11-25 12:16 ` [PATCH v3 2/2] fscrypt: Add SM4 XTS/CTS symmetric algorithm support Tianjia Zhang
2022-11-25 18:24 ` Eric Biggers
2022-11-28 7:35 ` Tianjia Zhang [this message]
2022-11-28 13:33 ` Bagas Sanjaya
2022-12-01 12:45 ` Tianjia Zhang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e0461754-39c4-a9e1-6ca1-381659e4a2d7@linux.alibaba.com \
--to=tianjia.zhang@linux.alibaba.com \
--cc=ardb@kernel.org \
--cc=axboe@kernel.dk \
--cc=corbet@lwn.net \
--cc=ebiggers@kernel.org \
--cc=jaegeuk@kernel.org \
--cc=linux-block@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.