Re: [PATCH] fscrypt: Add support for AES-128-CBC

2017-03-31 Thread David Gstir
Hi Eric, thanks for the feedback! > On 31.03.2017, at 08:21, Eric Biggers wrote: > > [+Cc linux-fscrypt] Oh, I didn't know about that list. I think MAINTAINERS should be updated to reflect that. :) > > Hi David and Daniel, > > On Thu, Mar 30, 2017 at 07:38:40PM +0200,

Re: [PATCH] fscrypt: Add support for AES-128-CBC

2017-03-31 Thread David Gstir
Hi Eric, thanks for the feedback! > On 31.03.2017, at 08:21, Eric Biggers wrote: > > [+Cc linux-fscrypt] Oh, I didn't know about that list. I think MAINTAINERS should be updated to reflect that. :) > > Hi David and Daniel, > > On Thu, Mar 30, 2017 at 07:38:40PM +0200, David Gstir wrote:

Re: [PATCH] fscrypt: Add support for AES-128-CBC

2017-03-31 Thread Eric Biggers
On Thu, Mar 30, 2017 at 11:21:49PM -0700, Eric Biggers wrote: > > Something else to consider (probably for the future; this doesn't necessarily > have to be done yet) is that you really only need one essiv_tfm per *key*, not > one per inode. To deduplicate them you'd need a hash table or LRU

Re: [PATCH] fscrypt: Add support for AES-128-CBC

2017-03-31 Thread Eric Biggers
On Thu, Mar 30, 2017 at 11:21:49PM -0700, Eric Biggers wrote: > > Something else to consider (probably for the future; this doesn't necessarily > have to be done yet) is that you really only need one essiv_tfm per *key*, not > one per inode. To deduplicate them you'd need a hash table or LRU

Re: [PATCH] fscrypt: Add support for AES-128-CBC

2017-03-31 Thread Eric Biggers
[+Cc linux-fscrypt] Hi David and Daniel, On Thu, Mar 30, 2017 at 07:38:40PM +0200, David Gstir wrote: > From: Daniel Walter > > fscrypt provides facilities to use different encryption algorithms which are > selectable by userspace when setting the encryption policy.

Re: [PATCH] fscrypt: Add support for AES-128-CBC

2017-03-31 Thread Eric Biggers
[+Cc linux-fscrypt] Hi David and Daniel, On Thu, Mar 30, 2017 at 07:38:40PM +0200, David Gstir wrote: > From: Daniel Walter > > fscrypt provides facilities to use different encryption algorithms which are > selectable by userspace when setting the encryption policy. Currently, only >

[PATCH] fscrypt: Add support for AES-128-CBC

2017-03-30 Thread David Gstir
From: Daniel Walter fscrypt provides facilities to use different encryption algorithms which are selectable by userspace when setting the encryption policy. Currently, only AES-256-XTS for file contents and AES-256-CBC-CTS for file names are implemented. Which is a clear

[PATCH] fscrypt: Add support for AES-128-CBC

2017-03-30 Thread David Gstir
From: Daniel Walter fscrypt provides facilities to use different encryption algorithms which are selectable by userspace when setting the encryption policy. Currently, only AES-256-XTS for file contents and AES-256-CBC-CTS for file names are implemented. Which is a clear case of kernel offers