Re: [PATCH 3/4] dm crypt: switch to EBOIV crypto API template
From: Herbert Xu
Date: Mon Oct 26 2020 - 14:42:16 EST
On Mon, Oct 26, 2020 at 11:39:36AM -0700, Eric Biggers wrote:
>
> CONFIG_DM_CRYPT can either select every weird combination of algorithms anyone
> can ever be using, or it can select some defaults and require any other needed
> algorithms to be explicitly selected.
>
> In reality, dm-crypt has never even selected any particular block ciphers, even
> AES. Nor has it ever selected XTS. So it's actually always made users (or
> kernel distributors) explicitly select algorithms. Why the Bitlocker support
> suddenly different?
>
> I'd think a lot of dm-crypt users don't want to bloat their kernels with random
> legacy algorithms.
The point is that people rebuilding their kernel can end up with a
broken system. Just set a default on EBOIV if dm-crypt is on.
Cheers,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt