Re: [PATCH 5.10 182/575] fscrypt: allow 256-bit master keys with AES-256-XTS

From: Pavel Machek
Date: Tue Nov 16 2021 - 06:57:15 EST


Hi!

> From: Eric Biggers <ebiggers@xxxxxxxxxx>
>
> [ Upstream commit 7f595d6a6cdc336834552069a2e0a4f6d4756ddf ]
>
> fscrypt currently requires a 512-bit master key when AES-256-XTS is
> used, since AES-256-XTS keys are 512-bit and fscrypt requires that the
> master key be at least as long any key that will be derived from it.

Quoting Eric Biggers <ebiggers@xxxxxxxxxx>

I don't expect any problem with backporting this, but I don't see how
this
follows the stable kernel rules
(Documentation/process/stable-kernel-rules.rst).
I don't see what distinguishes this patch from ones that don't get
picked up by
AUTOSEL; it seems pretty arbitrary to me.

- Eric

And I agree, this should not be in stable.

Best regards,
Pavel

--
http://www.livejournal.com/~pavelmachek

Attachment: signature.asc
Description: Digital signature