mbox series

[v4,0/2] Add SM4 XTS symmetric algorithm for blk-crypto and fscrypt

Message ID 20221201125819.36932-1-tianjia.zhang@linux.alibaba.com (mailing list archive)
Headers show
Series Add SM4 XTS symmetric algorithm for blk-crypto and fscrypt | expand

Message

tianjia.zhang Dec. 1, 2022, 12:58 p.m. UTC
SM4 is widely used in China's data encryption software and hardware.
these algoritms are mandatory in many scenarios. This serial of
patches enables the SM4-XTS algorithm in blk-crypto and enables the
SM4-XTS/CTS algorithm in fscrypt to encrypt file content and filename.

v4 changes:
  - only allow the SM4 XTS/CTS algorithm in policy v2 for fscrypt
  - update git commit message

v3 change:
  - update git commit message

v2 change:
  - As Eric said, the new FSCRYPT_MODE is defined for the unused numbers 7 and 8

Tianjia Zhang (2):
  blk-crypto: Add support for SM4-XTS blk crypto mode
  fscrypt: Add SM4 XTS/CTS symmetric algorithm support

 Documentation/filesystems/fscrypt.rst |  1 +
 block/blk-crypto.c                    |  6 ++++++
 fs/crypto/keysetup.c                  | 15 +++++++++++++++
 fs/crypto/policy.c                    |  5 +++++
 include/linux/blk-crypto.h            |  1 +
 include/uapi/linux/fscrypt.h          |  2 ++
 6 files changed, 30 insertions(+)

Comments

Eric Biggers Dec. 1, 2022, 7:29 p.m. UTC | #1
On Thu, Dec 01, 2022 at 08:58:17PM +0800, Tianjia Zhang wrote:
> SM4 is widely used in China's data encryption software and hardware.
> these algoritms are mandatory in many scenarios. This serial of
> patches enables the SM4-XTS algorithm in blk-crypto and enables the
> SM4-XTS/CTS algorithm in fscrypt to encrypt file content and filename.
> 
> v4 changes:
>   - only allow the SM4 XTS/CTS algorithm in policy v2 for fscrypt
>   - update git commit message
> 
> v3 change:
>   - update git commit message
> 
> v2 change:
>   - As Eric said, the new FSCRYPT_MODE is defined for the unused numbers 7 and 8
> 
> Tianjia Zhang (2):
>   blk-crypto: Add support for SM4-XTS blk crypto mode
>   fscrypt: Add SM4 XTS/CTS symmetric algorithm support
> 
>  Documentation/filesystems/fscrypt.rst |  1 +
>  block/blk-crypto.c                    |  6 ++++++
>  fs/crypto/keysetup.c                  | 15 +++++++++++++++
>  fs/crypto/policy.c                    |  5 +++++
>  include/linux/blk-crypto.h            |  1 +
>  include/uapi/linux/fscrypt.h          |  2 ++
>  6 files changed, 30 insertions(+)

Applied.  I don't think anyone should actually use this, but with the SM*
algorithms turning up everywhere these days, and people seemingly being totally
okay with that for some reason, I don't think it's fair for me to reject this.

- Eric
tianjia.zhang Dec. 2, 2022, 12:01 p.m. UTC | #2
Hi Eric,

On 12/2/22 3:29 AM, Eric Biggers wrote:
> On Thu, Dec 01, 2022 at 08:58:17PM +0800, Tianjia Zhang wrote:
>> SM4 is widely used in China's data encryption software and hardware.
>> these algoritms are mandatory in many scenarios. This serial of
>> patches enables the SM4-XTS algorithm in blk-crypto and enables the
>> SM4-XTS/CTS algorithm in fscrypt to encrypt file content and filename.
>>
>> v4 changes:
>>    - only allow the SM4 XTS/CTS algorithm in policy v2 for fscrypt
>>    - update git commit message
>>
>> v3 change:
>>    - update git commit message
>>
>> v2 change:
>>    - As Eric said, the new FSCRYPT_MODE is defined for the unused numbers 7 and 8
>>
>> Tianjia Zhang (2):
>>    blk-crypto: Add support for SM4-XTS blk crypto mode
>>    fscrypt: Add SM4 XTS/CTS symmetric algorithm support
>>
>>   Documentation/filesystems/fscrypt.rst |  1 +
>>   block/blk-crypto.c                    |  6 ++++++
>>   fs/crypto/keysetup.c                  | 15 +++++++++++++++
>>   fs/crypto/policy.c                    |  5 +++++
>>   include/linux/blk-crypto.h            |  1 +
>>   include/uapi/linux/fscrypt.h          |  2 ++
>>   6 files changed, 30 insertions(+)
> 
> Applied.  I don't think anyone should actually use this, but with the SM*
> algorithms turning up everywhere these days, and people seemingly being totally
> okay with that for some reason, I don't think it's fair for me to reject this.
> 
> - Eric

Thanks, this is really frustrating, still very grateful for your advice
and review.

Best regards,
Tianjia