| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 27 Mar 2020 10:00:47 -0700
From: Christoph Hellwig <hch@...radead.org>
To: Eric Biggers <ebiggers@...nel.org>
Cc: Satya Tangirala <satyat@...gle.com>, linux-block@...r.kernel.org,
linux-scsi@...r.kernel.org, linux-fscrypt@...r.kernel.org,
linux-fsdevel@...r.kernel.org,
linux-f2fs-devel@...ts.sourceforge.net, linux-ext4@...r.kernel.org,
Barani Muthukumaran <bmuthuku@....qualcomm.com>,
Kuohong Wang <kuohong.wang@...iatek.com>,
Kim Boojin <boojin.kim@...sung.com>
Subject: Re: [PATCH v9 01/11] block: Keyslot Manager for Inline Encryption
On Wed, Mar 25, 2020 at 11:22:13PM -0700, Eric Biggers wrote:
> > +#ifdef CONFIG_BLK_INLINE_ENCRYPTION
> > + /* Inline crypto capabilities */
> > + struct blk_keyslot_manager *ksm;
> > +#endif
>
> I do still wonder whether the concept of inline crypto support should be more
> separated from keyslot management, to be better prepared for device-mapper
> passthrough support and for hardware that accepts keys directly. (Such hardware
> exists, though I'm not sure support for it will be upstreamed.) For example,
> the crypto capabilities could be stored in a 'struct blk_crypto_capabilities'
> rather than in 'struct blk_keyslot_manager', and the latter could be optional.
>
> What you have now is fine for the functionality in the current patchset though,
> so I'm not really complaining. Just something to think about.
I'd rather keep things simple (aka as-is) for now. If needed we can
change it. I doubt we'll even have a handful drivers with inline
crypto in the next years..
Powered by blists - more mailing lists