lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250727234936.GE1261@sol>
Date: Sun, 27 Jul 2025 16:49:36 -0700
From: Eric Biggers <ebiggers@...nel.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: linux-fscrypt@...r.kernel.org, linux-fsdevel@...r.kernel.org,
	linux-kernel@...r.kernel.org, Theodore Ts'o <tytso@....edu>,
	Jaegeuk Kim <jaegeuk@...nel.org>, Ard Biesheuvel <ardb@...nel.org>,
	Yuwen Chen <ywen.chen@...mail.com>
Subject: [GIT PULL] fscrypt updates for 6.17

The following changes since commit e04c78d86a9699d136910cfc0bdcf01087e3267e:

  Linux 6.16-rc2 (2025-06-15 13:49:41 -0700)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/fs/fscrypt/linux.git tags/fscrypt-for-linus

for you to fetch changes up to fa65058063cbaba6e519b5291a7e2e9e0fa24ae3:

  ceph: Remove gfp_t argument from ceph_fscrypt_encrypt_*() (2025-07-10 12:33:17 -0700)

----------------------------------------------------------------

Simplify how fscrypt uses the crypto API, resulting in some
significant performance improvements:

 - Drop the incomplete and problematic support for asynchronous
   algorithms. These drivers are bug-prone, and it turns out they are
   actually much slower than the CPU-based code as well.

 - Allocate crypto requests on the stack instead of the heap. This
   improves encryption and decryption performance, especially for
   filenames. It also eliminates a point of failure during I/O.

----------------------------------------------------------------
Eric Biggers (9):
      fscrypt: Explicitly include <linux/export.h>
      fscrypt: Drop obsolete recommendation to enable optimized SHA-512
      fscrypt: Don't use problematic non-inline crypto engines
      fscrypt: Don't use asynchronous CryptoAPI algorithms
      fscrypt: Drop FORBID_WEAK_KEYS flag for AES-ECB
      fscrypt: Switch to sync_skcipher and on-stack requests
      fscrypt: Remove gfp_t argument from fscrypt_crypt_data_unit()
      fscrypt: Remove gfp_t argument from fscrypt_encrypt_block_inplace()
      ceph: Remove gfp_t argument from ceph_fscrypt_encrypt_*()

 Documentation/filesystems/fscrypt.rst | 45 ++++++++---------------
 fs/ceph/crypto.c                      | 13 +++----
 fs/ceph/crypto.h                      | 10 ++---
 fs/ceph/file.c                        |  3 +-
 fs/ceph/inode.c                       |  3 +-
 fs/crypto/bio.c                       |  9 +++--
 fs/crypto/crypto.c                    | 52 ++++++++++----------------
 fs/crypto/fname.c                     | 69 +++++++++++++----------------------
 fs/crypto/fscrypt_private.h           | 23 ++++++++++--
 fs/crypto/hkdf.c                      |  4 +-
 fs/crypto/hooks.c                     |  2 +
 fs/crypto/inline_crypt.c              |  1 +
 fs/crypto/keyring.c                   |  5 ++-
 fs/crypto/keysetup.c                  | 23 +++++++-----
 fs/crypto/keysetup_v1.c               | 55 ++++++++++++----------------
 fs/crypto/policy.c                    |  4 +-
 fs/ubifs/crypto.c                     |  2 +-
 include/linux/fscrypt.h               |  5 +--
 18 files changed, 146 insertions(+), 182 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ