International crypto patch assumes that block size never changes. Everyone
and their brother knows that it isn't true. And when block size does get
changed, international crypto patch gets the IV completely wrong, and
corrupts your data. To see block size changes in file systems alone, use
command something like this:
grep set_blocksize `find /usr/src/linux-2.4.6/fs -name "*.c" -print`
And the block size thing is not the only thing wrong with international
crypto patch. The whole cryptoapi thing is just bloat that does not belong
in kernel. Cipher name string to number code mappings should be done in user
space instead of kernel. And the ice on the cake is that cryptoapi ciphers
are non-re-entrant and are actually used in re-entrant code path. This
non-re-entrant code in re-entrant code path is another source of data
corruption.
Loop-AES is a superior replacement for international crypto patch, for more
information about loop-AES, see this announcement:
http://mail.nl.linux.org/linux-crypto/2001-06/msg00016.html
http://lwn.net/2001/0628/a/file-crypto.php3
Regards,
Jari Ruusu <jari.ruusu@pp.inet.fi>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/