diff options
| author | Eric Biggers <ebiggers@google.com> | 2018-05-18 10:58:14 -0700 |
|---|---|---|
| committer | Theodore Ts'o <tytso@mit.edu> | 2018-05-20 16:36:00 -0400 |
| commit | e1cc40e5d42acb1d99652babb17e6a5ee4247409 (patch) | |
| tree | 117f161d09722a1d412173ffae057177bb32a377 /fs/ubifs | |
| parent | 12d28f79558f2e987c5f3817f89e1ccc0f11a7b5 (diff) | |
| download | linux-e1cc40e5d42acb1d99652babb17e6a5ee4247409.tar.gz | |
fscrypt: log the crypto algorithm implementations
Log the crypto algorithm driver name for each fscrypt encryption mode on its first use, also showing a friendly name for the mode. This will help people determine whether the expected implementations are being used. In some cases we've seen people do benchmarks and reject using encryption for performance reasons, when in fact they used a much slower implementation of AES-XTS than was possible on the hardware. It can make an enormous difference; e.g., AES-XTS on ARM is about 10x faster with the crypto extensions (AES instructions) than without. This also makes it more obvious which modes are being used, now that fscrypt supports multiple combinations of modes. Example messages (with default modes, on x86_64): [ 35.492057] fscrypt: AES-256-CTS-CBC using implementation "cts(cbc-aes-aesni)" [ 35.492171] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" Note: algorithms can be dynamically added to the crypto API, which can result in different implementations being used at different times. But this is rare; for most users, showing the first will be good enough. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Diffstat (limited to 'fs/ubifs')
0 files changed, 0 insertions, 0 deletions