git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Eric Biggers <ebiggers@google.com>
	Sat, 24 Feb 2024 05:35:49 +0000 (21:35 -0800)
committer	Eric Biggers <ebiggers@google.com>
	Sat, 24 Feb 2024 05:38:59 +0000 (21:38 -0800)
commit	2f944c66ae73eed4250607ccd3acdf2531afc194
tree	10dc1e5ba0dec02f7d4e23a02bb2b51794291b1f	tree \| snapshot
parent	d3a7bd4200762d11c33ebe7e2c47c5813ddc65b4	commit \| diff

fscrypt: write CBC-CTS instead of CTS-CBC

Calling CBC with ciphertext stealing "CBC-CTS" seems to be more common
than calling it "CTS-CBC".  E.g., CBC-CTS is used by OpenSSL, Crypto++,
RFC3962, and RFC6803.  The NIST SP800-38A addendum uses CBC-CS1,
CBC-CS2, and CBC-CS3, distinguishing between different CTS conventions
but similarly putting the CBC part first.  In the interest of avoiding
any idiosyncratic terminology, update the fscrypt documentation and the
fscrypt_mode "friendly names" to align with the more common convention.

Changing the "friendly names" only affects some log messages.  The
actual mode constants in the API are unchanged; those call it simply
"CTS".  Add a note to the documentation that clarifies that "CBC" and
"CTS" in the API really mean CBC-ESSIV and CBC-CTS, respectively.

Link: https://lore.kernel.org/r/20240224053550.44659-1-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>

Documentation/filesystems/fscrypt.rst		diff \| blob \| blame \| history
fs/crypto/keysetup.c		diff \| blob \| blame \| history