On Mon, Oct 26, 2020 at 11:39:36AM -0700, Eric Biggers wrote: > > CONFIG_DM_CRYPT can either select every weird combination of algorithms anyone > can ever be using, or it can select some defaults and require any other needed > algorithms to be explicitly selected. > > In reality, dm-crypt has never even selected any particular block ciphers, > even > AES. Nor has it ever selected XTS. So it's actually always made users (or > kernel distributors) explicitly select algorithms. Why the Bitlocker support > suddenly different? > > I'd think a lot of dm-crypt users don't want to bloat their kernels with > random > legacy algorithms.
The point is that people rebuilding their kernel can end up with a broken system. Just set a default on EBOIV if dm-crypt is on. Cheers, -- Email: Herbert Xu <herb...@gondor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt