Bug 463553

Summary: [LTC 6.0 FEAT] 201067:In-kernel crypto generic algorithm fallback
Product: Red Hat Enterprise Linux 6 Reporter: IBM Bug Proxy <bugproxy>
Component: kernelAssignee: Hans-Joachim Picht <hpicht>
Status: CLOSED CURRENTRELEASE QA Contact: Martin Jenner <mjenner>
Severity: high Docs Contact:
Priority: high    
Version: 6.0CC: ejratl, notting, peterm
Target Milestone: alphaKeywords: FutureFeature
Target Release: 6.0   
Hardware: s390x   
OS: All   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-09-22 20:53:38 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 356741    

Description IBM Bug Proxy 2008-09-23 21:02:02 UTC 
=Comment: #0=================================================
Emily J. Ratliff <emilyr.com> - 2008-09-16 17:56 EDT
1. Feature Overview:
Feature Id:	[201067]
a. Name of Feature:	In-kernel crypto generic algorithm fallback
b. Feature Description
Add code to use the software implementation of a crypto algorithm if the hw module is loaded but the
hw instruction can't be used.

2. Feature Details:
Sponsor:	zSeries
Architectures:
s390x

Arch Specificity: Both
Affects Core Kernel: Yes
Affects Kernel Modules: Yes
Delivery Mechanism: Direct from community
Category:	Security
Request Type:	Kernel - Enhancement from IBM
d. Upstream Acceptance:	Accepted
Sponsor Priority	1
f. Severity: High
IBM Confidential:	no
Code Contribution:	IBM code
g. Component Version Target:	2.6.25

3. Business Case
Improve flexibility in the usage of HW crypto support.  (protect against a deficiency in the key
lengths currently supported by hardware AES CP ACF.)

4. Primary contact at Red Hat: 
John Jarvis
jjarvis

5. Primary contacts at Partner:
Project Management Contact:
Hans-Georg Markgraf, mgrf.com, Boeblingen 49-7031-16-3978

Technical contact(s):
Gonzalo Muelas Serrano, gmuelas.com

IBM Manager:
Thomas Schwarz, t.schwarz.com
Comment 1 Bill Nottingham 2008-10-02 19:51:47 UTC 
RHEL 6 will include a kernel newer than 2.6.25, so this should not be a problem.

The feature requested has already been accepted into the upstream code base
planned for the next major release of Red Hat Enterprise Linux.

When the next milestone release of Red Hat Enterprise Linux 6 is available,
please verify that the feature requested is present and functioning as
desired.
Comment 2 Hans-Joachim Picht 2009-09-22 20:53:38 UTC 
Code is included in the rhel6 kernel via upstream. Marked as
CLOSED/CURRENTRELEASE by  Hans-Joachim Picht <hpicht>
Comment 3 IBM Bug Proxy 2010-08-03 06:50:50 UTC 
------- Comment From mgrf.com 2010-08-03 02:43 EDT-------
The verification of this feature is blocked by
LTC 66218  - RIT1195403 - While loading in-kernel crypto module seeing error 'Key was rejected by service'
Comment 4 IBM Bug Proxy 2010-09-29 09:11:45 UTC 
------- Comment From gmuelas.com 2010-09-29 05:01 EDT-------
This feature verification is blocked by:
IBM LTC Bug 66619   -  RIT1289893- [regr] Loading modules sha[256|512]_s390 fails with "Key was rejected by service"
RH Bug 626515 - Loading modules sha[256|512]_s390 fails with 'Key was rejected by service'

I will ask nevertheless to retest again with RC1 in case that hasn't happen yet.