Bug 463553 - [LTC 6.0 FEAT] 201067:In-kernel crypto generic algorithm fallback
[LTC 6.0 FEAT] 201067:In-kernel crypto generic algorithm fallback
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: kernel (Show other bugs)
s390x All
high Severity high
: alpha
: 6.0
Assigned To: Hans-Joachim Picht
Martin Jenner
: FutureFeature
Depends On:
Blocks: 356741
  Show dependency treegraph
Reported: 2008-09-23 17:02 EDT by IBM Bug Proxy
Modified: 2011-12-06 10:52 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-09-22 16:53:38 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description IBM Bug Proxy 2008-09-23 17:02:02 EDT
=Comment: #0=================================================
Emily J. Ratliff <emilyr@us.ibm.com> - 2008-09-16 17:56 EDT
1. Feature Overview:
Feature Id:	[201067]
a. Name of Feature:	In-kernel crypto generic algorithm fallback
b. Feature Description
Add code to use the software implementation of a crypto algorithm if the hw module is loaded but the
hw instruction can't be used.

2. Feature Details:
Sponsor:	zSeries

Arch Specificity: Both
Affects Core Kernel: Yes
Affects Kernel Modules: Yes
Delivery Mechanism: Direct from community
Category:	Security
Request Type:	Kernel - Enhancement from IBM
d. Upstream Acceptance:	Accepted
Sponsor Priority	1
f. Severity: High
IBM Confidential:	no
Code Contribution:	IBM code
g. Component Version Target:	2.6.25

3. Business Case
Improve flexibility in the usage of HW crypto support.  (protect against a deficiency in the key
lengths currently supported by hardware AES CP ACF.)

4. Primary contact at Red Hat: 
John Jarvis

5. Primary contacts at Partner:
Project Management Contact:
Hans-Georg Markgraf, mgrf@de.ibm.com, Boeblingen 49-7031-16-3978

Technical contact(s):
Gonzalo Muelas Serrano, gmuelas@de.ibm.com

IBM Manager:
Thomas Schwarz, t.schwarz@de.ibm.com
Comment 1 Bill Nottingham 2008-10-02 15:51:47 EDT
RHEL 6 will include a kernel newer than 2.6.25, so this should not be a problem.

The feature requested has already been accepted into the upstream code base
planned for the next major release of Red Hat Enterprise Linux.

When the next milestone release of Red Hat Enterprise Linux 6 is available,
please verify that the feature requested is present and functioning as
Comment 2 Hans-Joachim Picht 2009-09-22 16:53:38 EDT
Code is included in the rhel6 kernel via upstream. Marked as
CLOSED/CURRENTRELEASE by  Hans-Joachim Picht <hpicht@redhat.com>
Comment 3 IBM Bug Proxy 2010-08-03 02:50:50 EDT
------- Comment From mgrf@de.ibm.com 2010-08-03 02:43 EDT-------
The verification of this feature is blocked by
LTC 66218  - RIT1195403 - While loading in-kernel crypto module seeing error 'Key was rejected by service'
Comment 4 IBM Bug Proxy 2010-09-29 05:11:45 EDT
------- Comment From gmuelas@de.ibm.com 2010-09-29 05:01 EDT-------
This feature verification is blocked by:
IBM LTC Bug 66619   -  RIT1289893- [regr] Loading modules sha[256|512]_s390 fails with "Key was rejected by service"
RH Bug 626515 - Loading modules sha[256|512]_s390 fails with 'Key was rejected by service'

I will ask nevertheless to retest again with RC1 in case that hasn't happen yet.

Note You need to log in before you can comment on or make changes to this bug.