Linux 6.2 Adding FSCRYPT Support For China's Questionable SM4 Cipher
Support for China's SM4 cipher is being added to FSCRYPT but the maintainer of this area of the kernel recommends against using it.
SM4 is the block cipher developed by the China and used for WLAN/WiFi WAPI and Transport Layer Security (TLS) purposes among other use-cases. SM4 has so far been rejected by the ISO for standardization with some questioning it due to its close association with the Chinese government. The WLAN Authentication and Privacy Infrastructure (WAPI) has also been rejected by the IEEE and ISO.
The Linux kernel already ships an optimized SM4 cipher implementation while for Linux 6.2 the plan is adding optional SM4 usage to the FSCRYPT framework for file-system encryption. FSCRYPT allows for file encryption via a common API on the likes of EXT4, UBIFS, and F2FS.
Alibaba worked on this FSCRYPT SM4 support and when questioned over the merits of adding SM4 to FSCRYPT, the explanation was:
We want to provide our users with the ability to encrypt disks and files using SM4-XTS, the ability to sign SM2/3, and the ability to use SM4-GCM/CCM with TLS (of course this belongs to other parts), quite a few users need these features.
FSCRYPT maintainer Eric Biggers went ahead and included these SM4-XTS patches in the FSCRYPT subsystem, but noted in the pull request:
This release adds SM4 encryption support, contributed by Tianjia Zhang. SM4 is a Chinese block cipher that is an alternative to AES.
I recommend against using SM4, but (according to Tianjia) some people are being required to use it. Since SM4 has been turning up in many other places (crypto API, wireless, TLS, OpenSSL, ARMv8 CPUs, etc.), it hasn't been very controversial, and some people have to use it, I don't think it would be fair for me to reject this optional feature.
So barring any objections from Linus Torvalds, optional SM4-XTS support for blk-crypto and FSCRYPT will be found in Linux 6.2.