Received: by 2002:a05:6a11:4021:0:0:0:0 with SMTP id ky33csp372325pxb; Thu, 23 Sep 2021 01:50:16 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzCcpBnvo9rsqNeoCBJxrL6VUZC3P4pZ91e61Mj+znz5Lq+vEmP0/zYztTMg0AZhiT0ig7h X-Received: by 2002:a17:906:12d8:: with SMTP id l24mr3706168ejb.126.1632387016032; Thu, 23 Sep 2021 01:50:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1632387016; cv=none; d=google.com; s=arc-20160816; b=gA5Hh6LakAfoDawf61/tDvY7/s7qTeVhME5nph2fm42W/2LG4VfmdGJvtS3caBG8xf 6cGMGaVGlwkZtT0vdUYKh+P7sdVVQFbubckBlWAC1W1VSwcfgIQz8GGAbW6XCJrjHCao SvCWRaF0YOWCTCvmfXdAgwxC8QFXUVOkbx8TEV/Cae9inX3kE1H+hfKiUmQG4Erg+B2Y fKI91rsWlTJgXh1ESQ0O6+3J/sxv2TXTGeXDU1Xb+J5tUh8PEkadKfrTrAciKl4ZAQs3 ttIRdwzuOdzxzE5nofh1XTrNnX3Kn4wH8QJ3s9KwMM8YaOpi6xPmpWYW+Vc93jAt3Ci0 IWDA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=USzeR9slXkpfmnKo54nYxuAPdrvAsUKYkq8GvDP9n+s=; b=kfpnqw+jkr1KbEkpGXw9z9JTfAMYOMbFkpiXXbV3zW6BDc4xsdmhpkdFN1Q8nD7GG5 OP2ySDYSGoVHNsnM/ZlzXmA1AqPq6Ov1+Qb2vVFHEDqUSx0US3zv57Qr+zADkeAdVzs5 Ym69NY7tOH17gqLFdWQXVMJxowukrppH7lnlwaVBDunvyCKhty268dGb3NNzE1nfSWX3 renbjaeAvSi+jlZJhZNB0aSWuXnHGmo0CPVaI4EkjETqpa7gAV07n08UmW1BFhAKOTHq Ww1WLQrL+dcENL8ruR/lpSL9VBB+6l9UVgaWArNJML3B1uHJ0s1u7WctfHtmADF9P1NB 6e6w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=Yr21kPsY; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id q2si5047853ejf.24.2021.09.23.01.49.44; Thu, 23 Sep 2021 01:50:16 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=Yr21kPsY; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240028AbhIWIus (ORCPT + 99 others); Thu, 23 Sep 2021 04:50:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52784 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239985AbhIWIur (ORCPT ); Thu, 23 Sep 2021 04:50:47 -0400 Received: from mail-wr1-x42e.google.com (mail-wr1-x42e.google.com [IPv6:2a00:1450:4864:20::42e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 563FFC061574 for ; Thu, 23 Sep 2021 01:49:16 -0700 (PDT) Received: by mail-wr1-x42e.google.com with SMTP id w29so14898026wra.8 for ; Thu, 23 Sep 2021 01:49:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=USzeR9slXkpfmnKo54nYxuAPdrvAsUKYkq8GvDP9n+s=; b=Yr21kPsYbxyIvO0Bujp7O8fQoS0NNEPztJk1fbm9lEbXaku6tfDZW/2VjK0IYJiTYc ALCA5/1/zGmDUmDl0yVm20toyvY38Gs9mrcjsfavG1nklwRUkNQDtm8BKbWRif9NHNOz HM1fx29fPcBzwqCxkdTyaCPR3idOqGorLdfg1Xeik6BWog25LJhaHcwuiTEwXgG0pMKW lA3jsWQTnB5e5hwNPiXbVBUA3xBRpJS73tp26HzMeXYdvfbL/65+A8kEH6xN0fZc2oyA C/N2crcbgQOoZxdmGuGxoyeKTIGdGYr7tmUAPt1/fpR4VM9V2Eo62Y+yTtQFlkfmiGbg NMrg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=USzeR9slXkpfmnKo54nYxuAPdrvAsUKYkq8GvDP9n+s=; b=hxtczEdx+J+RtATF7C1/TrQNob/y6WIrBvdFcfnELidDylJ/dkrZAzgVxc7YfBtDs7 C7iqoY0lwRi1goUmilwStQnWfd6TUccHsNv1YSvo6NJsZt6Mq8supp3Dh96rGzMUv3gm xQdXwLf/nNobYTdGWA/AV7yw5gO+E09MVtdZp/UqEzIlYj0XgYXLVAzFTfTnUCvwz/Zu rJDNWYJD+AsEOUHdjDzv3qAnk9CHbYG4K/fgHqVAHdfwekjQjYO74pcIQRqbNNK3zBni tuPHJAkaXTCuT8ojLrPaQDbu4DCWk9y3xGuESNaJEE/gAuAXjhMexEbZY8ExP59EsJP4 bQZw== X-Gm-Message-State: AOAM531CLkp8CHyjwxScBxExxSi5MTXHGoyk5Zy6eefEp/t0i4DUU6vE qEAML8Y4vdDEOZQ4oY4fQHcZOScCu6o3AK0LKJEU8DykveI= X-Received: by 2002:a7b:cf18:: with SMTP id l24mr14760540wmg.17.1632386954980; Thu, 23 Sep 2021 01:49:14 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Sandy Harris Date: Thu, 23 Sep 2021 16:49:02 +0800 Message-ID: Subject: Re: RFC 4301,3602 and 4868 support in Linux kernel 4.9.180 To: "Bhat, Jayalakshmi Manjunath" Cc: "linux-crypto@vger.kernel.org" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Bhat, Jayalakshmi Manjunath wrote: > We are in the process of submitting our device for Common Criteria Certif= ication. Our device uses Linux kernel 4.9.180 for aarch64. We want to und= erstand of the Linux kernel version 4.9.180 supports the below RFC's. I loo= ked in https://www.kernel.org/doc/rfc-linux.html, but could not get enough = information. > Can anyone let me know if the Linux kernel support the below RFC's. > > * RFC 4301 (Security Architecture for the Internet Protocol) That is the core RFC for the IPsec protocols, version two. Yes, Linux has had IPsec support for over 20 years now. 4301 is not the only relevant RFC, though. Here is a summary document: https://eprint.iacr.org/2006/097.pdf Note that not everything in the RFCs is necessarily a good idea. Back around the turn of the century, FreeS/WAN was the first IPsec implementation for Linux. Here's their document on features in the version 1 IPsec RFCs that they deliberately left out: https://www.freeswan.org/freeswan_trees/freeswan-2.06/doc/compat.html#dropp= ed