On 09/08/2016 11:27 AM, Daniel P. Berrange wrote: > cryptsetup recently increased the default pbkdf2 time to 2 seconds > to partially mitigate improvements in hardware performance wrt > brute-forcing the pbkdf algorithm. This updates QEMU defaults to > match. > > Signed-off-by: Daniel P. Berrange <berra...@redhat.com> > --- > crypto/block-luks.c | 2 +- > qapi/crypto.json | 2 +- > 2 files changed, 2 insertions(+), 2 deletions(-) >
> +++ b/qapi/crypto.json > @@ -187,7 +187,7 @@ > # Currently defaults to 'sha256' > # @iter-time: #optional number of milliseconds to spend in > # PBKDF passphrase processing. Currently defaults > -# to 1000. Since 2.8 > +# to 2000. Since 2.8 Possible merge conflicts if you address my comments in earlier patches, but those are trivial. Reviewed-by: Eric Blake <ebl...@redhat.com> -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
