Re: [PATCH v3 1/8] crypto: qce - Remove unsafe/deprecated algorithms

Next message: Erim, Salih: "Re: [PATCH v8 3/5] iio: adc: versal-sysmon: add I2C driver"
Previous message: Ian Rogers: "Re: [PATCH v21 03/21] perf evsel/evlist: Avoid unnecessary #includes"
In reply to: Bartosz Golaszewski: "[PATCH v3 1/8] crypto: qce - Remove unsafe/deprecated algorithms"
Next in thread: Bartosz Golaszewski: "[PATCH v3 2/8] crypto: qce - Fix HMAC self-test failures for empty messages"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Eric Biggers

Date: Wed Jun 17 2026 - 12:25:07 EST

On Wed, Jun 17, 2026 at 05:49:30PM +0200, Bartosz Golaszewski wrote:
> Remove algorithms that are either unsafe or deprecated and have no
> in-kernel users that cannot be served by the ARM CE implementations.
>
> AES-ECB reveals plaintext patterns (identical plaintext blocks produce
> identical ciphertext blocks) and should not be exposed as a hardware-
> accelerated primitive. DES, Triple DES and HMAC-SHA1 have been
> deprecated for years.
>
> Remove sha1, ecb(aes), ecb(des), cbc(des), ecb(des3_ede), cbc(des3_ede),
> hmac(sha1) and all AEAD variants built on these primitives as well as
> authenc(hmac(sha256),cbc(des)). Also clean up the - now dead - code,
> flags and constants.
>
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@xxxxxxxxxxxxxxxx>

Acked-by: Eric Biggers <ebiggers@xxxxxxxxxx>

Looks pretty comprehensive, but I did notice a few leftovers: a comment
still mentions DES3_EDE_BLOCK_SIZE, and there's still some ECB-related
code (grep for ENCR_MODE_ECB, QCE_MODE_ECB, and IS_ECB).

- Eric