Re: [PATCH v2 1/8] crypto: qce - Remove unsafe/deprecated algorithms

Next message: Christoph Hellwig: "Re: [PATCH v4 1/2] xfs: add a XFS_TRANS_WRITECOUNT_TRYLOCK flag"
Previous message: Christoph Hellwig: "Re: Prebuilt LLVM 22.1.7 uploaded"
Next in thread: Bartosz Golaszewski: "Re: [PATCH v2 1/8] crypto: qce - Remove unsafe/deprecated algorithms"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Eric Biggers

Date: Tue Jun 16 2026 - 01:20:31 EST

On Mon, Jun 15, 2026 at 05:49:52PM +0200, Bartosz Golaszewski wrote:
> Remove algorithms that are either unsafe or deprecated and have no
> in-kernel users that cannot be served by the ARM CE implementations.
>
> AES-ECB reveals plaintext patterns (identical plaintext blocks produce
> identical ciphertext blocks) and should not be exposed as a hardware-
> accelerated primitive. DES, Triple DES and HMAC-SHA1 have been
> deprecated for years.
>
> Remove ecb(aes), cbc(des), ecb(des3_ede), cbc(des3_ede), hmac(sha1) and
> all AEAD variants built on these primitives. Also clean up the - now dead
> - code, flags and constants.
>
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@xxxxxxxxxxxxxxxx>

What is the rationale for still supporting the following?

sha1
ecb(des)
authenc(hmac(sha256),cbc(des))

- Eric