Re: [PATCH v2 1/8] crypto: qce - Remove unsafe/deprecated algorithms

Next message: Bartosz Golaszewski: "Re: [PATCH v6 0/2] gpiolib: acpi: Add robust bounds-checking and safe address handling"
Previous message: Ben Dooks: "[PATCH] mm/vmscan: pass NULL to trace vmscan node reclaim"
In reply to: Eric Biggers: "Re: [PATCH v2 1/8] crypto: qce - Remove unsafe/deprecated algorithms"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Bartosz Golaszewski

Date: Tue Jun 16 2026 - 06:42:01 EST

On Tue, 16 Jun 2026 07:18:20 +0200, Eric Biggers <ebiggers@xxxxxxxxxx> said:
> On Mon, Jun 15, 2026 at 05:49:52PM +0200, Bartosz Golaszewski wrote:
>> Remove algorithms that are either unsafe or deprecated and have no
>> in-kernel users that cannot be served by the ARM CE implementations.
>>
>> AES-ECB reveals plaintext patterns (identical plaintext blocks produce
>> identical ciphertext blocks) and should not be exposed as a hardware-
>> accelerated primitive. DES, Triple DES and HMAC-SHA1 have been
>> deprecated for years.
>>
>> Remove ecb(aes), cbc(des), ecb(des3_ede), cbc(des3_ede), hmac(sha1) and
>> all AEAD variants built on these primitives. Also clean up the - now dead
>> - code, flags and constants.
>>
>> Cc: stable@xxxxxxxxxxxxxxx
>> Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@xxxxxxxxxxxxxxxx>
>
> What is the rationale for still supporting the following?
>
> sha1
> ecb(des)
> authenc(hmac(sha256),cbc(des))
>

No, I should have removed those too. I'll update it in v3.

Bart