Hi Linus:
This push contains a number of fixes to the omap and nitrox drivers.
The following changes since commit 58ca0060ec4e51208d2eee12198fc55fd9e4feb3:
crypto: hisilicon - fix driver compatibility issue with different versions of
devices (2020-05-28 17:27:52 +1000)
are available in the G
On 2020/6/10 上午12:49, Bjorn Helgaas wrote:
On Tue, Jun 09, 2020 at 11:15:06AM +0200, Arnd Bergmann wrote:
On Tue, Jun 9, 2020 at 6:02 AM Zhangfei Gao wrote:
On 2020/6/9 上午12:41, Bjorn Helgaas wrote:
On Mon, Jun 08, 2020 at 10:54:15AM +0800, Zhangfei Gao wrote:
On 2020/6/6 上午7:19, Bjorn He
From: Eric Biggers
Instead of duplicating the algorithm selections between INET_AH and
INET6_AH and between INET_ESP and INET6_ESP, create new tristates
XFRM_AH and XFRM_ESP that do the algorithm selections, and make these be
selected by the corresponding INET* options.
Suggested-by: Herbert Xu
From: Eric Biggers
The crypto algorithms selected by the ESP and AH kconfig options are
out-of-date with the guidance of RFC 8221, which lists the legacy
algorithms MD5 and DES as "MUST NOT" be implemented, and some more
modern algorithms like AES-GCM and HMAC-SHA256 as "MUST" be implemented.
But
This series consolidates and modernizes the lists of crypto algorithms
that are selected by the IPsec kconfig options, and adds CRYPTO_SEQIV
since it no longer gets selected automatically by other things.
See previous discussion at
https://lkml.kernel.org/netdev/20200604192322.22142-1-ebigg...@ker
From: Eric Biggers
Commit f23efcbcc523 ("crypto: ctr - no longer needs CRYPTO_SEQIV") made
CRYPTO_CTR stop selecting CRYPTO_SEQIV. This breaks IPsec for most
users since GCM and several other encryption algorithms require "seqiv"
-- and RFC 8221 lists AES-GCM as "MUST" be implemented.
Just make
On Wed, Jun 10, 2020 at 11:03:55AM +0200, Tobias Brunner wrote:
> Hi Eric,
>
> > + Note that RFC 8221 considers AH itself to be "NOT RECOMMENDED". It is
> > + better to use ESP only, using an AEAD cipher such as AES-GCM.
>
> What's NOT RECOMMENDED according to the RFC is the combination
On Tue, Jun 9, 2020 at 9:21 PM Herbert Xu wrote:
>
> On Tue, Jun 09, 2020 at 12:17:32PM -0300, Mauricio Faria de Oliveira wrote:
> >
> > Per your knowledge/experience with the crypto subsystem, the changed code
> > paths are not hot enough to suffer from such implications?
>
> I don't think replac
On Wed, Jun 10, 2020 at 08:02:23AM -0400, Mikulas Patocka wrote:
>
> Yes, fixing the drivers would be the best - but you can hardly find any
> person who has all the crypto hardware and who is willing to rewrite all
> the drivers for it.
We don't have to rewrite them straight away. We could mar
On Wed, 10 Jun 2020, Herbert Xu wrote:
> On Tue, Jun 09, 2020 at 01:11:05PM -0400, Mikulas Patocka wrote:
> >
> > Do you have another idea how to solve this problem?
>
> I think the better approach would be to modify the drivers to not
> allocate any memory. In general, any memory needed by t
Hi Eric,
> + Note that RFC 8221 considers AH itself to be "NOT RECOMMENDED". It is
> + better to use ESP only, using an AEAD cipher such as AES-GCM.
What's NOT RECOMMENDED according to the RFC is the combination of ESP+AH
(i.e. use ESP only for confidentiality and AH for authenticati
On 2020/6/5 22:10, Sasha Levin wrote:
> <20200123101000.GB24255@Red>
> References: <20200602070501.2023-2-longpe...@huawei.com>
> <20200123101000.GB24255@Red>
>
> Hi
>
> [This is an automated email]
>
> This commit has been processed because it contains a "Fixes:" tag
> fixing commit: dbaf062
12 matches
Mail list logo
