| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aN5ho_VTClL5ai8l@gondor.apana.org.au> Date: Thu, 2 Oct 2025 19:27:31 +0800 From: Herbert Xu <herbert@...dor.apana.org.au> To: Jiri Slaby <jirislaby@...nel.org> Cc: Linus Torvalds <torvalds@...ux-foundation.org>, "David S. Miller" <davem@...emloft.net>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Linux Crypto Mailing List <linux-crypto@...r.kernel.org>, Vegard Nossum <vegard.nossum@...cle.com>, netdev@...r.kernel.org, Eric Biggers <ebiggers@...nel.org>, Jakub Kicinski <kuba@...nel.org> Subject: Re: 6.17 crashes in ipv6 code when booted fips=1 [was: [GIT PULL] Crypto Update for 6.17] On Thu, Oct 02, 2025 at 12:57:11PM +0200, Jiri Slaby wrote: > > Anyway, cherry-picking this -next commit onto 6.17 works as well (the code > uses now crypto_lib's sha1, not crypto's): > commit 095928e7d80186c524013a5b5d54889fa2ec1eaa > Author: Eric Biggers <ebiggers@...nel.org> > Date: Sat Aug 23 21:36:43 2025 -0400 > > ipv6: sr: Use HMAC-SHA1 and HMAC-SHA256 library functions > > > I don't know what to do next -- should it be put into 6.17 stable later and > we are done? Yes that works too. But it's basically the same as reverting the patch from Vegard since it makes the code use SHA1 again even though we told it not too. Perhaps we should just revert Vegard's change? Since it's kind of pointless now that people are just using the underlying SHA1 algorithm directly through lib/crypto. Cheers, -- Email: Herbert Xu <herbert@...dor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Powered by blists - more mailing lists