lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 14 Jan 2022 15:20:12 +0100 From: "Jason A. Donenfeld" <Jason@...c4.com> To: linux-kernel@...r.kernel.org, netdev@...r.kernel.org, bpf@...r.kernel.org, linux-crypto@...r.kernel.org Cc: "Jason A. Donenfeld" <Jason@...c4.com>, Alexei Starovoitov <alexei.starovoitov@...il.com>, Andy Lutomirski <luto@...capital.net>, Ard Biesheuvel <ardb@...nel.org>, Erik Kline <ek@...gle.com>, Fernando Gont <fgont@...networks.com>, Geert Uytterhoeven <geert@...ux-m68k.org>, Hannes Frederic Sowa <hannes@...essinduktion.org>, Herbert Xu <herbert@...dor.apana.org.au>, Jean-Philippe Aumasson <jeanphilippe.aumasson@...il.com>, Lorenzo Colitti <lorenzo@...gle.com> Subject: [PATCH RFC v2 0/3] remove remaining users of SHA-1 Hi, There are currently two remaining users of SHA-1 left in the kernel: bpf tag generation, and ipv6 address calculation. In an effort to reduce code size and rid ourselves of insecure primitives, this RFC patchset moves to using the more secure BLAKE2s function. I wanted to get your feedback on how feasible this patchset is, and if there is some remaining attachment to SHA-1, why exactly, and what could be done to mitigate it. Rather than sending a mailing list post just asking, "what do you think?" I figured it'd be easier to send this as an RFC patchset, so you see specifically what I mean. Version 2 makes the ipv6 handling a bit cleaner and fixes a build warning from the last commit. Since this is just an RFC-for-discussion, there's not technically a need to be sending this, but from the looks of it, a real solution here might involve a bit more heavy lifting, so I wanted to at least get my latest on the list in case others want to play around with solutions in this space too. Also, the original recipient list was too narrow, so this v2 expands that a bit. Thoughts? Comments? Thanks, Jason Cc: Alexei Starovoitov <alexei.starovoitov@...il.com> Cc: Andy Lutomirski <luto@...capital.net> Cc: Ard Biesheuvel <ardb@...nel.org> Cc: Erik Kline <ek@...gle.com> Cc: Fernando Gont <fgont@...networks.com> Cc: Geert Uytterhoeven <geert@...ux-m68k.org> Cc: Hannes Frederic Sowa <hannes@...essinduktion.org> Cc: Herbert Xu <herbert@...dor.apana.org.au> Cc: Jean-Philippe Aumasson <jeanphilippe.aumasson@...il.com> Cc: Lorenzo Colitti <lorenzo@...gle.com> Jason A. Donenfeld (3): bpf: move from sha1 to blake2s in tag calculation ipv6: move from sha1 to blake2s in address calculation crypto: sha1_generic - import lib/sha1.c locally crypto/sha1_generic.c | 182 +++++++++++++++++++++++++++++++++++++ include/crypto/sha1.h | 10 --- kernel/bpf/core.c | 39 +------- lib/Makefile | 2 +- lib/sha1.c | 204 ------------------------------------------ net/ipv6/addrconf.c | 56 +++--------- 6 files changed, 201 insertions(+), 292 deletions(-) delete mode 100644 lib/sha1.c -- 2.34.1
Powered by blists - more mailing lists