lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 14 Jan 2022 09:33:36 +0100 From: Geert Uytterhoeven <geert@...ux-m68k.org> To: Alexei Starovoitov <alexei.starovoitov@...il.com> Cc: "Jason A. Donenfeld" <Jason@...c4.com>, Toke Høiland-Jørgensen <toke@...hat.com>, Network Development <netdev@...r.kernel.org>, LKML <linux-kernel@...r.kernel.org>, Herbert Xu <herbert@...dor.apana.org.au>, Ard Biesheuvel <ardb@...nel.org>, Jean-Philippe Aumasson <jeanphilippe.aumasson@...il.com>, Linux Crypto Mailing List <linux-crypto@...r.kernel.org>, bpf <bpf@...r.kernel.org> Subject: Re: [PATCH RFC v1 1/3] bpf: move from sha1 to blake2s in tag calculation Hi Alexei, On Thu, Jan 13, 2022 at 11:45 PM Alexei Starovoitov <alexei.starovoitov@...il.com> wrote: > On Thu, Jan 13, 2022 at 4:27 AM Jason A. Donenfeld <Jason@...c4.com> wrote: > > On 1/13/22, Alexei Starovoitov <alexei.starovoitov@...il.com> wrote: > > > Nack. > > > It's part of api. We cannot change it. > > > > This is an RFC patchset, so there's no chance that it'll actually be > > applied as-is, and hence there's no need for the strong hammer nack. > > The point of "request for comments" is comments. Specifically here, > > I'm searching for information on the ins and outs of *why* it might be > > hard to change. How does userspace use this? Why must this 64-bit > > number be unchanged? Why did you do things this way originally? Etc. > > If you could provide a bit of background, we might be able to shake > > out a solution somewhere in there. > > There is no problem with the code and nothing to be fixed. "Your Jedi mind tricks don't work on me." The "problem" is that this is one of the few last users of SHA-1 in the kernel. Can you please answer the questions above, so we can get a better understanding? Thanks! Gr{oetje,eeting}s, Geert -- Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@...ux-m68k.org In personal conversations with technical people, I call myself a hacker. But when I'm talking to journalists I just say "programmer" or something like that. -- Linus Torvalds
Powered by blists - more mailing lists