| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251112202225.GA1760@sol> Date: Wed, 12 Nov 2025 12:22:25 -0800 From: Eric Biggers <ebiggers@...nel.org> To: Stephen Hemminger <stephen@...workplumber.org> Cc: netdev@...r.kernel.org, bpf@...r.kernel.org, linux-crypto@...r.kernel.org, Ard Biesheuvel <ardb@...nel.org> Subject: Re: [PATCH iproute2-next v2] lib/bpf_legacy: Use userspace SHA-1 code instead of AF_ALG On Wed, Nov 12, 2025 at 12:12:12PM -0800, Stephen Hemminger wrote: > On Mon, 29 Sep 2025 12:46:48 -0700 > Eric Biggers <ebiggers@...nel.org> wrote: > > > diff --git a/lib/sha1.c b/lib/sha1.c > > new file mode 100644 > > index 00000000..1aa8fd83 > > --- /dev/null > > +++ b/lib/sha1.c > > @@ -0,0 +1,108 @@ > > +// SPDX-License-Identifier: GPL-2.0-or-later > > +/* > > + * SHA-1 message digest algorithm > > + * > > + * Copyright 2025 Google LLC > > + */ > > Not a big fan of having actual crypto in iproute2. > It creates even more technical debt. > Is there another crypto library that could be used? Currently iproute2 doesn't depend on OpenSSL. You can make it do that, if you want, and then you could use SHA-1 from there. I suspect that doing that would be much more trouble than just adding this SHA-1 code. If you happen to be planning to pull in OpenSSL as a dependency for other reasons, it might make sense then. > Better yet, is there a reason legacy BPF code needs to still exist > in current iproute2? When was the cut over. No idea. That's a question for the BPF folks. - Eric
Powered by blists - more mailing lists