* Re: [dm-devel] [PATCH 5/5] crypto: remove Salsa20 stream cipher algorithm
[not found] ` <YAnCbnnFCQkyBpUA@sol.localdomain>
@ 2021-01-21 18:09 ` Ard Biesheuvel
2021-01-21 18:20 ` Mike Snitzer
2021-01-21 18:23 ` Milan Broz
0 siblings, 2 replies; 3+ messages in thread
From: Ard Biesheuvel @ 2021-01-21 18:09 UTC (permalink / raw)
To: Eric Biggers, agk, Mike Snitzer, dm-devel, Milan Broz
Cc: Linux Crypto Mailing List, Herbert Xu
On Thu, 21 Jan 2021 at 19:05, Eric Biggers <ebiggers@kernel.org> wrote:
>
> On Thu, Jan 21, 2021 at 02:07:33PM +0100, Ard Biesheuvel wrote:
> > Salsa20 is not used anywhere in the kernel, is not suitable for disk
> > encryption, and widely considered to have been superseded by ChaCha20.
> > So let's remove it.
> >
> > Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> > ---
> > Documentation/admin-guide/device-mapper/dm-integrity.rst | 4 +-
> > crypto/Kconfig | 12 -
> > crypto/Makefile | 1 -
> > crypto/salsa20_generic.c | 212 ----
> > crypto/tcrypt.c | 11 +-
> > crypto/testmgr.c | 6 -
> > crypto/testmgr.h | 1162 --------------------
> > 7 files changed, 3 insertions(+), 1405 deletions(-)
> >
> > diff --git a/Documentation/admin-guide/device-mapper/dm-integrity.rst b/Documentation/admin-guide/device-mapper/dm-integrity.rst
> > index 4e6f504474ac..d56112e2e354 100644
> > --- a/Documentation/admin-guide/device-mapper/dm-integrity.rst
> > +++ b/Documentation/admin-guide/device-mapper/dm-integrity.rst
> > @@ -143,8 +143,8 @@ recalculate
> > journal_crypt:algorithm(:key) (the key is optional)
> > Encrypt the journal using given algorithm to make sure that the
> > attacker can't read the journal. You can use a block cipher here
> > - (such as "cbc(aes)") or a stream cipher (for example "chacha20",
> > - "salsa20" or "ctr(aes)").
> > + (such as "cbc(aes)") or a stream cipher (for example "chacha20"
> > + or "ctr(aes)").
>
> You should check with the dm-integrity maintainers how likely it is that people
> are using salsa20 with dm-integrity. It's possible that people are using it,
> especially since the documentation says that dm-integrity can use a stream
> cipher and specifically gives salsa20 as an example.
>
Good point - cc'ed them now.
--
dm-devel mailing list
dm-devel@redhat.com
https://www.redhat.com/mailman/listinfo/dm-devel
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [dm-devel] [PATCH 5/5] crypto: remove Salsa20 stream cipher algorithm
2021-01-21 18:09 ` [dm-devel] [PATCH 5/5] crypto: remove Salsa20 stream cipher algorithm Ard Biesheuvel
@ 2021-01-21 18:20 ` Mike Snitzer
2021-01-21 18:23 ` Milan Broz
1 sibling, 0 replies; 3+ messages in thread
From: Mike Snitzer @ 2021-01-21 18:20 UTC (permalink / raw)
To: Ard Biesheuvel
Cc: Herbert Xu, Eric Biggers, dm-devel, Linux Crypto Mailing List,
Milan Broz, agk
On Thu, Jan 21 2021 at 1:09pm -0500,
Ard Biesheuvel <ardb@kernel.org> wrote:
> On Thu, 21 Jan 2021 at 19:05, Eric Biggers <ebiggers@kernel.org> wrote:
> >
> > On Thu, Jan 21, 2021 at 02:07:33PM +0100, Ard Biesheuvel wrote:
> > > Salsa20 is not used anywhere in the kernel, is not suitable for disk
> > > encryption, and widely considered to have been superseded by ChaCha20.
> > > So let's remove it.
> > >
> > > Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> > > ---
> > > Documentation/admin-guide/device-mapper/dm-integrity.rst | 4 +-
> > > crypto/Kconfig | 12 -
> > > crypto/Makefile | 1 -
> > > crypto/salsa20_generic.c | 212 ----
> > > crypto/tcrypt.c | 11 +-
> > > crypto/testmgr.c | 6 -
> > > crypto/testmgr.h | 1162 --------------------
> > > 7 files changed, 3 insertions(+), 1405 deletions(-)
> > >
> > > diff --git a/Documentation/admin-guide/device-mapper/dm-integrity.rst b/Documentation/admin-guide/device-mapper/dm-integrity.rst
> > > index 4e6f504474ac..d56112e2e354 100644
> > > --- a/Documentation/admin-guide/device-mapper/dm-integrity.rst
> > > +++ b/Documentation/admin-guide/device-mapper/dm-integrity.rst
> > > @@ -143,8 +143,8 @@ recalculate
> > > journal_crypt:algorithm(:key) (the key is optional)
> > > Encrypt the journal using given algorithm to make sure that the
> > > attacker can't read the journal. You can use a block cipher here
> > > - (such as "cbc(aes)") or a stream cipher (for example "chacha20",
> > > - "salsa20" or "ctr(aes)").
> > > + (such as "cbc(aes)") or a stream cipher (for example "chacha20"
> > > + or "ctr(aes)").
> >
> > You should check with the dm-integrity maintainers how likely it is that people
> > are using salsa20 with dm-integrity. It's possible that people are using it,
> > especially since the documentation says that dm-integrity can use a stream
> > cipher and specifically gives salsa20 as an example.
> >
>
> Good point - cc'ed them now.
>
No problem here, if others don't find utility in salsa20 then
dm-integrity certainly isn't the hold-out.
Acked-by: Mike Snitzer <snitzer@redhat.com>
Mike
--
dm-devel mailing list
dm-devel@redhat.com
https://www.redhat.com/mailman/listinfo/dm-devel
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [dm-devel] [PATCH 5/5] crypto: remove Salsa20 stream cipher algorithm
2021-01-21 18:09 ` [dm-devel] [PATCH 5/5] crypto: remove Salsa20 stream cipher algorithm Ard Biesheuvel
2021-01-21 18:20 ` Mike Snitzer
@ 2021-01-21 18:23 ` Milan Broz
1 sibling, 0 replies; 3+ messages in thread
From: Milan Broz @ 2021-01-21 18:23 UTC (permalink / raw)
To: Ard Biesheuvel, Eric Biggers, agk, Mike Snitzer, dm-devel,
Mikulas Patocka
Cc: Linux Crypto Mailing List, Herbert Xu
On 21/01/2021 19:09, Ard Biesheuvel wrote:
> On Thu, 21 Jan 2021 at 19:05, Eric Biggers <ebiggers@kernel.org> wrote:
>>
>> On Thu, Jan 21, 2021 at 02:07:33PM +0100, Ard Biesheuvel wrote:
>>> Salsa20 is not used anywhere in the kernel, is not suitable for disk
>>> encryption, and widely considered to have been superseded by ChaCha20.
>>> So let's remove it.
>>>
>>> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
>>> ---
>>> Documentation/admin-guide/device-mapper/dm-integrity.rst | 4 +-
>>> crypto/Kconfig | 12 -
>>> crypto/Makefile | 1 -
>>> crypto/salsa20_generic.c | 212 ----
>>> crypto/tcrypt.c | 11 +-
>>> crypto/testmgr.c | 6 -
>>> crypto/testmgr.h | 1162 --------------------
>>> 7 files changed, 3 insertions(+), 1405 deletions(-)
>>>
>>> diff --git a/Documentation/admin-guide/device-mapper/dm-integrity.rst b/Documentation/admin-guide/device-mapper/dm-integrity.rst
>>> index 4e6f504474ac..d56112e2e354 100644
>>> --- a/Documentation/admin-guide/device-mapper/dm-integrity.rst
>>> +++ b/Documentation/admin-guide/device-mapper/dm-integrity.rst
>>> @@ -143,8 +143,8 @@ recalculate
>>> journal_crypt:algorithm(:key) (the key is optional)
>>> Encrypt the journal using given algorithm to make sure that the
>>> attacker can't read the journal. You can use a block cipher here
>>> - (such as "cbc(aes)") or a stream cipher (for example "chacha20",
>>> - "salsa20" or "ctr(aes)").
>>> + (such as "cbc(aes)") or a stream cipher (for example "chacha20"
>>> + or "ctr(aes)").
>>
>> You should check with the dm-integrity maintainers how likely it is that people
>> are using salsa20 with dm-integrity. It's possible that people are using it,
>> especially since the documentation says that dm-integrity can use a stream
>> cipher and specifically gives salsa20 as an example.
>>
>
> Good point - cc'ed them now.
I would say - just remove it. I do not see any users, we do not even test this combination in userspace testsuite.
It is just an example in doc.
>From my POV these stream crypto ciphers should be never used there (but cc to Mikulas, it was his patch :-)
Milan
--
dm-devel mailing list
dm-devel@redhat.com
https://www.redhat.com/mailman/listinfo/dm-devel
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-01-21 18:27 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <20210121130733.1649-1-ardb@kernel.org>
[not found] ` <20210121130733.1649-6-ardb@kernel.org>
[not found] ` <YAnCbnnFCQkyBpUA@sol.localdomain>
2021-01-21 18:09 ` [dm-devel] [PATCH 5/5] crypto: remove Salsa20 stream cipher algorithm Ard Biesheuvel
2021-01-21 18:20 ` Mike Snitzer
2021-01-21 18:23 ` Milan Broz
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).