Re: [security] d3b04a4398: WARNING:at_crypto/kdf_sp800108.c:#crypto_kdf108_init

From: Herbert Xu
Date: Thu Dec 16 2021 - 23:14:22 EST

Next message: Stephen Rothwell: "linux-next: manual merge of the kvm-arm tree with the kvm tree"
Previous message: Bjorn Andersson: "Re: [PATCH] clk: qcom: rcg2: Cache rate changes for parked RCGs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Dec 10, 2021 at 03:16:34PM +0100, Stephan Mueller wrote:
>
> Herbert, what is your preference in handling this:
>
> - we could SELECT CRYPTO_SHA256 when the KDF is compiled. This would only be
> necessary to satisfy the self test. Yet, there is no guarantee that SHA-256
> would truly be needed because the DH code that calls the KDF obtains the
> reference to the hash from user space. In the end we could hard compile a
> crypto algorithm into the kernel that may never be used.

...

> I would prefer to consider the first option to also statically compile
> SHA-256.

I think KDF800108_CTR should select SHA256 instead of HASH.

Thanks,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Next message: Stephen Rothwell: "linux-next: manual merge of the kvm-arm tree with the kvm tree"
Previous message: Bjorn Andersson: "Re: [PATCH] clk: qcom: rcg2: Cache rate changes for parked RCGs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]