Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp419704pxb; Thu, 21 Jan 2021 10:08:12 -0800 (PST) X-Google-Smtp-Source: ABdhPJxJr4rmNehlH6jMnb88A11PEv5U4R8LIHaCdlzZgPmtVVroUiG7ramU+hr5QK291+PYIM6o X-Received: by 2002:a05:6402:34d2:: with SMTP id w18mr327460edc.102.1611252492455; Thu, 21 Jan 2021 10:08:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1611252492; cv=none; d=google.com; s=arc-20160816; b=i75QSgUKA1YFV9PXv8jTcgTeweQls6NDkZS+y4A1JU0cmukN49W4ucKEn+k9CHTQpv IA6xz15n3A01RzQHnlA1F60Mz4Qo6q+WwN9FshMIyZLWrIEf6bjK1IRx3G3y4tMIIgEl S5WKASu1SyRfMLruOhc3MYoa3yZOhrqArY9Kuto5BcJel3nvluoQvW0X+BP7os2VH5S4 p9i9UedlQErnnieglJPGp4gMIDJe4M2gbQLMRt/vedQ+/frSXE634CPJLbVDOmeRHVxe SxGiM4ApUAA1pzIkKRHg61pT/crNYwl1/vKhLQo15ypWKlWKeob2C4JlgXXHczC/Cm4x B2wA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=TagH84NiYVEFop1lbXGpqGbpKuI8DCSsNcW9+8dS/IE=; b=CYzSj60b+e+2vqS6c9xg12rLE3EWA7TQcH49+InTo6BmqvcSEdVSBaSafoYTJdhWFN 6VwklYNejFGemqFqtI3s+q52tnQMqpsnYaDqgxCYn511cHrkINT+XJ4k+oiGrT6bdFaD QWiS1zfrRMIZOb4oYTgiIHSxhD/L/ayrS1oVNOkg5+BgMPcYa6oUo3MO/jWOGYRa59zr tbOdqMpJFf8pWzaeti02yGX8ebCCIu6rs89tWCsvUjREu9xrcD5eI/PxrCXsBnMD6z/9 9yi91b2ZLP4Gt9VuhHam9zofvgTZsIQrXWW+WqC2HX1mcN9RNji6lVW6xboZAmjBGQ/5 nl1w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=X2Uoc8Td; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id sd11si2051595ejb.584.2021.01.21.10.07.39; Thu, 21 Jan 2021 10:08:12 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=X2Uoc8Td; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389291AbhAUSGc (ORCPT + 99 others); Thu, 21 Jan 2021 13:06:32 -0500 Received: from mail.kernel.org ([198.145.29.99]:56680 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2389189AbhAUSGS (ORCPT ); Thu, 21 Jan 2021 13:06:18 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id 233D723A03; Thu, 21 Jan 2021 18:05:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1611252336; bh=UGC6xbgmj6VnF4keuMb2vzAY/nDpnpUK4OYYvtZpiJw=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=X2Uoc8TdEKPUH9HrNNl7g/li8KBClsNfgU3TX1bHt2UzrBvw0i6KbPOghhI4ryNUL l2fhssGweU9g2iFYOa4a7B5+zFqtF1IJEG+gJD1a8c0cHRplHwtodhm2M2iGdgCfGS D4T/GrpIayh4v1EKn6XvO9CkrfZFQDOrbJvbbg3EPRhT+7NjXCiqr5CKdpc37xwAm4 NxSkYqaJ22Vs8j3qLeoAxdJ786wTiZ6RtTKkCvU01nIAjPLx3WSPG8OSLXBAPwC/yj r23QG+jbs1Jdodq8Zghs0+2knOCsul6uHqJvPmjTuH5Ub7M1HqfDD2TqWie1CGnNx5 Rzgy98dB5k//w== Date: Thu, 21 Jan 2021 10:05:34 -0800 From: Eric Biggers To: Ard Biesheuvel Cc: linux-crypto@vger.kernel.org, Herbert Xu Subject: Re: [PATCH 5/5] crypto: remove Salsa20 stream cipher algorithm Message-ID: References: <20210121130733.1649-1-ardb@kernel.org> <20210121130733.1649-6-ardb@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20210121130733.1649-6-ardb@kernel.org> Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Thu, Jan 21, 2021 at 02:07:33PM +0100, Ard Biesheuvel wrote: > Salsa20 is not used anywhere in the kernel, is not suitable for disk > encryption, and widely considered to have been superseded by ChaCha20. > So let's remove it. > > Signed-off-by: Ard Biesheuvel > --- > Documentation/admin-guide/device-mapper/dm-integrity.rst | 4 +- > crypto/Kconfig | 12 - > crypto/Makefile | 1 - > crypto/salsa20_generic.c | 212 ---- > crypto/tcrypt.c | 11 +- > crypto/testmgr.c | 6 - > crypto/testmgr.h | 1162 -------------------- > 7 files changed, 3 insertions(+), 1405 deletions(-) > > diff --git a/Documentation/admin-guide/device-mapper/dm-integrity.rst b/Documentation/admin-guide/device-mapper/dm-integrity.rst > index 4e6f504474ac..d56112e2e354 100644 > --- a/Documentation/admin-guide/device-mapper/dm-integrity.rst > +++ b/Documentation/admin-guide/device-mapper/dm-integrity.rst > @@ -143,8 +143,8 @@ recalculate > journal_crypt:algorithm(:key) (the key is optional) > Encrypt the journal using given algorithm to make sure that the > attacker can't read the journal. You can use a block cipher here > - (such as "cbc(aes)") or a stream cipher (for example "chacha20", > - "salsa20" or "ctr(aes)"). > + (such as "cbc(aes)") or a stream cipher (for example "chacha20" > + or "ctr(aes)"). You should check with the dm-integrity maintainers how likely it is that people are using salsa20 with dm-integrity. It's possible that people are using it, especially since the documentation says that dm-integrity can use a stream cipher and specifically gives salsa20 as an example. - Eric