Thread (8 messages) 8 messages, 4 authors, 24d ago

Re: [PATCH] crypto: crypto4xx - Remove insecure and unused rng_alg

From: Herbert Xu <herbert@gondor.apana.org.au>
Date: 2026-06-11 08:48:05
Also in: linux-crypto, lkml, stable

On Fri, May 29, 2026 at 03:04:30PM -0700, Eric Biggers wrote:
Remove crypto4xx_rng, as it is insecure and unused:

- It has only a 64-bit security strength, which is highly inadequate.
  This can be seen by the fact that crypto4xx_hw_init() seeds it with
  only 64 bits of entropy, and the fact that the original commit
  mentions that it implements ANSI X9.17 Annex C.

  Another issue was that this driver didn't implement the crypto_rng API
  correctly, as crypto4xx_prng_generate() didn't return 0 on success.

- No user of this code is known.  It's usable only theoretically via the
  "rng" algorithm type of AF_ALG.  But userspace actually just uses the
  actual Linux RNG (/dev/random etc) instead.  And rng_algs don't
  contribute entropy to the actual Linux RNG either.  (This may have
  been confused with hwrng, which does contribute entropy.)

Fixes: d072bfa48853 ("crypto: crypto4xx - add prng crypto support")
Cc: stable@vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
---
 drivers/crypto/Kconfig                  |  1 -
 drivers/crypto/amcc/crypto4xx_core.c    | 88 -------------------------
 drivers/crypto/amcc/crypto4xx_core.h    |  4 --
 drivers/crypto/amcc/crypto4xx_reg_def.h | 11 ----
 4 files changed, 104 deletions(-)
Patch applied.  Thanks.
-- 
Email: Herbert Xu [off-list ref]
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help