From: Eric Biggers <ebiggers@kernel.org>
To: netdev@vger.kernel.org, linux-afs@lists.infradead.org
Cc: David Howells <dhowells@redhat.com>,
Marc Dionne <marc.dionne@auristor.com>,
linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org,
"David S . Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
Simon Horman <horms@kernel.org>,
Eric Biggers <ebiggers@kernel.org>
Subject: [PATCH net-next v2 0/5] Consolidate FCrypt and PCBC code into net/rxrpc/
Date: Fri, 22 May 2026 00:07:31 -0500 [thread overview]
Message-ID: <20260522050740.84561-1-ebiggers@kernel.org> (raw)
The FCrypt "block cipher" and the PCBC mode of operation are obsolete
and insecure. Since their only user is net/rxrpc/, they belong there,
not in the crypto API.
Therefore, this series removes these algorithms from the crypto API and
replaces them with local implementations in net/rxrpc/.
The local implementations are simpler too, as they avoid the crypto API
boilerplate.
I don't know how to test all the code in net/rxrpc/, but everything
should still work. I added a KUnit test for the crypto functions.
Changed in v2:
- Added missing export of fcrypt_preparekey().
- Write "RxRPC crypto KUnit test" instead of "RxRPC KUnit test".
- Rebased onto latest net-next where decryption now happens in the
linear buffer rxrpc_call::rx_dec_buffer, simplifying the code.
Eric Biggers (5):
net/rxrpc: Add local FCrypt-PCBC implementation
net/rxrpc: Use local FCrypt-PCBC implementation
net/rxrpc: Reimplement DES-PCBC using DES library
crypto: fcrypt - Remove support for FCrypt block cipher
crypto: pcbc - Remove support for PCBC mode
arch/arm/configs/am200epdkit_defconfig | 1 -
arch/arm/configs/dove_defconfig | 1 -
arch/arm/configs/multi_v5_defconfig | 1 -
arch/arm/configs/mv78xx0_defconfig | 1 -
arch/arm/configs/mvebu_v5_defconfig | 1 -
arch/arm/configs/omap1_defconfig | 1 -
arch/arm/configs/orion5x_defconfig | 1 -
arch/arm/configs/pxa_defconfig | 2 -
arch/arm/configs/wpcm450_defconfig | 1 -
arch/m68k/configs/amiga_defconfig | 2 -
arch/m68k/configs/apollo_defconfig | 2 -
arch/m68k/configs/atari_defconfig | 2 -
arch/m68k/configs/bvme6000_defconfig | 2 -
arch/m68k/configs/hp300_defconfig | 2 -
arch/m68k/configs/mac_defconfig | 2 -
arch/m68k/configs/multi_defconfig | 2 -
arch/m68k/configs/mvme147_defconfig | 2 -
arch/m68k/configs/mvme16x_defconfig | 2 -
arch/m68k/configs/q40_defconfig | 2 -
arch/m68k/configs/sun3_defconfig | 2 -
arch/m68k/configs/sun3x_defconfig | 2 -
arch/mips/configs/bigsur_defconfig | 2 -
arch/mips/configs/decstation_64_defconfig | 2 -
arch/mips/configs/decstation_defconfig | 2 -
arch/mips/configs/decstation_r4k_defconfig | 2 -
arch/mips/configs/fuloong2e_defconfig | 1 -
arch/mips/configs/gpr_defconfig | 1 -
arch/mips/configs/ip22_defconfig | 2 -
arch/mips/configs/ip27_defconfig | 2 -
arch/mips/configs/ip30_defconfig | 2 -
arch/mips/configs/ip32_defconfig | 2 -
arch/mips/configs/lemote2f_defconfig | 2 -
arch/mips/configs/malta_defconfig | 2 -
arch/mips/configs/malta_kvm_defconfig | 2 -
arch/mips/configs/malta_qemu_32r6_defconfig | 1 -
arch/mips/configs/maltaaprp_defconfig | 1 -
arch/mips/configs/maltasmvp_defconfig | 1 -
arch/mips/configs/maltasmvp_eva_defconfig | 1 -
arch/mips/configs/maltaup_defconfig | 1 -
arch/mips/configs/maltaup_xpa_defconfig | 2 -
arch/mips/configs/mtx1_defconfig | 1 -
arch/mips/configs/rm200_defconfig | 2 -
arch/mips/configs/sb1250_swarm_defconfig | 2 -
arch/parisc/configs/generic-64bit_defconfig | 2 -
arch/powerpc/configs/44x/akebono_defconfig | 1 -
arch/powerpc/configs/44x/bamboo_defconfig | 1 -
arch/powerpc/configs/44x/currituck_defconfig | 1 -
arch/powerpc/configs/44x/ebony_defconfig | 1 -
arch/powerpc/configs/44x/eiger_defconfig | 1 -
arch/powerpc/configs/44x/fsp2_defconfig | 1 -
arch/powerpc/configs/44x/icon_defconfig | 1 -
arch/powerpc/configs/44x/iss476-smp_defconfig | 1 -
arch/powerpc/configs/44x/katmai_defconfig | 1 -
arch/powerpc/configs/44x/rainier_defconfig | 1 -
arch/powerpc/configs/44x/redwood_defconfig | 1 -
arch/powerpc/configs/44x/sequoia_defconfig | 1 -
arch/powerpc/configs/44x/taishan_defconfig | 1 -
arch/powerpc/configs/52xx/cm5200_defconfig | 1 -
arch/powerpc/configs/52xx/motionpro_defconfig | 1 -
arch/powerpc/configs/52xx/tqm5200_defconfig | 1 -
arch/powerpc/configs/83xx/asp8347_defconfig | 1 -
.../configs/83xx/mpc8313_rdb_defconfig | 1 -
.../configs/83xx/mpc8315_rdb_defconfig | 1 -
.../configs/83xx/mpc832x_rdb_defconfig | 1 -
.../configs/83xx/mpc834x_itx_defconfig | 1 -
.../configs/83xx/mpc834x_itxgp_defconfig | 1 -
.../configs/83xx/mpc837x_rdb_defconfig | 1 -
arch/powerpc/configs/amigaone_defconfig | 1 -
arch/powerpc/configs/cell_defconfig | 1 -
arch/powerpc/configs/chrp32_defconfig | 1 -
arch/powerpc/configs/ep8248e_defconfig | 1 -
arch/powerpc/configs/fsl-emb-nonhw.config | 1 -
arch/powerpc/configs/g5_defconfig | 1 -
arch/powerpc/configs/linkstation_defconfig | 1 -
arch/powerpc/configs/mgcoge_defconfig | 1 -
arch/powerpc/configs/mpc83xx_defconfig | 1 -
arch/powerpc/configs/mvme5100_defconfig | 1 -
arch/powerpc/configs/pmac32_defconfig | 1 -
arch/powerpc/configs/powernv_defconfig | 1 -
arch/powerpc/configs/ppc44x_defconfig | 1 -
arch/powerpc/configs/ppc64_defconfig | 1 -
arch/powerpc/configs/ppc64e_defconfig | 1 -
arch/powerpc/configs/ppc6xx_defconfig | 2 -
arch/powerpc/configs/ps3_defconfig | 1 -
arch/s390/configs/debug_defconfig | 2 -
arch/s390/configs/defconfig | 2 -
arch/sh/configs/hp6xx_defconfig | 1 -
arch/sh/configs/r7780mp_defconfig | 1 -
arch/sh/configs/r7785rp_defconfig | 1 -
arch/sh/configs/se7712_defconfig | 1 -
arch/sh/configs/sh2007_defconfig | 2 -
arch/sparc/configs/sparc32_defconfig | 1 -
arch/sparc/configs/sparc64_defconfig | 2 -
crypto/Kconfig | 18 -
crypto/Makefile | 2 -
crypto/pcbc.c | 195 --------
crypto/tcrypt.c | 4 -
crypto/testmgr.c | 15 -
crypto/testmgr.h | 45 --
net/rxrpc/.kunitconfig | 6 +
net/rxrpc/Kconfig | 13 +-
net/rxrpc/Makefile | 3 +-
net/rxrpc/ar-internal.h | 21 +-
{crypto => net/rxrpc}/fcrypt.c | 330 ++++++--------
net/rxrpc/key.c | 1 -
net/rxrpc/rxkad.c | 429 +++++-------------
net/rxrpc/server_key.c | 1 -
net/rxrpc/tests/Makefile | 3 +
net/rxrpc/tests/rxrpc_kunit.c | 140 ++++++
109 files changed, 427 insertions(+), 925 deletions(-)
delete mode 100644 crypto/pcbc.c
create mode 100644 net/rxrpc/.kunitconfig
rename {crypto => net/rxrpc}/fcrypt.c (65%)
create mode 100644 net/rxrpc/tests/Makefile
create mode 100644 net/rxrpc/tests/rxrpc_kunit.c
base-commit: 1a1f055318d82e64485a6ff8420e5f70b4267998
--
2.54.0
next reply other threads:[~2026-05-22 5:07 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-22 5:07 Eric Biggers [this message]
2026-05-22 5:07 ` [PATCH net-next v2 1/5] net/rxrpc: Add local FCrypt-PCBC implementation Eric Biggers
2026-05-22 5:07 ` [PATCH net-next v2 2/5] net/rxrpc: Use " Eric Biggers
2026-05-22 5:07 ` [PATCH net-next v2 3/5] net/rxrpc: Reimplement DES-PCBC using DES library Eric Biggers
2026-05-22 5:07 ` [PATCH net-next v2 4/5] crypto: fcrypt - Remove support for FCrypt block cipher Eric Biggers
2026-05-22 5:07 ` [PATCH net-next v2 5/5] crypto: pcbc - Remove support for PCBC mode Eric Biggers
2026-05-22 13:06 ` [PATCH net-next v2 0/5] Consolidate FCrypt and PCBC code into net/rxrpc/ Marc Dionne
2026-06-03 5:05 ` Eric Biggers
2026-06-08 17:39 ` Eric Biggers
2026-06-08 18:11 ` Marc Dionne
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260522050740.84561-1-ebiggers@kernel.org \
--to=ebiggers@kernel.org \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=edumazet@google.com \
--cc=horms@kernel.org \
--cc=kuba@kernel.org \
--cc=linux-afs@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=marc.dionne@auristor.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.