From: Milan Broz <gmazyland@gmail.com>
To: Eric Biggers <ebiggers@kernel.org>,
Herbert Xu <herbert@gondor.apana.org.au>,
linux-crypto@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org
Subject: Re: [PATCH] crypto: af_alg - Allow additional ciphers for cryptsetup
Date: Mon, 6 Jul 2026 20:20:10 +0200 [thread overview]
Message-ID: <276a4c4e-bbe4-4f6f-9f9a-c1e195e06c86@gmail.com> (raw)
In-Reply-To: <20260705184419.40762-1-ebiggers@kernel.org>
On 7/5/26 8:44 PM, Eric Biggers wrote:
> Add "xts(camellia)", "xts(serpent)", and "xts(twofish)" to the allowlist
> for af_alg_restrict=1. These niche AES alternatives have continued to
> see rare but persistent use via cryptsetup, which has historically
> relied on the AF_ALG support for these ciphers in XTS mode for
> performing the keyslot encryption. (cryptsetup v2.8.7 and later fall
> back to a temporary dm-crypt mapping, but that requires root.)
>
> Signed-off-by: Eric Biggers <ebiggers@kernel.org>
> ---
> crypto/algif_skcipher.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c
> index 2b8069667974..49ae779b3b6b 100644
> --- a/crypto/algif_skcipher.c
> +++ b/crypto/algif_skcipher.c
> @@ -45,6 +45,9 @@ static const struct af_alg_allowlist_entry skcipher_allowlist[] = {
> { "ecb(des)", true }, /* iwd */
> { "hctr2(aes)", false }, /* cryptsetup */
> { "xts(aes)", false }, /* cryptsetup benchmark */
> + { "xts(camellia)", false }, /* cryptsetup */
> + { "xts(serpent)", false }, /* cryptsetup */
> + { "xts(twofish)", false }, /* cryptsetup */
> {},
Well, if we are going this way, I would also add Aria and SM4 (currently usable only in cryptsetup main branch).
Milan
p.s.
There is another user of AF_ALG hash, hardlink in util-linux, see
https://github.com/util-linux/util-linux/blob/master/lib/fileeq.c
next prev parent reply other threads:[~2026-07-06 18:20 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-07-05 18:44 [PATCH] crypto: af_alg - Allow additional ciphers for cryptsetup Eric Biggers
2026-07-06 18:20 ` Milan Broz [this message]
2026-07-06 20:24 ` Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=276a4c4e-bbe4-4f6f-9f9a-c1e195e06c86@gmail.com \
--to=gmazyland@gmail.com \
--cc=ebiggers@kernel.org \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox