On Fri, Jan 14, 2022 at 5:19 PM Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx> wrote: > > On Fri, Jan 14, 2022 at 7:08 AM Ard Biesheuvel <ardb@xxxxxxxxxx> wrote: > > > > Yeah, so the issue is that, at *some* point, SHA-1 is going to have to > > go. > > sha1 cannot be removed from the kernel. > See AF_ALG and iproute2 source for reference. It can be removed from vmlinux, and be folded into the crypto API's generic implementation where it belongs, which then can be built as a module or not built at all, depending on configuration. Please see the 3/3 patch in this series to see what that looks like: https://lore.kernel.org/lkml/20220114142015.87974-4-Jason@xxxxxxxxx/ Meanwhile, you have not replied to any of the substantive issues I brought up. I'd appreciate you doing so. Thank you, Jason
