This driver is known broken, as it computes the wrong SHA-1 and SHA-256 hashes. Correctness needs to be the first priority for cryptographic code. Just disable it, allowing the standard (and actually correct) SHA-1 and SHA-256 implementations to take priority.
Reported-by: larryw3i larryw3i@yeah.net Closes: https://lore.kernel.org/r/3af01fec-b4d3-4d0c-9450-2b722d4bbe39@yeah.net/ Closes: https://lists.debian.org/debian-kernel/2025/09/msg00019.html Closes: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1113996 Cc: stable@vger.kernel.org Cc: AlanSong-oc@zhaoxin.com Cc: CobeChen@zhaoxin.com Cc: GeorgeXue@zhaoxin.com Cc: HansHu@zhaoxin.com Cc: LeoLiu-oc@zhaoxin.com Cc: TonyWWang-oc@zhaoxin.com Cc: YunShen@zhaoxin.com Signed-off-by: Eric Biggers ebiggers@kernel.org ---
This patch is targeting crypto/master
drivers/crypto/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index a6688d54984c..16ea3e741350 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -38,11 +38,11 @@ config CRYPTO_DEV_PADLOCK_AES If unsure say M. The compiled module will be called padlock-aes.
config CRYPTO_DEV_PADLOCK_SHA tristate "PadLock driver for SHA1 and SHA256 algorithms" - depends on CRYPTO_DEV_PADLOCK + depends on CRYPTO_DEV_PADLOCK && BROKEN select CRYPTO_HASH select CRYPTO_SHA1 select CRYPTO_SHA256 help Use VIA PadLock for SHA1/SHA256 algorithms.
base-commit: 59b0afd01b2ce353ab422ea9c8375b03db313a21