summaryrefslogtreecommitdiff
path: root/net
diff options
context:
space:
mode:
authorJakub Kicinski <kuba@kernel.org>2026-04-09 04:51:54 +0300
committerJakub Kicinski <kuba@kernel.org>2026-04-09 04:51:54 +0300
commitea0f90d1ed7d9560d5078e628c3be316dfc4cae9 (patch)
tree23c7fd789817dd102db0b5d646b8f6ca9bb3e22a /net
parentb3e69fc3196fc421e26196e7792f17b0463edc6f (diff)
parent05d42dc8ab92aa54aaeb1c033927c88fd2accba4 (diff)
downloadlinux-ea0f90d1ed7d9560d5078e628c3be316dfc4cae9.tar.xz
Merge tag 'ipsec-next-2026-04-08' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next
Steffen Klassert says: ==================== pull request (net-next): ipsec-next 2026-04-08 1) Update outdated comment in xfrm_dst_check(). From kexinsun. 2) Drop support for HMAC-RIPEMD-160 from IPsec. From Eric Biggers. * tag 'ipsec-next-2026-04-08' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next: xfrm: Drop support for HMAC-RIPEMD-160 xfrm: update outdated comment ==================== Link: https://patch.msgid.link/20260408094258.148555-1-steffen.klassert@secunet.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Diffstat (limited to 'net')
-rw-r--r--net/xfrm/xfrm_algo.c20
-rw-r--r--net/xfrm/xfrm_policy.c2
2 files changed, 1 insertions, 21 deletions
diff --git a/net/xfrm/xfrm_algo.c b/net/xfrm/xfrm_algo.c
index 749011e031c0..70434495f23f 100644
--- a/net/xfrm/xfrm_algo.c
+++ b/net/xfrm/xfrm_algo.c
@@ -291,26 +291,6 @@ static struct xfrm_algo_desc aalg_list[] = {
}
},
{
- .name = "hmac(rmd160)",
- .compat = "rmd160",
-
- .uinfo = {
- .auth = {
- .icv_truncbits = 96,
- .icv_fullbits = 160,
- }
- },
-
- .pfkey_supported = 1,
-
- .desc = {
- .sadb_alg_id = SADB_X_AALG_RIPEMD160HMAC,
- .sadb_alg_ivlen = 0,
- .sadb_alg_minbits = 160,
- .sadb_alg_maxbits = 160
- }
-},
-{
.name = "xcbc(aes)",
.uinfo = {
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index 362939aa56cf..0a78dc59c2b3 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -3917,7 +3917,7 @@ EXPORT_SYMBOL(__xfrm_route_forward);
static struct dst_entry *xfrm_dst_check(struct dst_entry *dst, u32 cookie)
{
- /* Code (such as __xfrm4_bundle_create()) sets dst->obsolete
+ /* Code (such as xfrm_bundle_create()) sets dst->obsolete
* to DST_OBSOLETE_FORCE_CHK to force all XFRM destinations to
* get validated by dst_ops->check on every use. We do this
* because when a normal route referenced by an XFRM dst is
generated by cgit v1.2.3 (git 2.39.0) at 2026-05-13 16:53:52 +0300