mirror of
https://github.com/torvalds/linux.git
synced 2025-12-07 20:06:24 +00:00
5abe8d8efc
Pull crypto library updates from Eric Biggers:
"This is the main crypto library pull request for 6.19. It includes:
- Add SHA-3 support to lib/crypto/, including support for both the
hash functions and the extendable-output functions. Reimplement the
existing SHA-3 crypto_shash support on top of the library.
This is motivated mainly by the upcoming support for the ML-DSA
signature algorithm, which needs the SHAKE128 and SHAKE256
functions. But even on its own it's a useful cleanup.
This also fixes the longstanding issue where the
architecture-optimized SHA-3 code was disabled by default.
- Add BLAKE2b support to lib/crypto/, and reimplement the existing
BLAKE2b crypto_shash support on top of the library.
This is motivated mainly by btrfs, which supports BLAKE2b
checksums. With this change, all btrfs checksum algorithms now have
library APIs. btrfs is planned to start just using the library
directly.
This refactor also improves consistency between the BLAKE2b code
and BLAKE2s code. And as usual, it also fixes the issue where the
architecture-optimized BLAKE2b code was disabled by default.
- Add POLYVAL support to lib/crypto/, replacing the existing POLYVAL
support in crypto_shash. Reimplement HCTR2 on top of the library.
This simplifies the code and improves HCTR2 performance. As usual,
it also makes the architecture-optimized code be enabled by
default. The generic implementation of POLYVAL is greatly improved
as well.
- Clean up the BLAKE2s code
- Add FIPS self-tests for SHA-1, SHA-2, and SHA-3"
* tag 'libcrypto-updates-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux: (37 commits)
fscrypt: Drop obsolete recommendation to enable optimized POLYVAL
crypto: polyval - Remove the polyval crypto_shash
crypto: hctr2 - Convert to use POLYVAL library
lib/crypto: x86/polyval: Migrate optimized code into library
lib/crypto: arm64/polyval: Migrate optimized code into library
lib/crypto: polyval: Add POLYVAL library
crypto: polyval - Rename conflicting functions
lib/crypto: x86/blake2s: Use vpternlogd for 3-input XORs
lib/crypto: x86/blake2s: Avoid writing back unchanged 'f' value
lib/crypto: x86/blake2s: Improve readability
lib/crypto: x86/blake2s: Use local labels for data
lib/crypto: x86/blake2s: Drop check for nblocks == 0
lib/crypto: x86/blake2s: Fix 32-bit arg treated as 64-bit
lib/crypto: arm, arm64: Drop filenames from file comments
lib/crypto: arm/blake2s: Fix some comments
crypto: s390/sha3 - Remove superseded SHA-3 code
crypto: sha3 - Reimplement using library API
crypto: jitterentropy - Use default sha3 implementation
lib/crypto: s390/sha3: Add optimized one-shot SHA-3 digest functions
lib/crypto: sha3: Support arch overrides of one-shot digest functions
...
229 lines
5.6 KiB
Plaintext
229 lines
5.6 KiB
Plaintext
# SPDX-License-Identifier: GPL-2.0
|
|
|
|
menu "Crypto library routines"
|
|
|
|
config CRYPTO_HASH_INFO
|
|
bool
|
|
|
|
config CRYPTO_LIB_UTILS
|
|
tristate
|
|
|
|
config CRYPTO_LIB_AES
|
|
tristate
|
|
|
|
config CRYPTO_LIB_AESCFB
|
|
tristate
|
|
select CRYPTO_LIB_AES
|
|
select CRYPTO_LIB_UTILS
|
|
|
|
config CRYPTO_LIB_AESGCM
|
|
tristate
|
|
select CRYPTO_LIB_AES
|
|
select CRYPTO_LIB_GF128MUL
|
|
select CRYPTO_LIB_UTILS
|
|
|
|
config CRYPTO_LIB_ARC4
|
|
tristate
|
|
|
|
config CRYPTO_LIB_GF128MUL
|
|
tristate
|
|
|
|
config CRYPTO_LIB_BLAKE2B
|
|
tristate
|
|
help
|
|
The BLAKE2b library functions. Select this if your module uses any of
|
|
the functions from <crypto/blake2b.h>.
|
|
|
|
config CRYPTO_LIB_BLAKE2B_ARCH
|
|
bool
|
|
depends on CRYPTO_LIB_BLAKE2B && !UML
|
|
default y if ARM && KERNEL_MODE_NEON
|
|
|
|
# BLAKE2s support is always built-in, so there's no CRYPTO_LIB_BLAKE2S option.
|
|
|
|
config CRYPTO_LIB_BLAKE2S_ARCH
|
|
bool
|
|
depends on !UML
|
|
default y if ARM
|
|
default y if X86_64
|
|
|
|
config CRYPTO_LIB_CHACHA
|
|
tristate
|
|
select CRYPTO_LIB_UTILS
|
|
help
|
|
Enable the ChaCha library interface. Select this if your module uses
|
|
chacha_crypt() or hchacha_block().
|
|
|
|
config CRYPTO_LIB_CHACHA_ARCH
|
|
bool
|
|
depends on CRYPTO_LIB_CHACHA && !UML && !KMSAN
|
|
default y if ARM
|
|
default y if ARM64 && KERNEL_MODE_NEON
|
|
default y if MIPS && CPU_MIPS32_R2
|
|
default y if PPC64 && CPU_LITTLE_ENDIAN && VSX
|
|
default y if RISCV && 64BIT && RISCV_ISA_V && TOOLCHAIN_HAS_VECTOR_CRYPTO
|
|
default y if S390
|
|
default y if X86_64
|
|
|
|
config CRYPTO_LIB_CURVE25519
|
|
tristate
|
|
select CRYPTO_LIB_UTILS
|
|
help
|
|
The Curve25519 library functions. Select this if your module uses any
|
|
of the functions from <crypto/curve25519.h>.
|
|
|
|
config CRYPTO_LIB_CURVE25519_ARCH
|
|
bool
|
|
depends on CRYPTO_LIB_CURVE25519 && !UML && !KMSAN
|
|
default y if ARM && KERNEL_MODE_NEON && !CPU_BIG_ENDIAN
|
|
default y if PPC64 && CPU_LITTLE_ENDIAN
|
|
default y if X86_64
|
|
|
|
config CRYPTO_LIB_CURVE25519_GENERIC
|
|
bool
|
|
depends on CRYPTO_LIB_CURVE25519
|
|
default y if !CRYPTO_LIB_CURVE25519_ARCH || ARM || X86_64
|
|
|
|
config CRYPTO_LIB_DES
|
|
tristate
|
|
|
|
config CRYPTO_LIB_MD5
|
|
tristate
|
|
help
|
|
The MD5 and HMAC-MD5 library functions. Select this if your module
|
|
uses any of the functions from <crypto/md5.h>.
|
|
|
|
config CRYPTO_LIB_MD5_ARCH
|
|
bool
|
|
depends on CRYPTO_LIB_MD5 && !UML
|
|
default y if MIPS && CPU_CAVIUM_OCTEON
|
|
default y if PPC
|
|
default y if SPARC64
|
|
|
|
config CRYPTO_LIB_POLY1305
|
|
tristate
|
|
help
|
|
The Poly1305 library functions. Select this if your module uses any
|
|
of the functions from <crypto/poly1305.h>.
|
|
|
|
config CRYPTO_LIB_POLY1305_ARCH
|
|
bool
|
|
depends on CRYPTO_LIB_POLY1305 && !UML && !KMSAN
|
|
default y if ARM
|
|
default y if ARM64 && KERNEL_MODE_NEON
|
|
default y if MIPS
|
|
# The PPC64 code needs to be fixed to work in softirq context.
|
|
default y if PPC64 && CPU_LITTLE_ENDIAN && VSX && BROKEN
|
|
default y if RISCV
|
|
default y if X86_64
|
|
|
|
# This symbol controls the inclusion of the Poly1305 generic code. This differs
|
|
# from most of the other algorithms, which handle the generic code
|
|
# "automatically" via __maybe_unused. This is needed so that the Adiantum code,
|
|
# which calls the poly1305_core_*() functions directly, can enable them.
|
|
config CRYPTO_LIB_POLY1305_GENERIC
|
|
bool
|
|
depends on CRYPTO_LIB_POLY1305
|
|
# Enable if there's no arch impl or the arch impl requires the generic
|
|
# impl as a fallback. (Or if selected explicitly.)
|
|
default y if !CRYPTO_LIB_POLY1305_ARCH || PPC64
|
|
|
|
config CRYPTO_LIB_POLY1305_RSIZE
|
|
int
|
|
default 2 if MIPS || RISCV
|
|
default 11 if X86_64
|
|
default 9 if ARM || ARM64
|
|
default 1
|
|
|
|
config CRYPTO_LIB_POLYVAL
|
|
tristate
|
|
help
|
|
The POLYVAL library functions. Select this if your module uses any of
|
|
the functions from <crypto/polyval.h>.
|
|
|
|
config CRYPTO_LIB_POLYVAL_ARCH
|
|
bool
|
|
depends on CRYPTO_LIB_POLYVAL && !UML
|
|
default y if ARM64 && KERNEL_MODE_NEON
|
|
default y if X86_64
|
|
|
|
config CRYPTO_LIB_CHACHA20POLY1305
|
|
tristate
|
|
select CRYPTO_LIB_CHACHA
|
|
select CRYPTO_LIB_POLY1305
|
|
select CRYPTO_LIB_UTILS
|
|
|
|
config CRYPTO_LIB_SHA1
|
|
tristate
|
|
help
|
|
The SHA-1 and HMAC-SHA1 library functions. Select this if your module
|
|
uses any of the functions from <crypto/sha1.h>.
|
|
|
|
config CRYPTO_LIB_SHA1_ARCH
|
|
bool
|
|
depends on CRYPTO_LIB_SHA1 && !UML
|
|
default y if ARM
|
|
default y if ARM64 && KERNEL_MODE_NEON
|
|
default y if MIPS && CPU_CAVIUM_OCTEON
|
|
default y if PPC
|
|
default y if S390
|
|
default y if SPARC64
|
|
default y if X86_64
|
|
|
|
config CRYPTO_LIB_SHA256
|
|
tristate
|
|
help
|
|
The SHA-224, SHA-256, HMAC-SHA224, and HMAC-SHA256 library functions.
|
|
Select this if your module uses any of these functions from
|
|
<crypto/sha2.h>.
|
|
|
|
config CRYPTO_LIB_SHA256_ARCH
|
|
bool
|
|
depends on CRYPTO_LIB_SHA256 && !UML
|
|
default y if ARM && !CPU_V7M
|
|
default y if ARM64
|
|
default y if MIPS && CPU_CAVIUM_OCTEON
|
|
default y if PPC && SPE
|
|
default y if RISCV && 64BIT && RISCV_ISA_V && TOOLCHAIN_HAS_VECTOR_CRYPTO
|
|
default y if S390
|
|
default y if SPARC64
|
|
default y if X86_64
|
|
|
|
config CRYPTO_LIB_SHA512
|
|
tristate
|
|
help
|
|
The SHA-384, SHA-512, HMAC-SHA384, and HMAC-SHA512 library functions.
|
|
Select this if your module uses any of these functions from
|
|
<crypto/sha2.h>.
|
|
|
|
config CRYPTO_LIB_SHA512_ARCH
|
|
bool
|
|
depends on CRYPTO_LIB_SHA512 && !UML
|
|
default y if ARM && !CPU_V7M
|
|
default y if ARM64
|
|
default y if MIPS && CPU_CAVIUM_OCTEON
|
|
default y if RISCV && 64BIT && RISCV_ISA_V && TOOLCHAIN_HAS_VECTOR_CRYPTO
|
|
default y if S390
|
|
default y if SPARC64
|
|
default y if X86_64
|
|
|
|
config CRYPTO_LIB_SHA3
|
|
tristate
|
|
select CRYPTO_LIB_UTILS
|
|
help
|
|
The SHA3 library functions. Select this if your module uses any of
|
|
the functions from <crypto/sha3.h>.
|
|
|
|
config CRYPTO_LIB_SHA3_ARCH
|
|
bool
|
|
depends on CRYPTO_LIB_SHA3 && !UML
|
|
default y if ARM64 && KERNEL_MODE_NEON
|
|
default y if S390
|
|
|
|
config CRYPTO_LIB_SM3
|
|
tristate
|
|
|
|
source "lib/crypto/tests/Kconfig"
|
|
|
|
endmenu
|