mirror of
https://github.com/torvalds/linux.git
synced 2026-05-12 16:18:45 +02:00
13150742b0
This is the main crypto library pull request for 6.17. The main focus
this cycle is on reorganizing the SHA-1 and SHA-2 code, providing
high-quality library APIs for SHA-1 and SHA-2 including HMAC support,
and establishing conventions for lib/crypto/ going forward:
- Migrate the SHA-1 and SHA-512 code (and also SHA-384 which shares
most of the SHA-512 code) into lib/crypto/. This includes both the
generic and architecture-optimized code. Greatly simplify how the
architecture-optimized code is integrated. Add an easy-to-use
library API for each SHA variant, including HMAC support. Finally,
reimplement the crypto_shash support on top of the library API.
- Apply the same reorganization to the SHA-256 code (and also SHA-224
which shares most of the SHA-256 code). This is a somewhat smaller
change, due to my earlier work on SHA-256. But this brings in all
the same additional improvements that I made for SHA-1 and SHA-512.
There are also some smaller changes:
- Move the architecture-optimized ChaCha, Poly1305, and BLAKE2s code
from arch/$(SRCARCH)/lib/crypto/ to lib/crypto/$(SRCARCH)/. For
these algorithms it's just a move, not a full reorganization yet.
- Fix the MIPS chacha-core.S to build with the clang assembler.
- Fix the Poly1305 functions to work in all contexts.
- Fix a performance regression in the x86_64 Poly1305 code.
- Clean up the x86_64 SHA-NI optimized SHA-1 assembly code.
Note that since the new organization of the SHA code is much simpler,
the diffstat of this pull request is negative, despite the addition of
new fully-documented library APIs for multiple SHA and HMAC-SHA
variants. These APIs will allow further simplifications across the
kernel as users start using them instead of the old-school crypto API.
(I've already written a lot of such conversion patches, removing over
1000 more lines of code. But most of those will target 6.18 or later.)
-----BEGIN PGP SIGNATURE-----
iIoEABYIADIWIQSacvsUNc7UX4ntmEPzXCl4vpKOKwUCaIZ93BQcZWJpZ2dlcnNA
a2VybmVsLm9yZwAKCRDzXCl4vpKOK8HCAQD3O9P0qd6wscne5XuRwaybzKHQ2AqU
OlhlDZWQQEvYAgD/aa6KP/DS+8RKGj0TBn6bACAJyXyDygFXq5a5s9pGzAs=
=UmMM
-----END PGP SIGNATURE-----
Merge tag 'libcrypto-updates-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux
Pull crypto library updates from Eric Biggers:
"This is the main crypto library pull request for 6.17. The main focus
this cycle is on reorganizing the SHA-1 and SHA-2 code, providing
high-quality library APIs for SHA-1 and SHA-2 including HMAC support,
and establishing conventions for lib/crypto/ going forward:
- Migrate the SHA-1 and SHA-512 code (and also SHA-384 which shares
most of the SHA-512 code) into lib/crypto/. This includes both the
generic and architecture-optimized code. Greatly simplify how the
architecture-optimized code is integrated. Add an easy-to-use
library API for each SHA variant, including HMAC support. Finally,
reimplement the crypto_shash support on top of the library API.
- Apply the same reorganization to the SHA-256 code (and also SHA-224
which shares most of the SHA-256 code). This is a somewhat smaller
change, due to my earlier work on SHA-256. But this brings in all
the same additional improvements that I made for SHA-1 and SHA-512.
There are also some smaller changes:
- Move the architecture-optimized ChaCha, Poly1305, and BLAKE2s code
from arch/$(SRCARCH)/lib/crypto/ to lib/crypto/$(SRCARCH)/. For
these algorithms it's just a move, not a full reorganization yet.
- Fix the MIPS chacha-core.S to build with the clang assembler.
- Fix the Poly1305 functions to work in all contexts.
- Fix a performance regression in the x86_64 Poly1305 code.
- Clean up the x86_64 SHA-NI optimized SHA-1 assembly code.
Note that since the new organization of the SHA code is much simpler,
the diffstat of this pull request is negative, despite the addition of
new fully-documented library APIs for multiple SHA and HMAC-SHA
variants.
These APIs will allow further simplifications across the kernel as
users start using them instead of the old-school crypto API. (I've
already written a lot of such conversion patches, removing over 1000
more lines of code. But most of those will target 6.18 or later)"
* tag 'libcrypto-updates-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux: (67 commits)
lib/crypto: arm64/sha512-ce: Drop compatibility macros for older binutils
lib/crypto: x86/sha1-ni: Convert to use rounds macros
lib/crypto: x86/sha1-ni: Minor optimizations and cleanup
crypto: sha1 - Remove sha1_base.h
lib/crypto: x86/sha1: Migrate optimized code into library
lib/crypto: sparc/sha1: Migrate optimized code into library
lib/crypto: s390/sha1: Migrate optimized code into library
lib/crypto: powerpc/sha1: Migrate optimized code into library
lib/crypto: mips/sha1: Migrate optimized code into library
lib/crypto: arm64/sha1: Migrate optimized code into library
lib/crypto: arm/sha1: Migrate optimized code into library
crypto: sha1 - Use same state format as legacy drivers
crypto: sha1 - Wrap library and add HMAC support
lib/crypto: sha1: Add HMAC support
lib/crypto: sha1: Add SHA-1 library functions
lib/crypto: sha1: Rename sha1_init() to sha1_init_raw()
crypto: x86/sha1 - Rename conflicting symbol
lib/crypto: sha2: Add hmac_sha*_init_usingrawkey()
lib/crypto: arm/poly1305: Remove unneeded empty weak function
lib/crypto: x86/poly1305: Fix performance regression on short messages
...
|
||
|---|---|---|
| .. | ||
| asymmetric_keys | ||
| async_tx | ||
| krb5 | ||
| 842.c | ||
| acompress.c | ||
| adiantum.c | ||
| aead.c | ||
| aegis-neon.h | ||
| aegis.h | ||
| aegis128-core.c | ||
| aegis128-neon-inner.c | ||
| aegis128-neon.c | ||
| aes_generic.c | ||
| aes_ti.c | ||
| af_alg.c | ||
| ahash.c | ||
| akcipher.c | ||
| algapi.c | ||
| algboss.c | ||
| algif_aead.c | ||
| algif_hash.c | ||
| algif_rng.c | ||
| algif_skcipher.c | ||
| ansi_cprng.c | ||
| anubis.c | ||
| api.c | ||
| arc4.c | ||
| aria_generic.c | ||
| authenc.c | ||
| authencesn.c | ||
| blake2b_generic.c | ||
| blowfish_common.c | ||
| blowfish_generic.c | ||
| bpf_crypto_skcipher.c | ||
| camellia_generic.c | ||
| cast_common.c | ||
| cast5_generic.c | ||
| cast6_generic.c | ||
| cbc.c | ||
| ccm.c | ||
| chacha.c | ||
| chacha20poly1305.c | ||
| cipher.c | ||
| cmac.c | ||
| compress.h | ||
| crc32.c | ||
| crc32c.c | ||
| cryptd.c | ||
| crypto_engine.c | ||
| crypto_null.c | ||
| crypto_user.c | ||
| ctr.c | ||
| cts.c | ||
| curve25519-generic.c | ||
| deflate.c | ||
| des_generic.c | ||
| dh_helper.c | ||
| dh.c | ||
| drbg.c | ||
| ecb.c | ||
| ecc_curve_defs.h | ||
| ecc.c | ||
| ecdh_helper.c | ||
| ecdh.c | ||
| ecdsa-p1363.c | ||
| ecdsa-x962.c | ||
| ecdsa.c | ||
| ecdsasignature.asn1 | ||
| echainiv.c | ||
| ecrdsa_defs.h | ||
| ecrdsa_params.asn1 | ||
| ecrdsa_pub_key.asn1 | ||
| ecrdsa.c | ||
| essiv.c | ||
| fcrypt.c | ||
| fips.c | ||
| gcm.c | ||
| geniv.c | ||
| ghash-generic.c | ||
| hash.h | ||
| hctr2.c | ||
| hkdf.c | ||
| hmac.c | ||
| internal.h | ||
| jitterentropy-kcapi.c | ||
| jitterentropy-testing.c | ||
| jitterentropy.c | ||
| jitterentropy.h | ||
| Kconfig | ||
| kdf_sp800108.c | ||
| khazad.c | ||
| kpp.c | ||
| krb5enc.c | ||
| lrw.c | ||
| lskcipher.c | ||
| lz4.c | ||
| lz4hc.c | ||
| lzo-rle.c | ||
| lzo.c | ||
| Makefile | ||
| md4.c | ||
| md5.c | ||
| michael_mic.c | ||
| nhpoly1305.c | ||
| pcbc.c | ||
| pcrypt.c | ||
| polyval-generic.c | ||
| proc.c | ||
| ripemd.h | ||
| rmd160.c | ||
| rng.c | ||
| rsa_helper.c | ||
| rsa-pkcs1pad.c | ||
| rsa.c | ||
| rsaprivkey.asn1 | ||
| rsapubkey.asn1 | ||
| rsassa-pkcs1.c | ||
| scatterwalk.c | ||
| scompress.c | ||
| seed.c | ||
| seqiv.c | ||
| serpent_generic.c | ||
| sha1.c | ||
| sha3_generic.c | ||
| sha256.c | ||
| sha512.c | ||
| shash.c | ||
| sig.c | ||
| simd.c | ||
| skcipher.c | ||
| skcipher.h | ||
| sm3_generic.c | ||
| sm4_generic.c | ||
| sm4.c | ||
| streebog_generic.c | ||
| tcrypt.c | ||
| tcrypt.h | ||
| tea.c | ||
| testmgr.c | ||
| testmgr.h | ||
| twofish_common.c | ||
| twofish_generic.c | ||
| wp512.c | ||
| xcbc.c | ||
| xctr.c | ||
| xor.c | ||
| xts.c | ||
| xxhash_generic.c | ||
| zstd.c | ||