From patchwork Sat Jul 9 21:18:48 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 12912322 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7778FC433EF for ; Sat, 9 Jul 2022 21:21:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229560AbiGIVV3 (ORCPT ); Sat, 9 Jul 2022 17:21:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33194 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229545AbiGIVV1 (ORCPT ); Sat, 9 Jul 2022 17:21:27 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5A8E0193F9; Sat, 9 Jul 2022 14:21:26 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 0A6EFB8070D; Sat, 9 Jul 2022 21:21:25 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id A0F4FC341CB; Sat, 9 Jul 2022 21:21:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1657401683; bh=n8WKt81pbmhSn6c89y74zD8lGXuy8bG9cCPrZIq1vCs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=fngNrnaWCPZtgtYGOuDhSkDCZh4Zizp1wfLiLTp/PWXA3Kk6m2BfI7cGAjs6/0knA 2pFOp97W43HFn7+8f4vrOcYf6ZcVmUzP6qoKuJl5joqhfB4SaUhlWZRJW/IS9MCEBb mvakqsf3Y851H304Gz743NN4+bHBLikm2RG/OhF+BaEipxqxAPAeZt8IFkIzOCzq4S DRNg7v2HX5AbA3s0YffjmkSUWc7RYQCGU31+RJluWpcUq8zxQFfGoy8KebZ1ynBGY9 1wzhn6rmm73nmEu0N8NBJIKdBgNubu2GvzgtQUSLRdzBB+WRBDG2pepP0JVbZ6F8Qw 3tMaGkI2XVCjQ== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, netdev@vger.kernel.org, "Jason A . Donenfeld " Subject: [PATCH 1/2] crypto: move lib/sha1.c into lib/crypto/ Date: Sat, 9 Jul 2022 14:18:48 -0700 Message-Id: <20220709211849.210850-2-ebiggers@kernel.org> X-Mailer: git-send-email 2.37.0 In-Reply-To: <20220709211849.210850-1-ebiggers@kernel.org> References: <20220709211849.210850-1-ebiggers@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org From: Eric Biggers SHA-1 is a crypto algorithm (or at least was intended to be -- it's not considered secure anymore), so move it out of the top-level library directory and into lib/crypto/. Signed-off-by: Eric Biggers Reviewed-by: Jason A. Donenfeld --- lib/Makefile | 2 +- lib/crypto/Makefile | 2 ++ lib/{ => crypto}/sha1.c | 0 3 files changed, 3 insertions(+), 1 deletion(-) rename lib/{ => crypto}/sha1.c (100%) diff --git a/lib/Makefile b/lib/Makefile index f99bf61f8bbc67..67482f5ec0e899 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -29,7 +29,7 @@ endif lib-y := ctype.o string.o vsprintf.o cmdline.o \ rbtree.o radix-tree.o timerqueue.o xarray.o \ - idr.o extable.o sha1.o irq_regs.o argv_split.o \ + idr.o extable.o irq_regs.o argv_split.o \ flex_proportions.o ratelimit.o show_mem.o \ is_single_threaded.o plist.o decompress.o kobject_uevent.o \ earlycpio.o seq_buf.o siphash.o dec_and_lock.o \ diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile index 26be2bbe09c59e..d28111ba54fcb2 100644 --- a/lib/crypto/Makefile +++ b/lib/crypto/Makefile @@ -34,6 +34,8 @@ libpoly1305-y := poly1305-donna32.o libpoly1305-$(CONFIG_ARCH_SUPPORTS_INT128) := poly1305-donna64.o libpoly1305-y += poly1305.o +obj-y += sha1.o + obj-$(CONFIG_CRYPTO_LIB_SHA256) += libsha256.o libsha256-y := sha256.o diff --git a/lib/sha1.c b/lib/crypto/sha1.c similarity index 100% rename from lib/sha1.c rename to lib/crypto/sha1.c From patchwork Sat Jul 9 21:18:49 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 12912323 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C3282CCA47C for ; Sat, 9 Jul 2022 21:21:31 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229590AbiGIVVa (ORCPT ); Sat, 9 Jul 2022 17:21:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33204 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229549AbiGIVV2 (ORCPT ); Sat, 9 Jul 2022 17:21:28 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C89181A066; Sat, 9 Jul 2022 14:21:26 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 6A63FB8075B; Sat, 9 Jul 2022 21:21:25 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id E7ED5C341CA; Sat, 9 Jul 2022 21:21:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1657401684; bh=3PmXbYGfYxecOdWXGHi7rCtLqyl1SUnRBQY9cUsGOHU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=nMOEim0jUbMLWcgmAuWmDN7gPOYQBP1x5E3XGsNAlt76YwEw3+WuZj4Ifvu2ahZPS p4R/+bJ7cl0FcTe/Lz9x4s7ZDnPbYSmu6b816rr4bMdFN8G+mmKod1Z1hyt7CdfO19 iSTn4O88Ab/Fd1HgwFDgiQ11YyiBnOYhF3S+8fIpLmCz3Z71JbNaI/frrQTMY34gLU Bn0X4ztMSYxtrdYbdYJe2/UEifvw8L95wyFj/yvwnAgRwbCOy2RlJkx6uomyXwoQOx YllI/HvxrFBMf15rH9Ib24e8JbvnqfwrvPsnrWu8J+MF8JBmnUXk4a3ldLXEXndPPt 90pbkS9eAgVww== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, netdev@vger.kernel.org, "Jason A . Donenfeld " Subject: [PATCH 2/2] crypto: make the sha1 library optional Date: Sat, 9 Jul 2022 14:18:49 -0700 Message-Id: <20220709211849.210850-3-ebiggers@kernel.org> X-Mailer: git-send-email 2.37.0 In-Reply-To: <20220709211849.210850-1-ebiggers@kernel.org> References: <20220709211849.210850-1-ebiggers@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org From: Eric Biggers Since the Linux RNG no longer uses sha1_transform(), the SHA-1 library is no longer needed unconditionally. Make it possible to build the Linux kernel without the SHA-1 library by putting it behind a kconfig option, and selecting this new option from the kconfig options that gate the remaining users: CRYPTO_SHA1 for crypto/sha1_generic.c, BPF for kernel/bpf/core.c, and IPV6 for net/ipv6/addrconf.c. Unfortunately, since BPF is selected by NET, for now this can only make a difference for kernels built without networking support. Signed-off-by: Eric Biggers Reviewed-by: Jason A. Donenfeld Acked-by: Jakub Kicinski Acked-by: Alexei Starovoitov --- crypto/Kconfig | 1 + init/Kconfig | 1 + lib/crypto/Kconfig | 3 +++ lib/crypto/Makefile | 3 ++- net/ipv6/Kconfig | 1 + 5 files changed, 8 insertions(+), 1 deletion(-) diff --git a/crypto/Kconfig b/crypto/Kconfig index 59489a300cd100..bf15ca5eb9d367 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -880,6 +880,7 @@ config CRYPTO_RMD160 config CRYPTO_SHA1 tristate "SHA1 digest algorithm" select CRYPTO_HASH + select CRYPTO_LIB_SHA1 help SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). diff --git a/init/Kconfig b/init/Kconfig index c984afc489dead..d8d0b4bdfe4195 100644 --- a/init/Kconfig +++ b/init/Kconfig @@ -1472,6 +1472,7 @@ config HAVE_PCSPKR_PLATFORM # interpreter that classic socket filters depend on config BPF bool + select CRYPTO_LIB_SHA1 menuconfig EXPERT bool "Configure standard kernel features (expert users)" diff --git a/lib/crypto/Kconfig b/lib/crypto/Kconfig index 2082af43d51fbe..9ff549f63540fa 100644 --- a/lib/crypto/Kconfig +++ b/lib/crypto/Kconfig @@ -121,6 +121,9 @@ config CRYPTO_LIB_CHACHA20POLY1305 select CRYPTO_LIB_POLY1305 select CRYPTO_ALGAPI +config CRYPTO_LIB_SHA1 + tristate + config CRYPTO_LIB_SHA256 tristate diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile index d28111ba54fcb2..919cbb2c220d61 100644 --- a/lib/crypto/Makefile +++ b/lib/crypto/Makefile @@ -34,7 +34,8 @@ libpoly1305-y := poly1305-donna32.o libpoly1305-$(CONFIG_ARCH_SUPPORTS_INT128) := poly1305-donna64.o libpoly1305-y += poly1305.o -obj-y += sha1.o +obj-$(CONFIG_CRYPTO_LIB_SHA1) += libsha1.o +libsha1-y := sha1.o obj-$(CONFIG_CRYPTO_LIB_SHA256) += libsha256.o libsha256-y := sha256.o diff --git a/net/ipv6/Kconfig b/net/ipv6/Kconfig index bf2e5e5fe14273..658bfed1df8b17 100644 --- a/net/ipv6/Kconfig +++ b/net/ipv6/Kconfig @@ -7,6 +7,7 @@ menuconfig IPV6 tristate "The IPv6 protocol" default y + select CRYPTO_LIB_SHA1 help Support for IP version 6 (IPv6).