]> git.baikalelectronics.ru Git - kernel.git/commitdiff
lib/crypto: blake2s: include as built-in
authorJason A. Donenfeld <Jason@zx2c4.com>
Wed, 22 Dec 2021 13:56:58 +0000 (14:56 +0100)
committerJason A. Donenfeld <Jason@zx2c4.com>
Thu, 6 Jan 2022 23:25:25 +0000 (00:25 +0100)
In preparation for using blake2s in the RNG, we change the way that it
is wired-in to the build system. Instead of using ifdefs to select the
right symbol, we use weak symbols. And because ARM doesn't need the
generic implementation, we make the generic one default only if an arch
library doesn't need it already, and then have arch libraries that do
need it opt-in. So that the arch libraries can remain tristate rather
than bool, we then split the shash part from the glue code.

Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Masahiro Yamada <masahiroy@kernel.org>
Cc: linux-kbuild@vger.kernel.org
Cc: linux-crypto@vger.kernel.org
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
14 files changed:
arch/arm/crypto/Makefile
arch/arm/crypto/blake2s-core.S
arch/arm/crypto/blake2s-glue.c
arch/arm/crypto/blake2s-shash.c [new file with mode: 0644]
arch/x86/crypto/Makefile
arch/x86/crypto/blake2s-glue.c
arch/x86/crypto/blake2s-shash.c [new file with mode: 0644]
crypto/Kconfig
drivers/net/Kconfig
include/crypto/internal/blake2s.h
lib/crypto/Kconfig
lib/crypto/Makefile
lib/crypto/blake2s-generic.c
lib/crypto/blake2s.c

index eafa898ba6a737a2290fd52c80f7a59a1ee9cdf4..0274f81cc8ea0ef42ab8e75427bdb7b75ea606c2 100644 (file)
@@ -10,6 +10,7 @@ obj-$(CONFIG_CRYPTO_SHA1_ARM_NEON) += sha1-arm-neon.o
 obj-$(CONFIG_CRYPTO_SHA256_ARM) += sha256-arm.o
 obj-$(CONFIG_CRYPTO_SHA512_ARM) += sha512-arm.o
 obj-$(CONFIG_CRYPTO_BLAKE2S_ARM) += blake2s-arm.o
+obj-$(if $(CONFIG_CRYPTO_BLAKE2S_ARM),y) += libblake2s-arm.o
 obj-$(CONFIG_CRYPTO_BLAKE2B_NEON) += blake2b-neon.o
 obj-$(CONFIG_CRYPTO_CHACHA20_NEON) += chacha-neon.o
 obj-$(CONFIG_CRYPTO_POLY1305_ARM) += poly1305-arm.o
@@ -31,7 +32,8 @@ sha256-arm-neon-$(CONFIG_KERNEL_MODE_NEON) := sha256_neon_glue.o
 sha256-arm-y   := sha256-core.o sha256_glue.o $(sha256-arm-neon-y)
 sha512-arm-neon-$(CONFIG_KERNEL_MODE_NEON) := sha512-neon-glue.o
 sha512-arm-y   := sha512-core.o sha512-glue.o $(sha512-arm-neon-y)
-blake2s-arm-y   := blake2s-core.o blake2s-glue.o
+blake2s-arm-y   := blake2s-shash.o
+libblake2s-arm-y:= blake2s-core.o blake2s-glue.o
 blake2b-neon-y  := blake2b-neon-core.o blake2b-neon-glue.o
 sha1-arm-ce-y  := sha1-ce-core.o sha1-ce-glue.o
 sha2-arm-ce-y  := sha2-ce-core.o sha2-ce-glue.o
index 86345751bbf3a3d8a7e3af72684985833cf6734b..df40e46601f100dbe6669124b694818ba96f7f93 100644 (file)
 .endm
 
 //
-// void blake2s_compress_arch(struct blake2s_state *state,
-//                           const u8 *block, size_t nblocks, u32 inc);
+// void blake2s_compress(struct blake2s_state *state,
+//                      const u8 *block, size_t nblocks, u32 inc);
 //
 // Only the first three fields of struct blake2s_state are used:
 //     u32 h[8];       (inout)
 //     u32 f[2];       (in)
 //
        .align          5
-ENTRY(blake2s_compress_arch)
+ENTRY(blake2s_compress)
        push            {r0-r2,r4-r11,lr}       // keep this an even number
 
 .Lnext_block:
@@ -303,4 +303,4 @@ ENTRY(blake2s_compress_arch)
        str             r3, [r12], #4
        bne             1b
        b               .Lcopy_block_done
-ENDPROC(blake2s_compress_arch)
+ENDPROC(blake2s_compress)
index f2cc1e5fc9ec1830f4e764fe32d4de0083cae3ec..0238a70d9581e9ea864f425536a0f5935a342d69 100644 (file)
@@ -1,78 +1,7 @@
 // SPDX-License-Identifier: GPL-2.0-or-later
-/*
- * BLAKE2s digest algorithm, ARM scalar implementation
- *
- * Copyright 2020 Google LLC
- */
 
 #include <crypto/internal/blake2s.h>
-#include <crypto/internal/hash.h>
-
 #include <linux/module.h>
 
 /* defined in blake2s-core.S */
-EXPORT_SYMBOL(blake2s_compress_arch);
-
-static int crypto_blake2s_update_arm(struct shash_desc *desc,
-                                    const u8 *in, unsigned int inlen)
-{
-       return crypto_blake2s_update(desc, in, inlen, blake2s_compress_arch);
-}
-
-static int crypto_blake2s_final_arm(struct shash_desc *desc, u8 *out)
-{
-       return crypto_blake2s_final(desc, out, blake2s_compress_arch);
-}
-
-#define BLAKE2S_ALG(name, driver_name, digest_size)                    \
-       {                                                               \
-               .base.cra_name          = name,                         \
-               .base.cra_driver_name   = driver_name,                  \
-               .base.cra_priority      = 200,                          \
-               .base.cra_flags         = CRYPTO_ALG_OPTIONAL_KEY,      \
-               .base.cra_blocksize     = BLAKE2S_BLOCK_SIZE,           \
-               .base.cra_ctxsize       = sizeof(struct blake2s_tfm_ctx), \
-               .base.cra_module        = THIS_MODULE,                  \
-               .digestsize             = digest_size,                  \
-               .setkey                 = crypto_blake2s_setkey,        \
-               .init                   = crypto_blake2s_init,          \
-               .update                 = crypto_blake2s_update_arm,    \
-               .final                  = crypto_blake2s_final_arm,     \
-               .descsize               = sizeof(struct blake2s_state), \
-       }
-
-static struct shash_alg blake2s_arm_algs[] = {
-       BLAKE2S_ALG("blake2s-128", "blake2s-128-arm", BLAKE2S_128_HASH_SIZE),
-       BLAKE2S_ALG("blake2s-160", "blake2s-160-arm", BLAKE2S_160_HASH_SIZE),
-       BLAKE2S_ALG("blake2s-224", "blake2s-224-arm", BLAKE2S_224_HASH_SIZE),
-       BLAKE2S_ALG("blake2s-256", "blake2s-256-arm", BLAKE2S_256_HASH_SIZE),
-};
-
-static int __init blake2s_arm_mod_init(void)
-{
-       return IS_REACHABLE(CONFIG_CRYPTO_HASH) ?
-               crypto_register_shashes(blake2s_arm_algs,
-                                       ARRAY_SIZE(blake2s_arm_algs)) : 0;
-}
-
-static void __exit blake2s_arm_mod_exit(void)
-{
-       if (IS_REACHABLE(CONFIG_CRYPTO_HASH))
-               crypto_unregister_shashes(blake2s_arm_algs,
-                                         ARRAY_SIZE(blake2s_arm_algs));
-}
-
-module_init(blake2s_arm_mod_init);
-module_exit(blake2s_arm_mod_exit);
-
-MODULE_DESCRIPTION("BLAKE2s digest algorithm, ARM scalar implementation");
-MODULE_LICENSE("GPL");
-MODULE_AUTHOR("Eric Biggers <ebiggers@google.com>");
-MODULE_ALIAS_CRYPTO("blake2s-128");
-MODULE_ALIAS_CRYPTO("blake2s-128-arm");
-MODULE_ALIAS_CRYPTO("blake2s-160");
-MODULE_ALIAS_CRYPTO("blake2s-160-arm");
-MODULE_ALIAS_CRYPTO("blake2s-224");
-MODULE_ALIAS_CRYPTO("blake2s-224-arm");
-MODULE_ALIAS_CRYPTO("blake2s-256");
-MODULE_ALIAS_CRYPTO("blake2s-256-arm");
+EXPORT_SYMBOL(blake2s_compress);
diff --git a/arch/arm/crypto/blake2s-shash.c b/arch/arm/crypto/blake2s-shash.c
new file mode 100644 (file)
index 0000000..17c1c3b
--- /dev/null
@@ -0,0 +1,75 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * BLAKE2s digest algorithm, ARM scalar implementation
+ *
+ * Copyright 2020 Google LLC
+ */
+
+#include <crypto/internal/blake2s.h>
+#include <crypto/internal/hash.h>
+
+#include <linux/module.h>
+
+static int crypto_blake2s_update_arm(struct shash_desc *desc,
+                                    const u8 *in, unsigned int inlen)
+{
+       return crypto_blake2s_update(desc, in, inlen, blake2s_compress);
+}
+
+static int crypto_blake2s_final_arm(struct shash_desc *desc, u8 *out)
+{
+       return crypto_blake2s_final(desc, out, blake2s_compress);
+}
+
+#define BLAKE2S_ALG(name, driver_name, digest_size)                    \
+       {                                                               \
+               .base.cra_name          = name,                         \
+               .base.cra_driver_name   = driver_name,                  \
+               .base.cra_priority      = 200,                          \
+               .base.cra_flags         = CRYPTO_ALG_OPTIONAL_KEY,      \
+               .base.cra_blocksize     = BLAKE2S_BLOCK_SIZE,           \
+               .base.cra_ctxsize       = sizeof(struct blake2s_tfm_ctx), \
+               .base.cra_module        = THIS_MODULE,                  \
+               .digestsize             = digest_size,                  \
+               .setkey                 = crypto_blake2s_setkey,        \
+               .init                   = crypto_blake2s_init,          \
+               .update                 = crypto_blake2s_update_arm,    \
+               .final                  = crypto_blake2s_final_arm,     \
+               .descsize               = sizeof(struct blake2s_state), \
+       }
+
+static struct shash_alg blake2s_arm_algs[] = {
+       BLAKE2S_ALG("blake2s-128", "blake2s-128-arm", BLAKE2S_128_HASH_SIZE),
+       BLAKE2S_ALG("blake2s-160", "blake2s-160-arm", BLAKE2S_160_HASH_SIZE),
+       BLAKE2S_ALG("blake2s-224", "blake2s-224-arm", BLAKE2S_224_HASH_SIZE),
+       BLAKE2S_ALG("blake2s-256", "blake2s-256-arm", BLAKE2S_256_HASH_SIZE),
+};
+
+static int __init blake2s_arm_mod_init(void)
+{
+       return IS_REACHABLE(CONFIG_CRYPTO_HASH) ?
+               crypto_register_shashes(blake2s_arm_algs,
+                                       ARRAY_SIZE(blake2s_arm_algs)) : 0;
+}
+
+static void __exit blake2s_arm_mod_exit(void)
+{
+       if (IS_REACHABLE(CONFIG_CRYPTO_HASH))
+               crypto_unregister_shashes(blake2s_arm_algs,
+                                         ARRAY_SIZE(blake2s_arm_algs));
+}
+
+module_init(blake2s_arm_mod_init);
+module_exit(blake2s_arm_mod_exit);
+
+MODULE_DESCRIPTION("BLAKE2s digest algorithm, ARM scalar implementation");
+MODULE_LICENSE("GPL");
+MODULE_AUTHOR("Eric Biggers <ebiggers@google.com>");
+MODULE_ALIAS_CRYPTO("blake2s-128");
+MODULE_ALIAS_CRYPTO("blake2s-128-arm");
+MODULE_ALIAS_CRYPTO("blake2s-160");
+MODULE_ALIAS_CRYPTO("blake2s-160-arm");
+MODULE_ALIAS_CRYPTO("blake2s-224");
+MODULE_ALIAS_CRYPTO("blake2s-224-arm");
+MODULE_ALIAS_CRYPTO("blake2s-256");
+MODULE_ALIAS_CRYPTO("blake2s-256-arm");
index f307c93fc90a7ae337d2b4da934a1ce2af3a65e4..c3af959648e620a4e5705663a42fa222839688a0 100644 (file)
@@ -62,7 +62,9 @@ obj-$(CONFIG_CRYPTO_SHA512_SSSE3) += sha512-ssse3.o
 sha512-ssse3-y := sha512-ssse3-asm.o sha512-avx-asm.o sha512-avx2-asm.o sha512_ssse3_glue.o
 
 obj-$(CONFIG_CRYPTO_BLAKE2S_X86) += blake2s-x86_64.o
-blake2s-x86_64-y := blake2s-core.o blake2s-glue.o
+blake2s-x86_64-y := blake2s-shash.o
+obj-$(if $(CONFIG_CRYPTO_BLAKE2S_X86),y) += libblake2s-x86_64.o
+libblake2s-x86_64-y := blake2s-core.o blake2s-glue.o
 
 obj-$(CONFIG_CRYPTO_GHASH_CLMUL_NI_INTEL) += ghash-clmulni-intel.o
 ghash-clmulni-intel-y := ghash-clmulni-intel_asm.o ghash-clmulni-intel_glue.o
index a40365ab301eef7ad3bb86083c02700943f0956a..69853c13e8fb0a4e724f1f68d696ba7623baf298 100644 (file)
@@ -5,7 +5,6 @@
 
 #include <crypto/internal/blake2s.h>
 #include <crypto/internal/simd.h>
-#include <crypto/internal/hash.h>
 
 #include <linux/types.h>
 #include <linux/jump_label.h>
@@ -28,9 +27,8 @@ asmlinkage void blake2s_compress_avx512(struct blake2s_state *state,
 static __ro_after_init DEFINE_STATIC_KEY_FALSE(blake2s_use_ssse3);
 static __ro_after_init DEFINE_STATIC_KEY_FALSE(blake2s_use_avx512);
 
-void blake2s_compress_arch(struct blake2s_state *state,
-                          const u8 *block, size_t nblocks,
-                          const u32 inc)
+void blake2s_compress(struct blake2s_state *state, const u8 *block,
+                     size_t nblocks, const u32 inc)
 {
        /* SIMD disables preemption, so relax after processing each page. */
        BUILD_BUG_ON(SZ_4K / BLAKE2S_BLOCK_SIZE < 8);
@@ -56,49 +54,12 @@ void blake2s_compress_arch(struct blake2s_state *state,
                block += blocks * BLAKE2S_BLOCK_SIZE;
        } while (nblocks);
 }
-EXPORT_SYMBOL(blake2s_compress_arch);
-
-static int crypto_blake2s_update_x86(struct shash_desc *desc,
-                                    const u8 *in, unsigned int inlen)
-{
-       return crypto_blake2s_update(desc, in, inlen, blake2s_compress_arch);
-}
-
-static int crypto_blake2s_final_x86(struct shash_desc *desc, u8 *out)
-{
-       return crypto_blake2s_final(desc, out, blake2s_compress_arch);
-}
-
-#define BLAKE2S_ALG(name, driver_name, digest_size)                    \
-       {                                                               \
-               .base.cra_name          = name,                         \
-               .base.cra_driver_name   = driver_name,                  \
-               .base.cra_priority      = 200,                          \
-               .base.cra_flags         = CRYPTO_ALG_OPTIONAL_KEY,      \
-               .base.cra_blocksize     = BLAKE2S_BLOCK_SIZE,           \
-               .base.cra_ctxsize       = sizeof(struct blake2s_tfm_ctx), \
-               .base.cra_module        = THIS_MODULE,                  \
-               .digestsize             = digest_size,                  \
-               .setkey                 = crypto_blake2s_setkey,        \
-               .init                   = crypto_blake2s_init,          \
-               .update                 = crypto_blake2s_update_x86,    \
-               .final                  = crypto_blake2s_final_x86,     \
-               .descsize               = sizeof(struct blake2s_state), \
-       }
-
-static struct shash_alg blake2s_algs[] = {
-       BLAKE2S_ALG("blake2s-128", "blake2s-128-x86", BLAKE2S_128_HASH_SIZE),
-       BLAKE2S_ALG("blake2s-160", "blake2s-160-x86", BLAKE2S_160_HASH_SIZE),
-       BLAKE2S_ALG("blake2s-224", "blake2s-224-x86", BLAKE2S_224_HASH_SIZE),
-       BLAKE2S_ALG("blake2s-256", "blake2s-256-x86", BLAKE2S_256_HASH_SIZE),
-};
+EXPORT_SYMBOL(blake2s_compress);
 
 static int __init blake2s_mod_init(void)
 {
-       if (!boot_cpu_has(X86_FEATURE_SSSE3))
-               return 0;
-
-       static_branch_enable(&blake2s_use_ssse3);
+       if (boot_cpu_has(X86_FEATURE_SSSE3))
+               static_branch_enable(&blake2s_use_ssse3);
 
        if (IS_ENABLED(CONFIG_AS_AVX512) &&
            boot_cpu_has(X86_FEATURE_AVX) &&
@@ -109,26 +70,9 @@ static int __init blake2s_mod_init(void)
                              XFEATURE_MASK_AVX512, NULL))
                static_branch_enable(&blake2s_use_avx512);
 
-       return IS_REACHABLE(CONFIG_CRYPTO_HASH) ?
-               crypto_register_shashes(blake2s_algs,
-                                       ARRAY_SIZE(blake2s_algs)) : 0;
-}
-
-static void __exit blake2s_mod_exit(void)
-{
-       if (IS_REACHABLE(CONFIG_CRYPTO_HASH) && boot_cpu_has(X86_FEATURE_SSSE3))
-               crypto_unregister_shashes(blake2s_algs, ARRAY_SIZE(blake2s_algs));
+       return 0;
 }
 
 module_init(blake2s_mod_init);
-module_exit(blake2s_mod_exit);
 
-MODULE_ALIAS_CRYPTO("blake2s-128");
-MODULE_ALIAS_CRYPTO("blake2s-128-x86");
-MODULE_ALIAS_CRYPTO("blake2s-160");
-MODULE_ALIAS_CRYPTO("blake2s-160-x86");
-MODULE_ALIAS_CRYPTO("blake2s-224");
-MODULE_ALIAS_CRYPTO("blake2s-224-x86");
-MODULE_ALIAS_CRYPTO("blake2s-256");
-MODULE_ALIAS_CRYPTO("blake2s-256-x86");
 MODULE_LICENSE("GPL v2");
diff --git a/arch/x86/crypto/blake2s-shash.c b/arch/x86/crypto/blake2s-shash.c
new file mode 100644 (file)
index 0000000..f9e2fec
--- /dev/null
@@ -0,0 +1,77 @@
+// SPDX-License-Identifier: GPL-2.0 OR MIT
+/*
+ * Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ */
+
+#include <crypto/internal/blake2s.h>
+#include <crypto/internal/simd.h>
+#include <crypto/internal/hash.h>
+
+#include <linux/types.h>
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include <linux/sizes.h>
+
+#include <asm/cpufeature.h>
+#include <asm/processor.h>
+
+static int crypto_blake2s_update_x86(struct shash_desc *desc,
+                                    const u8 *in, unsigned int inlen)
+{
+       return crypto_blake2s_update(desc, in, inlen, blake2s_compress);
+}
+
+static int crypto_blake2s_final_x86(struct shash_desc *desc, u8 *out)
+{
+       return crypto_blake2s_final(desc, out, blake2s_compress);
+}
+
+#define BLAKE2S_ALG(name, driver_name, digest_size)                    \
+       {                                                               \
+               .base.cra_name          = name,                         \
+               .base.cra_driver_name   = driver_name,                  \
+               .base.cra_priority      = 200,                          \
+               .base.cra_flags         = CRYPTO_ALG_OPTIONAL_KEY,      \
+               .base.cra_blocksize     = BLAKE2S_BLOCK_SIZE,           \
+               .base.cra_ctxsize       = sizeof(struct blake2s_tfm_ctx), \
+               .base.cra_module        = THIS_MODULE,                  \
+               .digestsize             = digest_size,                  \
+               .setkey                 = crypto_blake2s_setkey,        \
+               .init                   = crypto_blake2s_init,          \
+               .update                 = crypto_blake2s_update_x86,    \
+               .final                  = crypto_blake2s_final_x86,     \
+               .descsize               = sizeof(struct blake2s_state), \
+       }
+
+static struct shash_alg blake2s_algs[] = {
+       BLAKE2S_ALG("blake2s-128", "blake2s-128-x86", BLAKE2S_128_HASH_SIZE),
+       BLAKE2S_ALG("blake2s-160", "blake2s-160-x86", BLAKE2S_160_HASH_SIZE),
+       BLAKE2S_ALG("blake2s-224", "blake2s-224-x86", BLAKE2S_224_HASH_SIZE),
+       BLAKE2S_ALG("blake2s-256", "blake2s-256-x86", BLAKE2S_256_HASH_SIZE),
+};
+
+static int __init blake2s_mod_init(void)
+{
+       if (IS_REACHABLE(CONFIG_CRYPTO_HASH) && boot_cpu_has(X86_FEATURE_SSSE3))
+               return crypto_register_shashes(blake2s_algs, ARRAY_SIZE(blake2s_algs));
+       return 0;
+}
+
+static void __exit blake2s_mod_exit(void)
+{
+       if (IS_REACHABLE(CONFIG_CRYPTO_HASH) && boot_cpu_has(X86_FEATURE_SSSE3))
+               crypto_unregister_shashes(blake2s_algs, ARRAY_SIZE(blake2s_algs));
+}
+
+module_init(blake2s_mod_init);
+module_exit(blake2s_mod_exit);
+
+MODULE_ALIAS_CRYPTO("blake2s-128");
+MODULE_ALIAS_CRYPTO("blake2s-128-x86");
+MODULE_ALIAS_CRYPTO("blake2s-160");
+MODULE_ALIAS_CRYPTO("blake2s-160-x86");
+MODULE_ALIAS_CRYPTO("blake2s-224");
+MODULE_ALIAS_CRYPTO("blake2s-224-x86");
+MODULE_ALIAS_CRYPTO("blake2s-256");
+MODULE_ALIAS_CRYPTO("blake2s-256-x86");
+MODULE_LICENSE("GPL v2");
index 285f82647d2b7665fa00a13d851d0e19a1cc2aca..55718de561375e1198e95c0b5cf8dd676f7b3d3d 100644 (file)
@@ -1919,9 +1919,10 @@ config CRYPTO_STATS
 config CRYPTO_HASH_INFO
        bool
 
-source "lib/crypto/Kconfig"
 source "drivers/crypto/Kconfig"
 source "crypto/asymmetric_keys/Kconfig"
 source "certs/Kconfig"
 
 endif  # if CRYPTO
+
+source "lib/crypto/Kconfig"
index 6cccc3dc00bcf3b30a728aa06d5242646bd9b6f2..b2a4f998c180e9c72892724659c4e327db822d33 100644 (file)
@@ -81,7 +81,6 @@ config WIREGUARD
        select CRYPTO
        select CRYPTO_LIB_CURVE25519
        select CRYPTO_LIB_CHACHA20POLY1305
-       select CRYPTO_LIB_BLAKE2S
        select CRYPTO_CHACHA20_X86_64 if X86 && 64BIT
        select CRYPTO_POLY1305_X86_64 if X86 && 64BIT
        select CRYPTO_BLAKE2S_X86 if X86 && 64BIT
index 8e50d487500f2cc3cadb729b9550d3cc9f5c42f7..d39cfa0d333e9282533ea8b17100c4e4c11cb3fc 100644 (file)
 #include <crypto/internal/hash.h>
 #include <linux/string.h>
 
-void blake2s_compress_generic(struct blake2s_state *state,const u8 *block,
+void blake2s_compress_generic(struct blake2s_state *state, const u8 *block,
                              size_t nblocks, const u32 inc);
 
-void blake2s_compress_arch(struct blake2s_state *state,const u8 *block,
-                          size_t nblocks, const u32 inc);
+void blake2s_compress(struct blake2s_state *state, const u8 *block,
+                     size_t nblocks, const u32 inc);
 
 bool blake2s_selftest(void);
 
index 545ccbddf6a1da69f56dda720ab396012ce0a81d..8620f38e117c07e2f50f5d6363456dda3af8af8e 100644 (file)
@@ -1,7 +1,5 @@
 # SPDX-License-Identifier: GPL-2.0
 
-comment "Crypto library routines"
-
 config CRYPTO_LIB_AES
        tristate
 
@@ -9,14 +7,14 @@ config CRYPTO_LIB_ARC4
        tristate
 
 config CRYPTO_ARCH_HAVE_LIB_BLAKE2S
-       tristate
+       bool
        help
          Declares whether the architecture provides an arch-specific
          accelerated implementation of the Blake2s library interface,
          either builtin or as a module.
 
 config CRYPTO_LIB_BLAKE2S_GENERIC
-       tristate
+       def_bool !CRYPTO_ARCH_HAVE_LIB_BLAKE2S
        help
          This symbol can be depended upon by arch implementations of the
          Blake2s library interface that require the generic code as a
@@ -24,15 +22,6 @@ config CRYPTO_LIB_BLAKE2S_GENERIC
          implementation is enabled, this implementation serves the users
          of CRYPTO_LIB_BLAKE2S.
 
-config CRYPTO_LIB_BLAKE2S
-       tristate "BLAKE2s hash function library"
-       depends on CRYPTO_ARCH_HAVE_LIB_BLAKE2S || !CRYPTO_ARCH_HAVE_LIB_BLAKE2S
-       select CRYPTO_LIB_BLAKE2S_GENERIC if CRYPTO_ARCH_HAVE_LIB_BLAKE2S=n
-       help
-         Enable the Blake2s library interface. This interface may be fulfilled
-         by either the generic implementation or an arch-specific one, if one
-         is available and enabled.
-
 config CRYPTO_ARCH_HAVE_LIB_CHACHA
        tristate
        help
@@ -51,7 +40,7 @@ config CRYPTO_LIB_CHACHA_GENERIC
          of CRYPTO_LIB_CHACHA.
 
 config CRYPTO_LIB_CHACHA
-       tristate "ChaCha library interface"
+       tristate
        depends on CRYPTO_ARCH_HAVE_LIB_CHACHA || !CRYPTO_ARCH_HAVE_LIB_CHACHA
        select CRYPTO_LIB_CHACHA_GENERIC if CRYPTO_ARCH_HAVE_LIB_CHACHA=n
        help
@@ -76,7 +65,7 @@ config CRYPTO_LIB_CURVE25519_GENERIC
          of CRYPTO_LIB_CURVE25519.
 
 config CRYPTO_LIB_CURVE25519
-       tristate "Curve25519 scalar multiplication library"
+       tristate
        depends on CRYPTO_ARCH_HAVE_LIB_CURVE25519 || !CRYPTO_ARCH_HAVE_LIB_CURVE25519
        select CRYPTO_LIB_CURVE25519_GENERIC if CRYPTO_ARCH_HAVE_LIB_CURVE25519=n
        help
@@ -111,7 +100,7 @@ config CRYPTO_LIB_POLY1305_GENERIC
          of CRYPTO_LIB_POLY1305.
 
 config CRYPTO_LIB_POLY1305
-       tristate "Poly1305 library interface"
+       tristate
        depends on CRYPTO_ARCH_HAVE_LIB_POLY1305 || !CRYPTO_ARCH_HAVE_LIB_POLY1305
        select CRYPTO_LIB_POLY1305_GENERIC if CRYPTO_ARCH_HAVE_LIB_POLY1305=n
        help
@@ -120,7 +109,7 @@ config CRYPTO_LIB_POLY1305
          is available and enabled.
 
 config CRYPTO_LIB_CHACHA20POLY1305
-       tristate "ChaCha20-Poly1305 AEAD support (8-byte nonce library version)"
+       tristate
        depends on CRYPTO_ARCH_HAVE_LIB_CHACHA || !CRYPTO_ARCH_HAVE_LIB_CHACHA
        depends on CRYPTO_ARCH_HAVE_LIB_POLY1305 || !CRYPTO_ARCH_HAVE_LIB_POLY1305
        select CRYPTO_LIB_CHACHA
index 73205ed269bad635d2d057272d01abca4b2dd3f6..ed43a41f2dcc8b25d7ed849573ee288a607ca078 100644 (file)
@@ -10,11 +10,10 @@ libaes-y                                    := aes.o
 obj-$(CONFIG_CRYPTO_LIB_ARC4)                  += libarc4.o
 libarc4-y                                      := arc4.o
 
-obj-$(CONFIG_CRYPTO_LIB_BLAKE2S_GENERIC)       += libblake2s-generic.o
-libblake2s-generic-y                           += blake2s-generic.o
-
-obj-$(CONFIG_CRYPTO_LIB_BLAKE2S)               += libblake2s.o
-libblake2s-y                                   += blake2s.o
+# blake2s is used by the /dev/random driver which is always builtin
+obj-y                                          += libblake2s.o
+libblake2s-y                                   := blake2s.o
+libblake2s-$(CONFIG_CRYPTO_LIB_BLAKE2S_GENERIC)        += blake2s-generic.o
 
 obj-$(CONFIG_CRYPTO_LIB_CHACHA20POLY1305)      += libchacha20poly1305.o
 libchacha20poly1305-y                          += chacha20poly1305.o
index 04ff8df245136dd9c9a27b2f266859baa1e5a1e7..75ccb3e633e65073f8e4a4140beb7281e82fae14 100644 (file)
@@ -37,7 +37,11 @@ static inline void blake2s_increment_counter(struct blake2s_state *state,
        state->t[1] += (state->t[0] < inc);
 }
 
-void blake2s_compress_generic(struct blake2s_state *state,const u8 *block,
+void blake2s_compress(struct blake2s_state *state, const u8 *block,
+                     size_t nblocks, const u32 inc)
+                     __weak __alias(blake2s_compress_generic);
+
+void blake2s_compress_generic(struct blake2s_state *state, const u8 *block,
                              size_t nblocks, const u32 inc)
 {
        u32 m[16];
index 4055aa593ec498606fdf0196056dd6c37c29ff94..93f2ae0513702c1940b8f569c7979a95e0f20270 100644 (file)
 #include <linux/init.h>
 #include <linux/bug.h>
 
-#if IS_ENABLED(CONFIG_CRYPTO_ARCH_HAVE_LIB_BLAKE2S)
-#  define blake2s_compress blake2s_compress_arch
-#else
-#  define blake2s_compress blake2s_compress_generic
-#endif
-
 void blake2s_update(struct blake2s_state *state, const u8 *in, size_t inlen)
 {
        __blake2s_update(state, in, inlen, blake2s_compress);