[PATCH 00/12] NH library and Adiantum cleanup

linux-crypto.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Eric Biggers <ebiggers@kernel.org>
To: linux-crypto@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel <ardb@kernel.org>,
	"Jason A . Donenfeld" <Jason@zx2c4.com>,
	Herbert Xu <herbert@gondor.apana.org.au>,
	linux-arm-kernel@lists.infradead.org, x86@kernel.org,
	Eric Biggers <ebiggers@kernel.org>
Subject: [PATCH 00/12] NH library and Adiantum cleanup
Date: Wed, 10 Dec 2025 17:18:32 -0800	[thread overview]
Message-ID: <20251211011846.8179-1-ebiggers@kernel.org> (raw)

This series can also be retrieved from:

    git fetch https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux.git nh-lib-v1

This series removes the nhpoly1305 crypto_shash algorithm, which existed
only to fit Adiantum hashing into the traditional Linux crypto API
paradigm.  It replaces it with an nh() library function, combined with
code in the "adiantum" template that handles the Poly1305 step.

The result is simpler code.  As usual, I've also fixed the issue where
the architecture-optimized code was disabled by default.

I've also included some additional cleanups for the Adiantum code.

I'm planning to take this via libcrypto-next.

Eric Biggers (12):
  lib/crypto: nh: Add NH library
  lib/crypto: tests: Add KUnit tests for NH
  lib/crypto: arm/nh: Migrate optimized code into library
  lib/crypto: arm64/nh: Migrate optimized code into library
  lib/crypto: x86/nh: Migrate optimized code into library
  crypto: adiantum - Convert to use NH library
  crypto: adiantum - Use scatter_walk API instead of sg_miter
  crypto: adiantum - Use memcpy_{to,from}_sglist()
  crypto: adiantum - Drop support for asynchronous xchacha ciphers
  crypto: nhpoly1305 - Remove crypto_shash support
  crypto: testmgr - Remove nhpoly1305 tests
  fscrypt: Drop obsolete recommendation to enable optimized NHPoly1305

 Documentation/filesystems/fscrypt.rst         |    5 -
 arch/arm/crypto/Kconfig                       |   10 -
 arch/arm/crypto/Makefile                      |    2 -
 arch/arm/crypto/nhpoly1305-neon-glue.c        |   80 -
 arch/arm64/crypto/Kconfig                     |   10 -
 arch/arm64/crypto/Makefile                    |    3 -
 arch/arm64/crypto/nhpoly1305-neon-glue.c      |   79 -
 arch/x86/crypto/Kconfig                       |   20 -
 arch/x86/crypto/Makefile                      |    5 -
 arch/x86/crypto/nhpoly1305-avx2-glue.c        |   81 -
 arch/x86/crypto/nhpoly1305-sse2-glue.c        |   80 -
 crypto/Kconfig                                |    8 +-
 crypto/Makefile                               |    1 -
 crypto/adiantum.c                             |  442 +++---
 crypto/nhpoly1305.c                           |  255 ---
 crypto/testmgr.c                              |   10 +-
 crypto/testmgr.h                              | 1372 -----------------
 include/crypto/nh.h                           |   52 +
 include/crypto/nhpoly1305.h                   |   74 -
 lib/crypto/Kconfig                            |   13 +
 lib/crypto/Makefile                           |   11 +
 .../crypto => lib/crypto/arm}/nh-neon-core.S  |    0
 lib/crypto/arm/nh.h                           |   33 +
 .../crypto/arm64}/nh-neon-core.S              |    3 +-
 lib/crypto/arm64/nh.h                         |   34 +
 lib/crypto/nh.c                               |   82 +
 lib/crypto/tests/Kconfig                      |    8 +
 lib/crypto/tests/Makefile                     |    1 +
 lib/crypto/tests/nh-testvecs.h                |  298 ++++
 lib/crypto/tests/nh_kunit.c                   |   43 +
 .../crypto/x86/nh-avx2.S                      |    3 +-
 .../crypto/x86/nh-sse2.S                      |    3 +-
 lib/crypto/x86/nh.h                           |   45 +
 scripts/crypto/gen-hash-testvecs.py           |   40 +
 34 files changed, 909 insertions(+), 2297 deletions(-)
 delete mode 100644 arch/arm/crypto/nhpoly1305-neon-glue.c
 delete mode 100644 arch/arm64/crypto/nhpoly1305-neon-glue.c
 delete mode 100644 arch/x86/crypto/nhpoly1305-avx2-glue.c
 delete mode 100644 arch/x86/crypto/nhpoly1305-sse2-glue.c
 delete mode 100644 crypto/nhpoly1305.c
 create mode 100644 include/crypto/nh.h
 delete mode 100644 include/crypto/nhpoly1305.h
 rename {arch/arm/crypto => lib/crypto/arm}/nh-neon-core.S (100%)
 create mode 100644 lib/crypto/arm/nh.h
 rename {arch/arm64/crypto => lib/crypto/arm64}/nh-neon-core.S (97%)
 create mode 100644 lib/crypto/arm64/nh.h
 create mode 100644 lib/crypto/nh.c
 create mode 100644 lib/crypto/tests/nh-testvecs.h
 create mode 100644 lib/crypto/tests/nh_kunit.c
 rename arch/x86/crypto/nh-avx2-x86_64.S => lib/crypto/x86/nh-avx2.S (98%)
 rename arch/x86/crypto/nh-sse2-x86_64.S => lib/crypto/x86/nh-sse2.S (97%)
 create mode 100644 lib/crypto/x86/nh.h


base-commit: 0914d5848096af6496c7aa5e1ac051fcdb3f755b
-- 
2.52.0

next             reply	other threads:[~2025-12-11  1:20 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-12-11  1:18 Eric Biggers [this message]
2025-12-11  1:18 ` [PATCH 01/12] lib/crypto: nh: Add NH library Eric Biggers
2025-12-11  1:18 ` [PATCH 02/12] lib/crypto: tests: Add KUnit tests for NH Eric Biggers
2025-12-11  1:18 ` [PATCH 03/12] lib/crypto: arm/nh: Migrate optimized code into library Eric Biggers
2025-12-11  1:18 ` [PATCH 04/12] lib/crypto: arm64/nh: " Eric Biggers
2025-12-11  1:18 ` [PATCH 05/12] lib/crypto: x86/nh: " Eric Biggers
2025-12-11  1:18 ` [PATCH 06/12] crypto: adiantum - Convert to use NH library Eric Biggers
2025-12-11  1:18 ` [PATCH 07/12] crypto: adiantum - Use scatter_walk API instead of sg_miter Eric Biggers
2025-12-11  1:18 ` [PATCH 08/12] crypto: adiantum - Use memcpy_{to,from}_sglist() Eric Biggers
2025-12-11  3:02   ` Herbert Xu
2025-12-11  1:18 ` [PATCH 09/12] crypto: adiantum - Drop support for asynchronous xchacha ciphers Eric Biggers
2025-12-11  1:18 ` [PATCH 10/12] crypto: nhpoly1305 - Remove crypto_shash support Eric Biggers
2025-12-11  3:02   ` Herbert Xu
2025-12-11  1:18 ` [PATCH 11/12] crypto: testmgr - Remove nhpoly1305 tests Eric Biggers
2025-12-11  3:03   ` Herbert Xu
2025-12-11  1:18 ` [PATCH 12/12] fscrypt: Drop obsolete recommendation to enable optimized NHPoly1305 Eric Biggers

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20251211011846.8179-1-ebiggers@kernel.org \
    --to=ebiggers@kernel.org \
    --cc=Jason@zx2c4.com \
    --cc=ardb@kernel.org \
    --cc=herbert@gondor.apana.org.au \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).