From: Eric Biggers <ebiggers@kernel.org>
To: linux-crypto@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel <ardb@kernel.org>,
"Jason A . Donenfeld" <Jason@zx2c4.com>,
linux-arm-kernel@lists.infradead.org, linux-mips@vger.kernel.org,
linuxppc-dev@lists.ozlabs.org, linux-s390@vger.kernel.org,
sparclinux@vger.kernel.org, x86@kernel.org,
Eric Biggers <ebiggers@kernel.org>
Subject: [PATCH 00/26] SHA-1 library functions
Date: Sat, 12 Jul 2025 16:22:51 -0700 [thread overview]
Message-ID: <20250712232329.818226-1-ebiggers@kernel.org> (raw)
This series is also available at:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux.git sha1-lib-v1
Patches 1-14 reorganize the kernel's SHA-1 code to be consistent with
the way the SHA-2 code is now organized:
- Add SHA-1 and HMAC-SHA1 library functions.
- Make the SHA-1 (and HMAC-SHA1) library functions use the existing
architecture-optimized SHA-1 code, which is moved into lib/crypto/.
- Reimplement the old-school crypto API's "sha1" and "hmac(sha1)"
algorithms on top of the SHA-1 and HMAC-SHA1 library functions.
The diffstat for that part is:
65 files changed, 1052 insertions(+), 1582 deletions(-)
This hopefully should look quite boring and familiar by now, as
essentially the same cleanup was already applied to SHA-2.
Patch 15 adds sha1_kunit.
Note that while SHA-1 is a legacy algorithm, it still has many in-kernel
users for legacy protocols. So it's not like we'll be able to remove
the SHA-1 code from the kernel anytime soon. And some of these users
are currently having to jump through some *major* hoops to work around
the limitations of the old-school crypto API. The library API greatly
simplifies things, and it makes the SHA-1 code consistent with the SHA-2
code. So, IMO it's well worth doing this reorganization of the SHA-1
code, even though SHA-1 is a legacy algorithm.
To show this even more clearly, patches 16-26 convert various users to
use the SHA-1 library API (or both SHA-1 and SHA-2, in the case of some
users that use both algorithms). The diffstat for that part is:
27 files changed, 169 insertions(+), 903 deletions(-)
For 6.17, I'd like to take patches 1-15 at the most. Patches 16-26
would be for later, and I'll probably resend them individually later for
subsystem maintainers to take.
Eric Biggers (26):
crypto: x86/sha1 - Rename conflicting symbol
lib/crypto: sha1: Rename sha1_init() to sha1_init_raw()
lib/crypto: sha1: Add SHA-1 library functions
lib/crypto: sha1: Add HMAC support
crypto: sha1 - Wrap library and add HMAC support
crypto: sha1 - Use same state format as legacy drivers
lib/crypto: arm/sha1: Migrate optimized code into library
lib/crypto: arm64/sha1: Migrate optimized code into library
lib/crypto: mips/sha1: Migrate optimized code into library
lib/crypto: powerpc/sha1: Migrate optimized code into library
lib/crypto: s390/sha1: Migrate optimized code into library
lib/crypto: sparc/sha1: Migrate optimized code into library
lib/crypto: x86/sha1: Migrate optimized code into library
crypto: sha1 - Remove sha1_base.h
lib/crypto: tests: Add KUnit tests for SHA-1 and HMAC-SHA1
bpf: Use sha1() instead of sha1_transform() in bpf_prog_calc_tag()
sctp: Use HMAC-SHA1 and HMAC-SHA256 library functions
ipv6: sr: Use HMAC-SHA1 and HMAC-SHA256 library functions
tee: Use SHA-1 library instead of crypto_shash
lib/digsig: Use SHA-1 library instead of crypto_shash
drm/bridge: it6505: Use SHA-1 library instead of crypto_shash
nfc: s3fwrn5: Use SHA-1 library instead of crypto_shash
ppp: mppe: Use SHA-1 library instead of crypto_shash
KEYS: trusted_tpm1: Use SHA-1 library instead of crypto_shash
ipv6: Switch to higher-level SHA-1 functions
lib/crypto: sha1: Remove low-level functions from API
arch/arm/configs/exynos_defconfig | 1 -
arch/arm/configs/milbeaut_m10v_defconfig | 2 -
arch/arm/configs/multi_v7_defconfig | 2 -
arch/arm/configs/omap2plus_defconfig | 1 -
arch/arm/configs/pxa_defconfig | 1 -
arch/arm/crypto/Kconfig | 31 --
arch/arm/crypto/Makefile | 6 -
arch/arm/crypto/sha1-ce-glue.c | 72 ----
arch/arm/crypto/sha1_glue.c | 75 ----
arch/arm/crypto/sha1_neon_glue.c | 83 -----
arch/arm64/configs/defconfig | 1 -
arch/arm64/crypto/Kconfig | 11 -
arch/arm64/crypto/Makefile | 3 -
arch/arm64/crypto/sha1-ce-glue.c | 118 -------
arch/mips/cavium-octeon/crypto/Makefile | 1 -
arch/mips/cavium-octeon/crypto/octeon-sha1.c | 146 --------
arch/mips/configs/cavium_octeon_defconfig | 1 -
arch/mips/crypto/Kconfig | 10 -
arch/powerpc/configs/44x/akebono_defconfig | 1 -
arch/powerpc/configs/powernv_defconfig | 1 -
arch/powerpc/configs/ppc64_defconfig | 1 -
arch/powerpc/crypto/Kconfig | 16 -
arch/powerpc/crypto/Makefile | 4 -
arch/powerpc/crypto/sha1-spe-glue.c | 107 ------
arch/powerpc/crypto/sha1.c | 78 -----
arch/s390/configs/debug_defconfig | 1 -
arch/s390/configs/defconfig | 1 -
arch/s390/crypto/Kconfig | 10 -
arch/s390/crypto/Makefile | 1 -
arch/s390/crypto/sha1_s390.c | 103 ------
arch/sparc/crypto/Kconfig | 10 -
arch/sparc/crypto/Makefile | 2 -
arch/sparc/crypto/sha1_glue.c | 94 -----
arch/x86/crypto/Kconfig | 14 -
arch/x86/crypto/Makefile | 3 -
arch/x86/crypto/sha1_ssse3_glue.c | 324 ------------------
crypto/Makefile | 2 +-
crypto/sha1.c | 201 +++++++++++
crypto/sha1_generic.c | 87 -----
crypto/testmgr.c | 6 +
drivers/crypto/img-hash.c | 2 +-
drivers/gpu/drm/bridge/Kconfig | 3 +-
drivers/gpu/drm/bridge/ite-it6505.c | 33 +-
drivers/net/ppp/Kconfig | 3 +-
drivers/net/ppp/ppp_mppe.c | 109 +-----
drivers/nfc/s3fwrn5/Kconfig | 3 +-
drivers/nfc/s3fwrn5/firmware.c | 17 +-
drivers/tee/Kconfig | 3 +-
drivers/tee/tee_core.c | 55 +--
include/crypto/sha1.h | 186 +++++++++-
include/crypto/sha1_base.h | 82 -----
include/linux/filter.h | 6 -
include/net/sctp/auth.h | 12 +-
include/net/sctp/constants.h | 2 -
include/net/sctp/structs.h | 5 -
include/net/seg6_hmac.h | 12 -
kernel/bpf/core.c | 49 +--
lib/Kconfig | 3 +-
lib/crypto/Kconfig | 14 +
lib/crypto/Makefile | 23 +-
.../crypto/arm}/sha1-armv4-large.S | 0
.../crypto/arm}/sha1-armv7-neon.S | 13 +-
.../crypto => lib/crypto/arm}/sha1-ce-core.S | 4 +-
lib/crypto/arm/sha1.h | 46 +++
.../crypto/arm64}/sha1-ce-core.S | 40 +--
lib/crypto/arm64/sha1.h | 39 +++
lib/crypto/mips/sha1.h | 81 +++++
.../crypto/powerpc}/sha1-powerpc-asm.S | 0
.../crypto/powerpc}/sha1-spe-asm.S | 0
lib/crypto/powerpc/sha1.h | 67 ++++
lib/crypto/s390/sha1.h | 28 ++
lib/crypto/sha1.c | 267 ++++++++++++---
lib/crypto/sparc/sha1.h | 43 +++
.../crypto => lib/crypto/sparc}/sha1_asm.S | 0
lib/crypto/tests/Kconfig | 10 +
lib/crypto/tests/Makefile | 1 +
lib/crypto/tests/sha1-testvecs.h | 212 ++++++++++++
lib/crypto/tests/sha1_kunit.c | 39 +++
.../crypto/x86/sha1-avx2-asm.S | 7 +-
.../crypto/x86/sha1-ni-asm.S | 23 +-
.../crypto/x86/sha1-ssse3-and-avx.S | 13 +-
lib/crypto/x86/sha1.h | 75 ++++
lib/digsig.c | 46 +--
net/ipv6/Kconfig | 6 +-
net/ipv6/addrconf.c | 23 +-
net/ipv6/seg6.c | 7 -
net/ipv6/seg6_hmac.c | 199 ++---------
net/sctp/Kconfig | 15 +-
net/sctp/auth.c | 153 ++-------
net/sctp/socket.c | 10 -
security/keys/trusted-keys/Kconfig | 4 +-
security/keys/trusted-keys/trusted_tpm1.c | 221 ++----------
92 files changed, 1472 insertions(+), 2474 deletions(-)
delete mode 100644 arch/arm/crypto/sha1-ce-glue.c
delete mode 100644 arch/arm/crypto/sha1_glue.c
delete mode 100644 arch/arm/crypto/sha1_neon_glue.c
delete mode 100644 arch/arm64/crypto/sha1-ce-glue.c
delete mode 100644 arch/mips/cavium-octeon/crypto/octeon-sha1.c
delete mode 100644 arch/powerpc/crypto/sha1-spe-glue.c
delete mode 100644 arch/powerpc/crypto/sha1.c
delete mode 100644 arch/s390/crypto/sha1_s390.c
delete mode 100644 arch/sparc/crypto/sha1_glue.c
delete mode 100644 arch/x86/crypto/sha1_ssse3_glue.c
create mode 100644 crypto/sha1.c
delete mode 100644 crypto/sha1_generic.c
delete mode 100644 include/crypto/sha1_base.h
rename {arch/arm/crypto => lib/crypto/arm}/sha1-armv4-large.S (100%)
rename {arch/arm/crypto => lib/crypto/arm}/sha1-armv7-neon.S (98%)
rename {arch/arm/crypto => lib/crypto/arm}/sha1-ce-core.S (96%)
create mode 100644 lib/crypto/arm/sha1.h
rename {arch/arm64/crypto => lib/crypto/arm64}/sha1-ce-core.S (76%)
create mode 100644 lib/crypto/arm64/sha1.h
create mode 100644 lib/crypto/mips/sha1.h
rename {arch/powerpc/crypto => lib/crypto/powerpc}/sha1-powerpc-asm.S (100%)
rename {arch/powerpc/crypto => lib/crypto/powerpc}/sha1-spe-asm.S (100%)
create mode 100644 lib/crypto/powerpc/sha1.h
create mode 100644 lib/crypto/s390/sha1.h
create mode 100644 lib/crypto/sparc/sha1.h
rename {arch/sparc/crypto => lib/crypto/sparc}/sha1_asm.S (100%)
create mode 100644 lib/crypto/tests/sha1-testvecs.h
create mode 100644 lib/crypto/tests/sha1_kunit.c
rename arch/x86/crypto/sha1_avx2_x86_64_asm.S => lib/crypto/x86/sha1-avx2-asm.S (98%)
rename arch/x86/crypto/sha1_ni_asm.S => lib/crypto/x86/sha1-ni-asm.S (90%)
rename arch/x86/crypto/sha1_ssse3_asm.S => lib/crypto/x86/sha1-ssse3-and-avx.S (97%)
create mode 100644 lib/crypto/x86/sha1.h
--
2.50.1
next reply other threads:[~2025-07-12 23:26 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-12 23:22 Eric Biggers [this message]
2025-07-12 23:22 ` [PATCH 01/26] crypto: x86/sha1 - Rename conflicting symbol Eric Biggers
2025-07-12 23:22 ` [PATCH 02/26] lib/crypto: sha1: Rename sha1_init() to sha1_init_raw() Eric Biggers
2025-07-12 23:22 ` [PATCH 03/26] lib/crypto: sha1: Add SHA-1 library functions Eric Biggers
2025-07-13 15:05 ` Elliott, Robert (Servers)
2025-07-13 16:54 ` Eric Biggers
2025-07-12 23:22 ` [PATCH 04/26] lib/crypto: sha1: Add HMAC support Eric Biggers
2025-07-12 23:22 ` [PATCH 05/26] crypto: sha1 - Wrap library and add " Eric Biggers
2025-07-12 23:22 ` [PATCH 06/26] crypto: sha1 - Use same state format as legacy drivers Eric Biggers
2025-07-12 23:22 ` [PATCH 07/26] lib/crypto: arm/sha1: Migrate optimized code into library Eric Biggers
2025-07-12 23:22 ` [PATCH 08/26] lib/crypto: arm64/sha1: " Eric Biggers
2025-07-12 23:23 ` [PATCH 09/26] lib/crypto: mips/sha1: " Eric Biggers
2025-07-12 23:23 ` [PATCH 10/26] lib/crypto: powerpc/sha1: " Eric Biggers
2025-07-12 23:23 ` [PATCH 11/26] lib/crypto: s390/sha1: " Eric Biggers
2025-07-12 23:23 ` [PATCH 12/26] lib/crypto: sparc/sha1: " Eric Biggers
2025-07-12 23:23 ` [PATCH 13/26] lib/crypto: x86/sha1: " Eric Biggers
2025-07-12 23:23 ` [PATCH 14/26] crypto: sha1 - Remove sha1_base.h Eric Biggers
2025-07-12 23:23 ` [PATCH 15/26] lib/crypto: tests: Add KUnit tests for SHA-1 and HMAC-SHA1 Eric Biggers
2025-07-12 23:23 ` [PATCH 16/26] bpf: Use sha1() instead of sha1_transform() in bpf_prog_calc_tag() Eric Biggers
2025-07-12 23:23 ` [PATCH 17/26] sctp: Use HMAC-SHA1 and HMAC-SHA256 library functions Eric Biggers
2025-07-12 23:23 ` [PATCH 18/26] ipv6: sr: " Eric Biggers
2025-07-12 23:23 ` [PATCH 19/26] tee: Use SHA-1 library instead of crypto_shash Eric Biggers
2025-07-12 23:23 ` [PATCH 20/26] lib/digsig: " Eric Biggers
2025-07-12 23:23 ` [PATCH 21/26] drm/bridge: it6505: " Eric Biggers
2025-07-12 23:23 ` [PATCH 22/26] nfc: s3fwrn5: " Eric Biggers
2025-07-12 23:23 ` [PATCH 23/26] ppp: mppe: " Eric Biggers
2025-07-12 23:23 ` [PATCH 24/26] KEYS: trusted_tpm1: " Eric Biggers
2025-07-12 23:23 ` [PATCH 25/26] ipv6: Switch to higher-level SHA-1 functions Eric Biggers
2025-07-12 23:23 ` [PATCH 26/26] lib/crypto: sha1: Remove low-level functions from API Eric Biggers
2025-07-14 5:22 ` [PATCH 00/26] SHA-1 library functions Ard Biesheuvel
2025-07-18 17:24 ` Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250712232329.818226-1-ebiggers@kernel.org \
--to=ebiggers@kernel.org \
--cc=Jason@zx2c4.com \
--cc=ardb@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mips@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=sparclinux@vger.kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).