On Sun, 13 Jul 2025 at 09:26, Eric Biggers <ebigg...@kernel.org> wrote: > > This series is also available at: > > git fetch > https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux.git sha1-lib-v1 > > Patches 1-14 reorganize the kernel's SHA-1 code to be consistent with > the way the SHA-2 code is now organized: > > - Add SHA-1 and HMAC-SHA1 library functions. > - Make the SHA-1 (and HMAC-SHA1) library functions use the existing > architecture-optimized SHA-1 code, which is moved into lib/crypto/. > - Reimplement the old-school crypto API's "sha1" and "hmac(sha1)" > algorithms on top of the SHA-1 and HMAC-SHA1 library functions. > > The diffstat for that part is: > > 65 files changed, 1052 insertions(+), 1582 deletions(-) > > This hopefully should look quite boring and familiar by now, as > essentially the same cleanup was already applied to SHA-2. > > Patch 15 adds sha1_kunit. > > Note that while SHA-1 is a legacy algorithm, it still has many in-kernel > users for legacy protocols. So it's not like we'll be able to remove > the SHA-1 code from the kernel anytime soon. And some of these users > are currently having to jump through some *major* hoops to work around > the limitations of the old-school crypto API. The library API greatly > simplifies things, and it makes the SHA-1 code consistent with the SHA-2 > code. So, IMO it's well worth doing this reorganization of the SHA-1 > code, even though SHA-1 is a legacy algorithm. > > To show this even more clearly, patches 16-26 convert various users to > use the SHA-1 library API (or both SHA-1 and SHA-2, in the case of some > users that use both algorithms). The diffstat for that part is: > > 27 files changed, 169 insertions(+), 903 deletions(-) > > For 6.17, I'd like to take patches 1-15 at the most. Patches 16-26 > would be for later, and I'll probably resend them individually later for > subsystem maintainers to take. > > Eric Biggers (26): > crypto: x86/sha1 - Rename conflicting symbol > lib/crypto: sha1: Rename sha1_init() to sha1_init_raw() > lib/crypto: sha1: Add SHA-1 library functions > lib/crypto: sha1: Add HMAC support > crypto: sha1 - Wrap library and add HMAC support > crypto: sha1 - Use same state format as legacy drivers > lib/crypto: arm/sha1: Migrate optimized code into library > lib/crypto: arm64/sha1: Migrate optimized code into library > lib/crypto: mips/sha1: Migrate optimized code into library > lib/crypto: powerpc/sha1: Migrate optimized code into library > lib/crypto: s390/sha1: Migrate optimized code into library > lib/crypto: sparc/sha1: Migrate optimized code into library > lib/crypto: x86/sha1: Migrate optimized code into library > crypto: sha1 - Remove sha1_base.h > lib/crypto: tests: Add KUnit tests for SHA-1 and HMAC-SHA1 > bpf: Use sha1() instead of sha1_transform() in bpf_prog_calc_tag() > sctp: Use HMAC-SHA1 and HMAC-SHA256 library functions > ipv6: sr: Use HMAC-SHA1 and HMAC-SHA256 library functions > tee: Use SHA-1 library instead of crypto_shash > lib/digsig: Use SHA-1 library instead of crypto_shash > drm/bridge: it6505: Use SHA-1 library instead of crypto_shash > nfc: s3fwrn5: Use SHA-1 library instead of crypto_shash > ppp: mppe: Use SHA-1 library instead of crypto_shash > KEYS: trusted_tpm1: Use SHA-1 library instead of crypto_shash > ipv6: Switch to higher-level SHA-1 functions > lib/crypto: sha1: Remove low-level functions from API > ... > 92 files changed, 1472 insertions(+), 2474 deletions(-)
Again, the diffstat speaks for itself. For the series, Reviewed-by: Ard Biesheuvel <a...@kernel.org>
