Commit ec8f7f48 authored by Eric Biggers's avatar Eric Biggers Committed by Herbert Xu
Browse files

crypto: lib - make the sha1 library optional 



Since the Linux RNG no longer uses sha1_transform(), the SHA-1 library
is no longer needed unconditionally.  Make it possible to build the
Linux kernel without the SHA-1 library by putting it behind a kconfig
option, and selecting this new option from the kconfig options that gate
the remaining users: CRYPTO_SHA1 for crypto/sha1_generic.c, BPF for
kernel/bpf/core.c, and IPV6 for net/ipv6/addrconf.c.

Unfortunately, since BPF is selected by NET, for now this can only make
a difference for kernels built without networking support.

Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
Reviewed-by: default avatarJason A. Donenfeld <Jason@zx2c4.com>
Acked-by: default avatarJakub Kicinski <kuba@kernel.org>
Acked-by: default avatarAlexei Starovoitov <ast@kernel.org>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 463f7408

crypto/Kconfig

+1 −0
Original line number Diff line number Diff line
@@ -901,6 +901,7 @@ config CRYPTO_RMD160 
config CRYPTO_SHA1

	tristate "SHA1 digest algorithm"

	select CRYPTO_HASH

	select CRYPTO_LIB_SHA1

	help

	  SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).

init/Kconfig

+1 −0
Original line number Diff line number Diff line
@@ -1472,6 +1472,7 @@ config HAVE_PCSPKR_PLATFORM 
# interpreter that classic socket filters depend on

config BPF

	bool

	select CRYPTO_LIB_SHA1



menuconfig EXPERT

	bool "Configure standard kernel features (expert users)"

lib/crypto/Kconfig

+3 −0
Original line number Diff line number Diff line
@@ -121,6 +121,9 @@ config CRYPTO_LIB_CHACHA20POLY1305 
	select CRYPTO_LIB_POLY1305

	select CRYPTO_ALGAPI



config CRYPTO_LIB_SHA1

	tristate



config CRYPTO_LIB_SHA256

	tristate

lib/crypto/Makefile

+2 −1
Original line number Diff line number Diff line
@@ -34,7 +34,8 @@ libpoly1305-y := poly1305-donna32.o 
libpoly1305-$(CONFIG_ARCH_SUPPORTS_INT128)	:= poly1305-donna64.o

libpoly1305-y					+= poly1305.o



obj-y						+= sha1.o

obj-$(CONFIG_CRYPTO_LIB_SHA1)			+= libsha1.o

libsha1-y					:= sha1.o



obj-$(CONFIG_CRYPTO_LIB_SHA256)			+= libsha256.o

libsha256-y					:= sha256.o

net/ipv6/Kconfig

+1 −0
Original line number Diff line number Diff line
@@ -7,6 +7,7 @@ 
menuconfig IPV6

	tristate "The IPv6 protocol"

	default y

	select CRYPTO_LIB_SHA1

	help

	  Support for IP version 6 (IPv6).