crypto: lib - make the sha1 library optional

Since the Linux RNG no longer uses sha1_transform(), the SHA-1 library
is no longer needed unconditionally.  Make it possible to build the
Linux kernel without the SHA-1 library by putting it behind a kconfig
option, and selecting this new option from the kconfig options that gate
the remaining users: CRYPTO_SHA1 for crypto/sha1_generic.c, BPF for
kernel/bpf/core.c, and IPV6 for net/ipv6/addrconf.c.

Unfortunately, since BPF is selected by NET, for now this can only make
a difference for kernels built without networking support.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Jason A. Donenfeld <Jason@zx2c4.com>
Acked-by: Jakub Kicinski <kuba@kernel.org>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
Eric Biggers 2022-07-09 14:18:49 -07:00 committed by Herbert Xu
parent 463f74089f
commit ec8f7f4821
5 changed files with 8 additions and 1 deletions

View File

@ -901,6 +901,7 @@ config CRYPTO_RMD160
config CRYPTO_SHA1 config CRYPTO_SHA1
tristate "SHA1 digest algorithm" tristate "SHA1 digest algorithm"
select CRYPTO_HASH select CRYPTO_HASH
select CRYPTO_LIB_SHA1
help help
SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2). SHA-1 secure hash standard (FIPS 180-1/DFIPS 180-2).

View File

@ -1472,6 +1472,7 @@ config HAVE_PCSPKR_PLATFORM
# interpreter that classic socket filters depend on # interpreter that classic socket filters depend on
config BPF config BPF
bool bool
select CRYPTO_LIB_SHA1
menuconfig EXPERT menuconfig EXPERT
bool "Configure standard kernel features (expert users)" bool "Configure standard kernel features (expert users)"

View File

@ -121,6 +121,9 @@ config CRYPTO_LIB_CHACHA20POLY1305
select CRYPTO_LIB_POLY1305 select CRYPTO_LIB_POLY1305
select CRYPTO_ALGAPI select CRYPTO_ALGAPI
config CRYPTO_LIB_SHA1
tristate
config CRYPTO_LIB_SHA256 config CRYPTO_LIB_SHA256
tristate tristate

View File

@ -34,7 +34,8 @@ libpoly1305-y := poly1305-donna32.o
libpoly1305-$(CONFIG_ARCH_SUPPORTS_INT128) := poly1305-donna64.o libpoly1305-$(CONFIG_ARCH_SUPPORTS_INT128) := poly1305-donna64.o
libpoly1305-y += poly1305.o libpoly1305-y += poly1305.o
obj-y += sha1.o obj-$(CONFIG_CRYPTO_LIB_SHA1) += libsha1.o
libsha1-y := sha1.o
obj-$(CONFIG_CRYPTO_LIB_SHA256) += libsha256.o obj-$(CONFIG_CRYPTO_LIB_SHA256) += libsha256.o
libsha256-y := sha256.o libsha256-y := sha256.o

View File

@ -7,6 +7,7 @@
menuconfig IPV6 menuconfig IPV6
tristate "The IPv6 protocol" tristate "The IPv6 protocol"
default y default y
select CRYPTO_LIB_SHA1
help help
Support for IP version 6 (IPv6). Support for IP version 6 (IPv6).