Merge tag 'libcrypto-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Pull crypto library fixes from Eric Biggers:

- Several test fixes:

- Fix flakiness in the interrupt context tests in certain VMs

- Make the lib/crypto/ KUnit tests depend on the corresponding
library options rather than selecting them. This follows the
standard KUnit convention, and it fixes an issue where enabling
CONFIG_KUNIT_ALL_TESTS pulled in all the crypto library code

- Add a kunitconfig file for lib/crypto/

- Fix a couple stale references to "aes-generic" that made it in
concurrently with the rename to "aes-lib"

- Update the help text for several CRYPTO kconfig options to remove
outdated information about users that now use the library instead

* tag 'libcrypto-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux:
crypto: testmgr - Fix stale references to aes-generic
crypto: Clean up help text for CRYPTO_CRC32
crypto: Clean up help text for CRYPTO_CRC32C
crypto: Clean up help text for CRYPTO_XXHASH
crypto: Clean up help text for CRYPTO_SHA256
crypto: Clean up help text for CRYPTO_BLAKE2B
lib/crypto: tests: Add a .kunitconfig file
lib/crypto: tests: Depend on library options rather than selecting them
kunit: irq: Ensure timer doesn't fire too frequently

Linus Torvalds 1 week ago 6a42ff33 39887161

+76 -50

5 changed files

expand all

unified split

crypto

Kconfig

testmgr.c

include

kunit

run-in-irq-context.h

lib

crypto

.kunitconfig

tests

Kconfig

-9

crypto/Kconfig

··· 876 876 - blake2b-384 877 877 - blake2b-512 878 878 879 - Used by the btrfs filesystem. 880 - 881 879 See https://blake2.net for further information. 882 880 883 881 config CRYPTO_CMAC ··· 963 965 10118-3), including HMAC support. 964 966 965 967 This is required for IPsec AH (XFRM_AH) and IPsec ESP (XFRM_ESP). 966 - Used by the btrfs filesystem, Ceph, NFS, and SMB. 967 968 968 969 config CRYPTO_SHA512 969 970 tristate "SHA-384 and SHA-512" ··· 1036 1039 1037 1040 Extremely fast, working at speeds close to RAM limits. 1038 1041 1039 - Used by the btrfs filesystem. 1040 - 1041 1042 endmenu 1042 1043 1043 1044 menu "CRCs (cyclic redundancy checks)" ··· 1053 1058 on Communications, Vol. 41, No. 6, June 1993, selected for use with 1054 1059 iSCSI. 1055 1060 1056 - Used by btrfs, ext4, jbd2, NVMeoF/TCP, and iSCSI. 1057 - 1058 1061 config CRYPTO_CRC32 1059 1062 tristate "CRC32" 1060 1063 select CRYPTO_HASH 1061 1064 select CRC32 1062 1065 help 1063 1066 CRC32 CRC algorithm (IEEE 802.3) 1064 - 1065 - Used by RoCEv2 and f2fs. 1066 1067 1067 1068 endmenu 1068 1069

+2 -2

crypto/testmgr.c

··· 4132 4132 .fips_allowed = 1, 4133 4133 }, { 4134 4134 .alg = "authenc(hmac(sha224),cbc(aes))", 4135 - .generic_driver = "authenc(hmac-sha224-lib,cbc(aes-generic))", 4135 + .generic_driver = "authenc(hmac-sha224-lib,cbc(aes-lib))", 4136 4136 .test = alg_test_aead, 4137 4137 .suite = { 4138 4138 .aead = __VECS(hmac_sha224_aes_cbc_tv_temp) ··· 4194 4194 .fips_allowed = 1, 4195 4195 }, { 4196 4196 .alg = "authenc(hmac(sha384),cbc(aes))", 4197 - .generic_driver = "authenc(hmac-sha384-lib,cbc(aes-generic))", 4197 + .generic_driver = "authenc(hmac-sha384-lib,cbc(aes-lib))", 4198 4198 .test = alg_test_aead, 4199 4199 .suite = { 4200 4200 .aead = __VECS(hmac_sha384_aes_cbc_tv_temp)

+28 -16

include/kunit/run-in-irq-context.h

··· 12 12 #include <linux/hrtimer.h> 13 13 #include <linux/workqueue.h> 14 14 15 - #define KUNIT_IRQ_TEST_HRTIMER_INTERVAL us_to_ktime(5) 16 - 17 15 struct kunit_irq_test_state { 18 16 bool (*func)(void *test_specific_state); 19 17 void *test_specific_state; 20 18 bool task_func_reported_failure; 21 19 bool hardirq_func_reported_failure; 22 20 bool softirq_func_reported_failure; 21 + atomic_t task_func_calls; 23 22 atomic_t hardirq_func_calls; 24 23 atomic_t softirq_func_calls; 24 + ktime_t interval; 25 25 struct hrtimer timer; 26 26 struct work_struct bh_work; 27 27 }; ··· 30 30 { 31 31 struct kunit_irq_test_state *state = 32 32 container_of(timer, typeof(*state), timer); 33 + int task_calls, hardirq_calls, softirq_calls; 33 34 34 35 WARN_ON_ONCE(!in_hardirq()); 35 - atomic_inc(&state->hardirq_func_calls); 36 + task_calls = atomic_read(&state->task_func_calls); 37 + hardirq_calls = atomic_inc_return(&state->hardirq_func_calls); 38 + softirq_calls = atomic_read(&state->softirq_func_calls); 39 + 40 + /* 41 + * If the timer is firing too often for the softirq or task to ever have 42 + * a chance to run, increase the timer interval. This is needed on very 43 + * slow systems. 44 + */ 45 + if (hardirq_calls >= 20 && (softirq_calls == 0 || task_calls == 0)) 46 + state->interval = ktime_add_ns(state->interval, 250); 36 47 37 48 if (!state->func(state->test_specific_state)) 38 49 state->hardirq_func_reported_failure = true; 39 50 40 - hrtimer_forward_now(&state->timer, KUNIT_IRQ_TEST_HRTIMER_INTERVAL); 51 + hrtimer_forward_now(&state->timer, state->interval); 41 52 queue_work(system_bh_wq, &state->bh_work); 42 53 return HRTIMER_RESTART; 43 54 } ··· 97 86 struct kunit_irq_test_state state = { 98 87 .func = func, 99 88 .test_specific_state = test_specific_state, 89 + /* 90 + * Start with a 5us timer interval. If the system can't keep 91 + * up, kunit_irq_test_timer_func() will increase it. 92 + */ 93 + .interval = us_to_ktime(5), 100 94 }; 101 95 unsigned long end_jiffies; 102 - int hardirq_calls, softirq_calls; 103 - bool allctx = false; 96 + int task_calls, hardirq_calls, softirq_calls; 104 97 105 98 /* 106 99 * Set up a hrtimer (the way we access hardirq context) and a work ··· 119 104 * and hardirq), or 1 second, whichever comes first. 120 105 */ 121 106 end_jiffies = jiffies + HZ; 122 - hrtimer_start(&state.timer, KUNIT_IRQ_TEST_HRTIMER_INTERVAL, 123 - HRTIMER_MODE_REL_HARD); 124 - for (int task_calls = 0, calls = 0; 125 - ((calls < max_iterations) || !allctx) && 126 - !time_after(jiffies, end_jiffies); 127 - task_calls++) { 107 + hrtimer_start(&state.timer, state.interval, HRTIMER_MODE_REL_HARD); 108 + do { 128 109 if (!func(test_specific_state)) 129 110 state.task_func_reported_failure = true; 130 111 112 + task_calls = atomic_inc_return(&state.task_func_calls); 131 113 hardirq_calls = atomic_read(&state.hardirq_func_calls); 132 114 softirq_calls = atomic_read(&state.softirq_func_calls); 133 - calls = task_calls + hardirq_calls + softirq_calls; 134 - allctx = (task_calls > 0) && (hardirq_calls > 0) && 135 - (softirq_calls > 0); 136 - } 115 + } while ((task_calls + hardirq_calls + softirq_calls < max_iterations || 116 + (task_calls == 0 || hardirq_calls == 0 || 117 + softirq_calls == 0)) && 118 + !time_after(jiffies, end_jiffies)); 137 119 138 120 /* Cancel the timer and work. */ 139 121 hrtimer_cancel(&state.timer);

+34

lib/crypto/.kunitconfig

··· 1 + CONFIG_KUNIT=y 2 + 3 + # These kconfig options select all the CONFIG_CRYPTO_LIB_* symbols that have a 4 + # corresponding KUnit test. Those symbols cannot be directly enabled here, 5 + # since they are hidden symbols. 6 + CONFIG_CRYPTO=y 7 + CONFIG_CRYPTO_ADIANTUM=y 8 + CONFIG_CRYPTO_BLAKE2B=y 9 + CONFIG_CRYPTO_CHACHA20POLY1305=y 10 + CONFIG_CRYPTO_HCTR2=y 11 + CONFIG_CRYPTO_MD5=y 12 + CONFIG_CRYPTO_MLDSA=y 13 + CONFIG_CRYPTO_SHA1=y 14 + CONFIG_CRYPTO_SHA256=y 15 + CONFIG_CRYPTO_SHA512=y 16 + CONFIG_CRYPTO_SHA3=y 17 + CONFIG_INET=y 18 + CONFIG_IPV6=y 19 + CONFIG_NET=y 20 + CONFIG_NETDEVICES=y 21 + CONFIG_WIREGUARD=y 22 + 23 + CONFIG_CRYPTO_LIB_BLAKE2B_KUNIT_TEST=y 24 + CONFIG_CRYPTO_LIB_BLAKE2S_KUNIT_TEST=y 25 + CONFIG_CRYPTO_LIB_CURVE25519_KUNIT_TEST=y 26 + CONFIG_CRYPTO_LIB_MD5_KUNIT_TEST=y 27 + CONFIG_CRYPTO_LIB_MLDSA_KUNIT_TEST=y 28 + CONFIG_CRYPTO_LIB_NH_KUNIT_TEST=y 29 + CONFIG_CRYPTO_LIB_POLY1305_KUNIT_TEST=y 30 + CONFIG_CRYPTO_LIB_POLYVAL_KUNIT_TEST=y 31 + CONFIG_CRYPTO_LIB_SHA1_KUNIT_TEST=y 32 + CONFIG_CRYPTO_LIB_SHA256_KUNIT_TEST=y 33 + CONFIG_CRYPTO_LIB_SHA512_KUNIT_TEST=y 34 + CONFIG_CRYPTO_LIB_SHA3_KUNIT_TEST=y

+12 -23

lib/crypto/tests/Kconfig

··· 2 2 3 3 config CRYPTO_LIB_BLAKE2B_KUNIT_TEST 4 4 tristate "KUnit tests for BLAKE2b" if !KUNIT_ALL_TESTS 5 - depends on KUNIT 5 + depends on KUNIT && CRYPTO_LIB_BLAKE2B 6 6 default KUNIT_ALL_TESTS || CRYPTO_SELFTESTS 7 7 select CRYPTO_LIB_BENCHMARK_VISIBLE 8 - select CRYPTO_LIB_BLAKE2B 9 8 help 10 9 KUnit tests for the BLAKE2b cryptographic hash function. 11 10 ··· 13 14 depends on KUNIT 14 15 default KUNIT_ALL_TESTS || CRYPTO_SELFTESTS 15 16 select CRYPTO_LIB_BENCHMARK_VISIBLE 16 - # No need to select CRYPTO_LIB_BLAKE2S here, as that option doesn't 17 + # No need to depend on CRYPTO_LIB_BLAKE2S here, as that option doesn't 17 18 # exist; the BLAKE2s code is always built-in for the /dev/random driver. 18 19 help 19 20 KUnit tests for the BLAKE2s cryptographic hash function. 20 21 21 22 config CRYPTO_LIB_CURVE25519_KUNIT_TEST 22 23 tristate "KUnit tests for Curve25519" if !KUNIT_ALL_TESTS 23 - depends on KUNIT 24 + depends on KUNIT && CRYPTO_LIB_CURVE25519 24 25 default KUNIT_ALL_TESTS || CRYPTO_SELFTESTS 25 26 select CRYPTO_LIB_BENCHMARK_VISIBLE 26 - select CRYPTO_LIB_CURVE25519 27 27 help 28 28 KUnit tests for the Curve25519 Diffie-Hellman function. 29 29 30 30 config CRYPTO_LIB_MD5_KUNIT_TEST 31 31 tristate "KUnit tests for MD5" if !KUNIT_ALL_TESTS 32 - depends on KUNIT 32 + depends on KUNIT && CRYPTO_LIB_MD5 33 33 default KUNIT_ALL_TESTS || CRYPTO_SELFTESTS 34 34 select CRYPTO_LIB_BENCHMARK_VISIBLE 35 - select CRYPTO_LIB_MD5 36 35 help 37 36 KUnit tests for the MD5 cryptographic hash function and its 38 37 corresponding HMAC. 39 38 40 39 config CRYPTO_LIB_MLDSA_KUNIT_TEST 41 40 tristate "KUnit tests for ML-DSA" if !KUNIT_ALL_TESTS 42 - depends on KUNIT 41 + depends on KUNIT && CRYPTO_LIB_MLDSA 43 42 default KUNIT_ALL_TESTS || CRYPTO_SELFTESTS 44 43 select CRYPTO_LIB_BENCHMARK_VISIBLE 45 - select CRYPTO_LIB_MLDSA 46 44 help 47 45 KUnit tests for the ML-DSA digital signature algorithm. 48 46 49 47 config CRYPTO_LIB_NH_KUNIT_TEST 50 48 tristate "KUnit tests for NH" if !KUNIT_ALL_TESTS 51 - depends on KUNIT 49 + depends on KUNIT && CRYPTO_LIB_NH 52 50 default KUNIT_ALL_TESTS || CRYPTO_SELFTESTS 53 - select CRYPTO_LIB_NH 54 51 help 55 52 KUnit tests for the NH almost-universal hash function. 56 53 57 54 config CRYPTO_LIB_POLY1305_KUNIT_TEST 58 55 tristate "KUnit tests for Poly1305" if !KUNIT_ALL_TESTS 59 - depends on KUNIT 56 + depends on KUNIT && CRYPTO_LIB_POLY1305 60 57 default KUNIT_ALL_TESTS || CRYPTO_SELFTESTS 61 58 select CRYPTO_LIB_BENCHMARK_VISIBLE 62 - select CRYPTO_LIB_POLY1305 63 59 help 64 60 KUnit tests for the Poly1305 library functions. 65 61 66 62 config CRYPTO_LIB_POLYVAL_KUNIT_TEST 67 63 tristate "KUnit tests for POLYVAL" if !KUNIT_ALL_TESTS 68 - depends on KUNIT 64 + depends on KUNIT && CRYPTO_LIB_POLYVAL 69 65 default KUNIT_ALL_TESTS || CRYPTO_SELFTESTS 70 66 select CRYPTO_LIB_BENCHMARK_VISIBLE 71 - select CRYPTO_LIB_POLYVAL 72 67 help 73 68 KUnit tests for the POLYVAL library functions. 74 69 75 70 config CRYPTO_LIB_SHA1_KUNIT_TEST 76 71 tristate "KUnit tests for SHA-1" if !KUNIT_ALL_TESTS 77 - depends on KUNIT 72 + depends on KUNIT && CRYPTO_LIB_SHA1 78 73 default KUNIT_ALL_TESTS || CRYPTO_SELFTESTS 79 74 select CRYPTO_LIB_BENCHMARK_VISIBLE 80 - select CRYPTO_LIB_SHA1 81 75 help 82 76 KUnit tests for the SHA-1 cryptographic hash function and its 83 77 corresponding HMAC. ··· 79 87 # included, for consistency with the naming used elsewhere (e.g. CRYPTO_SHA256). 80 88 config CRYPTO_LIB_SHA256_KUNIT_TEST 81 89 tristate "KUnit tests for SHA-224 and SHA-256" if !KUNIT_ALL_TESTS 82 - depends on KUNIT 90 + depends on KUNIT && CRYPTO_LIB_SHA256 83 91 default KUNIT_ALL_TESTS || CRYPTO_SELFTESTS 84 92 select CRYPTO_LIB_BENCHMARK_VISIBLE 85 - select CRYPTO_LIB_SHA256 86 93 help 87 94 KUnit tests for the SHA-224 and SHA-256 cryptographic hash functions 88 95 and their corresponding HMACs. ··· 90 99 # included, for consistency with the naming used elsewhere (e.g. CRYPTO_SHA512). 91 100 config CRYPTO_LIB_SHA512_KUNIT_TEST 92 101 tristate "KUnit tests for SHA-384 and SHA-512" if !KUNIT_ALL_TESTS 93 - depends on KUNIT 102 + depends on KUNIT && CRYPTO_LIB_SHA512 94 103 default KUNIT_ALL_TESTS || CRYPTO_SELFTESTS 95 104 select CRYPTO_LIB_BENCHMARK_VISIBLE 96 - select CRYPTO_LIB_SHA512 97 105 help 98 106 KUnit tests for the SHA-384 and SHA-512 cryptographic hash functions 99 107 and their corresponding HMACs. 100 108 101 109 config CRYPTO_LIB_SHA3_KUNIT_TEST 102 110 tristate "KUnit tests for SHA-3" if !KUNIT_ALL_TESTS 103 - depends on KUNIT 111 + depends on KUNIT && CRYPTO_LIB_SHA3 104 112 default KUNIT_ALL_TESTS || CRYPTO_SELFTESTS 105 113 select CRYPTO_LIB_BENCHMARK_VISIBLE 106 - select CRYPTO_LIB_SHA3 107 114 help 108 115 KUnit tests for the SHA3 cryptographic hash and XOF functions, 109 116 including SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHAKE128 and