summaryrefslogtreecommitdiffstats
path: root/fs/crypto/Kconfig
diff options
context:
space:
mode:
authorEric Biggers <ebiggers@google.com>2020-07-22 00:59:16 +0200
committerEric Biggers <ebiggers@google.com>2020-07-22 01:02:13 +0200
commitbd0d97b7191e8f3573681fa854fdb04c1a970c1e (patch)
treea32b0fd5de253bfef08c6d9730bff73998028b77 /fs/crypto/Kconfig
parentfscrypt: restrict IV_INO_LBLK_* to AES-256-XTS (diff)
downloadlinux-bd0d97b7191e8f3573681fa854fdb04c1a970c1e.tar.xz
linux-bd0d97b7191e8f3573681fa854fdb04c1a970c1e.zip
fscrypt: switch fscrypt_do_sha256() to use the SHA-256 library
fscrypt_do_sha256() is only used for hashing encrypted filenames to create no-key tokens, which isn't performance-critical. Therefore a C implementation of SHA-256 is sufficient. Also, the logic to create no-key tokens is always potentially needed. This differs from fscrypt's other dependencies on crypto API algorithms, which are conditionally needed depending on what encryption policies userspace is using. Therefore, for fscrypt there isn't much benefit to allowing SHA-256 to be a loadable module. So, make fscrypt_do_sha256() use the SHA-256 library instead of the crypto_shash API. This is much simpler, since it avoids having to implement one-time-init (which is hard to do correctly, and in fact was implemented incorrectly) and handle failures to allocate the crypto_shash object. Fixes: edc440e3d27f ("fscrypt: improve format of no-key names") Cc: Daniel Rosenberg <drosen@google.com> Link: https://lore.kernel.org/r/20200721225920.114347-2-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com>
Diffstat (limited to 'fs/crypto/Kconfig')
-rw-r--r--fs/crypto/Kconfig2
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/crypto/Kconfig b/fs/crypto/Kconfig
index f1f11a6228eb..a5f5c30368a2 100644
--- a/fs/crypto/Kconfig
+++ b/fs/crypto/Kconfig
@@ -4,6 +4,7 @@ config FS_ENCRYPTION
select CRYPTO
select CRYPTO_HASH
select CRYPTO_SKCIPHER
+ select CRYPTO_LIB_SHA256
select KEYS
help
Enable encryption of files and directories. This
@@ -21,7 +22,6 @@ config FS_ENCRYPTION_ALGS
select CRYPTO_CTS
select CRYPTO_ECB
select CRYPTO_HMAC
- select CRYPTO_SHA256
select CRYPTO_SHA512
select CRYPTO_XTS