tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

lib/crypto: curve25519: Consolidate into single module

Reorganize the Curve25519 library code:

- Build a single libcurve25519 module, instead of up to three modules:
libcurve25519, libcurve25519-generic, and an arch-specific module.

- Move the arch-specific Curve25519 code from arch/$(SRCARCH)/crypto/ to
lib/crypto/$(SRCARCH)/. Centralize the build rules into
lib/crypto/Makefile and lib/crypto/Kconfig.

- Include the arch-specific code directly in lib/crypto/curve25519.c via
a header, rather than using a separate .c file.

- Eliminate the entanglement with CRYPTO. CRYPTO_LIB_CURVE25519 no
longer selects CRYPTO, and the arch-specific Curve25519 code no longer
depends on CRYPTO.

This brings Curve25519 in line with the latest conventions for
lib/crypto/, used by other algorithms. The exception is that I kept the
generic code in separate translation units for now. (Some of the
function names collide between the x86 and generic Curve25519 code. And
the Curve25519 functions are very long anyway, so inlining doesn't
matter as much for Curve25519 as it does for some other algorithms.)

Link: https://lore.kernel.org/r/20250906213523.84915-11-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@kernel.org>

Eric Biggers 68546e56 8c06b330

+86 -188
-12
arch/arm/crypto/Kconfig
··· 2 2 3 3 menu "Accelerated Cryptographic Algorithms for CPU (arm)" 4 4 5 - config CRYPTO_CURVE25519_NEON 6 - tristate 7 - depends on KERNEL_MODE_NEON 8 - select CRYPTO_LIB_CURVE25519_GENERIC 9 - select CRYPTO_ARCH_HAVE_LIB_CURVE25519 10 - default CRYPTO_LIB_CURVE25519_INTERNAL 11 - help 12 - Curve25519 algorithm 13 - 14 - Architecture: arm with 15 - - NEON (Advanced SIMD) extensions 16 - 17 5 config CRYPTO_GHASH_ARM_CE 18 6 tristate "Hash functions: GHASH (PMULL/NEON/ARMv8 Crypto Extensions)" 19 7 depends on KERNEL_MODE_NEON
-2
arch/arm/crypto/Makefile
··· 7 7 obj-$(CONFIG_CRYPTO_AES_ARM_BS) += aes-arm-bs.o 8 8 obj-$(CONFIG_CRYPTO_BLAKE2B_NEON) += blake2b-neon.o 9 9 obj-$(CONFIG_CRYPTO_NHPOLY1305_NEON) += nhpoly1305-neon.o 10 - obj-$(CONFIG_CRYPTO_CURVE25519_NEON) += curve25519-neon.o 11 10 12 11 obj-$(CONFIG_CRYPTO_AES_ARM_CE) += aes-arm-ce.o 13 12 obj-$(CONFIG_CRYPTO_GHASH_ARM_CE) += ghash-arm-ce.o ··· 17 18 aes-arm-ce-y := aes-ce-core.o aes-ce-glue.o 18 19 ghash-arm-ce-y := ghash-ce-core.o ghash-ce-glue.o 19 20 nhpoly1305-neon-y := nh-neon-core.o nhpoly1305-neon-glue.o 20 - curve25519-neon-y := curve25519-core.o curve25519-glue.o
arch/arm/crypto/curve25519-core.S lib/crypto/arm/curve25519-core.S
+8 -23
arch/arm/crypto/curve25519-glue.c lib/crypto/arm/curve25519.h
··· 12 12 #include <asm/simd.h> 13 13 #include <crypto/internal/simd.h> 14 14 #include <linux/types.h> 15 - #include <linux/module.h> 16 - #include <linux/init.h> 17 15 #include <linux/jump_label.h> 18 - #include <crypto/curve25519.h> 19 16 20 17 asmlinkage void curve25519_neon(u8 mypublic[CURVE25519_KEY_SIZE], 21 18 const u8 secret[CURVE25519_KEY_SIZE], ··· 20 23 21 24 static __ro_after_init DEFINE_STATIC_KEY_FALSE(have_neon); 22 25 23 - void curve25519_arch(u8 out[CURVE25519_KEY_SIZE], 24 - const u8 scalar[CURVE25519_KEY_SIZE], 25 - const u8 point[CURVE25519_KEY_SIZE]) 26 + static void curve25519_arch(u8 out[CURVE25519_KEY_SIZE], 27 + const u8 scalar[CURVE25519_KEY_SIZE], 28 + const u8 point[CURVE25519_KEY_SIZE]) 26 29 { 27 30 if (static_branch_likely(&have_neon) && crypto_simd_usable()) { 28 31 kernel_neon_begin(); ··· 32 35 curve25519_generic(out, scalar, point); 33 36 } 34 37 } 35 - EXPORT_SYMBOL(curve25519_arch); 36 38 37 - void curve25519_base_arch(u8 pub[CURVE25519_KEY_SIZE], 38 - const u8 secret[CURVE25519_KEY_SIZE]) 39 + static void curve25519_base_arch(u8 pub[CURVE25519_KEY_SIZE], 40 + const u8 secret[CURVE25519_KEY_SIZE]) 39 41 { 40 - return curve25519_arch(pub, secret, curve25519_base_point); 42 + curve25519_arch(pub, secret, curve25519_base_point); 41 43 } 42 - EXPORT_SYMBOL(curve25519_base_arch); 43 44 44 - static int __init arm_curve25519_init(void) 45 + #define curve25519_mod_init_arch curve25519_mod_init_arch 46 + static void curve25519_mod_init_arch(void) 45 47 { 46 48 if (elf_hwcap & HWCAP_NEON) 47 49 static_branch_enable(&have_neon); 48 - return 0; 49 50 } 50 - 51 - static void __exit arm_curve25519_exit(void) 52 - { 53 - } 54 - 55 - module_init(arm_curve25519_init); 56 - module_exit(arm_curve25519_exit); 57 - 58 - MODULE_DESCRIPTION("Public key crypto: Curve25519 (NEON-accelerated)"); 59 - MODULE_LICENSE("GPL v2");
-12
arch/powerpc/crypto/Kconfig
··· 2 2 3 3 menu "Accelerated Cryptographic Algorithms for CPU (powerpc)" 4 4 5 - config CRYPTO_CURVE25519_PPC64 6 - tristate 7 - depends on PPC64 && CPU_LITTLE_ENDIAN 8 - select CRYPTO_LIB_CURVE25519_GENERIC 9 - select CRYPTO_ARCH_HAVE_LIB_CURVE25519 10 - default CRYPTO_LIB_CURVE25519_INTERNAL 11 - help 12 - Curve25519 algorithm 13 - 14 - Architecture: PowerPC64 15 - - Little-endian 16 - 17 5 config CRYPTO_AES_PPC_SPE 18 6 tristate "Ciphers: AES, modes: ECB/CBC/CTR/XTS (SPE)" 19 7 depends on SPE
-2
arch/powerpc/crypto/Makefile
··· 8 8 obj-$(CONFIG_CRYPTO_AES_PPC_SPE) += aes-ppc-spe.o 9 9 obj-$(CONFIG_CRYPTO_AES_GCM_P10) += aes-gcm-p10-crypto.o 10 10 obj-$(CONFIG_CRYPTO_DEV_VMX_ENCRYPT) += vmx-crypto.o 11 - obj-$(CONFIG_CRYPTO_CURVE25519_PPC64) += curve25519-ppc64le.o 12 11 13 12 aes-ppc-spe-y := aes-spe-core.o aes-spe-keys.o aes-tab-4k.o aes-spe-modes.o aes-spe-glue.o 14 13 aes-gcm-p10-crypto-y := aes-gcm-p10-glue.o aes-gcm-p10.o ghashp10-ppc.o aesp10-ppc.o 15 14 vmx-crypto-objs := vmx.o aesp8-ppc.o ghashp8-ppc.o aes.o aes_cbc.o aes_ctr.o aes_xts.o ghash.o 16 - curve25519-ppc64le-y := curve25519-ppc64le-core.o curve25519-ppc64le_asm.o 17 15 18 16 ifeq ($(CONFIG_CPU_LITTLE_ENDIAN),y) 19 17 override flavour := linux-ppc64le
+5 -14
arch/powerpc/crypto/curve25519-ppc64le-core.c lib/crypto/powerpc/curve25519.h
··· 7 7 * - Algorithm 1 Scalar multiplication of a variable point 8 8 */ 9 9 10 - #include <crypto/curve25519.h> 11 - 12 10 #include <linux/types.h> 13 11 #include <linux/jump_label.h> 14 12 #include <linux/kernel.h> 15 - #include <linux/module.h> 16 13 17 14 #include <linux/cpufeature.h> 18 15 #include <linux/processor.h> ··· 172 175 fe51_tobytes(out, x2); 173 176 } 174 177 175 - void curve25519_arch(u8 mypublic[CURVE25519_KEY_SIZE], 176 - const u8 secret[CURVE25519_KEY_SIZE], 177 - const u8 basepoint[CURVE25519_KEY_SIZE]) 178 + static void curve25519_arch(u8 mypublic[CURVE25519_KEY_SIZE], 179 + const u8 secret[CURVE25519_KEY_SIZE], 180 + const u8 basepoint[CURVE25519_KEY_SIZE]) 178 181 { 179 182 curve25519_fe51(mypublic, secret, basepoint); 180 183 } 181 - EXPORT_SYMBOL(curve25519_arch); 182 184 183 - void curve25519_base_arch(u8 pub[CURVE25519_KEY_SIZE], 184 - const u8 secret[CURVE25519_KEY_SIZE]) 185 + static void curve25519_base_arch(u8 pub[CURVE25519_KEY_SIZE], 186 + const u8 secret[CURVE25519_KEY_SIZE]) 185 187 { 186 188 curve25519_fe51(pub, secret, curve25519_base_point); 187 189 } 188 - EXPORT_SYMBOL(curve25519_base_arch); 189 - 190 - MODULE_DESCRIPTION("PPC64le Curve25519 scalar multiplication with 51 bits limbs"); 191 - MODULE_LICENSE("GPL v2"); 192 - MODULE_AUTHOR("Danny Tsen <dtsen@us.ibm.com>");
arch/powerpc/crypto/curve25519-ppc64le_asm.S lib/crypto/powerpc/curve25519-ppc64le_asm.S
-12
arch/x86/crypto/Kconfig
··· 2 2 3 3 menu "Accelerated Cryptographic Algorithms for CPU (x86)" 4 4 5 - config CRYPTO_CURVE25519_X86 6 - tristate 7 - depends on 64BIT 8 - select CRYPTO_LIB_CURVE25519_GENERIC 9 - select CRYPTO_ARCH_HAVE_LIB_CURVE25519 10 - default CRYPTO_LIB_CURVE25519_INTERNAL 11 - help 12 - Curve25519 algorithm 13 - 14 - Architecture: x86_64 using: 15 - - ADX (large integer arithmetic) 16 - 17 5 config CRYPTO_AES_NI_INTEL 18 6 tristate "Ciphers: AES, modes: ECB, CBC, CTS, CTR, XCTR, XTS, GCM (AES-NI/VAES)" 19 7 select CRYPTO_AEAD
-5
arch/x86/crypto/Makefile
··· 62 62 obj-$(CONFIG_CRYPTO_NHPOLY1305_AVX2) += nhpoly1305-avx2.o 63 63 nhpoly1305-avx2-y := nh-avx2-x86_64.o nhpoly1305-avx2-glue.o 64 64 65 - obj-$(CONFIG_CRYPTO_CURVE25519_X86) += curve25519-x86_64.o 66 - 67 65 obj-$(CONFIG_CRYPTO_SM3_AVX_X86_64) += sm3-avx-x86_64.o 68 66 sm3-avx-x86_64-y := sm3-avx-asm_64.o sm3_avx_glue.o 69 67 ··· 79 81 80 82 obj-$(CONFIG_CRYPTO_ARIA_GFNI_AVX512_X86_64) += aria-gfni-avx512-x86_64.o 81 83 aria-gfni-avx512-x86_64-y := aria-gfni-avx512-asm_64.o aria_gfni_avx512_glue.o 82 - 83 - # Disable GCOV in odd or sensitive code 84 - GCOV_PROFILE_curve25519-x86_64.o := n
+7 -24
arch/x86/crypto/curve25519-x86_64.c lib/crypto/x86/curve25519.h
··· 4 4 * Copyright (c) 2016-2020 INRIA, CMU and Microsoft Corporation 5 5 */ 6 6 7 - #include <crypto/curve25519.h> 8 - 9 - #include <linux/export.h> 10 7 #include <linux/types.h> 11 8 #include <linux/jump_label.h> 12 9 #include <linux/kernel.h> 13 - #include <linux/module.h> 14 10 15 11 #include <asm/cpufeature.h> 16 12 #include <asm/processor.h> ··· 1586 1590 1587 1591 static __ro_after_init DEFINE_STATIC_KEY_FALSE(curve25519_use_bmi2_adx); 1588 1592 1589 - void curve25519_arch(u8 mypublic[CURVE25519_KEY_SIZE], 1590 - const u8 secret[CURVE25519_KEY_SIZE], 1591 - const u8 basepoint[CURVE25519_KEY_SIZE]) 1593 + static void curve25519_arch(u8 mypublic[CURVE25519_KEY_SIZE], 1594 + const u8 secret[CURVE25519_KEY_SIZE], 1595 + const u8 basepoint[CURVE25519_KEY_SIZE]) 1592 1596 { 1593 1597 if (static_branch_likely(&curve25519_use_bmi2_adx)) 1594 1598 curve25519_ever64(mypublic, secret, basepoint); 1595 1599 else 1596 1600 curve25519_generic(mypublic, secret, basepoint); 1597 1601 } 1598 - EXPORT_SYMBOL(curve25519_arch); 1599 1602 1600 - void curve25519_base_arch(u8 pub[CURVE25519_KEY_SIZE], 1601 - const u8 secret[CURVE25519_KEY_SIZE]) 1603 + static void curve25519_base_arch(u8 pub[CURVE25519_KEY_SIZE], 1604 + const u8 secret[CURVE25519_KEY_SIZE]) 1602 1605 { 1603 1606 if (static_branch_likely(&curve25519_use_bmi2_adx)) 1604 1607 curve25519_ever64_base(pub, secret); 1605 1608 else 1606 1609 curve25519_generic(pub, secret, curve25519_base_point); 1607 1610 } 1608 - EXPORT_SYMBOL(curve25519_base_arch); 1609 1611 1610 - static int __init curve25519_mod_init(void) 1612 + #define curve25519_mod_init_arch curve25519_mod_init_arch 1613 + static void curve25519_mod_init_arch(void) 1611 1614 { 1612 1615 if (boot_cpu_has(X86_FEATURE_BMI2) && boot_cpu_has(X86_FEATURE_ADX)) 1613 1616 static_branch_enable(&curve25519_use_bmi2_adx); 1614 - return 0; 1615 1617 } 1616 - 1617 - static void __exit curve25519_mod_exit(void) 1618 - { 1619 - } 1620 - 1621 - module_init(curve25519_mod_init); 1622 - module_exit(curve25519_mod_exit); 1623 - 1624 - MODULE_DESCRIPTION("Curve25519 algorithm, ADX optimized"); 1625 - MODULE_LICENSE("GPL v2"); 1626 - MODULE_AUTHOR("Jason A. Donenfeld <Jason@zx2c4.com>");
-10
include/crypto/curve25519.h
··· 13 13 CURVE25519_KEY_SIZE = 32 14 14 }; 15 15 16 - extern const u8 curve25519_null_point[]; 17 - extern const u8 curve25519_base_point[]; 18 - 19 16 void curve25519_generic(u8 out[CURVE25519_KEY_SIZE], 20 17 const u8 scalar[CURVE25519_KEY_SIZE], 21 18 const u8 point[CURVE25519_KEY_SIZE]); 22 - 23 - void curve25519_arch(u8 out[CURVE25519_KEY_SIZE], 24 - const u8 scalar[CURVE25519_KEY_SIZE], 25 - const u8 point[CURVE25519_KEY_SIZE]); 26 - 27 - void curve25519_base_arch(u8 pub[CURVE25519_KEY_SIZE], 28 - const u8 secret[CURVE25519_KEY_SIZE]); 29 19 30 20 bool __must_check curve25519(u8 mypublic[CURVE25519_KEY_SIZE], 31 21 const u8 secret[CURVE25519_KEY_SIZE],
+13 -24
lib/crypto/Kconfig
··· 54 54 default y if S390 55 55 default y if X86_64 56 56 57 - config CRYPTO_ARCH_HAVE_LIB_CURVE25519 58 - bool 59 - help 60 - Declares whether the architecture provides an arch-specific 61 - accelerated implementation of the Curve25519 library interface, 62 - either builtin or as a module. 63 - 64 - config CRYPTO_LIB_CURVE25519_GENERIC 57 + config CRYPTO_LIB_CURVE25519 65 58 tristate 66 59 select CRYPTO_LIB_UTILS 67 60 help 68 - This symbol can be depended upon by arch implementations of the 69 - Curve25519 library interface that require the generic code as a 70 - fallback, e.g., for SIMD implementations. If no arch specific 71 - implementation is enabled, this implementation serves the users 72 - of CRYPTO_LIB_CURVE25519. 61 + The Curve25519 library functions. Select this if your module uses any 62 + of the functions from <crypto/curve25519.h>. 73 63 74 - config CRYPTO_LIB_CURVE25519_INTERNAL 75 - tristate 76 - select CRYPTO_LIB_CURVE25519_GENERIC if CRYPTO_ARCH_HAVE_LIB_CURVE25519=n 64 + config CRYPTO_LIB_CURVE25519_ARCH 65 + bool 66 + depends on CRYPTO_LIB_CURVE25519 && !UML && !KMSAN 67 + default y if ARM && KERNEL_MODE_NEON 68 + default y if PPC64 && CPU_LITTLE_ENDIAN 69 + default y if X86_64 77 70 78 - config CRYPTO_LIB_CURVE25519 79 - tristate 80 - select CRYPTO 81 - select CRYPTO_LIB_CURVE25519_INTERNAL 82 - help 83 - Enable the Curve25519 library interface. This interface may be 84 - fulfilled by either the generic implementation or an arch-specific 85 - one, if one is available and enabled. 71 + config CRYPTO_LIB_CURVE25519_GENERIC 72 + bool 73 + depends on CRYPTO_LIB_CURVE25519 74 + default y if !CRYPTO_LIB_CURVE25519_ARCH || ARM || X86_64 86 75 87 76 config CRYPTO_LIB_DES 88 77 tristate
+20 -6
lib/crypto/Makefile
··· 76 76 libchacha20poly1305-y += chacha20poly1305.o 77 77 libchacha20poly1305-$(CONFIG_CRYPTO_SELFTESTS) += chacha20poly1305-selftest.o 78 78 79 - obj-$(CONFIG_CRYPTO_LIB_CURVE25519_GENERIC) += libcurve25519-generic.o 80 - libcurve25519-generic-y := curve25519-fiat32.o 81 - libcurve25519-generic-$(CONFIG_ARCH_SUPPORTS_INT128) := curve25519-hacl64.o 82 - libcurve25519-generic-y += curve25519-generic.o 79 + ################################################################################ 80 + 81 + obj-$(CONFIG_CRYPTO_LIB_CURVE25519) += libcurve25519.o 82 + libcurve25519-y := curve25519.o 83 + 84 + # Disable GCOV in odd or sensitive code 85 + GCOV_PROFILE_curve25519.o := n 86 + 87 + ifeq ($(CONFIG_ARCH_SUPPORTS_INT128),y) 88 + libcurve25519-$(CONFIG_CRYPTO_LIB_CURVE25519_GENERIC) += curve25519-hacl64.o 89 + else 90 + libcurve25519-$(CONFIG_CRYPTO_LIB_CURVE25519_GENERIC) += curve25519-fiat32.o 91 + endif 83 92 # clang versions prior to 18 may blow out the stack with KASAN 84 93 ifeq ($(call clang-min-version, 180000),) 85 94 KASAN_SANITIZE_curve25519-hacl64.o := n 86 95 endif 87 96 88 - obj-$(CONFIG_CRYPTO_LIB_CURVE25519) += libcurve25519.o 89 - libcurve25519-y += curve25519.o 97 + ifeq ($(CONFIG_CRYPTO_LIB_CURVE25519_ARCH),y) 98 + CFLAGS_curve25519.o += -I$(src)/$(SRCARCH) 99 + libcurve25519-$(CONFIG_ARM) += arm/curve25519-core.o 100 + libcurve25519-$(CONFIG_PPC) += powerpc/curve25519-ppc64le_asm.o 101 + endif 102 + 103 + ################################################################################ 90 104 91 105 obj-$(CONFIG_CRYPTO_LIB_DES) += libdes.o 92 106 libdes-y := des.o
-25
lib/crypto/curve25519-generic.c
··· 1 - // SPDX-License-Identifier: GPL-2.0 OR MIT 2 - /* 3 - * Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. 4 - * 5 - * This is an implementation of the Curve25519 ECDH algorithm, using either 6 - * a 32-bit implementation or a 64-bit implementation with 128-bit integers, 7 - * depending on what is supported by the target compiler. 8 - * 9 - * Information: https://cr.yp.to/ecdh.html 10 - */ 11 - 12 - #include <crypto/curve25519.h> 13 - #include <linux/export.h> 14 - #include <linux/module.h> 15 - 16 - const u8 curve25519_null_point[CURVE25519_KEY_SIZE] __aligned(32) = { 0 }; 17 - const u8 curve25519_base_point[CURVE25519_KEY_SIZE] __aligned(32) = { 9 }; 18 - 19 - EXPORT_SYMBOL(curve25519_null_point); 20 - EXPORT_SYMBOL(curve25519_base_point); 21 - EXPORT_SYMBOL(curve25519_generic); 22 - 23 - MODULE_LICENSE("GPL v2"); 24 - MODULE_DESCRIPTION("Curve25519 scalar multiplication"); 25 - MODULE_AUTHOR("Jason A. Donenfeld <Jason@zx2c4.com>");
+33 -17
lib/crypto/curve25519.c
··· 2 2 /* 3 3 * Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. 4 4 * 5 - * This is an implementation of the Curve25519 ECDH algorithm, using either 6 - * a 32-bit implementation or a 64-bit implementation with 128-bit integers, 5 + * This is an implementation of the Curve25519 ECDH algorithm, using either an 6 + * architecture-optimized implementation or a generic implementation. The 7 + * generic implementation is either 32-bit, or 64-bit with 128-bit integers, 7 8 * depending on what is supported by the target compiler. 8 9 * 9 10 * Information: https://cr.yp.to/ecdh.html ··· 16 15 #include <linux/init.h> 17 16 #include <linux/module.h> 18 17 18 + static const u8 curve25519_null_point[CURVE25519_KEY_SIZE] __aligned(32) = { 0 }; 19 + static const u8 curve25519_base_point[CURVE25519_KEY_SIZE] __aligned(32) = { 9 }; 20 + 21 + #ifdef CONFIG_CRYPTO_LIB_CURVE25519_ARCH 22 + #include "curve25519.h" /* $(SRCARCH)/curve25519.h */ 23 + #else 24 + static void curve25519_arch(u8 mypublic[CURVE25519_KEY_SIZE], 25 + const u8 secret[CURVE25519_KEY_SIZE], 26 + const u8 basepoint[CURVE25519_KEY_SIZE]) 27 + { 28 + curve25519_generic(mypublic, secret, basepoint); 29 + } 30 + 31 + static void curve25519_base_arch(u8 pub[CURVE25519_KEY_SIZE], 32 + const u8 secret[CURVE25519_KEY_SIZE]) 33 + { 34 + curve25519_generic(pub, secret, curve25519_base_point); 35 + } 36 + #endif 37 + 19 38 bool __must_check 20 39 curve25519(u8 mypublic[CURVE25519_KEY_SIZE], 21 40 const u8 secret[CURVE25519_KEY_SIZE], 22 41 const u8 basepoint[CURVE25519_KEY_SIZE]) 23 42 { 24 - if (IS_ENABLED(CONFIG_CRYPTO_ARCH_HAVE_LIB_CURVE25519)) 25 - curve25519_arch(mypublic, secret, basepoint); 26 - else 27 - curve25519_generic(mypublic, secret, basepoint); 43 + curve25519_arch(mypublic, secret, basepoint); 28 44 return crypto_memneq(mypublic, curve25519_null_point, 29 45 CURVE25519_KEY_SIZE); 30 46 } ··· 54 36 if (unlikely(!crypto_memneq(secret, curve25519_null_point, 55 37 CURVE25519_KEY_SIZE))) 56 38 return false; 57 - 58 - if (IS_ENABLED(CONFIG_CRYPTO_ARCH_HAVE_LIB_CURVE25519)) 59 - curve25519_base_arch(pub, secret); 60 - else 61 - curve25519_generic(pub, secret, curve25519_base_point); 39 + curve25519_base_arch(pub, secret); 62 40 return crypto_memneq(pub, curve25519_null_point, CURVE25519_KEY_SIZE); 63 41 } 64 42 EXPORT_SYMBOL(curve25519_generate_public); 65 43 66 - static int __init curve25519_init(void) 44 + #ifdef curve25519_mod_init_arch 45 + static int __init curve25519_mod_init(void) 67 46 { 47 + curve25519_mod_init_arch(); 68 48 return 0; 69 49 } 50 + subsys_initcall(curve25519_mod_init); 70 51 71 - static void __exit curve25519_exit(void) 52 + static void __exit curve25519_mod_exit(void) 72 53 { 73 54 } 74 - 75 - module_init(curve25519_init); 76 - module_exit(curve25519_exit); 55 + module_exit(curve25519_mod_exit); 56 + #endif 77 57 78 58 MODULE_LICENSE("GPL v2"); 79 - MODULE_DESCRIPTION("Curve25519 scalar multiplication"); 59 + MODULE_DESCRIPTION("Curve25519 algorithm"); 80 60 MODULE_AUTHOR("Jason A. Donenfeld <Jason@zx2c4.com>");