On 04/09/2025 23:35, Eric Biggers wrote:
On Thu, Sep 04, 2025 at 05:52:09PM +0200, Vegard Nossum wrote:
Don't build arch-specific SHA256 code yet when building the FIPS 140
standalone module.
Emphasis on "yet" :-)
I'm afraid you can't just not support the architecture-optimized crypto
code. It's usually much faster than the generic C code (often more than
an order of magnitude faster), and it's really important to include.
This applies to all algorithms.
We can easily support it with the exact same method as the generic code
and in fact we do this for the 6.12-based Oracle kernel. I noticed that
the architecture-specific crypto has been reworked since 6.12 so I
decided to drop it to keep the patch set a bit smaller; after all, this
still results in something that can be certified.
I think we can start with the x86 and arm64 code (and only the subset
which is NIST approved)? If anybody has a need for anything else, I can
add it to the patch set on an as-needed basis, let me know what you
would like to see there.
(It might be a bit annoying to deal with the CONFIG_ options for the
arch-specific stuff, but I think we can handle it.)
Vegard
