kxxhash_generic.ko is a soft dependency of kmod-fs-btrfs, but we did not
package it. Extract the kmod-lib-xxhash and then package
xxhash_generic.ko.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
The kmod-fs-btrfs package has a soft dependency to kmod-crypto-blake2b
The CONFIG_BTRFS_FS kernel build option selects CONFIG_CRYPTO_BLAKE2B,
but we did not package it before.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/15833
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
It has its own dedicated knob
Signed-off-by: Nathaniel Wesley Filardo <nwfilardo@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15761
Signed-off-by: Robert Marko <robimarko@gmail.com>
The IXP4xx is well supported upstream and can readily be
supported with kernel v6.6. To simplify things after the
DTS directory was renamed, switch to v6.6 only.
Bring in some outstanding patches.
Tested on the Gateworks GW2348-4.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Historically it's possible to leave the `SUBTARGETS` undefined and
automatically fallback to a "generic" subtarget. This however breaks
various downstream scripts which may have expectations around filenames:
While some targets with an explicit generic subtarget contain `generic`
in the filenames of artifacts, implicit "subtargets" don't.
Right now this breaks the CI[1], possibly also scripts using the ImageBuilders.
This commit removes all code that support implicit handling of
subtargets and instead requires every target to define "SUBTARGETS".
[1]: https://github.com/openwrt/openwrt/actions/runs/8592821105/job/23548273630
Signed-off-by: Paul Spooren <mail@aparcar.org>
Add imx8m support:
- add a cortexa53 subtarget to imx
- move ARCH and KERNELNAME to subtargets
- account for kernel modules that are not used for cortexa53
No device-specific targets or firmware images are created yet but all
imx8m* dtbs will be built.
enabling CONFIG_TARGET_ROOTFS_INITRAMFS results in
openwrt-imx-cortexa53-imx8m-initramfs-kernel.bin which has been
successfully booted on an imx8mm-evk using the following:
u-boot=> tftpboot $fdt_addr_r image-imx8mm-evk.dtb && \
tftpboot $kernel_addr_r openwrt-imx-cortexa53-imx8m-initramfs-kernel.bin && \
booti $kernel_addr_r - $fdt_addr_r
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
The algif_rng.ko kernel module depends on the rng.ko kernel module with
kernel 6.6 when compiling for MIPS malta.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Now that geniv is packaged separately for kernel 6.6, we need to add it
as a dependency to kmod-crypto-seqiv and kmod-crypto-echainiv that require
it under kernel 6.6.
Signed-off-by: Robert Marko <robimarko@gmail.com>
geniv was separated intentionally from aead in kernel 6.5, and since
we now have it packaged separately as well remove it from kmod-aead
in 6.6.
Signed-off-by: Robert Marko <robimarko@gmail.com>
In kernel 6.5 geniv was split from AEAD config symbol, in order to manage
its dependencies on other code.
So, lets do the same in OpenWrt and split it from aead module so others
can depend on geniv directly.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Adapt crypto kmods for building under kernel 6.6:
* mpi.ko moved from lib/mpi/mpi.ko to lib/crypto/mpi/mpi.ko
* jitterentropy_rng requires SHA3 support for kernel 6.6
Signed-off-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Tan Zien <nabsdh9@gmail.com>
Signed-off-by: Weijie Gao <hackpascal@gmail.com>
At start I only set qualcommax to use the Crypto Extensions optimized
version of SHA256 as I knew it supports the optional Crypto Extensions.
However, after looking into the tree there are more targets/subtargets
that I could find at least a specification sheet that says the support
Cryptographic Extensions, so lets add them.
Signed-off-by: Robert Marko <robimarko@gmail.com>
At start I only set qualcommax to use the Crypto Extensions optimized
version of SHA1 as I knew it supports the optional Crypto Extensions.
However, after looking into the tree there are more targets/subtargets
that I could find at least a specification sheet that says the support
Cryptographic Extensions, so lets add them.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Kernel has an ASM optimized version of SHA512 that was ported from
OpenSSL, so lets package it as it provides significant perfomance
improvement compared to the generic implementation.
There is a Cryptographic Extension based version as well, but that relies
on ARMv8.2 ISA which I am not aware any of the OpenWrt supported SoC-s use.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Kernel has optimized version of SHA2(224 and 256) using the ARMv8 Crypto
Extensions, so lets package it.
Use it by default for qualcommax as it uses Cortex-A53 core and has ARMv8
CE extensions present.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Kernel has an ASM optimized version of SHA256 that was ported from
OpenSSL, so lets package it as it provides significant perfomance
improvement compared to the generic implementation.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Kernel has optimized version of SHA1 using the ARMv8 Crypto Extensions,
so lets package it.
Use it by default for qualcommax as it uses Cortex-A53 core and has ARMv8
CE extensions present.
Signed-off-by: Robert Marko <robimarko@gmail.com>
SHA3 is now required by jitterentropy_rng in kernel 6.6, so lets start
preparing by packaging SHA3 support as its supported in 5.15 and 6.1
kernels as well.
AFAIK, only ARMv8.2 has a crypto extension for SHA3, however I am not aware
of any SoC we support that uses ARMv8.2 ISA so its not enabled currently.
Signed-off-by: Robert Marko <robimarko@gmail.com>
The IXP4xx crypto module must be loaded after the rootfs is
up as it depends on loading some NPE microcode from the file
system.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
The lib-chacha20 library is missing build rules for big endian
ARM, and since IXP4xx is big endian ARM we need those rules to
build for IXP4xx.
Suggested-by: Tomasz Maciej Nowak <tmn505@gmail.com>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Mediatek EIP93 Crypto engine is a crypto accelerator which
is available in the Mediatek MT7621 SoC.
Signed-off-by: Aviana Cruz <gwencroft@proton.me>
Co-authored-by: Richard van Schagen <vschagen@icloud.com>
Co-authored-by: Chukun Pan <amadeus@jmu.edu.cn>
The x86_64 UML target wants to include SSSE3 optimized
crypto code which lives under /arch/x86/crypto.
However, these are not built and this causes an error.
| ERROR: module '[...]/arch/x86/crypto/sha512-ssse3.ko' is missing.
| make[3]: *** [modules/crypto.mk:990: [...]/kmod-crypto-sha512_5.15.112-1_x86_64.ipk] Error 1
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
We only use 5.15 kernel. So remove all those unnecessary symbols
referencing 5.10 or 5.15 kernel.
Can be found with:
git grep -E 'LINUX_5_1(0|5)'
Note that we remove the dependency from "sound-soc-chipdip-dac" instead
of removing the complete kernel package. The 5.15 version bump forgot to
delete the "@LINUX_5_10" dependency. The kernel package is still needed
in 5.15 kernel.
Signed-off-by: Nick Hainke <vincent@systemli.org>
CRYPTO_USER_API_ENABLE_OBSOLETE config symbol depends on CRYPTO_USER so
lets add this dependency to relevant modules.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
While tracking one bug report related to wrong package dependencies I've
noticed, that a bunch of the crypto modules are actually not
architecture specific, but either board/subtarget (x86/64) or board
(mpc85xx) specific.
So lets fix it, by making those modules architecture specific:
x86/64 -> x86_64
mpc85xx -> powerpc
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Older MT7623 ARMv7 SoC as well as new Filogic platforms come with
inside-secure,safexcel-eip97 units. Enable them in DTS and select the
driver kernel module by default on those platforms.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
These narrowments are no longer useful, since there's no lower version
than 5.10 supported in tree.
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
Delete the crypto-lib-blake2s kmod package, as BLAKE2s is now built-in.
Patches automatically rebased.
Build system: x86_64
Build-tested: ipq806x/R7800, x86/64
Signed-off-by: John Audia <therealgraysky@proton.me>
Needed by strongSwan IPsec VPN for strongswan-mod-chapoly. Not to be confused with
kmod-crypto-LIB-chacha20poly1305, which is an 8-byte nonce version used
by wireguard.
Signed-off-by: Xu Wang <xwang1498@gmx.com>
Add new module require in 5.15
- Changes in block module
- Changes in netfilter module (log module unified)
- Changes in fs module (mainly new depends for cifs and new ntfs3 module)
- Changes in lib add shared lib now used by more than 1 kmod
- Changes in crypto, dropped one crypto algo added arm crypto accellerator
- Changes in other, add zram default compressor choice and missing lib
by tpm module
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
CONFIG_CRYPTO_DEV_HIFN_795X depends on PCI. This driver only makes sense on
devices with pci support.
Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
CONFIG_CRYPTO_DEV_TALITOS depends on FSL_SOC. This driver only makes sense
on Freescale(NXP) SoCs.
Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
CONFIG_CRYPTO_DEV_GEODE depends on X86_32. This driver only makes sense
on X86\geode.
Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
CONFIG_CRYPTO_PCOMP and CONFIG_CRYPTO_PCOMP2 have been removed in upstream commit[1].
This symbol doesn't exist since kernel 4.6 and this package is empty.
1. [ crypto: compress - remove unused pcomp interface ]
(110492183c)
Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
CONFIG_CRYPTO_WORKQUEUE was removed in upstream commit[1]. This symbol doesn't
exist since kernel 5.3 and this package is empty.
1. [ crypto: cryptd - move kcrypto_wq into cryptd ]
(3e56e16863)
Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
CRYPTO_DEV_CCP depends on X86 or ARM64
CRYPTO_DEV_CCP_DD depends on CPU_SUP_AMD or ARM64
Compiling this driver makes sense for x86 mainly. If one day support for
ARM64 board with AMD Secure Processor gets added this package may be
updated.
Trying to build this package on bcm4908 was causing:
ERROR: module 'build_dir/target-aarch64_cortex-a53_musl/linux-bcm4908_generic/linux-5.4.110/drivers/crypto/ccp/ccp-crypto.ko' is missing.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
CHACHA_MIPS depends on CPU_MIPS32_R2. Therefore,
kmod-crypto-lib-chacha20 should not contain chacha-mips.ko on MIPS32 R1
targets. Enforce that in the target-specific definition.
Fixes bcm47xx, bcm63xx, lantiq/ase, ath25 builds.
Fixes: 06351f1 ("kernel: migrate wireguard into the kernel tree")
Cc: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
Reviewed-by: Jason A. Donenfeld <Jason@zx2c4.com>
On Linux 5.4, build WireGuard from backports. Linux 5.10 contains
wireguard in-tree.
Add in-kernel crypto libraries required by WireGuard along with
arch-specific optimizations.
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
Modify existing modules to reflect their new location in Linux 5.10. Add
missing dependenices.
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
[enable CRYPTO_USER_API_ENABLE_OBSOLETE; add kmod-crypto-hash dependency
to usb-net-rtl8152]
Signed-off-by: David Bauer <mail@david-bauer.net>
This removes switches dependent on kernel version 4.19 as well as
several packages/modules selected only for that version.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>