From cdc43d45ee7db11c0591ea56663c054b46ecaa9b Mon Sep 17 00:00:00 2001 From: Nathan Huckleberry Date: Tue, 16 Aug 2022 18:47:23 +0000 Subject: [PATCH] ANDROID: GKI: Enable HCTR2 HCTR2 is a wide-block encryption mode intended to solve a pre-existing cryptographic weakness due to IV reuse in filename encryption. Bug: 233652475 Change-Id: Ie1bcff8d61579a6b3e14418f280b97483b2dd670 Signed-off-by: Nathan Huckleberry --- arch/arm64/configs/gki_defconfig | 2 ++ arch/x86/configs/gki_defconfig | 2 ++ 2 files changed, 4 insertions(+) diff --git a/arch/arm64/configs/gki_defconfig b/arch/arm64/configs/gki_defconfig index d8878015d951..172d02dc153c 100644 --- a/arch/arm64/configs/gki_defconfig +++ b/arch/arm64/configs/gki_defconfig @@ -87,6 +87,7 @@ CONFIG_VIRTUALIZATION=y CONFIG_KVM=y CONFIG_CRYPTO_SHA2_ARM64_CE=y CONFIG_CRYPTO_SHA512_ARM64_CE=y +CONFIG_CRYPTO_POLYVAL_ARM64_CE=y CONFIG_CRYPTO_AES_ARM64_CE_BLK=y CONFIG_KPROBES=y CONFIG_JUMP_LABEL=y @@ -652,6 +653,7 @@ CONFIG_SECURITY_SELINUX=y CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y CONFIG_CRYPTO_CHACHA20POLY1305=y CONFIG_CRYPTO_ADIANTUM=y +CONFIG_CRYPTO_HCTR2=y CONFIG_CRYPTO_XCBC=y CONFIG_CRYPTO_BLAKE2B=y CONFIG_CRYPTO_MD5=y diff --git a/arch/x86/configs/gki_defconfig b/arch/x86/configs/gki_defconfig index f77091eb8039..5b72fdac3cd4 100644 --- a/arch/x86/configs/gki_defconfig +++ b/arch/x86/configs/gki_defconfig @@ -583,8 +583,10 @@ CONFIG_SECURITY_SELINUX=y CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y CONFIG_CRYPTO_CHACHA20POLY1305=y CONFIG_CRYPTO_ADIANTUM=y +CONFIG_CRYPTO_HCTR2=y CONFIG_CRYPTO_XCBC=y CONFIG_CRYPTO_BLAKE2B=y +CONFIG_CRYPTO_POLYVAL_CLMUL_NI=y CONFIG_CRYPTO_MD5=y CONFIG_CRYPTO_SHA256_SSSE3=y CONFIG_CRYPTO_SHA512_SSSE3=y