btrfs-progs: build: add support for libkcapi as crypto backend

https://github.com/smuellerDD/libkcapi allows user-space to access the
Linux kernel crypto API.  Uses netlink interface and exports easy to use
APIs.

Signed-off-by: David Sterba <dsterba@suse.com>

INSTALL

@@ -20,6 +20,7 @@ dependencies are not desired.
 
 - libgcrypt
 - libsodium
+- libkcapi
 
 Generating documentation:
 

Makefile.inc.in

@@ -22,7 +22,7 @@ PYTHON_BINDINGS = @PYTHON_BINDINGS@
 PYTHON = @PYTHON@
 PYTHON_CFLAGS = @PYTHON_CFLAGS@
 CRYPTOPROVIDER_BUILTIN = @CRYPTOPROVIDER_BUILTIN@
-CRYPTO_CFLAGS = @GCRYPT_CFLAGS@ @SODIUM_CFLAGS@
+CRYPTO_CFLAGS = @GCRYPT_CFLAGS@ @SODIUM_CFLAGS@ @KCAPI_CFLAGS@
 
 SUBST_CFLAGS = @CFLAGS@
 SUBST_LDFLAGS = @LDFLAGS@
@@ -30,7 +30,7 @@ SUBST_LDFLAGS = @LDFLAGS@
 LIBS_BASE = @UUID_LIBS@ @BLKID_LIBS@ -L. -pthread
 LIBS_COMP = @ZLIB_LIBS@ @LZO2_LIBS@ @ZSTD_LIBS@
 LIBS_PYTHON = @PYTHON_LIBS@
-LIBS_CRYPTO = @GCRYPT_LIBS@ @SODIUM_LIBS@
+LIBS_CRYPTO = @GCRYPT_LIBS@ @SODIUM_LIBS@ @KCAPI_LIBS@
 STATIC_LIBS_BASE = @UUID_LIBS_STATIC@ @BLKID_LIBS_STATIC@ -L. -pthread
 STATIC_LIBS_COMP = @ZLIB_LIBS_STATIC@ @LZO2_LIBS_STATIC@ @ZSTD_LIBS_STATIC@
 

README.md

@@ -98,7 +98,7 @@ Build dependencies are listed in [INSTALL](INSTALL). Implementation of checksum/
 functions is provided by copies of the respective sources to avoid adding
 dependencies that would make deployments in rescure or limited environments
 harder. The implementations are portable and not optimized for speed nor
-accelerated. Optionally it's possible to use libgcrypt or libsodium
+accelerated. Optionally it's possible to use libgcrypt, libsodium or libkcapi
 implementations.
 
 * CRC32C: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/

configure.ac

@@ -196,7 +196,7 @@ if test "$DISABLE_BTRFSCONVERT" = 0 && test "x$convertfs" = "x"; then
 fi
 
 AC_ARG_WITH([crypto],
-	    AS_HELP_STRING([[[]--with-crypto[[=builtin]]]], [provider of cryptographic primtives: builtin, libgcrypt, libsodium]),
+	    AS_HELP_STRING([[[]--with-crypto[[=builtin]]]], [provider of cryptographic primitives: builtin, libgcrypt, libsodium, libkcapi]),
   [], [with_crypto=builtin]
 )
 
@@ -217,6 +217,11 @@ elif test "$with_crypto" = "libsodium"; then
 	PKG_CHECK_MODULES(SODIUM, [libsodium >= 1.0.4])
 	AC_DEFINE([CRYPTOPROVIDER_LIBSODIUM],[1],[Use libsodium])
 	cryptoproviderversion=`pkg-config libsodium --version`
+elif test "$with_crypto" = "libkcapi"; then
+	cryptoprovider="libkcapi"
+	PKG_CHECK_MODULES(KCAPI, [libkcapi >= 1.0.0])
+	AC_DEFINE([CRYPTOPROVIDER_LIBKCAPI],[1],[Use libkcapi])
+	cryptoproviderversion=`pkg-config libkcapi --version`
 else
 	AC_MSG_ERROR([unrecognized crypto provider: $with_crypto])
 fi

crypto/hash.c

@@ -91,3 +91,49 @@ int hash_blake2b(const u8 *buf, size_t len, u8 *out)
 }
 
 #endif
+
+#if CRYPTOPROVIDER_LIBKCAPI == 1
+
+#include <kcapi.h>
+
+int hash_sha256(const u8 *buf, size_t len, u8 *out)
+{
+	static struct kcapi_handle *handle = NULL;
+	int ret;
+
+	if (!handle) {
+		ret = kcapi_md_init(&handle, "sha256", 0);
+		if (ret < 0) {
+			fprintf(stderr,
+				"HASH: cannot instantiate sha256, error %d\n",
+				ret);
+			exit(1);
+		}
+	}
+	ret = kcapi_md_digest(handle, buf, len, out, CRYPTO_HASH_SIZE_MAX);
+	/* kcapi_md_destroy(handle); */
+
+	return ret;
+}
+
+int hash_blake2b(const u8 *buf, size_t len, u8 *out)
+{
+	static struct kcapi_handle *handle = NULL;
+	int ret;
+
+	if (!handle) {
+		ret = kcapi_md_init(&handle, "blake2b-256", 0);
+		if (ret < 0) {
+			fprintf(stderr,
+				"HASH: cannot instantiate blake2b-256, error %d\n",
+				ret);
+			exit(1);
+		}
+	}
+	ret = kcapi_md_digest(handle, buf, len, out, CRYPTO_HASH_SIZE_MAX);
+	/* kcapi_md_destroy(handle); */
+
+	return ret;
+}
+
+#endif