[PATCH] apparmor: use SHA-256 library API instead of crypto_shash API

Fri Jun 27 06:14:50 UTC 2025

On 6/26/25 20:59, Eric Biggers wrote:
> On Sun, Jun 22, 2025 at 02:16:07PM -0700, John Johansen wrote:
>> On 6/12/25 12:11, Eric Biggers wrote:
>>> On Sat, May 17, 2025 at 12:43:30AM -0700, John Johansen wrote:
>>>> On 5/13/25 21:21, Eric Biggers wrote:
>>>>> On Mon, Apr 28, 2025 at 12:04:30PM -0700, Eric Biggers wrote:
>>>>>> From: Eric Biggers <ebiggers at google.com>
>>>>>>
>>>>>> This user of SHA-256 does not support any other algorithm, so the
>>>>>> crypto_shash abstraction provides no value.  Just use the SHA-256
>>>>>> library API instead, which is much simpler and easier to use.
>>>>>>
>>>>>> Signed-off-by: Eric Biggers <ebiggers at google.com>
>>>>>> ---
>>>>>>
>>>>>> This patch is targeting the apparmor tree for 6.16.
>>>>>>
>>>>>>     security/apparmor/Kconfig  |  3 +-
>>>>>>     security/apparmor/crypto.c | 85 ++++++--------------------------------
>>>>>>     2 files changed, 13 insertions(+), 75 deletions(-)
>>>>>
>>>>> Any interest in taking this patch through the apparmor or security trees?
>>>>>
>>>> I can take it through my tree
>>>
>>> Thanks!  I notice this isn't in v6.16-rc1.  Do you have a pull request planned?
>>>
>>
>> Hey Eric,
>>
>> sorry I have been sick and didn't get a 6.16 pull request out. I am slowly trying
>> to dig my way out of the backlog, which is several weeks deeo. I might get together
>> a small PR of bug fixes before the 6.17 merge window but the bulk of what is in
>> apparmor-next will be waiting to merge in 6.17 now.
> 
> Hope you're feeling better!  Actually, would you mind if instead I took this
I lot, though still generally tired/low on energy

> patch (with your ack) through the libcrypto-next tree for 6.17?
> Otherwise there will be a silent merge conflict after I apply
> https://lore.kernel.org/r/20250625070819.1496119-11-ebiggers@kernel.org/
> 
Avoiding a merge conflict? You have my ACK and blessing I will pull it out of
the apparmor tree asap