crypto: jitterentropy - Use default sha3 implementation
Make jitterentropy use "sha3-256" instead of "sha3-256-generic", as the
ability to explicitly request the generic code is going away. It's not
worth providing a special generic API just for jitterentropy. There are
many other solutions available to it, such as doing more iterations or
using a more effective jitter collection method.
Moreover, the status quo is that SHA-3 is quite slow anyway. Currently
only arm64 and s390 have architecture-optimized SHA-3 code. I'm not
familiar with the performance of the s390 one, but the arm64 one isn't
actually that much faster than the generic code anyway.
Note that jitterentropy should just use the library API instead of
crypto_shash. But that belongs in a separate change later.
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
Tested-by: Harald Freudenberger <freude@linux.ibm.com>
Link: https://lore.kernel.org/r/20251026055032.1413733-14-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
projects / thirdparty / kernel / linux.git / commit
