This patch series imports the Argon2 code and tests from libgcrypt and
adds Argon2 support to LUKS2.
- Patch 1~6 import kdf.c from libgcrypt and extract the Argon2 related
functions. The _gcry_kdf_* functions are also imported to make it
easier to support other KDF functions when necessary.
- Patch 7 introduces grub_crypto_argon2().
- Patch 8 and 9 integrates the Argon2 tests from libgcrypt into
functional_test.
- Patch 10 leverages grub_crypto_argon2() to add Argon2 support to LUKS2.
- Patch 11 changes the default KDF of the LUKS2 test to Argon2id.
- Patch 12 documents argon2 and argon2_test modules.
- Patch 13 reduces Argon2 computation time by introducing a faster
grub_memcpy() implementation for aligned buffers. Per my test, this
patch lowers the decryption time from 22s to 12s.
v4:
- Handling the error from argon2_blake2b_512_hash_buffers()
- Implementing a faster grub_memcpy() to reduce Argon2 computation time
v3:
- Updating comments in import_gcry.py
- Splitting the kdf build patch into 3 smaller patches
- Fixing the build error on 32-bit platforms
- Adjusting the order of 'ldadd' in Makefile.util.def
- Fixing the error messages in luks2_parse_keyslot()
v2:
- Import Argon2 code differently to improve maintainability
* Updating import_gcry.py to import Argon2 and _gcry_kdf_* functions
from kdf.c instead of extracting the code manually
* Implementing grub_crypto_argon2() with the _gcry_kdf_* functions to
avoid the GCRY flags when building argon2.c
* Building argon2.c inside libgrubkernel.a since the GCRY flags are not
needed anymore
Gary Lin (13):
util/import_gcry: Import kdf.c for Argon2
crypto: Update crypto.h for libgcrypt KDF functions
libgcrypt/kdf: Implement blake2b_512.hash_buffers()
libgcrypt/kdf: Get rid of gpg_err_code_from_errno()
libgcrypt/kdf: Remove unsupported KDFs
libgcrypt/kdf: Fix 64-bit modulus on 32-bit platforms
argon2: Introduce grub_crypto_argon2()
Import Argon2 tests from libgcrypt
Integrate Argon2 tests into functional_test
disk/luks2: Add Argon2 support
tests/util/grub-fs-tester: Use Argon2id for LUKS2 test
docs: Document argon2 and argon2_test
kern/misc: Implement faster grub_memcpy() for aligned buffers
Makefile.util.def | 55 +++---
conf/Makefile.extra-dist | 4 +
docs/grub.texi | 11 ++
grub-core/Makefile.core.def | 10 ++
grub-core/disk/luks2.c | 40 ++++-
grub-core/kern/compiler-rt.c | 8 +-
grub-core/kern/misc.c | 30 ++++
grub-core/lib/argon2.c | 52 ++++++
.../09-blake2b-hash-buffers.patch | 63 +++++++
.../10-kdf-use-GPG-errs.patch | 48 +++++
.../11-kdf-remove-unsupported-kdfs.patch | 166 ++++++++++++++++++
.../12-kdf-use-grub_divmod64.patch | 79 +++++++++
grub-core/tests/argon2_test.c | 139 +++++++++++++++
grub-core/tests/lib/functional_test.c | 1 +
include/grub/crypto.h | 49 ++++++
include/grub/misc.h | 8 +-
tests/util/grub-fs-tester.in | 10 +-
util/import_gcry.py | 31 +++-
18 files changed, 757 insertions(+), 47 deletions(-)
create mode 100644 grub-core/lib/argon2.c
create mode 100644
grub-core/lib/libgcrypt-patches/09-blake2b-hash-buffers.patch
create mode 100644 grub-core/lib/libgcrypt-patches/10-kdf-use-GPG-errs.patch
create mode 100644
grub-core/lib/libgcrypt-patches/11-kdf-remove-unsupported-kdfs.patch
create mode 100644
grub-core/lib/libgcrypt-patches/12-kdf-use-grub_divmod64.patch
create mode 100644 grub-core/tests/argon2_test.c
Range-diff against v3:
1: 4c2b3fec8 = 1: 4c2b3fec8 util/import_gcry: Import kdf.c for Argon2
2: 210b6292b = 2: 210b6292b crypto: Update crypto.h for libgcrypt KDF
functions
3: 97e34226d ! 3: 3b72e07b8 libgcrypt/kdf: Implement
blake2b_512.hash_buffers()
@@ conf/Makefile.extra-dist: EXTRA_DIST +=
grub-core/lib/libgcrypt-patches/05_disab
## grub-core/lib/libgcrypt-patches/09-blake2b-hash-buffers.patch (new) ##
@@
-+From 9c4b1a458718d848d0121b81f8533bbc7f26469a Mon Sep 17 00:00:00 2001
++From 42e9975171439e2e9713e122cb0e74174f057e98 Mon Sep 17 00:00:00 2001
+From: Gary Lin <g...@suse.com>
+Date: Mon, 25 Aug 2025 15:54:24 +0800
+Subject: [PATCH 1/4] libgcrypt/kdf: Implement blake2b_512.hash_buffers()
@@ grub-core/lib/libgcrypt-patches/09-blake2b-hash-buffers.patch (new)
+
+Signed-off-by: Gary Lin <g...@suse.com>
+---
-+ grub-core/lib/libgcrypt-grub/cipher/kdf.c | 20 +++++++++++++++++++-
-+ 1 file changed, 19 insertions(+), 1 deletion(-)
++ grub-core/lib/libgcrypt-grub/cipher/kdf.c | 25 ++++++++++++++++++++++-
++ 1 file changed, 24 insertions(+), 1 deletion(-)
+
+diff --git a/grub-core/lib/libgcrypt-grub/cipher/kdf.c
b/grub-core/lib/libgcrypt-grub/cipher/kdf.c
-+index 0689f88b1..fd0c4a106 100644
++index 0689f88b1..08e3ef658 100644
+--- a/grub-core/lib/libgcrypt-grub/cipher/kdf.c
++++ b/grub-core/lib/libgcrypt-grub/cipher/kdf.c
-+@@ -129,6 +129,24 @@ beswap64_block (u64 *dst)
++@@ -129,10 +129,31 @@ beswap64_block (u64 *dst)
+ #endif
+ }
+
++/* Implementation of _gcry_blake2b_512_hash_buffers */
-++static void
+++static gcry_err_code_t
++argon2_blake2b_512_hash_buffers (void *outbuf, const gcry_buffer_t *iov,
int iovcnt)
++{
++ void *hd;
++
++ hd = xtrymalloc (_gcry_digest_spec_blake2b_512.contextsize);
++ if (!hd)
-++ return;
+++ return GPG_ERR_OUT_OF_MEMORY;
++
++ _gcry_digest_spec_blake2b_512.init (hd, 0);
++ for (;iovcnt > 0; iov++, iovcnt--)
@@ -129,6 +129,24 @@ beswap64_block (u64 *dst)
++ grub_memcpy (outbuf, _gcry_digest_spec_blake2b_512.read (hd), 512 / 8);
++
++ xfree (hd);
+++
+++ return GPG_ERR_NO_ERROR;
++}
+
+ static gpg_err_code_t
+ argon2_fill_first_blocks (argon2_ctx_t a)
-+@@ -195,7 +213,7 @@ argon2_fill_first_blocks (argon2_ctx_t a)
++ {
+++ gpg_err_code_t err;
++ unsigned char h0_01_i[72];
++ unsigned char buf[10][4];
++ gcry_buffer_t iov[8];
++@@ -195,7 +216,9 @@ argon2_fill_first_blocks (argon2_ctx_t a)
+ iov_count++;
+ }
+
+- _gcry_digest_spec_blake2b_512.hash_buffers (h0_01_i, 64, iov,
iov_count);
-++ argon2_blake2b_512_hash_buffers (h0_01_i, iov, iov_count);
+++ err = argon2_blake2b_512_hash_buffers (h0_01_i, iov, iov_count);
+++ if (err != GPG_ERR_NO_ERROR)
+++ return err;
+
+ for (i = 0; i < a->lanes; i++)
+ {
+--
-+2.43.0
++2.51.0
+
4: ece319254 ! 4: d90a709b1 libgcrypt/kdf: Get rid of
gpg_err_code_from_errno()
@@ conf/Makefile.extra-dist: EXTRA_DIST +=
grub-core/lib/libgcrypt-patches/06_blake
## grub-core/lib/libgcrypt-patches/10-kdf-use-GPG-errs.patch (new) ##
@@
-+From 0344b5a1c206aaa8ec591824c5d0ccf5d9a1e6c0 Mon Sep 17 00:00:00 2001
++From 89f793515d927d8f7099b61d0b7b200611e56acd Mon Sep 17 00:00:00 2001
+From: Gary Lin <g...@suse.com>
+Date: Mon, 25 Aug 2025 15:56:03 +0800
+Subject: [PATCH 2/4] libgcrypt/kdf: Get rid of gpg_err_code_from_errno()
@@ grub-core/lib/libgcrypt-patches/10-kdf-use-GPG-errs.patch (new)
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/grub-core/lib/libgcrypt-grub/cipher/kdf.c
b/grub-core/lib/libgcrypt-grub/cipher/kdf.c
-+index fd0c4a106..55294672b 100644
++index 08e3ef658..6e0351d8a 100644
+--- a/grub-core/lib/libgcrypt-grub/cipher/kdf.c
++++ b/grub-core/lib/libgcrypt-grub/cipher/kdf.c
-+@@ -260,7 +260,7 @@ argon2_init (argon2_ctx_t a, unsigned int parallelism,
++@@ -265,7 +265,7 @@ argon2_init (argon2_ctx_t a, unsigned int parallelism,
+ block = xtrymalloc (1024 * memory_blocks);
+ if (!block)
+ {
@@ -260,7 +260,7 @@ argon2_init (argon2_ctx_t a, unsigned int parallelism,
+ return ec;
+ }
+ memset (block, 0, 1024 * memory_blocks);
-+@@ -268,7 +268,7 @@ argon2_init (argon2_ctx_t a, unsigned int parallelism,
++@@ -273,7 +273,7 @@ argon2_init (argon2_ctx_t a, unsigned int parallelism,
+ thread_data = xtrymalloc (a->lanes * sizeof (struct
argon2_thread_data));
+ if (!thread_data)
+ {
@@ -268,7 +268,7 @@ argon2_init (argon2_ctx_t a, unsigned int parallelism,
+ xfree (block);
+ return ec;
+ }
-+@@ -619,7 +619,7 @@ argon2_open (gcry_kdf_hd_t *hd, int subalgo,
++@@ -624,7 +624,7 @@ argon2_open (gcry_kdf_hd_t *hd, int subalgo,
+ n = offsetof (struct argon2_context, out) + taglen;
+ a = xtrymalloc (n);
+ if (!a)
@@ -619,7 +619,7 @@ argon2_open (gcry_kdf_hd_t *hd, int subalgo,
+ a->algo = GCRY_KDF_ARGON2;
+ a->hash_type = hash_type;
+--
-+2.43.0
++2.51.0
+
5: ac22a5546 ! 5: 5980e8a1a libgcrypt/kdf: Remove unsupported KDFs
@@ conf/Makefile.extra-dist: EXTRA_DIST +=
grub-core/lib/libgcrypt-patches/07_disab
## grub-core/lib/libgcrypt-patches/11-kdf-remove-unsupported-kdfs.patch
(new) ##
@@
-+From f46f3dbd2e572a6610d651d14e9a3a8b27883c49 Mon Sep 17 00:00:00 2001
++From fc9c57f54fd28685f7df79e53078e1dc9e44f964 Mon Sep 17 00:00:00 2001
+From: Gary Lin <g...@suse.com>
+Date: Mon, 25 Aug 2025 16:00:17 +0800
+Subject: [PATCH 3/4] libgcrypt/kdf: Remove unsupported KDFs
@@ grub-core/lib/libgcrypt-patches/11-kdf-remove-unsupported-kdfs.patch
(new)
+ 1 file changed, 119 deletions(-)
+
+diff --git a/grub-core/lib/libgcrypt-grub/cipher/kdf.c
b/grub-core/lib/libgcrypt-grub/cipher/kdf.c
-+index 55294672b..6e825d3e8 100644
++index 6e0351d8a..c51a70eff 100644
+--- a/grub-core/lib/libgcrypt-grub/cipher/kdf.c
++++ b/grub-core/lib/libgcrypt-grub/cipher/kdf.c
-+@@ -816,64 +816,6 @@ _gcry_kdf_open (gcry_kdf_hd_t *hd, int algo, int
subalgo,
++@@ -821,64 +821,6 @@ _gcry_kdf_open (gcry_kdf_hd_t *hd, int algo, int
subalgo,
+ key, keylen, ad, adlen);
+ break;
+
@@ -816,64 +816,6 @@ _gcry_kdf_open (gcry_kdf_hd_t *hd, int algo, int
subalgo,
+ default:
+ ec = GPG_ERR_UNKNOWN_ALGORITHM;
+ break;
-+@@ -893,26 +835,6 @@ _gcry_kdf_compute (gcry_kdf_hd_t h, const struct
gcry_kdf_thread_ops *ops)
++@@ -898,26 +840,6 @@ _gcry_kdf_compute (gcry_kdf_hd_t h, const struct
gcry_kdf_thread_ops *ops)
+ ec = argon2_compute ((argon2_ctx_t)(void *)h, ops);
+ break;
+
@@ -893,26 +835,6 @@ _gcry_kdf_compute (gcry_kdf_hd_t h, const struct
gcry_kdf_thre
+ default:
+ ec = GPG_ERR_UNKNOWN_ALGORITHM;
+ break;
-+@@ -933,27 +855,6 @@ _gcry_kdf_final (gcry_kdf_hd_t h, size_t resultlen,
void *result)
++@@ -938,27 +860,6 @@ _gcry_kdf_final (gcry_kdf_hd_t h, size_t resultlen,
void *result)
+ ec = argon2_final ((argon2_ctx_t)(void *)h, resultlen, result);
+ break;
+
@@ -933,27 +855,6 @@ _gcry_kdf_final (gcry_kdf_hd_t h, size_t resultlen,
void *resu
+ default:
+ ec = GPG_ERR_UNKNOWN_ALGORITHM;
+ break;
-+@@ -971,26 +872,6 @@ _gcry_kdf_close (gcry_kdf_hd_t h)
++@@ -976,26 +877,6 @@ _gcry_kdf_close (gcry_kdf_hd_t h)
+ argon2_close ((argon2_ctx_t)(void *)h);
+ break;
+
@@ -971,26 +872,6 @@ _gcry_kdf_close (gcry_kdf_hd_t h)
+ break;
+ }
+--
-+2.43.0
++2.51.0
+
6: 51cabda08 ! 6: 6f3a415ca libgcrypt/kdf: Fix 64-bit modulus on 32-bit
platforms
@@ Commit message
libgcrypt/kdf: Fix 64-bit modulus on 32-bit platforms
Use grub_divmod64() for the 64-bit modulus to prevent creation of
- __umoddi3() calls on 32-bit platforms.
+ special division calls such as __umoddi3() and __aeabi_uldivmod() on
+ 32-bit platforms.
Signed-off-by: Gary Lin <g...@suse.com>
@@ conf/Makefile.extra-dist: EXTRA_DIST +=
grub-core/lib/libgcrypt-patches/08_sexp_
## grub-core/lib/libgcrypt-patches/12-kdf-use-grub_divmod64.patch (new) ##
@@
-+From 232133d5672a89f5e5a45116171e802c1ebab2e7 Mon Sep 17 00:00:00 2001
++From 990a5f7df076200aa031b1bcde6bc4b13d4f198e Mon Sep 17 00:00:00 2001
+From: Gary Lin <g...@suse.com>
+Date: Mon, 25 Aug 2025 16:01:45 +0800
+Subject: [PATCH 4/4] libgcrypt/kdf: Fix 64-bit modulus on 32-bit platforms
+
+Use grub_divmod64() for the 64-bit modulus to prevent creation of
-+__umoddi3() calls on 32-bit platforms.
++special division calls such as __umoddi3() and __aeabi_uldivmod() on
++32-bit platforms.
+
+Signed-off-by: Gary Lin <g...@suse.com>
+---
@@ grub-core/lib/libgcrypt-patches/12-kdf-use-grub_divmod64.patch (new)
+ 1 file changed, 12 insertions(+), 4 deletions(-)
+
+diff --git a/grub-core/lib/libgcrypt-grub/cipher/kdf.c
b/grub-core/lib/libgcrypt-grub/cipher/kdf.c
-+index 6e825d3e8..e0a1b2901 100644
++index c51a70eff..f4bb51809 100644
+--- a/grub-core/lib/libgcrypt-grub/cipher/kdf.c
++++ b/grub-core/lib/libgcrypt-grub/cipher/kdf.c
-+@@ -370,6 +370,7 @@ index_alpha (argon2_ctx_t a, const struct
argon2_thread_data *t,
++@@ -375,6 +375,7 @@ index_alpha (argon2_ctx_t a, const struct
argon2_thread_data *t,
+ u32 reference_area_size;
+ u64 relative_position;
+ u32 start_position;
@@ -370,6 +370,7 @@ index_alpha (argon2_ctx_t a, const struct
argon2_thread_data *t
+
+ if (t->pass == 0)
+ {
-+@@ -406,7 +407,8 @@ index_alpha (argon2_ctx_t a, const struct
argon2_thread_data *t,
++@@ -411,7 +412,8 @@ index_alpha (argon2_ctx_t a, const struct
argon2_thread_data *t,
+ ? 0
+ : (t->slice + 1) * a->segment_length;
+
@@ -406,7 +407,8 @@ index_alpha (argon2_ctx_t a, const struct
argon2_thread_data *t
+ }
+
+ static void
-+@@ -420,6 +422,7 @@ argon2_compute_segment (void *priv)
++@@ -425,6 +427,7 @@ argon2_compute_segment (void *priv)
+ u64 input_block[1024/sizeof (u64)];
+ u64 address_block[1024/sizeof (u64)];
+ u64 *random_block = NULL;
@@ -420,6 +422,7 @@ argon2_compute_segment (void *priv)
+
+ if (a->hash_type == GCRY_KDF_ARGON2I
+ || (a->hash_type == GCRY_KDF_ARGON2ID && t->pass == 0 && t->slice
< 2))
-+@@ -444,7 +447,8 @@ argon2_compute_segment (void *priv)
++@@ -449,7 +452,8 @@ argon2_compute_segment (void *priv)
+ i = 0;
+
+ curr_offset = t->lane * a->lane_length + t->slice * a->segment_length
+ i;
@@ -444,7 +447,8 @@ argon2_compute_segment (void *priv)
+ prev_offset = curr_offset - 1;
+ else
+ prev_offset = curr_offset + a->lane_length - 1;
-+@@ -454,7 +458,8 @@ argon2_compute_segment (void *priv)
++@@ -459,7 +463,8 @@ argon2_compute_segment (void *priv)
+ u64 *ref_block, *curr_block;
+ u64 rand64;
+
@@ -454,7 +458,8 @@ argon2_compute_segment (void *priv)
+ prev_offset = curr_offset - 1;
+
+ if (random_block)
-+@@ -470,7 +475,10 @@ argon2_compute_segment (void *priv)
++@@ -475,7 +480,10 @@ argon2_compute_segment (void *priv)
+ if (t->pass == 0 && t->slice == 0)
+ ref_lane = t->lane;
+ else
@@ -470,7 +475,10 @@ argon2_compute_segment (void *priv)
+ ref_index = index_alpha (a, t, i, (rand64 & 0xffffffff),
+ ref_lane == t->lane);
+--
-+2.43.0
++2.51.0
+
7: b56661bb6 = 7: 8298d3139 argon2: Introduce grub_crypto_argon2()
8: 54bd89f6a = 8: e3ff82e7c Import Argon2 tests from libgcrypt
9: e386633aa = 9: 168a8d24b Integrate Argon2 tests into functional_test
10: 86bbe307d = 10: 3bc593992 disk/luks2: Add Argon2 support
11: f626d2001 = 11: 1fb5cac29 tests/util/grub-fs-tester: Use Argon2id for
LUKS2 test
12: a1cdf3b42 = 12: 840cf2fb0 docs: Document argon2 and argon2_test
-: --------- > 13: 1fbd2a278 kern/misc: Implement faster grub_memcpy() for
aligned buffers
--
2.51.0
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
