# SPDX-License-Identifier: GPL-2.0-only menuconfig CRYPTO_HW bool "Hardware crypto devices" default y help Say Y here to get to see options for hardware crypto devices and processors. This option alone does not add any kernel code. If you say N, all options in this submenu will be skipped and disabled. if CRYPTO_HW source "drivers/crypto/allwinner/Kconfig" config CRYPTO_DEV_PADLOCK tristate "Support for VIA PadLock ACE" depends on X86 && !UML help Some VIA processors come with an integrated crypto engine (so called VIA PadLock ACE, Advanced Cryptography Engine) that provides instructions for very fast cryptographic operations with supported algorithms. The instructions are used only when the CPU supports them. Otherwise software encryption is used. config CRYPTO_DEV_PADLOCK_AES tristate "PadLock driver for AES algorithm" depends on CRYPTO_DEV_PADLOCK select CRYPTO_SKCIPHER select CRYPTO_LIB_AES help Use VIA PadLock for AES algorithm. Available in VIA C3 and newer CPUs. If unsure say M. The compiled module will be called padlock-aes. config CRYPTO_DEV_PADLOCK_SHA tristate "PadLock driver for SHA1 and SHA256 algorithms" depends on CRYPTO_DEV_PADLOCK select CRYPTO_HASH select CRYPTO_SHA1 select CRYPTO_SHA256 help Use VIA PadLock for SHA1/SHA256 algorithms. Available in VIA C7 and newer processors. If unsure say M. The compiled module will be called padlock-sha. config CRYPTO_DEV_GEODE tristate "Support for the Geode LX AES engine" depends on X86_32 && PCI select CRYPTO_ALGAPI select CRYPTO_SKCIPHER help Say 'Y' here to use the AMD Geode LX processor on-board AES engine for the CryptoAPI AES algorithm. To compile this driver as a module, choose M here: the module will be called geode-aes. config ZCRYPT tristate "Support for s390 cryptographic adapters" depends on S390 depends on AP select HW_RANDOM help Select this option if you want to enable support for s390 cryptographic adapters like Crypto Express 4 up to 8 in Coprocessor (CEXxC), EP11 Coprocessor (CEXxP) or Accelerator (CEXxA) mode. config PKEY tristate "Kernel API for protected key handling" depends on S390 help With this option enabled the pkey kernel modules provide an API for creation and handling of protected keys. Other parts of the kernel or userspace applications may use these functions. The protected key support is distributed into: - A pkey base and API kernel module (pkey.ko) which offers the infrastructure for the pkey handler kernel modules, the ioctl and the sysfs API and the in-kernel API to the crypto cipher implementations using protected key. - A pkey pckmo kernel module (pkey-pckmo.ko) which is automatically loaded when pckmo support (that is generation of protected keys from clear key values) is available. - A pkey CCA kernel module (pkey-cca.ko) which is automatically loaded when a CEX crypto card is available. - A pkey EP11 kernel module (pkey-ep11.ko) which is automatically loaded when a CEX crypto card is available. - A pkey UV kernel module (pkey-uv.ko) which is automatically loaded when the Ultravisor feature is available within a protected execution environment. Select this option if you want to enable the kernel and userspace API for protected key handling. config PKEY_CCA tristate "PKEY CCA support handler" depends on PKEY depends on ZCRYPT help This is the CCA support handler for deriving protected keys from CCA (secure) keys. Also this handler provides an alternate way to make protected keys from clear key values. The PKEY CCA support handler needs a Crypto Express card (CEX) in CCA mode. If you have selected the PKEY option then you should also enable this option unless you are sure you never need to derive protected keys from CCA key material. config PKEY_EP11 tristate "PKEY EP11 support handler" depends on PKEY depends on ZCRYPT help This is the EP11 support handler for deriving protected keys from EP11 (secure) keys. Also this handler provides an alternate way to make protected keys from clear key values. The PKEY EP11 support handler needs a Crypto Express card (CEX) in EP11 mode. If you have selected the PKEY option then you should also enable this option unless you are sure you never need to derive protected keys from EP11 key material. config PKEY_PCKMO tristate "PKEY PCKMO support handler" depends on PKEY help This is the PCKMO support handler for deriving protected keys from clear key values via invoking the PCKMO instruction. The PCKMO instruction can be enabled and disabled in the crypto settings at the LPAR profile. This handler checks for availability during initialization and if build as a kernel module unloads itself if PCKMO is disabled. The PCKMO way of deriving protected keys from clear key material is especially used during self test of protected key ciphers like PAES but the CCA and EP11 handler provide alternate ways to generate protected keys from clear key values. If you have selected the PKEY option then you should also enable this option unless you are sure you never need to derive protected keys from clear key values directly via PCKMO. config PKEY_UV tristate "PKEY UV support handler" depends on PKEY depends on S390_UV_UAPI help This is the PKEY Ultravisor support handler for deriving protected keys from secrets stored within the Ultravisor (UV). This module works together with the UV device and supports the retrieval of protected keys from secrets stored within the UV firmware layer. This service is only available within a protected execution guest and thus this module will fail upon modprobe if no protected execution environment is detected. Enable this option if you intend to run this kernel with an KVM guest with protected execution and you want to use UV retrievable secrets via PKEY API. config CRYPTO_PAES_S390 tristate "PAES cipher algorithms" depends on S390 depends on ZCRYPT depends on PKEY select CRYPTO_ALGAPI select CRYPTO_SKCIPHER help This is the s390 hardware accelerated implementation of the AES cipher algorithms for use with protected key. Select this option if you want to use the paes cipher for example to use protected key encrypted devices. config S390_PRNG tristate "Pseudo random number generator device driver" depends on S390 default "m" help Select this option if you want to use the s390 pseudo random number generator. The PRNG is part of the cryptographic processor functions and uses triple-DES to generate secure random numbers like the ANSI X9.17 standard. User-space programs access the pseudo-random-number device through the char device /dev/prandom. It is available as of z9. config CRYPTO_DEV_NIAGARA2 tristate "Niagara2 Stream Processing Unit driver" select CRYPTO_LIB_DES select CRYPTO_SKCIPHER select CRYPTO_HASH select CRYPTO_MD5 select CRYPTO_SHA1 select CRYPTO_SHA256 depends on SPARC64 help Each core of a Niagara2 processor contains a Stream Processing Unit, which itself contains several cryptographic sub-units. One set provides the Modular Arithmetic Unit, used for SSL offload. The other set provides the Cipher Group, which can perform encryption, decryption, hashing, checksumming, and raw copies. config CRYPTO_DEV_SL3516 tristate "Storlink SL3516 crypto offloader" depends on ARCH_GEMINI || COMPILE_TEST depends on HAS_IOMEM && PM select CRYPTO_SKCIPHER select CRYPTO_ENGINE select CRYPTO_ECB select CRYPTO_AES select HW_RANDOM help This option allows you to have support for SL3516 crypto offloader. config CRYPTO_DEV_SL3516_DEBUG bool "Enable SL3516 stats" depends on CRYPTO_DEV_SL3516 depends on DEBUG_FS help Say y to enable SL3516 debug stats. This will create /sys/kernel/debug/sl3516/stats for displaying the number of requests per algorithm and other internal stats. config CRYPTO_DEV_HIFN_795X tristate "Driver HIFN 795x crypto accelerator chips" select CRYPTO_LIB_DES select CRYPTO_SKCIPHER select HW_RANDOM if CRYPTO_DEV_HIFN_795X_RNG depends on PCI depends on !ARCH_DMA_ADDR_T_64BIT help This option allows you to have support for HIFN 795x crypto adapters. config CRYPTO_DEV_HIFN_795X_RNG bool "HIFN 795x random number generator" depends on CRYPTO_DEV_HIFN_795X help Select this option if you want to enable the random number generator on the HIFN 795x crypto adapters. source "drivers/crypto/caam/Kconfig" config CRYPTO_DEV_TALITOS tristate "Talitos Freescale Security Engine (SEC)" select CRYPTO_AEAD select CRYPTO_AUTHENC select CRYPTO_SKCIPHER select CRYPTO_HASH select CRYPTO_LIB_DES select HW_RANDOM depends on FSL_SOC help Say 'Y' here to use the Freescale Security Engine (SEC) to offload cryptographic algorithm computation. The Freescale SEC is present on PowerQUICC 'E' processors, such as the MPC8349E and MPC8548E. To compile this driver as a module, choose M here: the module will be called talitos. config CRYPTO_DEV_TALITOS1 bool "SEC1 (SEC 1.0 and SEC Lite 1.2)" depends on CRYPTO_DEV_TALITOS depends on PPC_8xx || PPC_82xx default y help Say 'Y' here to use the Freescale Security Engine (SEC) version 1.0 found on MPC82xx or the Freescale Security Engine (SEC Lite) version 1.2 found on MPC8xx config CRYPTO_DEV_TALITOS2 bool "SEC2+ (SEC version 2.0 or upper)" depends on CRYPTO_DEV_TALITOS default y if !PPC_8xx help Say 'Y' here to use the Freescale Security Engine (SEC) version 2 and following as found on MPC83xx, MPC85xx, etc ... config CRYPTO_DEV_PPC4XX tristate "Driver AMCC PPC4xx crypto accelerator" depends on PPC && 4xx select CRYPTO_HASH select CRYPTO_AEAD select CRYPTO_AES select CRYPTO_LIB_AES select CRYPTO_CCM select CRYPTO_CTR select CRYPTO_GCM select CRYPTO_SKCIPHER help This option allows you to have support for AMCC crypto acceleration. config HW_RANDOM_PPC4XX bool "PowerPC 4xx generic true random number generator support" depends on CRYPTO_DEV_PPC4XX && HW_RANDOM=y default y help This option provides the kernel-side support for the TRNG hardware found in the security function of some PowerPC 4xx SoCs. config CRYPTO_DEV_OMAP tristate "Support for OMAP crypto HW accelerators" depends on ARCH_OMAP2PLUS help OMAP processors have various crypto HW accelerators. Select this if you want to use the OMAP modules for any of the crypto algorithms. if CRYPTO_DEV_OMAP config CRYPTO_DEV_OMAP_SHAM tristate "Support for OMAP MD5/SHA1/SHA2 hw accelerator" depends on ARCH_OMAP2PLUS select CRYPTO_ENGINE select CRYPTO_SHA1 select CRYPTO_MD5 select CRYPTO_SHA256 select CRYPTO_SHA512 select CRYPTO_HMAC help OMAP processors have MD5/SHA1/SHA2 hw accelerator. Select this if you want to use the OMAP module for MD5/SHA1/SHA2 algorithms. config CRYPTO_DEV_OMAP_AES tristate "Support for OMAP AES hw engine" depends on ARCH_OMAP2 || ARCH_OMAP3 || ARCH_OMAP2PLUS select CRYPTO_AES select CRYPTO_SKCIPHER select CRYPTO_ENGINE select CRYPTO_CBC select CRYPTO_ECB select CRYPTO_CTR select CRYPTO_AEAD help OMAP processors have AES module accelerator. Select this if you want to use the OMAP module for AES algorithms. config CRYPTO_DEV_OMAP_DES tristate "Support for OMAP DES/3DES hw engine" depends on ARCH_OMAP2PLUS select CRYPTO_LIB_DES select CRYPTO_SKCIPHER select CRYPTO_ENGINE help OMAP processors have DES/3DES module accelerator. Select this if you want to use the OMAP module for DES and 3DES algorithms. Currently the ECB and CBC modes of operation are supported by the driver. Also accesses made on unaligned boundaries are supported. endif # CRYPTO_DEV_OMAP config CRYPTO_DEV_SAHARA tristate "Support for SAHARA crypto accelerator" depends on ARCH_MXC && OF select CRYPTO_SKCIPHER select CRYPTO_AES select CRYPTO_ECB select CRYPTO_ENGINE help This option enables support for the SAHARA HW crypto accelerator found in some Freescale i.MX chips. config CRYPTO_DEV_EXYNOS_RNG tristate "Exynos HW pseudo random number generator support" depends on ARCH_EXYNOS || COMPILE_TEST depends on HAS_IOMEM select CRYPTO_RNG help This driver provides kernel-side support through the cryptographic API for the pseudo random number generator hardware found on Exynos SoCs. To compile this driver as a module, choose M here: the module will be called exynos-rng. If unsure, say Y. config CRYPTO_DEV_S5P tristate "Support for Samsung S5PV210/Exynos crypto accelerator" depends on ARCH_S5PV210 || ARCH_EXYNOS || COMPILE_TEST depends on HAS_IOMEM select CRYPTO_AES select CRYPTO_SKCIPHER help This option allows you to have support for S5P crypto acceleration. Select this to offload Samsung S5PV210 or S5PC110, Exynos from AES algorithms execution. config CRYPTO_DEV_EXYNOS_HASH bool "Support for Samsung Exynos HASH accelerator" depends on CRYPTO_DEV_S5P depends on !CRYPTO_DEV_EXYNOS_RNG && CRYPTO_DEV_EXYNOS_RNG!=m select CRYPTO_SHA1 select CRYPTO_MD5 select CRYPTO_SHA256 help Select this to offload Exynos from HASH MD5/SHA1/SHA256. This will select software SHA1, MD5 and SHA256 as they are needed for small and zero-size messages. HASH algorithms will be disabled if EXYNOS_RNG is enabled due to hw conflict. config CRYPTO_DEV_NX bool "Support for IBM PowerPC Nest (NX) cryptographic acceleration" depends on PPC64 help This enables support for the NX hardware cryptographic accelerator coprocessor that is in IBM PowerPC P7+ or later processors. This does not actually enable any drivers, it only allows you to select which acceleration type (encryption and/or compression) to enable. if CRYPTO_DEV_NX source "drivers/crypto/nx/Kconfig" endif config CRYPTO_DEV_ATMEL_AUTHENC bool "Support for Atmel IPSEC/SSL hw accelerator" depends on ARCH_AT91 || COMPILE_TEST depends on CRYPTO_DEV_ATMEL_AES help Some Atmel processors can combine the AES and SHA hw accelerators to enhance support of IPSEC/SSL. Select this if you want to use the Atmel modules for authenc(hmac(shaX),Y(cbc)) algorithms. config CRYPTO_DEV_ATMEL_AES tristate "Support for Atmel AES hw accelerator" depends on ARCH_AT91 || COMPILE_TEST select CRYPTO_AES select CRYPTO_AEAD select CRYPTO_SKCIPHER select CRYPTO_AUTHENC if CRYPTO_DEV_ATMEL_AUTHENC select CRYPTO_DEV_ATMEL_SHA if CRYPTO_DEV_ATMEL_AUTHENC help Some Atmel processors have AES hw accelerator. Select this if you want to use the Atmel module for AES algorithms. To compile this driver as a module, choose M here: the module will be called atmel-aes. config CRYPTO_DEV_ATMEL_TDES tristate "Support for Atmel DES/TDES hw accelerator" depends on ARCH_AT91 || COMPILE_TEST select CRYPTO_LIB_DES select CRYPTO_SKCIPHER help Some Atmel processors have DES/TDES hw accelerator. Select this if you want to use the Atmel module for DES/TDES algorithms. To compile this driver as a module, choose M here: the module will be called atmel-tdes. config CRYPTO_DEV_ATMEL_SHA tristate "Support for Atmel SHA hw accelerator" depends on ARCH_AT91 || COMPILE_TEST select CRYPTO_HASH help Some Atmel processors have SHA1/SHA224/SHA256/SHA384/SHA512 hw accelerator. Select this if you want to use the Atmel module for SHA1/SHA224/SHA256/SHA384/SHA512 algorithms. To compile this driver as a module, choose M here: the module will be called atmel-sha. config CRYPTO_DEV_ATMEL_I2C tristate select BITREVERSE config CRYPTO_DEV_ATMEL_ECC tristate "Support for Microchip / Atmel ECC hw accelerator" depends on I2C select CRYPTO_DEV_ATMEL_I2C select CRYPTO_ECDH select CRC16 help Microhip / Atmel ECC hw accelerator. Select this if you want to use the Microchip / Atmel module for ECDH algorithm. To compile this driver as a module, choose M here: the module will be called atmel-ecc. config CRYPTO_DEV_ATMEL_SHA204A tristate "Support for Microchip / Atmel SHA accelerator and RNG" depends on I2C select CRYPTO_DEV_ATMEL_I2C select HW_RANDOM select CRC16 help Microhip / Atmel SHA accelerator and RNG. Select this if you want to use the Microchip / Atmel SHA204A module as a random number generator. (Other functions of the chip are currently not exposed by this driver) To compile this driver as a module, choose M here: the module will be called atmel-sha204a. config CRYPTO_DEV_CCP bool "Support for AMD Secure Processor" depends on ((X86 && PCI) || (ARM64 && (OF_ADDRESS || ACPI))) && HAS_IOMEM help The AMD Secure Processor provides support for the Cryptographic Coprocessor (CCP) and the Platform Security Processor (PSP) devices. if CRYPTO_DEV_CCP source "drivers/crypto/ccp/Kconfig" endif config CRYPTO_DEV_MXS_DCP tristate "Support for Freescale MXS DCP" depends on (ARCH_MXS || ARCH_MXC) select STMP_DEVICE select CRYPTO_CBC select CRYPTO_ECB select CRYPTO_AES select CRYPTO_SKCIPHER select CRYPTO_HASH help The Freescale i.MX23/i.MX28 has SHA1/SHA256 and AES128 CBC/ECB co-processor on the die. To compile this driver as a module, choose M here: the module will be called mxs-dcp. source "drivers/crypto/cavium/cpt/Kconfig" source "drivers/crypto/cavium/nitrox/Kconfig" source "drivers/crypto/marvell/Kconfig" source "drivers/crypto/intel/Kconfig" config CRYPTO_DEV_CAVIUM_ZIP tristate "Cavium ZIP driver" depends on PCI && 64BIT && (ARM64 || COMPILE_TEST) help Select this option if you want to enable compression/decompression acceleration on Cavium's ARM based SoCs config CRYPTO_DEV_QCE tristate "Qualcomm crypto engine accelerator" depends on ARCH_QCOM || COMPILE_TEST depends on HAS_IOMEM help This driver supports Qualcomm crypto engine accelerator hardware. To compile this driver as a module, choose M here. The module will be called qcrypto. config CRYPTO_DEV_QCE_SKCIPHER bool depends on CRYPTO_DEV_QCE select CRYPTO_AES select CRYPTO_LIB_DES select CRYPTO_ECB select CRYPTO_CBC select CRYPTO_XTS select CRYPTO_CTR select CRYPTO_SKCIPHER config CRYPTO_DEV_QCE_SHA bool depends on CRYPTO_DEV_QCE select CRYPTO_SHA1 select CRYPTO_SHA256 config CRYPTO_DEV_QCE_AEAD bool depends on CRYPTO_DEV_QCE select CRYPTO_AUTHENC select CRYPTO_LIB_DES choice prompt "Algorithms enabled for QCE acceleration" default CRYPTO_DEV_QCE_ENABLE_ALL depends on CRYPTO_DEV_QCE help This option allows to choose whether to build support for all algorithms (default), hashes-only, or skciphers-only. The QCE engine does not appear to scale as well as the CPU to handle multiple crypto requests. While the ipq40xx chips have 4-core CPUs, the QCE handles only 2 requests in parallel. Ipsec throughput seems to improve when disabling either family of algorithms, sharing the load with the CPU. Enabling skciphers-only appears to work best. config CRYPTO_DEV_QCE_ENABLE_ALL bool "All supported algorithms" select CRYPTO_DEV_QCE_SKCIPHER select CRYPTO_DEV_QCE_SHA select CRYPTO_DEV_QCE_AEAD help Enable all supported algorithms: - AES (CBC, CTR, ECB, XTS) - 3DES (CBC, ECB) - DES (CBC, ECB) - SHA1, HMAC-SHA1 - SHA256, HMAC-SHA256 config CRYPTO_DEV_QCE_ENABLE_SKCIPHER bool "Symmetric-key ciphers only" select CRYPTO_DEV_QCE_SKCIPHER help Enable symmetric-key ciphers only: - AES (CBC, CTR, ECB, XTS) - 3DES (ECB, CBC) - DES (ECB, CBC) config CRYPTO_DEV_QCE_ENABLE_SHA bool "Hash/HMAC only" select CRYPTO_DEV_QCE_SHA help Enable hashes/HMAC algorithms only: - SHA1, HMAC-SHA1 - SHA256, HMAC-SHA256 config CRYPTO_DEV_QCE_ENABLE_AEAD bool "AEAD algorithms only" select CRYPTO_DEV_QCE_AEAD help Enable AEAD algorithms only: - authenc() - ccm(aes) - rfc4309(ccm(aes)) endchoice config CRYPTO_DEV_QCE_SW_MAX_LEN int "Default maximum request size to use software for AES" depends on CRYPTO_DEV_QCE && CRYPTO_DEV_QCE_SKCIPHER default 512 help This sets the default maximum request size to perform AES requests using software instead of the crypto engine. It can be changed by setting the aes_sw_max_len parameter. Small blocks are processed faster in software than hardware. Considering the 256-bit ciphers, software is 2-3 times faster than qce at 256-bytes, 30% faster at 512, and about even at 768-bytes. With 128-bit keys, the break-even point would be around 1024-bytes. The default is set a little lower, to 512 bytes, to balance the cost in CPU usage. The minimum recommended setting is 16-bytes (1 AES block), since AES-GCM will fail if you set it lower. Setting this to zero will send all requests to the hardware. Note that 192-bit keys are not supported by the hardware and are always processed by the software fallback, and all DES requests are done by the hardware. config CRYPTO_DEV_QCOM_RNG tristate "Qualcomm Random Number Generator Driver" depends on ARCH_QCOM || COMPILE_TEST depends on HW_RANDOM select CRYPTO_RNG help This driver provides support for the Random Number Generator hardware found on Qualcomm SoCs. To compile this driver as a module, choose M here. The module will be called qcom-rng. If unsure, say N. #config CRYPTO_DEV_VMX # bool "Support for VMX cryptographic acceleration instructions" # depends on PPC64 && VSX # help # Support for VMX cryptographic acceleration instructions. # #source "drivers/crypto/vmx/Kconfig" config CRYPTO_DEV_IMGTEC_HASH tristate "Imagination Technologies hardware hash accelerator" depends on MIPS || COMPILE_TEST select CRYPTO_MD5 select CRYPTO_SHA1 select CRYPTO_SHA256 select CRYPTO_HASH help This driver interfaces with the Imagination Technologies hardware hash accelerator. Supporting MD5/SHA1/SHA224/SHA256 hashing algorithms. config CRYPTO_DEV_ROCKCHIP tristate "Rockchip's Cryptographic Engine driver" depends on OF && ARCH_ROCKCHIP depends on PM select CRYPTO_ECB select CRYPTO_CBC select CRYPTO_DES select CRYPTO_AES select CRYPTO_ENGINE select CRYPTO_LIB_DES select CRYPTO_MD5 select CRYPTO_SHA1 select CRYPTO_SHA256 select CRYPTO_HASH select CRYPTO_SKCIPHER help This driver interfaces with the hardware crypto accelerator. Supporting cbc/ecb chainmode, and aes/des/des3_ede cipher mode. config CRYPTO_DEV_ROCKCHIP_DEBUG bool "Enable Rockchip crypto stats" depends on CRYPTO_DEV_ROCKCHIP depends on DEBUG_FS help Say y to enable Rockchip crypto debug stats. This will create /sys/kernel/debug/rk3288_crypto/stats for displaying the number of requests per algorithm and other internal stats. config CRYPTO_DEV_TEGRA tristate "Enable Tegra Security Engine" depends on TEGRA_HOST1X select CRYPTO_ENGINE help Select this to enable Tegra Security Engine which accelerates various AES encryption/decryption and HASH algorithms. config CRYPTO_DEV_ZYNQMP_AES tristate "Support for Xilinx ZynqMP AES hw accelerator" depends on ZYNQMP_FIRMWARE || COMPILE_TEST select CRYPTO_AES select CRYPTO_ENGINE select CRYPTO_AEAD help Xilinx ZynqMP has AES-GCM engine used for symmetric key encryption and decryption. This driver interfaces with AES hw accelerator. Select this if you want to use the ZynqMP module for AES algorithms. config CRYPTO_DEV_ZYNQMP_SHA3 tristate "Support for Xilinx ZynqMP SHA3 hardware accelerator" depends on ZYNQMP_FIRMWARE || COMPILE_TEST select CRYPTO_SHA3 help Xilinx ZynqMP has SHA3 engine used for secure hash calculation. This driver interfaces with SHA3 hardware engine. Select this if you want to use the ZynqMP module for SHA3 hash computation. source "drivers/crypto/chelsio/Kconfig" source "drivers/crypto/virtio/Kconfig" config CRYPTO_DEV_BCM_SPU tristate "Broadcom symmetric crypto/hash acceleration support" depends on ARCH_BCM_IPROC depends on MAILBOX default m select CRYPTO_AUTHENC select CRYPTO_LIB_DES select CRYPTO_MD5 select CRYPTO_SHA1 select CRYPTO_SHA256 select CRYPTO_SHA512 help This driver provides support for Broadcom crypto acceleration using the Secure Processing Unit (SPU). The SPU driver registers skcipher, ahash, and aead algorithms with the kernel cryptographic API. source "drivers/crypto/stm32/Kconfig" config CRYPTO_DEV_SAFEXCEL tristate "Inside Secure's SafeXcel cryptographic engine driver" depends on (OF || PCI || COMPILE_TEST) && HAS_IOMEM select CRYPTO_LIB_AES select CRYPTO_AUTHENC select CRYPTO_SKCIPHER select CRYPTO_LIB_DES select CRYPTO_HASH select CRYPTO_HMAC select CRYPTO_MD5 select CRYPTO_SHA1 select CRYPTO_SHA256 select CRYPTO_SHA512 select CRYPTO_CHACHA20POLY1305 select CRYPTO_SHA3 help This driver interfaces with the SafeXcel EIP-97 and EIP-197 cryptographic engines designed by Inside Secure. It currently accelerates DES, 3DES and AES block ciphers in ECB and CBC mode, as well as SHA1, SHA224, SHA256, SHA384 and SHA512 hash algorithms for both basic hash and HMAC. Additionally, it accelerates combined AES-CBC/HMAC-SHA AEAD operations. config CRYPTO_DEV_ARTPEC6 tristate "Support for Axis ARTPEC-6/7 hardware crypto acceleration." depends on ARM && (ARCH_ARTPEC || COMPILE_TEST) depends on OF select CRYPTO_AEAD select CRYPTO_AES select CRYPTO_ALGAPI select CRYPTO_SKCIPHER select CRYPTO_CTR select CRYPTO_HASH select CRYPTO_SHA1 select CRYPTO_SHA256 select CRYPTO_SHA512 help Enables the driver for the on-chip crypto accelerator of Axis ARTPEC SoCs. To compile this driver as a module, choose M here. config CRYPTO_DEV_CCREE tristate "Support for ARM TrustZone CryptoCell family of security processors" depends on CRYPTO && CRYPTO_HW && OF && HAS_DMA depends on HAS_IOMEM select CRYPTO_HASH select CRYPTO_SKCIPHER select CRYPTO_LIB_DES select CRYPTO_AEAD select CRYPTO_AUTHENC select CRYPTO_SHA1 select CRYPTO_MD5 select CRYPTO_SHA256 select CRYPTO_SHA512 select CRYPTO_HMAC select CRYPTO_AES select CRYPTO_CBC select CRYPTO_ECB select CRYPTO_CTR select CRYPTO_XTS select CRYPTO_SM4_GENERIC select CRYPTO_SM3_GENERIC help Say 'Y' to enable a driver for the REE interface of the Arm TrustZone CryptoCell family of processors. Currently the CryptoCell 713, 703, 712, 710 and 630 are supported. Choose this if you wish to use hardware acceleration of cryptographic operations on the system REE. If unsure say Y. source "drivers/crypto/hisilicon/Kconfig" source "drivers/crypto/amlogic/Kconfig" config CRYPTO_DEV_SA2UL tristate "Support for TI security accelerator" depends on ARCH_K3 || COMPILE_TEST select CRYPTO_AES select CRYPTO_ALGAPI select CRYPTO_AUTHENC select CRYPTO_DES select CRYPTO_SHA1 select CRYPTO_SHA256 select CRYPTO_SHA512 select HW_RANDOM select SG_SPLIT help K3 devices include a security accelerator engine that may be used for crypto offload. Select this if you want to use hardware acceleration for cryptographic algorithms on these devices. source "drivers/crypto/aspeed/Kconfig" source "drivers/crypto/starfive/Kconfig" endif # CRYPTO_HW