lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 13 May 2024 11:50:03 +0800
From: Herbert Xu <herbert@...dor.apana.org.au>
To: Linus Torvalds <torvalds@...ux-foundation.org>,
	"David S. Miller" <davem@...emloft.net>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Linux Crypto Mailing List <linux-crypto@...r.kernel.org>
Subject: [GIT PULL] Crypto Update for 6.10

Hi Linus:

The following changes since commit 174fdc93a241af54772ae3e745ec719e9f6cebfc:

  Merge tag 'v6.9-p2' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 (2024-03-25 10:48:23 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git v6.10-p1 

for you to fetch changes up to 13909a0c88972c5ef5d13f44d1a8bf065a31bdf4:

  crypto: atmel-sha204a - provide the otp content (2024-05-10 17:15:25 +0800)

----------------------------------------------------------------
This update includes the following changes:

API:

- Remove crypto stats interface.

Algorithms:

- Add faster AES-XTS on modern x86_64 CPUs.
- Forbid curves with order less than 224 bits in ecc (FIPS 186-5).
- Add ECDSA NIST P521.

Drivers:

- Expose otp zone in atmel.
- Add dh fallback for primes > 4K in qat.
- Add interface for live migration in qat.
- Use dma for aes requests in starfive.
- Add full DMA support for stm32mpx in stm32.
- Add Tegra Security Engine driver.

Others:

- Introduce scope-based x509_certificate allocation.
----------------------------------------------------------------

Adam Guerin (2):
      crypto: qat - improve error message in adf_get_arbiter_mapping()
      crypto: qat - improve error logging to be consistent across features

Akhil R (3):
      dt-bindings: crypto: Add Tegra Security Engine
      gpu: host1x: Add Tegra SE to SID table
      crypto: tegra - Add Tegra Security Engine driver

Aleksandr Mishin (1):
      crypto: bcm - Fix pointer arithmetic

Animesh Agarwal (1):
      dt-bindings: crypto: ti,omap-sham: Convert to dtschema

Ard Biesheuvel (1):
      crypto: arm64/aes-ce - Simplify round key load sequence

Arnd Bergmann (1):
      crypto: ccp - drop platform ifdef checks

Chang S. Bae (2):
      crypto: x86/aesni - Rearrange AES key size check
      crypto: x86/aesni - Update aesni_set_key() to return void

Chen Ni (1):
      crypto: octeontx2 - add missing check for dma_map_single

Chenghai Huang (10):
      crypto: hisilicon/sec - Add the condition for configuring the sriov function
      crypto: hisilicon/debugfs - Fix debugfs uninit process issue
      crypto: hisilicon/sgl - Delete redundant parameter verification
      crypto: hisilicon/debugfs - Fix the processing logic issue in the debugfs creation
      crypto: hisilicon/qm - Add the default processing branch
      crypto: hisilicon - Adjust debugfs creation and release order
      crypto: hisilicon/sec - Fix memory leak for sec resource release
      crypto: hisilicon/debugfs - Resolve the problem of applying for redundant space in sq dump
      crypto: hisilicon/qm - Add the err memory release process to qm uninit
      crypto: hisilicon/debugfs - mask the unnecessary info from the dump

Colin Ian King (1):
      crypto: qat - Fix spelling mistake "Invalide" -> "Invalid"

Damian Muszynski (1):
      crypto: qat - implement dh fallback for primes > 4K

Dan Carpenter (1):
      crypto: tegra - Fix some error codes

Eric Biggers (24):
      crypto: remove CONFIG_CRYPTO_STATS
      x86: add kconfig symbols for assembler VAES and VPCLMULQDQ support
      crypto: x86/aes-xts - add AES-XTS assembly macro for modern CPUs
      crypto: x86/aes-xts - wire up AESNI + AVX implementation
      crypto: x86/aes-xts - wire up VAES + AVX2 implementation
      crypto: x86/aes-xts - wire up VAES + AVX10/256 implementation
      crypto: x86/aes-xts - wire up VAES + AVX10/512 implementation
      crypto: x86/nh-avx2 - add missing vzeroupper
      crypto: x86/sha256-avx2 - add missing vzeroupper
      crypto: x86/sha512-avx2 - add missing vzeroupper
      crypto: x86/aes-xts - make non-AVX implementation use new glue code
      crypto: x86/aes-xts - access round keys using single-byte offsets
      crypto: x86/sha256-ni - convert to use rounds macros
      crypto: x86/sha256-ni - rename some register aliases
      crypto: x86/sha256-ni - optimize code size
      crypto: x86/sha256-ni - simplify do_4rounds
      crypto: x86/aes-xts - handle CTS encryption more efficiently
      crypto: x86/aesni-xts - deduplicate aesni_xts_enc() and aesni_xts_dec()
      crypto: x86/aes-xts - handle AES-128 and AES-192 more efficiently
      crypto: x86/aes-xts - eliminate a few more instructions
      crypto: x86/aes-xts - optimize size of instructions operating on lengths
      crypto: x86/aes-xts - simplify loop in xts_crypt_slowpath()
      crypto: x86/aes-gcm - delete unused GCM assembly code
      crypto: x86/aes-gcm - simplify GCM hash subkey derivation

Geert Uytterhoeven (1):
      dt-bindings: crypto: starfive: Restore sort order

Giovanni Cabiddu (3):
      crypto: qat - adf_get_etr_base() helper
      crypto: qat - relocate CSR access code
      crypto: qat - specify firmware files for 402xx

Gustavo A. R. Silva (2):
      crypto: nx - Avoid -Wflex-array-member-not-at-end warning
      crypto: qat - Avoid -Wflex-array-member-not-at-end warnings

Hailey Mothershead (1):
      crypto: aead,cipher - zeroize key buffer after use

Herbert Xu (1):
      padata: Disable BH when taking works lock on MT path

Jerry Snitselaar (1):
      crypto: iaa - Fix some errors in IAA documentation

Jia Jie Ho (8):
      dt-bindings: crypto: starfive: Add jh8100 support
      crypto: starfive - Update hash dma usage
      crypto: starfive - Skip unneeded key free
      crypto: starfive - Use dma for aes requests
      crypto: starfive - Skip dma setup for zeroed message
      crypto: starfive - Skip unneeded fallback allocation
      crypto: starfive - Do not free stack buffer
      crypto: starfive - Use fallback for unaligned dma access

Joachim Vandersmissen (2):
      crypto: ecc - update ecc_gen_privkey for FIPS 186-5
      crypto: ecdh - explicitly zeroize private_key

Joel Granados (1):
      crypto: fips - Remove the now superfluous sentinel element from ctl_table array

Li Zhijian (1):
      hwrng: core - Convert sprintf/snprintf to sysfs_emit

Lothar Rubusch (4):
      crypto: atmel-i2c - add missing arg description
      crypto: atmel-i2c - rename read function
      crypto: atmel-sha204a - add reading from otp zone
      crypto: atmel-sha204a - provide the otp content

Luca Weiss (1):
      dt-bindings: crypto: ice: Document sc7280 inline crypto engine

Lucas Segarra Fernandez (1):
      crypto: qat - validate slices count returned by FW

Lukas Wunner (1):
      X.509: Introduce scope-based x509_certificate allocation

Marek Vasut (3):
      hwrng: stm32 - use logical OR in conditional
      hwrng: stm32 - put IP into RPM suspend on failure
      hwrng: stm32 - repair clock handling

Maxime Méré (1):
      crypto: stm32/hash - add full DMA support for stm32mpx

Pankaj Gupta (2):
      crypto: caam - init-clk based on caam-page0-access
      crypto: caam - i.MX8ULP donot have CAAM page0 access

Roman Smirnov (2):
      crypto: ecc - remove checks in crypto_ecdh_shared_secret() and ecc_make_pub_key()
      crypto: algboss - remove NULL check in cryptomgr_schedule_probe()

Siming Wan (3):
      crypto: qat - rename get_sla_arr_of_type()
      crypto: qat - expand CSR operations for QAT GEN4 devices
      crypto: qat - add bank save and restore flows

Stefan Berger (16):
      crypto: ecdsa - Fix module auto-load on add-key
      crypto: ecc - Use ECC_CURVE_NIST_P192/256/384_DIGITS where possible
      crypto: ecdsa - Convert byte arrays with key coordinates to digits
      crypto: ecdsa - Adjust tests on length of key parameters
      crypto: ecdsa - Extend res.x mod n calculation for NIST P521
      crypto: ecc - Add nbits field to ecc_curve structure
      crypto: ecc - Implement vli_mmod_fast_521 for NIST p521
      crypto: ecc - Add special case for NIST P521 in ecc_point_mult
      crypto: ecc - Add NIST P521 curve parameters
      crypto: ecdsa - Replace ndigits with nbits where precision is needed
      crypto: ecdsa - Rename keylen to bufsize where necessary
      crypto: ecdsa - Register NIST P521 and extend test suite
      crypto: asymmetric_keys - Adjust signature size calculation for NIST P521
      crypto: x509 - Add OID for NIST P521 and extend parser for it
      crypto: ecdh - Pass private key in proper byte order to check valid key
      crypto: ecdh - Initialize ctx->private_key in proper byte order

Thorsten Blum (4):
      crypto: jitter - Use kvfree_sensitive() to fix Coccinelle warning
      crypto: jitter - Remove duplicate word in comment
      crypto: jitter - Replace http with https
      crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy()

Tom Zanussi (5):
      crypto: iaa - fix decomp_bytes_in stats
      crypto: iaa - Remove comp/decomp delay statistics
      crypto: iaa - Add global_stats file and remove individual stat files
      crypto: iaa - Change iaa statistics to atomic64_t
      crypto: iaa - Use cpumask_weight() when rebalancing

Uwe Kleine-König (2):
      hwrng: mxc-rnga - Drop usage of platform_driver_probe()
      crypto: tegra - Convert to platform remove callback returning void

Vitaly Chikunov (1):
      crypto: ecrdsa - Fix module auto-load on add_key

Wenkai Lin (1):
      crypto: hisilicon/sec2 - fix for register offset

Wolfram Sang (2):
      crypto: api - use 'time_left' variable with wait_for_completion_killable_timeout()
      crypto: sahara - use 'time_left' variable with wait_for_completion_timeout()

Xin Zeng (4):
      crypto: qat - relocate and rename 4xxx PF2VM definitions
      crypto: qat - move PFVF compat checker to a function
      crypto: qat - add interface for live migration
      crypto: qat - implement interface for live migration

 .../bindings/crypto/nvidia,tegra234-se-aes.yaml    |   52 +
 .../bindings/crypto/nvidia,tegra234-se-hash.yaml   |   52 +
 .../devicetree/bindings/crypto/omap-sham.txt       |   28 -
 .../bindings/crypto/qcom,inline-crypto-engine.yaml |    1 +
 .../bindings/crypto/starfive,jh7110-crypto.yaml    |   30 +-
 .../devicetree/bindings/crypto/ti,omap-sham.yaml   |   56 +
 Documentation/driver-api/crypto/iaa/iaa-crypto.rst |   96 +-
 MAINTAINERS                                        |    5 +
 arch/arm64/crypto/aes-ce.S                         |   34 +-
 arch/arm64/crypto/aes-neon.S                       |   20 +-
 arch/s390/configs/debug_defconfig                  |    1 -
 arch/s390/configs/defconfig                        |    1 -
 arch/x86/Kconfig.assembler                         |   10 +
 arch/x86/crypto/Makefile                           |    3 +-
 arch/x86/crypto/aes-xts-avx-x86_64.S               |  845 +++++++++
 arch/x86/crypto/aesni-intel_asm.S                  |  469 +----
 arch/x86/crypto/aesni-intel_glue.c                 |  420 +++--
 arch/x86/crypto/nh-avx2-x86_64.S                   |    1 +
 arch/x86/crypto/sha256-avx2-asm.S                  |    1 +
 arch/x86/crypto/sha256_ni_asm.S                    |  251 +--
 arch/x86/crypto/sha512-avx2-asm.S                  |    1 +
 crypto/Kconfig                                     |   20 -
 crypto/Makefile                                    |    2 -
 crypto/acompress.c                                 |   33 -
 crypto/aead.c                                      |   87 +-
 crypto/ahash.c                                     |   63 +-
 crypto/akcipher.c                                  |   31 -
 crypto/algboss.c                                   |    3 -
 crypto/api.c                                       |    8 +-
 crypto/asymmetric_keys/public_key.c                |   14 +-
 crypto/asymmetric_keys/x509_cert_parser.c          |   46 +-
 crypto/asymmetric_keys/x509_parser.h               |    3 +
 crypto/asymmetric_keys/x509_public_key.c           |   31 +-
 crypto/cipher.c                                    |    3 +-
 crypto/compress.h                                  |    3 -
 crypto/{crypto_user_base.c => crypto_user.c}       |   10 +-
 crypto/crypto_user_stat.c                          |  176 --
 crypto/ecc.c                                       |  100 +-
 crypto/ecc_curve_defs.h                            |   49 +
 crypto/ecdh.c                                      |   11 +-
 crypto/ecdsa.c                                     |   66 +-
 crypto/ecrdsa.c                                    |    1 +
 crypto/ecrdsa_defs.h                               |    5 +
 crypto/fips.c                                      |    1 -
 crypto/hash.h                                      |   30 -
 crypto/jitterentropy-kcapi.c                       |    3 +-
 crypto/jitterentropy.c                             |    4 +-
 crypto/kpp.c                                       |   30 -
 crypto/lskcipher.c                                 |   73 +-
 crypto/rng.c                                       |   44 +-
 crypto/scompress.c                                 |    3 -
 crypto/shash.c                                     |   75 +-
 crypto/sig.c                                       |   13 -
 crypto/skcipher.c                                  |   86 +-
 crypto/skcipher.h                                  |   10 -
 crypto/testmgr.c                                   |    7 +
 crypto/testmgr.h                                   |  146 ++
 drivers/char/hw_random/core.c                      |    2 +-
 drivers/char/hw_random/mxc-rnga.c                  |    9 +-
 drivers/char/hw_random/stm32-rng.c                 |   18 +-
 drivers/crypto/Kconfig                             |    8 +
 drivers/crypto/Makefile                            |    1 +
 drivers/crypto/atmel-i2c.c                         |   30 +-
 drivers/crypto/atmel-i2c.h                         |    8 +-
 drivers/crypto/atmel-sha204a.c                     |   68 +
 drivers/crypto/bcm/spu2.c                          |    2 +-
 drivers/crypto/caam/ctrl.c                         |   19 +-
 drivers/crypto/ccp/sp-platform.c                   |   14 +-
 drivers/crypto/hisilicon/debugfs.c                 |   65 +-
 drivers/crypto/hisilicon/hpre/hpre_main.c          |   23 +-
 drivers/crypto/hisilicon/qm.c                      |    8 +-
 drivers/crypto/hisilicon/sec2/sec_crypto.c         |    4 +-
 drivers/crypto/hisilicon/sec2/sec_main.c           |   32 +-
 drivers/crypto/hisilicon/sgl.c                     |    5 +-
 drivers/crypto/hisilicon/zip/zip_main.c            |   24 +-
 drivers/crypto/intel/iaa/iaa_crypto.h              |   16 +-
 drivers/crypto/intel/iaa/iaa_crypto_main.c         |   23 +-
 drivers/crypto/intel/iaa/iaa_crypto_stats.c        |  183 +-
 drivers/crypto/intel/iaa/iaa_crypto_stats.h        |    8 -
 .../crypto/intel/qat/qat_420xx/adf_420xx_hw_data.c |    5 +-
 .../crypto/intel/qat/qat_4xxx/adf_4xxx_hw_data.c   |    7 +-
 drivers/crypto/intel/qat/qat_4xxx/adf_drv.c        |    2 +
 .../crypto/intel/qat/qat_c3xxx/adf_c3xxx_hw_data.c |    1 +
 .../intel/qat/qat_c3xxxvf/adf_c3xxxvf_hw_data.c    |    1 +
 .../crypto/intel/qat/qat_c62x/adf_c62x_hw_data.c   |    1 +
 .../intel/qat/qat_c62xvf/adf_c62xvf_hw_data.c      |    1 +
 drivers/crypto/intel/qat/qat_common/Makefile       |    6 +-
 .../intel/qat/qat_common/adf_accel_devices.h       |   88 +
 .../crypto/intel/qat/qat_common/adf_common_drv.h   |   10 +
 .../intel/qat/qat_common/adf_gen2_hw_csr_data.c    |  101 +
 .../intel/qat/qat_common/adf_gen2_hw_csr_data.h    |   86 +
 .../crypto/intel/qat/qat_common/adf_gen2_hw_data.c |   97 -
 .../crypto/intel/qat/qat_common/adf_gen2_hw_data.h |   76 -
 .../intel/qat/qat_common/adf_gen4_hw_csr_data.c    |  231 +++
 .../intel/qat/qat_common/adf_gen4_hw_csr_data.h    |  188 ++
 .../crypto/intel/qat/qat_common/adf_gen4_hw_data.c |  380 +++-
 .../crypto/intel/qat/qat_common/adf_gen4_hw_data.h |  127 +-
 .../crypto/intel/qat/qat_common/adf_gen4_pfvf.c    |    8 +-
 drivers/crypto/intel/qat/qat_common/adf_gen4_tl.c  |    1 +
 .../crypto/intel/qat/qat_common/adf_gen4_vf_mig.c  | 1010 ++++++++++
 .../crypto/intel/qat/qat_common/adf_gen4_vf_mig.h  |   10 +
 .../crypto/intel/qat/qat_common/adf_mstate_mgr.c   |  318 ++++
 .../crypto/intel/qat/qat_common/adf_mstate_mgr.h   |   89 +
 .../intel/qat/qat_common/adf_pfvf_pf_proto.c       |    8 +-
 .../crypto/intel/qat/qat_common/adf_pfvf_utils.h   |   11 +
 drivers/crypto/intel/qat/qat_common/adf_rl.c       |   12 +-
 drivers/crypto/intel/qat/qat_common/adf_rl.h       |    2 +
 drivers/crypto/intel/qat/qat_common/adf_sriov.c    |    7 +-
 .../crypto/intel/qat/qat_common/adf_telemetry.c    |   21 +
 .../crypto/intel/qat/qat_common/adf_telemetry.h    |    1 +
 .../crypto/intel/qat/qat_common/adf_transport.c    |    4 +-
 .../crypto/intel/qat/qat_common/qat_asym_algs.c    |   66 +-
 drivers/crypto/intel/qat/qat_common/qat_bl.c       |    6 +-
 drivers/crypto/intel/qat/qat_common/qat_bl.h       |   11 +-
 drivers/crypto/intel/qat/qat_common/qat_mig_dev.c  |  130 ++
 .../intel/qat/qat_dh895xcc/adf_dh895xcc_hw_data.c  |    1 +
 .../qat/qat_dh895xccvf/adf_dh895xccvf_hw_data.c    |    1 +
 drivers/crypto/marvell/octeontx2/cn10k_cpt.c       |    4 +
 drivers/crypto/nx/nx-842.c                         |    6 +-
 drivers/crypto/nx/nx-842.h                         |   10 +-
 drivers/crypto/sahara.c                            |   16 +-
 drivers/crypto/starfive/Kconfig                    |    4 +
 drivers/crypto/starfive/jh7110-aes.c               |  603 ++++--
 drivers/crypto/starfive/jh7110-cryp.c              |   43 -
 drivers/crypto/starfive/jh7110-cryp.h              |   10 +-
 drivers/crypto/starfive/jh7110-hash.c              |  285 ++-
 drivers/crypto/starfive/jh7110-rsa.c               |   14 +-
 drivers/crypto/stm32/stm32-hash.c                  |  570 ++++--
 drivers/crypto/tegra/Makefile                      |    9 +
 drivers/crypto/tegra/tegra-se-aes.c                | 1933 ++++++++++++++++++++
 drivers/crypto/tegra/tegra-se-hash.c               | 1060 +++++++++++
 drivers/crypto/tegra/tegra-se-key.c                |  156 ++
 drivers/crypto/tegra/tegra-se-main.c               |  437 +++++
 drivers/crypto/tegra/tegra-se.h                    |  560 ++++++
 drivers/gpu/host1x/dev.c                           |   24 +
 include/crypto/acompress.h                         |   73 +-
 include/crypto/aead.h                              |   21 -
 include/crypto/akcipher.h                          |   78 +-
 include/crypto/algapi.h                            |    3 -
 include/crypto/ecc_curve.h                         |    2 +
 include/crypto/ecdh.h                              |    1 +
 include/crypto/hash.h                              |   22 -
 include/crypto/internal/acompress.h                |    1 -
 include/crypto/internal/cryptouser.h               |   16 -
 include/crypto/internal/ecc.h                      |   27 +-
 include/crypto/internal/scompress.h                |    1 -
 include/crypto/kpp.h                               |   58 +-
 include/crypto/rng.h                               |   51 +-
 include/crypto/skcipher.h                          |   25 -
 include/linux/compiler.h                           |    2 +
 include/linux/oid_registry.h                       |    1 +
 include/linux/qat/qat_mig_dev.h                    |   31 +
 include/uapi/linux/cryptouser.h                    |   30 +-
 kernel/padata.c                                    |    8 +-
 154 files changed, 10335 insertions(+), 3222 deletions(-)
 create mode 100644 Documentation/devicetree/bindings/crypto/nvidia,tegra234-se-aes.yaml
 create mode 100644 Documentation/devicetree/bindings/crypto/nvidia,tegra234-se-hash.yaml
 delete mode 100644 Documentation/devicetree/bindings/crypto/omap-sham.txt
 create mode 100644 Documentation/devicetree/bindings/crypto/ti,omap-sham.yaml
 create mode 100644 arch/x86/crypto/aes-xts-avx-x86_64.S
 rename crypto/{crypto_user_base.c => crypto_user.c} (98%)
 delete mode 100644 crypto/crypto_user_stat.c
 create mode 100644 drivers/crypto/intel/qat/qat_common/adf_gen2_hw_csr_data.c
 create mode 100644 drivers/crypto/intel/qat/qat_common/adf_gen2_hw_csr_data.h
 create mode 100644 drivers/crypto/intel/qat/qat_common/adf_gen4_hw_csr_data.c
 create mode 100644 drivers/crypto/intel/qat/qat_common/adf_gen4_hw_csr_data.h
 create mode 100644 drivers/crypto/intel/qat/qat_common/adf_gen4_vf_mig.c
 create mode 100644 drivers/crypto/intel/qat/qat_common/adf_gen4_vf_mig.h
 create mode 100644 drivers/crypto/intel/qat/qat_common/adf_mstate_mgr.c
 create mode 100644 drivers/crypto/intel/qat/qat_common/adf_mstate_mgr.h
 create mode 100644 drivers/crypto/intel/qat/qat_common/qat_mig_dev.c
 create mode 100644 drivers/crypto/tegra/Makefile
 create mode 100644 drivers/crypto/tegra/tegra-se-aes.c
 create mode 100644 drivers/crypto/tegra/tegra-se-hash.c
 create mode 100644 drivers/crypto/tegra/tegra-se-key.c
 create mode 100644 drivers/crypto/tegra/tegra-se-main.c
 create mode 100644 drivers/crypto/tegra/tegra-se.h
 delete mode 100644 include/crypto/internal/cryptouser.h
 create mode 100644 include/linux/qat/qat_mig_dev.h

Thanks,
-- 
Email: Herbert Xu <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ