2011-01-06 00:02:05

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 2.6.38

Hi Linus:

Here is the crypto update for 2.6.38:

* Crypto API interface for user-space (hash + skcipher)
* Fixes for new OMAP driver.
* 32-bit support in aesni-intel.
* GCM support in aesni-intel.
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git

or

master.kernel.org:/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Adrian Hoban (1):
crypto: rfc4106 - Extending the RC4106 AES-GCM test vectors

Adrian-Ken Rueegsegger (1):
crypto: ripemd - Set module author and update email address

Dmitry Kasatkin (15):
crypto: omap-sham - uses digest buffer in request context
crypto: omap-sham - DMA initialization fixes for off mode
crypto: omap-sham - error handling improved
crypto: omap-sham - removed redundunt locking
crypto: omap-sham - crypto_ahash_final() now not need to be called.
crypto: omap-sham - hash-in-progress is stored in hw format
crypto: omap-sham - FLAGS_FIRST is redundant and removed
crypto: omap-sham - zero-copy scatterlist handling
crypto: omap-aes - DMA initialization fixes for OMAP off mode
crypto: omap-aes - redundant locking is removed
crypto: omap-aes - error handling implementation improved
crypto: omap-aes - unnecessary code removed
crypto: omap-aes - initialize aes module once per request
crypto: omap-aes - checkpatch --file warning fixes
crypto: omap-sham - backlog handling fix

Herbert Xu (10):
crypto: hash - Fix async import on shash algorithm
net - Add AF_ALG macros
crypto: af_alg - User-space interface for Crypto API
crypto: algif_hash - User-space interface for hash operations
crypto: algif_skcipher - User-space interface for skcipher operations
crypto: algif_skcipher - Pass on error from af_alg_make_sg
crypto: af_alg - Add dependency on NET
crypto: algif_skcipher - Fixed overflow when sndbuf is page aligned
crypto: algif_skcipher - Handle unaligned receive buffer
crypto: gf128mul - Remove experimental tag

Joe Perches (1):
crypto: Use vzalloc

Mathias Krause (2):
crypto: aesni-intel - Ported implementation to x86-32
crypto: aesni-intel - Fixed build error on x86-32

Miloslav Trmač (3):
include: Install linux/if_alg.h for user-space crypto API
net: Add missing lockdep class names for af_alg
crypto: af_alg - Make sure sk_security is initialized on accept()ed sockets

Nicolas Kaiser (1):
crypto: cast5 - simplify if-statements

Randy Dunlap (1):
crypto: af_alg - fix af_alg memory_allocated data type

Roel Kluin (1):
crypto: mv_cesa - dont return PTR_ERR() of wrong pointer

Steffen Klassert (2):
crypto: scatterwalk - Add scatterwalk_crypto_chain helper
crypto: Use scatterwalk_crypto_chain

Tadeusz Struk (2):
crypto: aesni-intel - RFC4106 AES-GCM Driver Using Intel New Instructions
crypto: aesni-intel - Fixed build with binutils 2.16

Tejun Heo (1):
crypto: mark crypto workqueues CPU_INTENSIVE

Tracey Dent (1):
crypto: Makefile clean up

arch/x86/crypto/aesni-intel_asm.S | 1832 +++++++++++++++++++++++++++++++++++-
arch/x86/crypto/aesni-intel_glue.c | 540 +++++++++++-
crypto/Kconfig | 34 +-
crypto/Makefile | 17 +-
crypto/af_alg.c | 483 ++++++++++
crypto/algif_hash.c | 319 +++++++
crypto/algif_skcipher.c | 632 +++++++++++++
crypto/authenc.c | 22 +-
crypto/cast5.c | 74 +-
crypto/crypto_wq.c | 3 +-
crypto/deflate.c | 3 +-
crypto/eseqiv.c | 18 +-
crypto/gcm.c | 19 +-
crypto/pcrypt.c | 3 +-
crypto/rmd128.c | 3 +-
crypto/rmd160.c | 3 +-
crypto/rmd256.c | 3 +-
crypto/rmd320.c | 3 +-
crypto/shash.c | 8 +-
crypto/tcrypt.c | 11 +
crypto/testmgr.c | 24 +
crypto/testmgr.h | 361 +++++++
crypto/zlib.c | 3 +-
drivers/crypto/mv_cesa.c | 2 +-
drivers/crypto/omap-aes.c | 260 +++---
drivers/crypto/omap-sham.c | 374 +++++----
include/crypto/if_alg.h | 92 ++
include/crypto/scatterwalk.h | 15 +
include/linux/Kbuild | 1 +
include/linux/if_alg.h | 40 +
include/linux/socket.h | 5 +-
net/core/sock.c | 6 +-
32 files changed, 4763 insertions(+), 450 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt


2011-01-06 18:05:46

by Linus Torvalds

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

On Wed, Jan 5, 2011 at 4:01 PM, Herbert Xu <[email protected]> wrote:
>
> * Crypto API interface for user-space (hash + skcipher)

Is there really any point to this? And can we get more explanation of
what the interface is, and who would use it?

If you need crypto in user space, it's almost invariably better done
in user space. If the CPU can do crypto on its own, and doesn't expose
those instructions to user space, it's just a stupid CPU - and the
user/kernel transfer is likely going to make it slower than a pure
software approach for any but the biggest transfers.

And if the crypto engine is off-chip, the sw version is going to be
faster anyway except for possible async versions that are hard to
interface to user space.

So I really need more convincing about the whole user-space interface.
Adding new interfaces willy-nilly isn't a good idea. They need damn
good reasons.

Linus

2011-01-06 21:16:46

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

On Thu, Jan 06, 2011 at 10:05:46AM -0800, Linus Torvalds wrote:
>
> Is there really any point to this? And can we get more explanation of
> what the interface is, and who would use it?

I think you've answered it yourself in the third paragraph :)

> If you need crypto in user space, it's almost invariably better done
> in user space. If the CPU can do crypto on its own, and doesn't expose
> those instructions to user space, it's just a stupid CPU - and the
> user/kernel transfer is likely going to make it slower than a pure
> software approach for any but the biggest transfers.

I agree completely.

> And if the crypto engine is off-chip, the sw version is going to be
> faster anyway except for possible async versions that are hard to
> interface to user space.
>
> So I really need more convincing about the whole user-space interface.
> Adding new interfaces willy-nilly isn't a good idea. They need damn
> good reasons.

Right. This purpose of this interface is to access the async
hardware crypto drivers that we have added over the past years.

For a modern x86-64 CPU it isn't interesting at all. It's mainly
for other architectures where the CPU may not be able to keep up
with say 10Gb/s IPsec traffic and the encryption and/or hashing
must be offloaded.

This is also why only hash and skcipher are supported as they
are the main algorithm types supported by teh current async
drivers in the kernel.

Cheers,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2011-01-06 21:24:29

by Linus Torvalds

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

On Thu, Jan 6, 2011 at 1:16 PM, Herbert Xu <[email protected]> wrote:
> On Thu, Jan 06, 2011 at 10:05:46AM -0800, Linus Torvalds wrote:
>>
>> Is there really any point to this? And can we get more explanation of
>> what the interface is, and who would use it?
>
> I think you've answered it yourself in the third paragraph :)

No I didn't.

What part of "can we get more explanation of what the interface is" is unclear?

Explanations of interface. Code. Who uses it? What are the actual
performance benefits on real code?

Quite frankly, asynchronous external devices using DMA or similar are
seldom real performance improvements. The bus and cache traffic tends
to overwhelm any other advantage, and commonly the result is (a) lower
performance with (b) better-looking profiles.

But "better-looking profiles" isn't actually a real advantage.

And I really do want to hear about new kernel interfaces. What _are_
the interfaces, and what are the advantages to them.

Linus

2011-01-06 21:39:39

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

On Thu, Jan 06, 2011 at 01:23:19PM -0800, Linus Torvalds wrote:
>
> Explanations of interface. Code. Who uses it? What are the actual
> performance benefits on real code?

You snipped out the bit in my reply where I expanded on it:

: Right. This purpose of this interface is to access the async
: hardware crypto drivers that we have added over the past years.
:
: For a modern x86-64 CPU it isn't interesting at all. It's mainly
: for other architectures where the CPU may not be able to keep up
: with say 10Gb/s IPsec traffic and the encryption and/or hashing
: must be offloaded.
:
: This is also why only hash and skcipher are supported as they
: are the main algorithm types supported by teh current async
: drivers in the kernel.

The interface is meant to be used by those whose CPU either cannot
provide adequate performance for encryption/hashing, or where they
need to preverse the CPU power for other tasks. This is most
likely to be used on a non-x86 architecture, as most of our async
crypto drivers are for non-x86 architectures.

Users can be anything performing bulk encryptiong/hashing in user-
space, e.g., SSL (although there are plans to implement SSL in
the kernel as well), SSH, etc.

Here is the original cover email for the patches:

: On Tue, Sep 07, 2010 at 04:42:13PM +0800, Herbert Xu wrote:
: >
: > This is what I am proposing for the Crypto API user-interface.
: >
: > Note that this is the interface for operations. There will be
: > a separate interface (most likely netlink) for configuring crypto
: > algorithms, e.g., picking a specific AES implementation as the
: > system default.
:
: OK I've gone ahead and implemented the user-space API for hashes
: and ciphers.
:
: To recap this interface is designed to allow user-space programs
: to access hardware cryptographic accelerators that we have added
: to the kernel.
:
: The intended usage scenario is where a large amount of data needs
: to be processed where the benefits offered by hardware acceleration
: that is normally unavailable in user-space (as opposed to ones
: such as the Intel AES instruction which may be used directly from
: user-space) outweigh the overhead of going through the kernel.
:
: In order to further minimise the overhead in these cases, this
: interface offers the option of avoiding copying data between
: user-space and the kernel where possible and appropriate. For
: ciphers this means the use of the splice(2) interface instead of
: sendmsg(2)
:
: Here is a sample hash program (note that these only illustrate
: what the interface looks like and are not meant to be good examples
: of coding :)
:
: int main(void)
: {
: int opfd;
: int tfmfd;
: struct sockaddr_alg sa = {
: .salg_family = AF_ALG,
: .salg_type = "hash",
: .salg_name = "sha1"
: };
: char buf[20];
: int i;
:
: tfmfd = socket(AF_ALG, SOCK_SEQPACKET, 0);
:
: bind(tfmfd, (struct sockaddr *)&sa, sizeof(sa));
:
: opfd = accept(tfmfd, NULL, 0);
:
: write(opfd, "abc", 3);
: read(opfd, buf, 20);
:
: for (i = 0; i < 20; i++) {
: printf("%02x", (unsigned char)buf[i]);
: }
: printf("\n");
:
: close(opfd);
: close(tfmfd);
:
: return 0;
: }
:
: And here is one for ciphers:
:
: int main(void)
: {
: int opfd;
: int tfmfd;
: struct sockaddr_alg sa = {
: .salg_family = AF_ALG,
: .salg_type = "skcipher",
: .salg_name = "cbc(aes)"
: };
: struct msghdr msg = {};
: struct cmsghdr *cmsg;
: char cbuf[CMSG_SPACE(4) + CMSG_SPACE(20)];
: char buf[16];
: struct af_alg_iv *iv;
: struct iovec iov;
: int i;
:
: tfmfd = socket(AF_ALG, SOCK_SEQPACKET, 0);
:
: bind(tfmfd, (struct sockaddr *)&sa, sizeof(sa));
:
: setsockopt(tfmfd, SOL_ALG, ALG_SET_KEY,
: "\x06\xa9\x21\x40\x36\xb8\xa1\x5b"
: "\x51\x2e\x03\xd5\x34\x12\x00\x06", 16);
:
: opfd = accept(tfmfd, NULL, 0);
:
: msg.msg_control = cbuf;
: msg.msg_controllen = sizeof(cbuf);
:
: cmsg = CMSG_FIRSTHDR(&msg);
: cmsg->cmsg_level = SOL_ALG;
: cmsg->cmsg_type = ALG_SET_OP;
: cmsg->cmsg_len = CMSG_LEN(4);
: *(__u32 *)CMSG_DATA(cmsg) = ALG_OP_ENCRYPT;
:
: cmsg = CMSG_NXTHDR(&msg, cmsg);
: cmsg->cmsg_level = SOL_ALG;
: cmsg->cmsg_type = ALG_SET_IV;
: cmsg->cmsg_len = CMSG_LEN(20);
: iv = (void *)CMSG_DATA(cmsg);
: iv->ivlen = 16;
: memcpy(iv->iv, "\x3d\xaf\xba\x42\x9d\x9e\xb4\x30"
: "\xb4\x22\xda\x80\x2c\x9f\xac\x41", 16);
:
: iov.iov_base = "Single block msg";
: iov.iov_len = 16;
:
: msg.msg_iov = &iov;
: msg.msg_iovlen = 1;
:
: sendmsg(opfd, &msg, 0);
: read(opfd, buf, 16);
:
: for (i = 0; i < 16; i++) {
: printf("%02x", (unsigned char)buf[i]);
: }
: printf("\n");
:
: close(opfd);
: close(tfmfd);
:
: return 0;
: }

Cheers,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2011-01-06 21:50:02

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

On Thu, Jan 06, 2011 at 04:46:02PM -0500, Pavel Roskin wrote:
>
> Are there any chances AEAD will be supported? Is the API extendable to
> allow that?

Yes we can support AEAD. However, as there weren't any existing
user-space users that could benefit immediately, I have not added
it at this point in time.

When combined-mode support in async hardware becomes more common
this could change of course.

Cheers,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2011-01-06 21:56:09

by Pavel Roskin

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

On 01/06/2011 04:16 PM, Herbert Xu wrote:

> This is also why only hash and skcipher are supported as they
> are the main algorithm types supported by teh current async
> drivers in the kernel.

Are there any chances AEAD will be supported? Is the API extendable to
allow that?

If I remember correctly, the original patch was simply a port of FreeBSD
/dev/crypto, which doesn't support AEAD.

--
Regards,
Pavel Roskin

2011-01-06 22:13:17

by Linus Torvalds

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

On Thu, Jan 6, 2011 at 1:39 PM, Herbert Xu <[email protected]> wrote:
> On Thu, Jan 06, 2011 at 01:23:19PM -0800, Linus Torvalds wrote:
>>
>> Explanations of interface. Code. Who uses it? What are the actual
>> performance benefits on real code?
>
> You snipped out the bit in my reply where I expanded on it:

You didn't expand on it AT ALL.

You just mentioned "the interface". I haven't seen WHAT THAT INTERFACE IS!

How hard is that to understand?

> Here is the original cover email for the patches:

Ok, this is more like it. This is roughly what I wanted to see:

> : Here is a sample hash program (note that these only illustrate
> : what the interface looks like and are not meant to be good examples
> : of coding :)

But I'm still missing the part where you show that there is any actual
use case that makes sense, and that actually improves performance.
Maybe it's been posted somewhere else, but the thing is, you're asking
_me_ to pull, and as a result you need to convince _me_ that this is a
good idea. So if it's been posted/discussed extensively elsewhere,
please point to those discussions.

I really don't like adding interfaces that don't have hard uses
associated with them. We've done it in the past, and it tends to be a
morass and a bad idea. That's been true even when the idea has been my
own, and thus obviously genius-level and clearly the RightThing(tm),
like "splice()". And it's why I push back on new interfaces when I see
them.

Btw, it doesn't have to be about performance per se. Does this allow
people to use keys without actually _seeing_ those keys? Your example
implies that that is not the case, but that's actually one of the few
reasons to actually support a kernel crypto interface - the ability to
have private personal keys around, but not having to actually let
possibly untrusted programs see them.

For example of why something like that matters, I can well see myself
using some program to encrypt things. But maybe I don't trust that
program enough to give it my actual private keys. In that case, kernel
support is a real feature.

But in your example, it looks like you just give it the key. Which to
me means that you're totally missing one of the major reasons for
having a separate protection domain.

And that makes me think that the interface is bad. And that's why it's
a big change to go from "internal kernel crypto interface" to "actual
user-space interface to the kernel crypto engine". The first one can
be fixed. The second one cannot.

So I'm not necessarily hung up on "performance", but I am hung up on
"there needs to be a point", and "the interface needs to be
-correct-". Performance would be one such point. Not just 'the
hardware is there'. I know the hardware exists, but I'm not at all
convinced that DMA with all the cacheflushing will ever actully be
faster the the CPU. And if it can, I want to hear about the real-world
situation where it actually is used.

Linus

2011-01-06 22:30:48

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

On Thu, Jan 06, 2011 at 02:13:17PM -0800, Linus Torvalds wrote:
>
> But I'm still missing the part where you show that there is any actual
> use case that makes sense, and that actually improves performance.
> Maybe it's been posted somewhere else, but the thing is, you're asking
> _me_ to pull, and as a result you need to convince _me_ that this is a
> good idea. So if it's been posted/discussed extensively elsewhere,
> please point to those discussions.

The main use-case is bulk encryption/hashing in user-space. For
example, on Sparc Niagara2 you need to use SPU (Stream Processing
Unit) in order to do crypto at 10Gb/s over the network. Because
of the hardware design, it is difficult to make use of the SPU
directly in user-space, unless you dedicate the SPU to one single
thread/user.

That is why we need a crypto driver in the kernel as well as a
user-space interface exporting it, to make available a single
piece of hardware resource so that it may be used by multiple
users in user-space.

The same applies to most of the drivers in drivers/crypto, e.g.,
omap provides ARM crypto acceleration providing crypto throughput
that simply cannot be achieved by the CPU itself.

The actual encryption in user-space would be anything that is
done in bulk, such as SSH or SSL. In fact, the intention is
to implement it just once in a library such as libssl where it
could then be used automatically by all appliations.

> But in your example, it looks like you just give it the key. Which to
> me means that you're totally missing one of the major reasons for
> having a separate protection domain.

Providing such separation is not the primary objective of this API,
which is providing user-space access to off-chip crypto hardware.

However, this is something that has been considered and can be
easily added. The idea is to first add symmetric key storage
capability to the existing in-kernel keyring API. Once that is
done we can easily add a new setsockopt to the crypto user-interface
that retrieves the key from the kernel keyring instead of getting
it directly from user-space.

Cheers,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2011-01-06 22:33:33

by David Miller

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

From: Herbert Xu <[email protected]>
Date: Fri, 7 Jan 2011 09:30:42 +1100

> On Thu, Jan 06, 2011 at 02:13:17PM -0800, Linus Torvalds wrote:
>>
>> But I'm still missing the part where you show that there is any actual
>> use case that makes sense, and that actually improves performance.
>> Maybe it's been posted somewhere else, but the thing is, you're asking
>> _me_ to pull, and as a result you need to convince _me_ that this is a
>> good idea. So if it's been posted/discussed extensively elsewhere,
>> please point to those discussions.
>
> The main use-case is bulk encryption/hashing in user-space. For
> example, on Sparc Niagara2 you need to use SPU (Stream Processing
> Unit) in order to do crypto at 10Gb/s over the network. Because
> of the hardware design, it is difficult to make use of the SPU
> directly in user-space, unless you dedicate the SPU to one single
> thread/user.

The N2 SPU is not accessible at all from userspace.

> However, this is something that has been considered and can be
> easily added. The idea is to first add symmetric key storage
> capability to the existing in-kernel keyring API. Once that is
> done we can easily add a new setsockopt to the crypto user-interface
> that retrieves the key from the kernel keyring instead of getting
> it directly from user-space.

That indeed would be real interesting.

2011-01-06 22:53:08

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

On Thu, Jan 06, 2011 at 02:43:35PM -0800, Linus Torvalds wrote:
>
> Can you do the "bypass directly to the TCP stream" with the interface
> you added? It isn't at all obvious how it would work.

Yes it can. The interface allows zero-copy in both directions
using the splice interface. Here is a sample program demonstrating
zero-copy in-place encryption. It doesn't send the result over TCP
but I'm sure you can imagine what that would look like.

Note that the final read(2) looks like it copies, but it doesn't.
The read(2) will setup SG lists using the user-space address and
place the encryption result in there directly. In this case as
the source/destination addresses are identical, it performs in-place
encryption.

#include <fcntl.h>
#include <stdio.h>
#include <string.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <linux/splice.h>
#include <linux/types.h>
#include <linux/af_alg.h>

static char buf[4096] __attribute__((__aligned__(4096)));

int main(void)
{
int opfd;
int tfmfd;
struct sockaddr_alg sa = {
.salg_family = AF_ALG,
.salg_type = "skcipher",
.salg_name = "cbc(aes)"
};
struct msghdr msg = {};
struct cmsghdr *cmsg;
char cbuf[CMSG_SPACE(4) + CMSG_SPACE(20)];
struct aes_iv {
__u32 len;
__u8 iv[16];
} *iv;
struct iovec iov;
int i;
int pipes[2];

pipe(pipes);

tfmfd = socket(AF_ALG, SOCK_SEQPACKET, 0);

bind(tfmfd, (struct sockaddr *)&sa, sizeof(sa));

setsockopt(tfmfd, SOL_ALG, ALG_SET_KEY,
"\x06\xa9\x21\x40\x36\xb8\xa1\x5b"
"\x51\x2e\x03\xd5\x34\x12\x00\x06", 16);

opfd = accept(tfmfd, NULL, 0);

msg.msg_control = cbuf;
msg.msg_controllen = sizeof(cbuf);

cmsg = CMSG_FIRSTHDR(&msg);
cmsg->cmsg_level = SOL_ALG;
cmsg->cmsg_type = ALG_SET_OP;
cmsg->cmsg_len = CMSG_LEN(4);
*(__u32 *)CMSG_DATA(cmsg) = ALG_OP_ENCRYPT;

cmsg = CMSG_NXTHDR(&msg, cmsg);
cmsg->cmsg_level = SOL_ALG;
cmsg->cmsg_type = ALG_SET_IV;
cmsg->cmsg_len = CMSG_LEN(20);
iv = (void *)CMSG_DATA(cmsg);
iv->len = 16;
memcpy(iv->iv, "\x3d\xaf\xba\x42\x9d\x9e\xb4\x30"
"\xb4\x22\xda\x80\x2c\x9f\xac\x41", 16);

memcpy(buf, "Single block msg", 16);

iov.iov_base = buf;
iov.iov_len = 4096;

msg.msg_iovlen = 0;
msg.msg_flags = MSG_MORE;

sendmsg(opfd, &msg, 0);
vmsplice(pipes[1], &iov, 1, SPLICE_F_GIFT);
splice(pipes[0], NULL, opfd, NULL, 16, 0);
read(opfd, buf, 16);

for (i = 0; i < 16; i++) {
printf("%02x", (unsigned char)buf[i]);
}
printf("\n");

close(opfd);
close(tfmfd);

return 0;

Cheers,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2011-01-06 23:02:25

by Mihai Donțu

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

On Thursday 06 January 2011 23:46:02 Pavel Roskin wrote:
> On 01/06/2011 04:16 PM, Herbert Xu wrote:
> > This is also why only hash and skcipher are supported as they
> > are the main algorithm types supported by teh current async
> > drivers in the kernel.
>
> Are there any chances AEAD will be supported? Is the API extendable to
> allow that?
>
> If I remember correctly, the original patch was simply a port of FreeBSD
> /dev/crypto, which doesn't support AEAD.

If it's meant to work like the FreeBSD /dev/crypto, then maybe this[1] paper
is worth mentionning, which includes some performance numbers. There was a
single thing that drew my attention, from "Drawbacks and problems [of
userspace crypto]": "Lots of scary code-duplication".

[1] http://www.paeps.cx/pubs/crypto_acceleration/slides.pdf

--
Mihai Donțu

2011-01-06 23:14:46

by Linus Torvalds

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

On Thu, Jan 6, 2011 at 2:30 PM, Herbert Xu <[email protected]> wrote:
>
> The main use-case is bulk encryption/hashing in user-space. ?For
> example, on Sparc Niagara2 you need to use SPU (Stream Processing
> Unit) in order to do crypto at 10Gb/s over the network.

Umm. But doesn't that require that the data then be sent to the network?

Why would a user-space -> crypto engine -> user space -> network chip
thing ever be good enough? Niagara is so slow that the whole bounce
thing will totally negate all the SPU advantages.

Your interface doesn't seem to support the use case that you actually
want, which is to avoid the bouncing back and forth between user space
buffers.

And if you bounce back and forth, I bet you can't get that 10Gb/s anyway.

Can you do the "bypass directly to the TCP stream" with the interface
you added? It isn't at all obvious how it would work.

So let me repeat ONE MORE TIME:

- I understand that your interface can use the hw that exists

- but I still want real-world use cases to show that it actually
works and makes sense in practice.

Don't give me "we could use the SPU" crap. Give me "this program
actually uses the SPU and gets better performance thanks to it, and
here are the numbers".

Linus

2011-01-06 23:25:55

by Linus Torvalds

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

On Thu, Jan 6, 2011 at 2:53 PM, Herbert Xu <[email protected]> wrote:
> On Thu, Jan 06, 2011 at 02:43:35PM -0800, Linus Torvalds wrote:
>>
>> Can you do the "bypass directly to the TCP stream" with the interface
>> you added? It isn't at all obvious how it would work.
>
> Yes it can. ?The interface allows zero-copy in both directions
> using the splice interface. ?Here is a sample program demonstrating
> zero-copy in-place encryption. ?It doesn't send the result over TCP
> but I'm sure you can imagine what that would look like.

Ok. So can we actually get numbers for this?

Put another way: I really really REALLY don't want to merge new
user-space interfaces that don't actually work in reality. But if this
allows direct encryption to a network interface, and it actually is
able to saturate 10Gb on niagara (unlike a user-mode encryption thing,
I assume, since those things are dog slow), then that would certainly
be a good real-life test.

But I really don't want to merge it unless it has had at least
real-life testing of actually doing better than regular sw user-space
encryption.

I realize that on PC's, it's unlikely to ever help. So I'm not asking
for "show me how this helps on my hardware". But I do want to get some
case on _some_ actual hardware where it works on a real load.

Linus

2011-01-07 00:15:05

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

On Thu, Jan 06, 2011 at 03:25:32PM -0800, Linus Torvalds wrote:
>
> Ok. So can we actually get numbers for this?

As you alluded to, we need real non-x86 hardware to get some
proper numbers. Unfortunately I'm currently a continent away
from my async hardware so all I can give you are software
numbers.

Anyway, here is a test program that does a set number (1024 * 1024)
of 4096-byte (total 4GB) encryptions with libssl and kernel crypto.
The result on my Core 2 (in a KVM VM FWIW) is:

lenny0:~# time ./test_crypto > /dev/null

real 0m30.340s
user 0m0.172s
sys 0m30.166s
lenny0:~# time ./test_crypto software > /dev/null

real 0m34.555s
user 0m34.550s
sys 0m0.004s
lenny0:~#

I'm not claiming these numbers make any sense but this is just
a ballpark figure.

Dave, can you run this program on your N2 and see what it shows?

#include <fcntl.h>
#include <openssl/aes.h>
#include <stdio.h>
#include <string.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <linux/types.h>

#define AF_ALG 38
#define SOL_ALG 279

#define SPLICE_F_GIFT (0x08) /* pages passed in are a gift */

struct sockaddr_alg {
__u16 salg_family;
__u8 salg_type[14];
__u32 salg_feat;
__u32 salg_mask;
__u8 salg_name[64];
};

struct af_alg_iv {
__u32 ivlen;
__u8 iv[0];
};

/* Socket options */
#define ALG_SET_KEY 1
#define ALG_SET_IV 2
#define ALG_SET_OP 3

/* Operations */
#define ALG_OP_DECRYPT 0
#define ALG_OP_ENCRYPT 1

static char buf[4096] __attribute__((__aligned__(4096)));

static void crypt_ssl(const char *key, char *iv, int i)
{
AES_KEY akey;

AES_set_encrypt_key(key, 128, &akey);

while (i--)
AES_cbc_encrypt(buf, buf, 4096, &akey, iv, 1);
}

static void crypt_kernel(const char *key, char *oiv, int i)
{
int opfd;
int tfmfd;
struct sockaddr_alg sa = {
.salg_family = AF_ALG,
.salg_type = "skcipher",
.salg_name = "cbc(aes)"
};
struct msghdr msg = {};
struct cmsghdr *cmsg;
char cbuf[CMSG_SPACE(4) + CMSG_SPACE(20)] = {};
struct aes_iv {
__u32 len;
__u8 iv[16];
} *iv;
struct iovec iov;
int pipes[2];

pipe(pipes);

tfmfd = socket(AF_ALG, SOCK_SEQPACKET, 0);

bind(tfmfd, (struct sockaddr *)&sa, sizeof(sa));

setsockopt(tfmfd, SOL_ALG, ALG_SET_KEY, key, 16);

opfd = accept(tfmfd, NULL, 0);

msg.msg_control = cbuf;
msg.msg_controllen = sizeof(cbuf);

cmsg = CMSG_FIRSTHDR(&msg);
cmsg->cmsg_level = SOL_ALG;
cmsg->cmsg_type = ALG_SET_OP;
cmsg->cmsg_len = CMSG_LEN(4);
*(__u32 *)CMSG_DATA(cmsg) = ALG_OP_ENCRYPT;

cmsg = CMSG_NXTHDR(&msg, cmsg);
cmsg->cmsg_level = SOL_ALG;
cmsg->cmsg_type = ALG_SET_IV;
cmsg->cmsg_len = CMSG_LEN(20);
iv = (void *)CMSG_DATA(cmsg);
iv->len = 16;
memcpy(iv->iv, oiv, 16);

iov.iov_base = buf;
iov.iov_len = 4096;

msg.msg_iovlen = 0;
msg.msg_flags = MSG_MORE;

while (i--) {
sendmsg(opfd, &msg, 0);
vmsplice(pipes[1], &iov, 1, SPLICE_F_GIFT);
splice(pipes[0], NULL, opfd, NULL, 4096, 0);
read(opfd, buf, 4096);
}

close(opfd);
close(tfmfd);
close(pipes[0]);
close(pipes[1]);
}

int main(int argc, char **argv)
{
int i;

const char key[16] =
"\x06\xa9\x21\x40\x36\xb8\xa1\x5b"
"\x51\x2e\x03\xd5\x34\x12\x00\x06";
char iv[16] =
"\x3d\xaf\xba\x42\x9d\x9e\xb4\x30"
"\xb4\x22\xda\x80\x2c\x9f\xac\x41";

memcpy(buf, "Single block msg", 16);

if (argc > 1)
crypt_ssl(key, iv, 1024 * 1024);
else
crypt_kernel(key, iv, 1024 * 1024);

for (i = 0; i < 4096; i++) {
printf("%02x", (unsigned char)buf[i]);
}
printf("\n");

return 0;
}

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2011-01-07 02:39:30

by Pavel Roskin

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

Quoting Herbert Xu <[email protected]>:

> setsockopt(tfmfd, SOL_ALG, ALG_SET_KEY,
> "\x06\xa9\x21\x40\x36\xb8\xa1\x5b"
> "\x51\x2e\x03\xd5\x34\x12\x00\x06", 16);

By the way, is it a good idea to use setsockopt() this way? Some keys
may be large. And if AEAD is supported, will it use setsockopt() for
the unencrypted authenticated data?

Maybe some variation of write() or sendto() would be more appropriate?

--
Regards,
Pavel Roskin

2011-01-07 02:42:31

by David Miller

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

From: Herbert Xu <[email protected]>
Date: Fri, 7 Jan 2011 11:14:59 +1100

> Anyway, here is a test program that does a set number (1024 * 1024)
> of 4096-byte (total 4GB) encryptions with libssl and kernel crypto.
> The result on my Core 2 (in a KVM VM FWIW) is:
>
> lenny0:~# time ./test_crypto > /dev/null
>
> real 0m30.340s
> user 0m0.172s
> sys 0m30.166s
> lenny0:~# time ./test_crypto software > /dev/null
>
> real 0m34.555s
> user 0m34.550s
> sys 0m0.004s
> lenny0:~#
>
> I'm not claiming these numbers make any sense but this is just
> a ballpark figure.
>
> Dave, can you run this program on your N2 and see what it shows?

Sure, here goes, BTW I had to change the buffer size to 8192 since
vmsplice requires page aligned operation (I was getting -EINVAL
otherwise):

[email protected]:~$ time ./crypto_user_test >/dev/null

real 0m46.586s
user 0m3.280s
sys 0m43.230s
[email protected]:~$ time ./crypto_user_test software >/dev/null

real 10m40.336s
user 10m40.540s
sys 0m0.000s
[email protected]:~$

What's that, something like a factor of 13 faster? :-)

2011-01-07 03:03:59

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

On Thu, Jan 06, 2011 at 09:39:28PM -0500, Pavel Roskin wrote:
>
> By the way, is it a good idea to use setsockopt() this way? Some keys
> may be large. And if AEAD is supported, will it use setsockopt() for
> the unencrypted authenticated data?

For large keys (i.e., asymmetric key crypto) the kernel keyring API
would be the obvious way of passing them around.

For AEAD the AD would be passed around through send/splice.

Cheers,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2011-01-07 03:04:44

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

On Thu, Jan 06, 2011 at 06:43:02PM -0800, David Miller wrote:
>
> [email protected]:~$ time ./crypto_user_test >/dev/null
>
> real 0m46.586s
> user 0m3.280s
> sys 0m43.230s
> [email protected]:~$ time ./crypto_user_test software >/dev/null
>
> real 10m40.336s
> user 10m40.540s
> sys 0m0.000s
> [email protected]:~$
>
> What's that, something like a factor of 13 faster? :-)

Heh, I missed the leading 1 in your second result and was about
to spill my drink :)

Thanks!
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2011-01-07 12:05:10

by Neil Horman

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

On Thu, Jan 06, 2011 at 02:13:17PM -0800, Linus Torvalds wrote:
> On Thu, Jan 6, 2011 at 1:39 PM, Herbert Xu <[email protected]> wrote:
> > On Thu, Jan 06, 2011 at 01:23:19PM -0800, Linus Torvalds wrote:
> >>
> >> Explanations of interface. Code. Who uses it? What are the actual
> >> performance benefits on real code?
> >
> > You snipped out the bit in my reply where I expanded on it:
>
> You didn't expand on it AT ALL.
>
> You just mentioned "the interface". I haven't seen WHAT THAT INTERFACE IS!
>
> How hard is that to understand?
>
> > Here is the original cover email for the patches:
>
> Ok, this is more like it. This is roughly what I wanted to see:
>
> > : Here is a sample hash program (note that these only illustrate
> > : what the interface looks like and are not meant to be good examples
> > : of coding :)
>
> But I'm still missing the part where you show that there is any actual
> use case that makes sense, and that actually improves performance.
> Maybe it's been posted somewhere else, but the thing is, you're asking
> _me_ to pull, and as a result you need to convince _me_ that this is a
> good idea. So if it's been posted/discussed extensively elsewhere,
> please point to those discussions.
>
> I really don't like adding interfaces that don't have hard uses
> associated with them. We've done it in the past, and it tends to be a
> morass and a bad idea. That's been true even when the idea has been my
> own, and thus obviously genius-level and clearly the RightThing(tm),
> like "splice()". And it's why I push back on new interfaces when I see
> them.
>
> Btw, it doesn't have to be about performance per se. Does this allow
> people to use keys without actually _seeing_ those keys? Your example
> implies that that is not the case, but that's actually one of the few
> reasons to actually support a kernel crypto interface - the ability to
> have private personal keys around, but not having to actually let
> possibly untrusted programs see them.
>
This actually is an indirect feature of this interface. Using it, you can open
a algorithm socket, select a specific alg, assign a key, and then pass that
socket descriptor over a unix socket to an another process using an
SCM_RIGHTS ancilliary message. The receiving process can then use children
acceppted from that passed socket to preform the configured crypto operation
without any knoweldge of the keys used in it. I can write a demo app if you
like.

Regards
Neil


2011-01-08 13:23:04

by Nikos Mavrogiannopoulos

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

On Fri, Jan 7, 2011 at 2:04 PM, Neil Horman <[email protected]> wrote:

>> Btw, it doesn't have to be about performance per se. Does this allow
>> people to use keys without actually _seeing_ those keys? Your example
>> implies that that is not the case, but that's actually one of the few
>> reasons to actually support a kernel crypto interface - the ability to
>> have private personal keys around, but not having to actually let
>> possibly untrusted programs see them.
> This actually is an indirect feature of this interface.  Using it, you can open
> a algorithm socket, select a specific alg, assign a key, and then pass that
> socket descriptor over a unix socket to an another process using an
> SCM_RIGHTS ancilliary message.  The receiving process can then use children
> acceppted from that passed socket to preform the configured crypto operation
> without any knoweldge of the keys used in it.  I can write a demo app if you
> like.

Several things have to be considered when extending an interface like
that. For example, do the algorithm implementations protect against
timing attacks, or keys can be recovered, using them? What is the
purpose of cryptographic key separation? If long term keys are to be
protected, then it makes sense to support RSA, DSA keys in addition to
symmetric keys (e.g. microsoft only supports assymetric keys for
separation, since symmetric ones are rarely used as long term keys -
[in TLS-PSK]).

Some of these issues are discussed in my report on a user-space crypto
interface that specifically targeted separation and speed at [0].

regards,
Nikos

[0]. https://www.cosic.esat.kuleuven.be/publications/article-1490.pdf

2011-01-10 12:03:29

by Neil Horman

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

On Sat, Jan 08, 2011 at 03:23:04PM +0200, Nikos Mavrogiannopoulos wrote:
> On Fri, Jan 7, 2011 at 2:04 PM, Neil Horman <[email protected]> wrote:
>
> >> Btw, it doesn't have to be about performance per se. Does this allow
> >> people to use keys without actually _seeing_ those keys? Your example
> >> implies that that is not the case, but that's actually one of the few
> >> reasons to actually support a kernel crypto interface - the ability to
> >> have private personal keys around, but not having to actually let
> >> possibly untrusted programs see them.
> > This actually is an indirect feature of this interface. ?Using it, you can open
> > a algorithm socket, select a specific alg, assign a key, and then pass that
> > socket descriptor over a unix socket to an another process using an
> > SCM_RIGHTS ancilliary message. ?The receiving process can then use children
> > acceppted from that passed socket to preform the configured crypto operation
> > without any knoweldge of the keys used in it. ?I can write a demo app if you
> > like.
>
> Several things have to be considered when extending an interface like
> that. For example, do the algorithm implementations protect against
> timing attacks, or keys can be recovered, using them? What is the
No, the kernel does not implement any protection against timing attacks in the
algorithms per-se, but preforming a timing attack against a kernel crypto
operation is going to be near impossible anyway, as precise timing measurements
are going to get obscured by interupts, scheduling jitter, lock contention, and
various other factors that will make measuring syscall time fairly useless.

> purpose of cryptographic key separation? If long term keys are to be
My only purpose was to answer Linus' question. He wondered if other user space
programs could use instances of cyrpto algs over this interface without needing
to hold key data. I was illustrating how that could be done.

Neil

2011-01-10 19:05:30

by Dag Arne Osvik

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

> On Sat, Jan 08, 2011 at 03:23:04PM +0200, Nikos Mavrogiannopoulos wrote:
> > On Fri, Jan 7, 2011 at 2:04 PM, Neil Horman <[email protected]>
> > wrote:
> >
> > > > Btw, it doesn't have to be about performance per se. Does this
> > > > allow people to use keys without actually _seeing_ those keys?
> > > > Your example implies that that is not the case, but that's
> > > > actually one of the few reasons to actually support a kernel
> > > > crypto interface - the ability to have private personal keys
> > > > around, but not having to actually let possibly untrusted programs
> > > > see them.
> > > This actually is an indirect feature of this interface.  Using it,
> > > you can open a algorithm socket, select a specific alg, assign a
> > > key, and then pass that socket descriptor over a unix socket to an
> > > another process using an SCM_RIGHTS ancilliary message.  The
> > > receiving process can then use children acceppted from that passed
> > > socket to preform the configured crypto operation without any
> > > knoweldge of the keys used in it.  I can write a demo app if you
> > > like.
> >
> > Several things have to be considered when extending an interface like
> > that. For example, do the algorithm implementations protect against
> > timing attacks, or keys can be recovered, using them? What is the
> No, the kernel does not implement any protection against timing attacks
> in the algorithms per-se, but preforming a timing attack against a
> kernel crypto operation is going to be near impossible anyway, as
> precise timing measurements are going to get obscured by interupts,
> scheduling jitter, lock contention, and various other factors that will
> make measuring syscall time fairly useless.

Let me just point out that this is not near impossible at all; instead it has already been done more than 6 years ago. And it's not only syscall time that leaks information. One practical example is recovery of a full AES key in a couple of seconds, using cache attacks against an encrypted file system. AES-NI is immune to this kind of attack, but other algorithms typically implemented using lookup tables are at risk.

Dag Arne

2011-01-13 01:44:22

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Update for 2.6.38

Hi Linus:

Here is an updated to the crypto pull request for 2.6.38:

* Crypto API interface for user-space (hash + skcipher)

This interface is intended to provide access of kernel
hardware crypto drivers to user-space applications. It
presents the kernel crypto API via a socket interface.

It is only meant to be used for bulk crypto operations,
i.e., if you're doing less than a page's worth of data,
then this is not for you.

For bulk data processing the performance is similar to
that in the kernel when zero-copy is used in both
directions.

* Memory corruption fix for via_rng.
* Fixes for new OMAP driver.
* 32-bit support in aesni-intel.
* GCM support in aesni-intel.
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git

or

master.kernel.org:/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Adrian Hoban (1):
crypto: rfc4106 - Extending the RC4106 AES-GCM test vectors

Adrian-Ken Rueegsegger (1):
crypto: ripemd - Set module author and update email address

Dennis Gilmore (1):
crypto: n2 - use __devexit not __exit in n2_unregister_algs

Dmitry Kasatkin (15):
crypto: omap-sham - uses digest buffer in request context
crypto: omap-sham - DMA initialization fixes for off mode
crypto: omap-sham - error handling improved
crypto: omap-sham - removed redundunt locking
crypto: omap-sham - crypto_ahash_final() now not need to be called.
crypto: omap-sham - hash-in-progress is stored in hw format
crypto: omap-sham - FLAGS_FIRST is redundant and removed
crypto: omap-sham - zero-copy scatterlist handling
crypto: omap-aes - DMA initialization fixes for OMAP off mode
crypto: omap-aes - redundant locking is removed
crypto: omap-aes - error handling implementation improved
crypto: omap-aes - unnecessary code removed
crypto: omap-aes - initialize aes module once per request
crypto: omap-aes - checkpatch --file warning fixes
crypto: omap-sham - backlog handling fix

Herbert Xu (13):
crypto: hash - Fix async import on shash algorithm
net - Add AF_ALG macros
crypto: af_alg - User-space interface for Crypto API
crypto: algif_hash - User-space interface for hash operations
crypto: algif_skcipher - User-space interface for skcipher operations
crypto: algif_skcipher - Pass on error from af_alg_make_sg
crypto: af_alg - Add dependency on NET
crypto: algif_skcipher - Fixed overflow when sndbuf is page aligned
crypto: algif_skcipher - Handle unaligned receive buffer
crypto: gf128mul - Remove experimental tag
hwrng: via_rng - Fix asm constraints
crypto: padlock - Move padlock.h into include/crypto
hwrng: via_rng - Fix memory scribbling on some CPUs

Joe Perches (1):
crypto: Use vzalloc

Mathias Krause (2):
crypto: aesni-intel - Ported implementation to x86-32
crypto: aesni-intel - Fixed build error on x86-32

Miloslav Trmač (3):
include: Install linux/if_alg.h for user-space crypto API
net: Add missing lockdep class names for af_alg
crypto: af_alg - Make sure sk_security is initialized on accept()ed sockets

Nicolas Kaiser (1):
crypto: cast5 - simplify if-statements

Randy Dunlap (1):
crypto: af_alg - fix af_alg memory_allocated data type

Roel Kluin (1):
crypto: mv_cesa - dont return PTR_ERR() of wrong pointer

Steffen Klassert (2):
crypto: scatterwalk - Add scatterwalk_crypto_chain helper
crypto: Use scatterwalk_crypto_chain

Tadeusz Struk (2):
crypto: aesni-intel - RFC4106 AES-GCM Driver Using Intel New Instructions
crypto: aesni-intel - Fixed build with binutils 2.16

Tejun Heo (1):
crypto: mark crypto workqueues CPU_INTENSIVE

Tracey Dent (1):
crypto: Makefile clean up

arch/x86/crypto/aesni-intel_asm.S | 1832 ++++++++++++++++++++++++++++++++-
arch/x86/crypto/aesni-intel_glue.c | 540 ++++++++++-
crypto/Kconfig | 34 +-
crypto/Makefile | 17 +-
crypto/af_alg.c | 483 +++++++++
crypto/algif_hash.c | 319 ++++++
crypto/algif_skcipher.c | 632 ++++++++++++
crypto/authenc.c | 22 +-
crypto/cast5.c | 74 +-
crypto/crypto_wq.c | 3 +-
crypto/deflate.c | 3 +-
crypto/eseqiv.c | 18 +-
crypto/gcm.c | 19 +-
crypto/pcrypt.c | 3 +-
crypto/rmd128.c | 3 +-
crypto/rmd160.c | 3 +-
crypto/rmd256.c | 3 +-
crypto/rmd320.c | 3 +-
crypto/shash.c | 8 +-
crypto/tcrypt.c | 11 +
crypto/testmgr.c | 24 +
crypto/testmgr.h | 361 +++++++
crypto/zlib.c | 3 +-
drivers/char/hw_random/via-rng.c | 10 +-
drivers/crypto/mv_cesa.c | 2 +-
drivers/crypto/n2_core.c | 2 +-
drivers/crypto/omap-aes.c | 260 +++---
drivers/crypto/omap-sham.c | 374 ++++---
drivers/crypto/padlock-aes.c | 2 +-
drivers/crypto/padlock-sha.c | 8 +-
include/crypto/if_alg.h | 92 ++
{drivers => include}/crypto/padlock.h | 8 +-
include/crypto/scatterwalk.h | 15 +
include/linux/Kbuild | 1 +
include/linux/if_alg.h | 40 +
include/linux/socket.h | 5 +-
net/core/sock.c | 6 +-
37 files changed, 4779 insertions(+), 464 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2011-03-15 14:59:50

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 2.6.39

Hi Linus:

Here is the crypto update for 2.6.39:

* New picoxcell crypto driver.
* New picoxcell RNG driver.
* Added SHA test vectors to detect bugs such as the recent one on s390.
* Memory leaks fixes on error path in aesni-intel.
* xts(aes) and ghash are now available in FIPS mode.
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git

or

master.kernel.org:/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


David Sterba (1):
crypto: tcrypt - do not attempt to write to readonly variable

Davidlohr Bueso (1):
crypto: skcipher - remove redundant NULL check

Herbert Xu (1):
crypto: sha1 - Add test vector to test partial block processing

Jamie Iles (4):
hwrng: pixocell - add support for picoxcell TRNG
crypto: omap-aes - don't treat NULL clk as an error
crypto: omap-sham - don't treat NULL clk as an error
crypto: picoxcell - add support for the picoxcell crypto engines

Jarod Wilson (3):
crypto: testmgr - mark xts(aes) as fips_allowed
crypto: testmgr - mark ghash as fips_allowed
random: update interface comments to reflect reality

Jesper Juhl (2):
crypto: aesni-intel - Don't leak memory in rfc4106_set_hash_subkey
crypto: aesni-intel - Fix remaining leak in rfc4106_set_hash_key

Julia Lawall (1):
hwrng: omap - Convert release_resource to release_region/release_mem_region

arch/x86/crypto/aesni-intel_glue.c | 24 +-
crypto/ablkcipher.c | 3 +-
crypto/tcrypt.c | 3 +-
crypto/testmgr.c | 2 +
crypto/testmgr.h | 30 +-
drivers/char/hw_random/Kconfig | 12 +
drivers/char/hw_random/Makefile | 1 +
drivers/char/hw_random/omap-rng.c | 14 +-
drivers/char/hw_random/picoxcell-rng.c | 208 ++++
drivers/char/random.c | 13 +-
drivers/crypto/Kconfig | 17 +
drivers/crypto/Makefile | 2 +-
drivers/crypto/omap-aes.c | 4 +-
drivers/crypto/omap-sham.c | 4 +-
drivers/crypto/picoxcell_crypto.c | 1867 ++++++++++++++++++++++++++++++++
drivers/crypto/picoxcell_crypto_regs.h | 128 +++
16 files changed, 2299 insertions(+), 33 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2011-05-20 23:54:20

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 2.6.40

Hi Linus:

Here is the crypto update for 2.6.40:

* New Freescale SEC4/CAAM driver.
* New S5PV210 advanced crypto engine driver.
* Support for EMU chips on omap.
* SHA-128/256 support for VIA Nano.
* Native XTS/GHASH/CTR support on s390.
* New test vector for AES-OFB.
* Make aesni-intel build on 32-bit again.
* SHA1 fixes for omap.
* Bug fixes for mv_cesa.
* AMD RNG support on Maple PPC boards.
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git

or

master.kernel.org:/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Andy Lutomirski (1):
crypto: aesni-intel - Merge with fpu.ko

Brilly Wu (1):
crypto: padlock - Add SHA-1/256 module for VIA Nano

Dan Carpenter (2):
crypto: caam - dereferencing ERR_PTR on allocation failure
crypto: caam - ARRAY_SIZE() vs sizeof()

Dmitry Eremin-Solenikov (2):
hwrng: amd - manage resource allocation
hwrng: amd - enable AMD hw rnd driver for Maple PPC boards

Dmitry Kasatkin (3):
crypto: omap-sham - remove debug print
crypto: omap-sham - enable driver for EMU chips
crypto: omap-sham - hmac calculation bug fix for sha1 base hash

Gerald Schaefer (3):
crypto: s390 - add System z hardware support for XTS mode
crypto: s390 - add System z hardware support for GHASH
crypto: s390 - add System z hardware support for CTR mode

Jamie Iles (1):
crypto: picoxcell - fix possible status FIFO overflow

Jan Glauber (4):
crypto: s390 - extend crypto facility check
crypto: s390 - cleanup DES code
crypto: s390 - cleanup s390 Kconfig options
crypto: tcrypt - CTR mode speed test for AES

Julia Lawall (1):
crypto: caam - introduce missing kfree

Kim Phillips (13):
crypto: caam - Add support for the Freescale SEC4/CAAM
crypto: caam - standardize device tree naming convention to utilize '-vX.Y'
crypto: caam - de-CHIP-ify device tree compatibles
crypto: caam - handle interrupt lines shared across rings
crypto: caam - fix queue interface detection
crypto: caam - remove WAIT-FOR-COMPLETIONs from givencrypt descriptor
crypto: caam - remove duplicate dev_err
crypto: caam - remove unused keylen from session context
crypto: caam - fix printk recursion for long error texts
crypto: caam - platform_bus_type migration
crypto: caam - fix decryption shared vs. non-shared key setting
crypto: caam - remove unused authkeylen from caam_ctx
crypto: caam - add support for sha512 variants of existing AEAD algorithms

Markku Kylanpaa (1):
crypto: omap-sham - fix concurrent sha1 calculations

Phil Sutter (10):
crypto: mv_cesa - use ablkcipher_request_cast instead of the manual container_of
crypto: mv_cesa - the descriptor pointer register needs to be set just once
crypto: mv_cesa - drop this call to mv_hash_final from mv_hash_finup
crypto: mv_cesa - print a warning when registration of AES algos fail
crypto: mv_cesa - no need to save digest state after the last chunk
crypto: mv_cesa - refactor copy_src_to_buf()
crypto: mv_cesa - fill inner/outer IV fields only in HMAC case
crypto: mv_cesa - move digest state initialisation to a better place
crypto: mv_cesa - copy remaining bytes to SRAM only when needed
crypto: mv_cesa - make count_sgs() null-pointer proof

Puneet Saxena (1):
crypto: testmgr - add support for aes ofb mode

Randy Dunlap (1):
crypto: aesni-intel - fix aesni build on i386

Vladimir Zapolskiy (1):
crypto: s5p-sss - add S5PV210 advanced crypto engine support

.../devicetree/bindings/crypto/fsl-sec4.txt | 397 +++++
arch/powerpc/boot/dts/p4080ds.dts | 86 +-
arch/s390/crypto/Makefile | 1 +
arch/s390/crypto/aes_s390.c | 383 +++++-
arch/s390/crypto/crypt_s390.h | 112 ++-
arch/s390/crypto/des_check_key.c | 132 --
arch/s390/crypto/des_s390.c | 370 ++++--
arch/s390/crypto/ghash_s390.c | 162 ++
arch/s390/crypto/prng.c | 2 +-
arch/s390/crypto/sha1_s390.c | 2 +-
arch/s390/crypto/sha256_s390.c | 2 +-
arch/s390/crypto/sha512_s390.c | 2 +-
arch/x86/crypto/Makefile | 4 +-
arch/x86/crypto/aesni-intel_glue.c | 9 +
arch/x86/crypto/fpu.c | 10 +-
crypto/Kconfig | 6 -
crypto/tcrypt.c | 4 +
crypto/testmgr.c | 16 +
crypto/testmgr.h | 60 +
drivers/char/hw_random/Kconfig | 2 +-
drivers/char/hw_random/amd-rng.c | 9 +
drivers/crypto/Kconfig | 65 +-
drivers/crypto/Makefile | 2 +
drivers/crypto/caam/Kconfig | 72 +
drivers/crypto/caam/Makefile | 8 +
drivers/crypto/caam/caamalg.c | 1268 ++++++++++++++++
drivers/crypto/caam/compat.h | 35 +
drivers/crypto/caam/ctrl.c | 269 ++++
drivers/crypto/caam/desc.h | 1605 ++++++++++++++++++++
drivers/crypto/caam/desc_constr.h | 205 +++
drivers/crypto/caam/error.c | 248 +++
drivers/crypto/caam/error.h | 11 +
drivers/crypto/caam/intern.h | 113 ++
drivers/crypto/caam/jr.c | 517 +++++++
drivers/crypto/caam/jr.h | 21 +
drivers/crypto/caam/regs.h | 663 ++++++++
drivers/crypto/mv_cesa.c | 97 +-
drivers/crypto/omap-sham.c | 78 +-
drivers/crypto/padlock-sha.c | 269 ++++-
drivers/crypto/picoxcell_crypto.c | 64 +-
drivers/crypto/s5p-sss.c | 701 +++++++++
41 files changed, 7660 insertions(+), 422 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2011-07-24 01:18:00

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.1

Hi Linus:

Here is the crypto update for 3.1:

* Support for AES/DES/3DES in caam.
* Improved AEAD support in caam.
* Added hardware SHA-224 support to s390.
* Added ppc4xx RNG driver.
* Updates to omap-sham driver.
* Updates to talitos driver.
* Added XTS-AES-256 test vectors.
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git

or

master.kernel.org:/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Dmitry Kasatkin (11):
crypto: omap-sham - remove extra reference
crypto: omap-sham - remove unused code
crypto: omap-sham - replace flags bit mask with bit number
crypto: omap-sham - replace flags operation with atomic bit operations
crypto: omap-sham - move some flags to device context
crypto: omap-sham - remove unnecessary local variable
crypto: omap-sham - remove dedicated queue handling tasklet
crypto: omap-sham - irq and dma handling changes
crypto: omap-sham - irq handler must not clear error code
crypto: omap-sham - clear device flags when finishing request
crypto: omap-sham - do not schedule tasklet if there is no active requests

Gustavo F. Padovan (1):
crypto: ghash-intel - Fix set but not used in ghash_async_setkey()

H Hartley Sweeten (1):
hwrng: timeriomem - use resource_size

Herbert Xu (1):
crypto: algif_hash - Handle initial af_alg_make_sg error correctly

Jan Glauber (1):
crypto: s390 - support hardware accelerated SHA-224

Jarod Wilson (1):
crypto: testmgr - add xts-aes-256 self-test

Josh Boyer (2):
crypto: crypto4xx - Perform read/modify/write on device control register
hwrng: ppc4xx - add support for ppc4xx TRNG

Julia Lawall (2):
hwrng: omap - add missing clk_put
hwrng: nomadik - add missing clk_put

Kim Phillips (5):
crypto: caam - fix build warning when DEBUG_FS not configured
crypto: talitos - ensure request ordering within a single tfm
crypto: talitos - don't set done notification in hot path
crypto: talitos - remove unused giv from ablkcipher methods
crypto: talitos - don't bad_key in ablkcipher setkey

Mandeep Singh Baines (1):
crypto: sha1_generic - use SHA1_BLOCK_SIZE

Mathias Krause (1):
crypto: gf128mul - fix call to memset()

Mati Vait (2):
crypto: crc32c - Fixed coding style issue
crypto: arc4 - Fixed coding style issues

Richard Weinberger (1):
crypto: UML build fixes

Yuan Kang (4):
crypto: caam - shorter names
crypto: caam - structure renaming
crypto: caam - faster aead implementation
crypto: caam - ablkcipher support

arch/s390/crypto/sha256_s390.c | 66 +-
arch/x86/crypto/ghash-clmulni-intel_glue.c | 2 +-
crypto/Kconfig | 4 +-
crypto/algif_hash.c | 4 +-
crypto/arc4.c | 15 +-
crypto/crc32c.c | 10 +-
crypto/gf128mul.c | 4 +-
crypto/sha1_generic.c | 11 +-
crypto/testmgr.h | 293 +++++-
drivers/char/hw_random/Kconfig | 12 +
drivers/char/hw_random/Makefile | 1 +
drivers/char/hw_random/nomadik-rng.c | 3 +-
drivers/char/hw_random/omap-rng.c | 6 +-
drivers/char/hw_random/ppc4xx-rng.c | 156 +++
drivers/char/hw_random/timeriomem-rng.c | 3 +-
drivers/crypto/amcc/crypto4xx_core.c | 5 +-
drivers/crypto/caam/caamalg.c | 1848 +++++++++++++++++++++-------
drivers/crypto/caam/compat.h | 1 +
drivers/crypto/caam/ctrl.c | 4 +-
drivers/crypto/caam/desc_constr.h | 58 +-
drivers/crypto/omap-sham.c | 180 ++--
drivers/crypto/talitos.c | 47 +-
22 files changed, 2136 insertions(+), 597 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2011-10-31 04:10:02

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Linus:

Here is the crypto update for 3.2:

* User-space interface for algorithm selection/configuration
* SSSE3 implementation of SHA1.
* X86-64 assembly implementation of blowfish.
* X86-64 assembly implementation of twofish.
* Misc fixes.


Please pull from

git://github.com/herbertx/crypto.git


The top commit object is

commit ea8bdfcff17599e5d80f93e2ae194fbbab7f8d5e
Author: Herbert Xu <[email protected]>
Date: Wed Oct 26 17:15:10 2011 +0200

crypto: user - Add dependency on NET

Alexey Dobriyan (1):
crypto: whirlpool - count rounds from 0

H Hartley Sweeten (1):
crypto: aes-x86 - quiet sparse noise about symbol not declared

Herbert Xu (4):
crypto: sha - Fix build error due to crypto_sha1_update
crypto: cryptd - Use subsys_initcall to prevent races with aesni
crypto: user - Initialise match in crypto_alg_match
crypto: user - Add dependency on NET

Jamie Iles (5):
crypto: picoxcell - convert to platform ID table
crypto: picoxcell - add connection ID to the clock name
crypto: picoxcell - support for device tree matching
crypto: picoxcell - fix possible invalid pointer dereference
crypto: picoxcell - add dependency on HAVE_CLK

Jonathan Nieder (1):
crypto: padlock-aes - Make module loading even quieter when hardware is missing

Jussi Kivilinna (13):
crypto: blowfish - split generic and common c code
crypto: blowfish - rename C-version to blowfish_generic
crypto: tcrypt - add ctr(blowfish) speed test
crypto: blowfish - add x86_64 assembly implementation
crypto: blowfish-x86_64 - improve x86_64 blowfish 4-way performance
crypto: blowfish-x86_64 - add credits
crypto: tcrypt - add ctr(twofish) speed test
crypto: twofish-x86-asm - make assembler functions use twofish_ctx instead of crypto_tfm
crypto: twofish - add 3-way parallel x86_64 assembler implemention
crypto: blowfish-x86_64 - fix ctr blocksize to 1
crypto: twofish-x86_64-3way - fix ctr blocksize to 1
crypto: testmgr - add blowfish test-vectors
crypto: testmgr - add twofish tests

Kim Phillips (1):
crypto: talitos - handle descriptor not found in error path

Mathias Krause (2):
crypto: sha1 - export sha1_update for reuse
crypto: sha1 - SSSE3 based SHA1 implementation for x86-64

Richard Weinberger (1):
crypto: Make hifn_795x build depend on !ARCH_DMA_ADDR_T_64BIT

Steffen Klassert (17):
crypto: Add a flag to identify crypto instances
crypto: Export crypto_remove_spawns
crypto: Export crypto_remove_final
crypto: Add userspace configuration API
crypto: Add a report function pointer to crypto_type
crypto: Add userspace report for larval type algorithms
crypto: Add userspace report for shash type algorithms
crypto: Add userspace report for ahash type algorithms
crypto: Add userspace report for blkcipher type algorithms
crypto: Add userspace report for ablkcipher type algorithms
crypto: Add userspace report for givcipher type algorithms
crypto: Add userspace report for aead type algorithms
crypto: Add userspace report for nivaead type algorithms
crypto: Add userspace report for pcompress type algorithms
crypto: Add userspace report for rng type algorithms
crypto: Add userspace report for cipher type algorithms
crypto: Add userspace report for compress type algorithms

Thomas Meyer (1):
crypto: n2 - Fix a get/put_cpu() imbalance

.../devicetree/bindings/crypto/picochip-spacc.txt | 23 +
arch/x86/crypto/Makefile | 12 +
arch/x86/crypto/aes_glue.c | 1 +
arch/x86/crypto/blowfish-x86_64-asm_64.S | 390 ++++++++++++++
arch/x86/crypto/blowfish_glue.c | 492 +++++++++++++++++
arch/x86/crypto/sha1_ssse3_asm.S | 558 ++++++++++++++++++++
arch/x86/crypto/sha1_ssse3_glue.c | 240 +++++++++
arch/x86/crypto/twofish-i586-asm_32.S | 10 +-
arch/x86/crypto/twofish-x86_64-asm_64-3way.S | 316 +++++++++++
arch/x86/crypto/twofish-x86_64-asm_64.S | 6 +-
arch/x86/crypto/twofish_glue.c | 12 +-
arch/x86/crypto/twofish_glue_3way.c | 472 +++++++++++++++++
arch/x86/include/asm/cpufeature.h | 3 +
crypto/Kconfig | 63 +++
crypto/Makefile | 4 +-
crypto/ablkcipher.c | 48 ++
crypto/aead.c | 48 ++
crypto/ahash.c | 21 +
crypto/algapi.c | 12 +-
crypto/blkcipher.c | 25 +
crypto/{blowfish.c => blowfish_common.c} | 98 +----
crypto/blowfish_generic.c | 142 +++++
crypto/cryptd.c | 2 +-
crypto/crypto_user.c | 438 +++++++++++++++
crypto/internal.h | 3 +
crypto/pcompress.c | 18 +
crypto/rng.c | 20 +
crypto/sha1_generic.c | 9 +-
crypto/shash.c | 21 +
crypto/tcrypt.c | 10 +
crypto/testmgr.c | 30 +
crypto/testmgr.h | 398 ++++++++++++++-
crypto/wp512.c | 18 +-
drivers/crypto/Kconfig | 3 +-
drivers/crypto/hifn_795x.c | 6 +-
drivers/crypto/n2_core.c | 4 +-
drivers/crypto/padlock-aes.c | 4 +-
drivers/crypto/picoxcell_crypto.c | 121 ++---
drivers/crypto/talitos.c | 18 +-
include/crypto/algapi.h | 2 +
include/crypto/blowfish.h | 23 +
include/crypto/sha.h | 5 +
include/linux/crypto.h | 5 +
include/linux/cryptouser.h | 102 ++++
include/linux/netlink.h | 1 +
45 files changed, 4049 insertions(+), 208 deletions(-)

Thanks,
- --
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIVAwUBTq4fYccnHQpJsYunAQJZrQ/9E5MI/nKrm2onn+OMY1+4h45X9diVPDVx
0Aq1swHrZ5zase3BTW2T1sIOLVgtP1Nma7xogZVkauI92QI3O0W74QebV+y/lSWf
WRewZsTS2S7QAsZRiu8S6sgp2GfgksWuvhI0KiJ0F5YUi2RRR/DUNMDESIlaHvvR
dHkkwhsw7DAIimPdalfubo1KPBcQNGKujuPSQ3kw7k/CrRe8up70KKn5LcQ/Ktqv
Q5/HBKDDRPxHcAA9jQDDVbvHLKUnMrUKKITOn2+qds+qTbZEQxECzRAIIyHsc83r
qnQZJD/1kJney1Xi8U8SXSfOMMjn1xWnH9/+fx7id9zIsSqC730zoTCnRO/XQ9nz
Fv0STsfa3lZEDCtpB9ngcrWD6IKPNS0vLmNb1BV0QqRxf+fQUaDPUCSc0dMK4BgA
FlUt/QKosNs8BtDgLmt2iV+CSMs4aHDX/DAW8Kg2O0jJ8eGw0/Mu4v0aWNq6SNFe
Fc3AGgLfDv7QXkVzOmUTjJLl6BzlB3gD72da22/i4Ca4m6sn7KHKhXF/0MRTLD+k
RG78GFfZnSxIcB/QUGOZ5U5ddJ38w840roYuP58bw1tkk9tcQ9+OZMBRwImc4Xdb
5KD39QDGzUG/TFYNsKquIt+ay0g7A/f5Q9gT2eSHIo/xyvojlRMVZCUmDBaoNCCG
McFKjcup+LI=
=PElH
-----END PGP SIGNATURE-----

2011-10-31 16:43:20

by Randy Dunlap

[permalink] [raw]
Subject: Re: Crypto Update for 3.2

On 10/30/2011 09:09 PM, Herbert Xu wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi Linus:
>
> Here is the crypto update for 3.2:
>
> * User-space interface for algorithm selection/configuration
> * SSSE3 implementation of SHA1.
> * X86-64 assembly implementation of blowfish.
> * X86-64 assembly implementation of twofish.
> * Misc fixes.
>
>
> Please pull from
>
> git://github.com/herbertx/crypto.git
>
>
> The top commit object is
>
> commit ea8bdfcff17599e5d80f93e2ae194fbbab7f8d5e
> Author: Herbert Xu <[email protected]>
> Date: Wed Oct 26 17:15:10 2011 +0200
>
> crypto: user - Add dependency on NET


> Herbert Xu (4):
> crypto: sha - Fix build error due to crypto_sha1_update
> crypto: cryptd - Use subsys_initcall to prevent races with aesni
> crypto: user - Initialise match in crypto_alg_match
> crypto: user - Add dependency on NET

Actually adds "select NET", a reverse dependency. :(

Linus was quite vocal about not allowing MD to select BLOCK.
See https://lkml.org/lkml/2011/8/10/527
and https://lkml.org/lkml/2011/8/10/533

To me this is very similar.

--
~Randy
*** Remember to use Documentation/SubmitChecklist when testing your code ***

2011-10-31 17:17:17

by Linus Torvalds

[permalink] [raw]
Subject: Re: Crypto Update for 3.2

On Mon, Oct 31, 2011 at 9:42 AM, Randy Dunlap <[email protected]> wrote:
>
> Actually adds "select NET", a reverse dependency. ?:(
>
> Linus was quite vocal about not allowing MD to select BLOCK.
> See https://lkml.org/lkml/2011/8/10/527
> and https://lkml.org/lkml/2011/8/10/533
>
> To me this is very similar.

I do agree.

"select" makes sense when it's a way for a user to not have to care
about some small helper thing that is really not obvious for a casual
user.

But darn it, if somebody has said "no networking", then some random
small feature shouldn't suddenly select it.

IOW, it's about "relative importance". We should use "select" when
some feature that should be user-visible selects some details. And we
should use "depends on" when there's a major subsystem that some small
detail depends on.

So classic and obvious uses where "select" is appropriate is when a
driver needs some helper library to work (eg "select FW_LOADER" or
"select CRC32").

And a classic and obvious case where "depends on" is the appropriate
choice is when it depends on a major subsystem ("depends on PCI" or
"depends on USB" or "depends on X86").

And I think "NET" definitely falls into that second category - exactly
the same way "BLOCK" fell into it. You don't "select" major subsystems
- if somebody turned off the subsystem, we turn off the stuff that
depends on it.

(Of course, in reality, pretty much nobody turns off NET, I suspect.
But if some embedded place really doesn't want it, then damn it, we
shouldn't ask about the odd crypto user interfaces, because they
really aren't major enough, and the embedded platform is clearly
trying very hard to run small).

Linus

2011-11-01 03:48:41

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Update for 3.2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, Oct 31, 2011 at 10:16:55AM -0700, Linus Torvalds wrote:
> On Mon, Oct 31, 2011 at 9:42 AM, Randy Dunlap <[email protected]> wrote:
> >
> > Actually adds "select NET", a reverse dependency. ?:(
> >
> > Linus was quite vocal about not allowing MD to select BLOCK.
> > See https://lkml.org/lkml/2011/8/10/527
> > and https://lkml.org/lkml/2011/8/10/533
> >
> > To me this is very similar.
>
> I do agree.

OK, I've turned it into a depends_on.

Here is the crypto update for 3.2:

* User-space interface for algorithm selection/configuration
* SSSE3 implementation of SHA1.
* X86-64 assembly implementation of blowfish.
* X86-64 assembly implementation of twofish.
* Misc fixes.


Please pull from

git://github.com/herbertx/crypto.git


The top commit object is

commit 5db017aa2809c49ca0a43b0f3ed1267e6be60883
Author: Herbert Xu <[email protected]>
Date: Tue Nov 1 12:12:43 2011 +1100

crypto: user - Depend on NET instead of selecting it

Alexey Dobriyan (1):
crypto: whirlpool - count rounds from 0

H Hartley Sweeten (1):
crypto: aes-x86 - quiet sparse noise about symbol not declared

Herbert Xu (5):
crypto: sha - Fix build error due to crypto_sha1_update
crypto: cryptd - Use subsys_initcall to prevent races with aesni
crypto: user - Initialise match in crypto_alg_match
crypto: user - Add dependency on NET
crypto: user - Depend on NET instead of selecting it

Jamie Iles (5):
crypto: picoxcell - convert to platform ID table
crypto: picoxcell - add connection ID to the clock name
crypto: picoxcell - support for device tree matching
crypto: picoxcell - fix possible invalid pointer dereference
crypto: picoxcell - add dependency on HAVE_CLK

Jonathan Nieder (1):
crypto: padlock-aes - Make module loading even quieter when hardware is missing

Jussi Kivilinna (13):
crypto: blowfish - split generic and common c code
crypto: blowfish - rename C-version to blowfish_generic
crypto: tcrypt - add ctr(blowfish) speed test
crypto: blowfish - add x86_64 assembly implementation
crypto: blowfish-x86_64 - improve x86_64 blowfish 4-way performance
crypto: blowfish-x86_64 - add credits
crypto: tcrypt - add ctr(twofish) speed test
crypto: twofish-x86-asm - make assembler functions use twofish_ctx instead of crypto_tfm
crypto: twofish - add 3-way parallel x86_64 assembler implemention
crypto: blowfish-x86_64 - fix ctr blocksize to 1
crypto: twofish-x86_64-3way - fix ctr blocksize to 1
crypto: testmgr - add blowfish test-vectors
crypto: testmgr - add twofish tests

Kim Phillips (1):
crypto: talitos - handle descriptor not found in error path

Mathias Krause (2):
crypto: sha1 - export sha1_update for reuse
crypto: sha1 - SSSE3 based SHA1 implementation for x86-64

Richard Weinberger (1):
crypto: Make hifn_795x build depend on !ARCH_DMA_ADDR_T_64BIT

Steffen Klassert (17):
crypto: Add a flag to identify crypto instances
crypto: Export crypto_remove_spawns
crypto: Export crypto_remove_final
crypto: Add userspace configuration API
crypto: Add a report function pointer to crypto_type
crypto: Add userspace report for larval type algorithms
crypto: Add userspace report for shash type algorithms
crypto: Add userspace report for ahash type algorithms
crypto: Add userspace report for blkcipher type algorithms
crypto: Add userspace report for ablkcipher type algorithms
crypto: Add userspace report for givcipher type algorithms
crypto: Add userspace report for aead type algorithms
crypto: Add userspace report for nivaead type algorithms
crypto: Add userspace report for pcompress type algorithms
crypto: Add userspace report for rng type algorithms
crypto: Add userspace report for cipher type algorithms
crypto: Add userspace report for compress type algorithms

Thomas Meyer (1):
crypto: n2 - Fix a get/put_cpu() imbalance

.../devicetree/bindings/crypto/picochip-spacc.txt | 23 +
arch/x86/crypto/Makefile | 12 +
arch/x86/crypto/aes_glue.c | 1 +
arch/x86/crypto/blowfish-x86_64-asm_64.S | 390 ++++++++++++++
arch/x86/crypto/blowfish_glue.c | 492 +++++++++++++++++
arch/x86/crypto/sha1_ssse3_asm.S | 558 ++++++++++++++++++++
arch/x86/crypto/sha1_ssse3_glue.c | 240 +++++++++
arch/x86/crypto/twofish-i586-asm_32.S | 10 +-
arch/x86/crypto/twofish-x86_64-asm_64-3way.S | 316 +++++++++++
arch/x86/crypto/twofish-x86_64-asm_64.S | 6 +-
arch/x86/crypto/twofish_glue.c | 12 +-
arch/x86/crypto/twofish_glue_3way.c | 472 +++++++++++++++++
arch/x86/include/asm/cpufeature.h | 3 +
crypto/Kconfig | 63 +++
crypto/Makefile | 4 +-
crypto/ablkcipher.c | 48 ++
crypto/aead.c | 48 ++
crypto/ahash.c | 21 +
crypto/algapi.c | 12 +-
crypto/blkcipher.c | 25 +
crypto/{blowfish.c => blowfish_common.c} | 98 +----
crypto/blowfish_generic.c | 142 +++++
crypto/cryptd.c | 2 +-
crypto/crypto_user.c | 438 +++++++++++++++
crypto/internal.h | 3 +
crypto/pcompress.c | 18 +
crypto/rng.c | 20 +
crypto/sha1_generic.c | 9 +-
crypto/shash.c | 21 +
crypto/tcrypt.c | 10 +
crypto/testmgr.c | 30 +
crypto/testmgr.h | 398 ++++++++++++++-
crypto/wp512.c | 18 +-
drivers/crypto/Kconfig | 3 +-
drivers/crypto/hifn_795x.c | 6 +-
drivers/crypto/n2_core.c | 4 +-
drivers/crypto/padlock-aes.c | 4 +-
drivers/crypto/picoxcell_crypto.c | 121 ++---
drivers/crypto/talitos.c | 18 +-
include/crypto/algapi.h | 2 +
include/crypto/blowfish.h | 23 +
include/crypto/sha.h | 5 +
include/linux/crypto.h | 5 +
include/linux/cryptouser.h | 102 ++++
include/linux/netlink.h | 1 +
45 files changed, 4049 insertions(+), 208 deletions(-)

Thanks,
- - --
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIVAwUBTq9r9McnHQpJsYunAQIJ2xAAmIfhscY9FfQFRQhmQnXWE8fmNTBQZ2cJ
Kzo2FNdF7oxeIX2IsYFCVUWEWMFb/8Q48jMVitMTlPGrbqZ6MS6PzzguYxGVjuPA
lUO1vzpBKjGhqV4w8VLXmcaNxcuO24xb0Pg7WxfTe36IYf1ROA7m3s2VUag4yDhD
zV66lfeTbnZuDd9qPFmyZWDZt5fGe7t52FYqG5OeM+4sxWpHnDLbAPKguMKzRi6j
bezYRYVQaEuNxSNtPjh+XtaSWmWGlTLhKaCrX84aUg1qQ8lEW7mvsP02VZfFiSHY
rvToupuh4A8+y9Wt50pPlrGppc9IekIpfd7kAAsqzXhJiskf6z9mo+n6BsQODK5q
3cDNwc4EIpI/scKbEilznf8jcx5d3B3qyTmTzzYx1sK0NjiEubmE+jVJYC785s5v
C8Fw3RNQtUXnb13ci810mE9pLMrG8c9J2rRRH1d4Sqr9XKpMcUCBFZ3kRPkO3dix
qkh+5Axt88EvgXrIJrlIFozwJpZKwcs4vOBH4uV1y2zwShaemp0sjJDuZxAJGCSJ
8sv2YF0M7mfwul2vzTLQ8vVbcSjrGefk209bJ7JDGnK3NMf5BFsiTjNv2hEZU54t
15JrgQ444s+yC8dTEezmrsE4QaSdTmCwXQzUNuXDDnVT6xq226b0aGT+Mmak7xM3
tOuM1V3qczs=
=GwqI
-----END PGP SIGNATURE-----

2012-01-06 04:12:59

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.3

Hi Linus:

Here is the crypto update for 3.3:

* New test vectors (serpent, xts-twofish).
* Speed test for asynchronous ciphers.
* SSE2 assembly implementation of serpent.
* Support for LRW and XTS in X86-64 assembly implementation of twofish.
* More MD5 combos for caam.
* Channel remap on talitos for better affinity.
* Direct support for HMAC on talitos.
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Axel Lin (2):
char: hw_random: convert drivers/char/hw_random/* to use module_platform_driver()
crypto: convert drivers/crypto/* to use module_platform_driver()

Jamie Iles (1):
crypto: picoxcell - fix boolean and / or confusion

Jarod Wilson (1):
crypto: ansi_cprng - enforce key != seed in fips mode

Jussi Kivilinna (36):
crypto: testmgr - add new serpent test vectors
crypto: tcrypt - add test_acipher_speed
crypto: tcrypt - add serpent speed tests
crypto: serpent - export common functions for x86_64/i386-sse2 assembler implementations
crypto: serpent - rename module from serpent to serpent_generic
crypto: lrw - fix memleak
crypto: lrw - use blocksize constant
crypto: lrw - split gf128mul table initialization from setkey
crypto: lrw - add interface for parallelized cipher implementions
crypto: testmgr - add lrw(serpent) test vectors
crypto: tcrypt - add lrw(serpent) tests
crypto: testmgr - add lrw(twofish) test vectors
crypto: tcrypt - add lrw(twofish) tests
crypto: twofish-x86_64-3way - add lrw support
crypto: xts - use blocksize constant
crypto: xts: add interface for parallelized cipher implementations
crypto: testmgr - add xts(serpent) test vectors
crypto: tcrypt - add xts(serpent) tests
crypto: testmgr - add xts(twofish) test vectors
crypto: tcrypt - add xts(twofish) tests
crypto: twofish-x86_64-3way - add xts support
crypto: serpent - add 8-way parallel x86_64/SSE2 assembler implementation
crypto: serpent - add 4-way parallel i586/SSE2 assembler implementation
crypto: serpent-sse2 - add lrw support
crypto: serpent-sse2 - add xts support
crypto: serpent-sse2 - clear CRYPTO_TFM_REQ_MAY_SLEEP in lrw and xts modes
crypto: serpent - cleanup checkpatch errors and warnings
crypto: serpent - rename serpent.c to serpent_generic.c
crypto: serpent-sse2 - should select CRYPTO_CRYPTD
crypto: lrw - remove dependency on EXPERIMENTAL
crypto: xts - remove dependency on EXPERIMENTAL
crypto: twofish-x86_64-3way - select LRW and XTS
crypto: twofish-x86_64-3way - remove unneeded LRW/XTS #ifdefs
crypto: serpent-sse2 - select LRW and XTS
crypto: serpent-sse2 - remove unneeded LRW/XTS #ifdefs
crypto: gf128mul - remove leftover "(EXPERIMENTAL)" in Kconfig

Kim Phillips (11):
crypto: talitos - be less noisy on startup
crypto: talitos - prepare driver for channel remap support
crypto: talitos - support for channel remap and 2nd IRQ
crypto: caam - add support for MD5 algorithm variants
crypto: talitos - fix bad kfree
crypto: talitos - remove NO_IRQ references
crypto: talitos - convert talitos_error to struct device
crypto: caam - desc.h - convert spaces to tabs
crypto: caam - more desc.h cleanups
crypto: caam - fix polarity of "propagate error" logic
crypto: caam - remove DECO access initialization code

Lee Nipper (1):
crypto: talitos - add hmac algorithms

Steffen Klassert (1):
crypto: Unlink and free instances when deleted

[email protected] (1):
crypto: fix typo in crypto/Kconfig

arch/x86/crypto/Makefile | 4 +
arch/x86/crypto/serpent-sse2-i586-asm_32.S | 638 ++++++
arch/x86/crypto/serpent-sse2-x86_64-asm_64.S | 761 +++++++
arch/x86/crypto/serpent_sse2_glue.c | 1070 ++++++++++
arch/x86/crypto/twofish_glue_3way.c | 218 ++
arch/x86/include/asm/serpent.h | 63 +
crypto/Kconfig | 52 +-
crypto/Makefile | 2 +-
crypto/algapi.c | 29 +
crypto/ansi_cprng.c | 8 +
crypto/crypto_user.c | 2 +-
crypto/lrw.c | 156 ++-
crypto/serpent.c | 587 ------
crypto/serpent_generic.c | 684 +++++++
crypto/tcrypt.c | 310 +++
crypto/tcrypt.h | 2 +
crypto/testmgr.c | 150 ++
crypto/testmgr.h | 2759 +++++++++++++++++++++++++-
crypto/twofish_common.c | 13 +-
crypto/xts.c | 79 +-
drivers/char/hw_random/atmel-rng.c | 12 +-
drivers/char/hw_random/n2-drv.c | 13 +-
drivers/char/hw_random/octeon-rng.c | 13 +-
drivers/char/hw_random/pasemi-rng.c | 12 +-
drivers/char/hw_random/picoxcell-rng.c | 12 +-
drivers/char/hw_random/ppc4xx-rng.c | 12 +-
drivers/char/hw_random/timeriomem-rng.c | 13 +-
drivers/crypto/amcc/crypto4xx_core.c | 13 +-
drivers/crypto/caam/caamalg.c | 67 +-
drivers/crypto/caam/compat.h | 1 +
drivers/crypto/caam/ctrl.c | 26 +-
drivers/crypto/caam/desc.h | 2265 +++++++++++-----------
drivers/crypto/caam/desc_constr.h | 7 +-
drivers/crypto/caam/regs.h | 1 -
drivers/crypto/mv_cesa.c | 12 +-
drivers/crypto/picoxcell_crypto.c | 16 +-
drivers/crypto/s5p-sss.c | 13 +-
drivers/crypto/talitos.c | 493 ++++-
drivers/crypto/talitos.h | 45 +-
include/crypto/algapi.h | 1 +
include/crypto/lrw.h | 43 +
include/crypto/serpent.h | 27 +
include/crypto/twofish.h | 2 +
include/crypto/xts.h | 27 +
44 files changed, 8684 insertions(+), 2049 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2012-01-11 22:19:30

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Update for 3.3

Hi Linus:

This is a resend of the crypto update for 3.3:

* New test vectors (serpent, xts-twofish).
* Speed test for asynchronous ciphers.
* SSE2 assembly implementation of serpent.
* Support for LRW and XTS in X86-64 assembly implementation of twofish.
* More MD5 combos for caam.
* Channel remap on talitos for better affinity.
* Direct support for HMAC on talitos.
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Axel Lin (2):
char: hw_random: convert drivers/char/hw_random/* to use module_platform_driver()
crypto: convert drivers/crypto/* to use module_platform_driver()

Jamie Iles (1):
crypto: picoxcell - fix boolean and / or confusion

Jarod Wilson (1):
crypto: ansi_cprng - enforce key != seed in fips mode

Jussi Kivilinna (36):
crypto: testmgr - add new serpent test vectors
crypto: tcrypt - add test_acipher_speed
crypto: tcrypt - add serpent speed tests
crypto: serpent - export common functions for x86_64/i386-sse2 assembler implementations
crypto: serpent - rename module from serpent to serpent_generic
crypto: lrw - fix memleak
crypto: lrw - use blocksize constant
crypto: lrw - split gf128mul table initialization from setkey
crypto: lrw - add interface for parallelized cipher implementions
crypto: testmgr - add lrw(serpent) test vectors
crypto: tcrypt - add lrw(serpent) tests
crypto: testmgr - add lrw(twofish) test vectors
crypto: tcrypt - add lrw(twofish) tests
crypto: twofish-x86_64-3way - add lrw support
crypto: xts - use blocksize constant
crypto: xts: add interface for parallelized cipher implementations
crypto: testmgr - add xts(serpent) test vectors
crypto: tcrypt - add xts(serpent) tests
crypto: testmgr - add xts(twofish) test vectors
crypto: tcrypt - add xts(twofish) tests
crypto: twofish-x86_64-3way - add xts support
crypto: serpent - add 8-way parallel x86_64/SSE2 assembler implementation
crypto: serpent - add 4-way parallel i586/SSE2 assembler implementation
crypto: serpent-sse2 - add lrw support
crypto: serpent-sse2 - add xts support
crypto: serpent-sse2 - clear CRYPTO_TFM_REQ_MAY_SLEEP in lrw and xts modes
crypto: serpent - cleanup checkpatch errors and warnings
crypto: serpent - rename serpent.c to serpent_generic.c
crypto: serpent-sse2 - should select CRYPTO_CRYPTD
crypto: lrw - remove dependency on EXPERIMENTAL
crypto: xts - remove dependency on EXPERIMENTAL
crypto: twofish-x86_64-3way - select LRW and XTS
crypto: twofish-x86_64-3way - remove unneeded LRW/XTS #ifdefs
crypto: serpent-sse2 - select LRW and XTS
crypto: serpent-sse2 - remove unneeded LRW/XTS #ifdefs
crypto: gf128mul - remove leftover "(EXPERIMENTAL)" in Kconfig

Kim Phillips (11):
crypto: talitos - be less noisy on startup
crypto: talitos - prepare driver for channel remap support
crypto: talitos - support for channel remap and 2nd IRQ
crypto: caam - add support for MD5 algorithm variants
crypto: talitos - fix bad kfree
crypto: talitos - remove NO_IRQ references
crypto: talitos - convert talitos_error to struct device
crypto: caam - desc.h - convert spaces to tabs
crypto: caam - more desc.h cleanups
crypto: caam - fix polarity of "propagate error" logic
crypto: caam - remove DECO access initialization code

Lee Nipper (1):
crypto: talitos - add hmac algorithms

Steffen Klassert (1):
crypto: Unlink and free instances when deleted

[email protected] (1):
crypto: fix typo in crypto/Kconfig

arch/x86/crypto/Makefile | 4 +
arch/x86/crypto/serpent-sse2-i586-asm_32.S | 638 ++++++
arch/x86/crypto/serpent-sse2-x86_64-asm_64.S | 761 +++++++
arch/x86/crypto/serpent_sse2_glue.c | 1070 ++++++++++
arch/x86/crypto/twofish_glue_3way.c | 218 ++
arch/x86/include/asm/serpent.h | 63 +
crypto/Kconfig | 52 +-
crypto/Makefile | 2 +-
crypto/algapi.c | 29 +
crypto/ansi_cprng.c | 8 +
crypto/crypto_user.c | 2 +-
crypto/lrw.c | 156 ++-
crypto/serpent.c | 587 ------
crypto/serpent_generic.c | 684 +++++++
crypto/tcrypt.c | 310 +++
crypto/tcrypt.h | 2 +
crypto/testmgr.c | 150 ++
crypto/testmgr.h | 2759 +++++++++++++++++++++++++-
crypto/twofish_common.c | 13 +-
crypto/xts.c | 79 +-
drivers/char/hw_random/atmel-rng.c | 12 +-
drivers/char/hw_random/n2-drv.c | 13 +-
drivers/char/hw_random/octeon-rng.c | 13 +-
drivers/char/hw_random/pasemi-rng.c | 12 +-
drivers/char/hw_random/picoxcell-rng.c | 12 +-
drivers/char/hw_random/ppc4xx-rng.c | 12 +-
drivers/char/hw_random/timeriomem-rng.c | 13 +-
drivers/crypto/amcc/crypto4xx_core.c | 13 +-
drivers/crypto/caam/caamalg.c | 67 +-
drivers/crypto/caam/compat.h | 1 +
drivers/crypto/caam/ctrl.c | 26 +-
drivers/crypto/caam/desc.h | 2265 +++++++++++-----------
drivers/crypto/caam/desc_constr.h | 7 +-
drivers/crypto/caam/regs.h | 1 -
drivers/crypto/mv_cesa.c | 12 +-
drivers/crypto/picoxcell_crypto.c | 16 +-
drivers/crypto/s5p-sss.c | 13 +-
drivers/crypto/talitos.c | 493 ++++-
drivers/crypto/talitos.h | 45 +-
include/crypto/algapi.h | 1 +
include/crypto/lrw.h | 43 +
include/crypto/serpent.h | 27 +
include/crypto/twofish.h | 2 +
include/crypto/xts.h | 27 +
44 files changed, 8684 insertions(+), 2049 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2012-03-20 03:27:36

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Update for 3.3

Hi Linus:

Here is the crypto update for 3.4:

* sha512 bug fixes (already in your tree).
* SHA224/SHA384 AEAD support in caam.
* X86-64 optimised version of Camellia.
* Tegra AES support.
* Bulk algorithm registration interface to make driver registration easier.
* padata race fixes.
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Alexey Dobriyan (4):
crypto: sha512 - make it work, undo percpu message schedule
crypto: sha512 - reduce stack usage to safe number
crypto: sha512 - use standard ror64()
crypto: sha512 - use standard ror64()

Hemant Agrawal (1):
crypto: caam - add sha224 and sha384 variants to existing AEAD algorithms

Henning Heinold (1):
arm: tegra: export tegra_chip_uid

Herbert Xu (3):
crypto: sha512 - Use binary and instead of modulus
crypto: sha512 - Avoid stack bloat on i386
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

Jesper Juhl (3):
crypto: In crypto_add_alg(), 'exact' wants to be initialized to 0
crypto: twofish-x86 - Remove dead code from twofish_glue_3way.c::init()
crypto: serpent-sse2 - remove dead code from serpent_sse2_glue.c::serpent_sse2_init()

Julia Lawall (2):
hwrng: tx4939 - use devm_request_and_ioremap
crypto: ixp4xx - convert GFP_KERNEL to GFP_ATOMIC

Jussi Kivilinna (16):
crypto: twofish-x86_64-3way - blacklist pentium4 and atom
crypto: blowfish-x86_64 - blacklist Pentium 4
crypto: serpent-sse2 - change transpose_4x4 to only use integer instructions
crypto: serpent-sse2 - use crypto_[un]register_algs
crypto: twofish-x86_64-3way - use crypto_[un]register_algs
crypto: blowfish-x86_64 - use crypto_[un]register_algs
crypto: serpent-sse2 - combine ablk_*_init functions
crypto: blowfish-x86_64 - set alignmask to zero
crypto: twofish-x86_64/i586 - set alignmask to zero
crypto: camellia - simplify key setup and CAMELLIA_ROUNDSM macro
crypto: testmgr - add more camellia test vectors
crypto: tcrypt - add more camellia tests
crypto: camellia - rename camellia module to camellia_generic
crypto: camellia - fix checkpatch warnings
crypto: camellia - rename camellia.c to camellia_generic.c
crypto: camellia - add assembler implementation for x86_64

Kim Phillips (2):
crypto: caam - be less noisy on startup
crypto: caam - fix gcc 4.6 warning

Mark Brown (1):
crypto: Add bulk algorithm registration interface

Nikos Mavrogiannopoulos (1):
crypto: Add CRYPTO_ALG_KERN_DRIVER_ONLY flag

Steffen Klassert (2):
padata: Fix race in the serialization path
padata: Fix race on sequence number wrap

Varun Wadekar (1):
crypto: driver for Tegra AES hardware

arch/arm/mach-tegra/fuse.c | 2 +
arch/x86/crypto/Makefile | 2 +
arch/x86/crypto/blowfish_glue.c | 191 ++--
arch/x86/crypto/camellia-x86_64-asm_64.S | 520 +++++++
arch/x86/crypto/camellia_glue.c | 1952 ++++++++++++++++++++++++++
arch/x86/crypto/serpent-sse2-i586-asm_32.S | 29 +-
arch/x86/crypto/serpent-sse2-x86_64-asm_64.S | 29 +-
arch/x86/crypto/serpent_sse2_glue.c | 394 ++----
arch/x86/crypto/twofish_glue.c | 2 +-
arch/x86/crypto/twofish_glue_3way.c | 265 ++--
crypto/Kconfig | 18 +
crypto/Makefile | 2 +-
crypto/algapi.c | 35 +
crypto/camellia.c | 1116 ---------------
crypto/camellia_generic.c | 1102 +++++++++++++++
crypto/crypto_user.c | 2 +-
crypto/sha512_generic.c | 59 +-
crypto/tcrypt.c | 12 +
crypto/testmgr.c | 45 +
crypto/testmgr.h | 1383 ++++++++++++++++++-
drivers/char/hw_random/tx4939-rng.c | 5 +-
drivers/crypto/Kconfig | 11 +
drivers/crypto/Makefile | 1 +
drivers/crypto/caam/caamalg.c | 126 ++-
drivers/crypto/caam/ctrl.c | 2 +-
drivers/crypto/geode-aes.c | 6 +-
drivers/crypto/hifn_795x.c | 3 +-
drivers/crypto/ixp4xx_crypto.c | 4 +-
drivers/crypto/mv_cesa.c | 12 +-
drivers/crypto/n2_core.c | 7 +-
drivers/crypto/omap-aes.c | 8 +-
drivers/crypto/omap-sham.c | 4 +
drivers/crypto/picoxcell_crypto.c | 46 +-
drivers/crypto/s5p-sss.c | 6 +-
drivers/crypto/talitos.c | 1 +
drivers/crypto/tegra-aes.c | 1096 +++++++++++++++
drivers/crypto/tegra-aes.h | 103 ++
include/linux/bitops.h | 20 +
include/linux/crypto.h | 7 +
include/linux/padata.h | 6 +-
kernel/padata.c | 44 +-
41 files changed, 6936 insertions(+), 1742 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2012-05-23 01:35:35

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.5

Hi Linus:

Here is the crypto update for 3.5:

* New cipher/hash driver for ARM ux500.
* Code clean-up for aesni-intel.
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Andreas Westin (5):
crypto: ux500 - Add driver for CRYP hardware
crypto: ux500 - Add driver for HASH hardware
mach-ux500: crypto - core support for CRYP/HASH module.
crypto: ux500 - Update DMA handling for 3.4
crypto: ux500 - Cleanup hardware identification

Borislav Petkov (1):
crypto, xor: Sanitize checksumming function selection output

Julia Lawall (2):
crypto: crypto4xx - move up err_request_irq label
hwrng: omap - use devm_request_and_ioremap

Jussi Kivilinna (2):
crypto: aesni-intel - use crypto_[un]register_algs
crypto: aesni-intel - move more common code to ablk_init_common

Nicolas Ferre (1):
hwrng: Kconfig - modify default state for atmel-rng driver

Shengzhou Liu (1):
crypto: caam - add backward compatible string sec4.0

arch/arm/mach-ux500/board-mop500.c | 48
arch/arm/mach-ux500/clock.c | 18
arch/arm/mach-ux500/devices-common.h | 54
arch/arm/mach-ux500/devices-db8500.c | 3
arch/arm/mach-ux500/devices-db8500.h | 4
arch/arm/mach-ux500/include/mach/crypto-ux500.h | 22
arch/arm/mach-ux500/include/mach/devices.h | 3
arch/arm/mach-ux500/include/mach/hardware.h | 3
arch/x86/crypto/aesni-intel_glue.c | 827 +++------
crypto/xor.c | 5
drivers/char/hw_random/Kconfig | 2
drivers/char/hw_random/omap-rng.c | 22
drivers/crypto/Kconfig | 11
drivers/crypto/Makefile | 1
drivers/crypto/amcc/crypto4xx_core.c | 2
drivers/crypto/caam/caamalg.c | 14
drivers/crypto/caam/ctrl.c | 16
drivers/crypto/ux500/Kconfig | 30
drivers/crypto/ux500/Makefile | 8
drivers/crypto/ux500/cryp/Makefile | 13
drivers/crypto/ux500/cryp/cryp.c | 401 ++++
drivers/crypto/ux500/cryp/cryp.h | 308 +++
drivers/crypto/ux500/cryp/cryp_core.c | 1790 +++++++++++++++++++++
drivers/crypto/ux500/cryp/cryp_irq.c | 45
drivers/crypto/ux500/cryp/cryp_irq.h | 31
drivers/crypto/ux500/cryp/cryp_irqp.h | 125 +
drivers/crypto/ux500/cryp/cryp_p.h | 125 +
drivers/crypto/ux500/hash/Makefile | 11
drivers/crypto/ux500/hash/hash_alg.h | 395 ++++
drivers/crypto/ux500/hash/hash_core.c | 2031 +++++++++++++++++++++++-
30 files changed, 5819 insertions(+), 549 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2012-05-23 23:06:57

by Linus Torvalds

[permalink] [raw]
Subject: Re: Crypto Update for 3.5

On Tue, May 22, 2012 at 6:35 PM, Herbert Xu <[email protected]> wrote:
>
> Here is the crypto update for 3.5:

I pulled this, but quite frankly, some of it looks like utter garbage.

There's a declaration for dbx500_add_platform_device_noirq() that does
not exist and is not used anywhere. Why? It was added in commit
585d188f8072, and I see no rhyme or reason to it.

I only noticed because I happened to get a conflict due to the
location it was added. I removed it. WTF is going on?

Linus

2012-05-24 00:21:36

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Update for 3.5

On Wed, May 23, 2012 at 04:06:35PM -0700, Linus Torvalds wrote:
> On Tue, May 22, 2012 at 6:35 PM, Herbert Xu <[email protected]> wrote:
> >
> > Here is the crypto update for 3.5:
>
> I pulled this, but quite frankly, some of it looks like utter garbage.
>
> There's a declaration for dbx500_add_platform_device_noirq() that does
> not exist and is not used anywhere. Why? It was added in commit
> 585d188f8072, and I see no rhyme or reason to it.

I can't see why that was added there either.

Adding Arnd/Linus Walleij to see if they can tell us whether
it should go or stay.

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2012-05-24 07:03:53

by Linus Walleij

[permalink] [raw]
Subject: Re: Crypto Update for 3.5

On Thu, May 24, 2012 at 1:06 AM, Linus Torvalds
<[email protected]> wrote:

> There's a declaration for dbx500_add_platform_device_noirq() that does
> not exist and is not used anywhere. Why? It was added in commit
> 585d188f8072, and I see no rhyme or reason to it.
>
> I only noticed because I happened to get a conflict due to the
> location it was added. I removed it. WTF is going on?

AFAICT this was retrofitted to get a booting kernel on
the cryptodev base which was based on something old like
v3.2 just some weeks back. (Now it's upgraded to mainline, great!)

Greg was pushing for us to allocate all devices dynamically at
one point, but there was no real infrastructure for it and some local
implementations to meet that requirement, that's why these
functions pop up and down. We're working on it with device tree
etc, mea culpa...

Yours,
Linus Walleij

2012-05-24 08:36:39

by Arnd Bergmann

[permalink] [raw]
Subject: Re: Crypto Update for 3.5

On Thursday 24 May 2012, Herbert Xu wrote:
> On Wed, May 23, 2012 at 04:06:35PM -0700, Linus Torvalds wrote:
> > On Tue, May 22, 2012 at 6:35 PM, Herbert Xu <[email protected]> wrote:
> > >
> > > Here is the crypto update for 3.5:
> >
> > I pulled this, but quite frankly, some of it looks like utter garbage.
> >
> > There's a declaration for dbx500_add_platform_device_noirq() that does
> > not exist and is not used anywhere. Why? It was added in commit
> > 585d188f8072, and I see no rhyme or reason to it.
>
> I can't see why that was added there either.
>
> Adding Arnd/Linus Walleij to see if they can tell us whether
> it should go or stay.

It should go. For all I can tell, this was the result of Lee Jones
doing major cleanups to the ux500 platform for this merge window
in parallel with the crypto driver getting added following the
older code pattern. The crypto patch had to be reworked for this
and apparently a hunk from the older version survived.

The entire file in which it was added is going to be removed
in one of the next kernel versions once we can boot all ux500 machines
using only device tree definitions, so it will be taken care of.

Arnd

2012-07-25 08:41:51

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.6

Hi Linus:

Here is the crypto update for 3.6:

* Fixed algorithm construction hang when self-test fails.
* Added SHA variants to talitos AEAD list.
* New driver for Exynos random number generator.
* Performance enhancements for arc4.
* Added hwrng support to caam.
* Added ahash support to caam.
* Fixed bad kfree in aesni-intel.
* Allow aesni-intel in FIPS mode.
* Added atmel driver with support for AES/3DES/SHA.
* Bug fixes for mv_cesa.
* CRC hardware driver for BF60x family processors.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Alex Porosanu (1):
crypto: caam - ERA retrieval and printing for SEC device

Beno?t Th?baudeau (1):
hwrng: mxc-rnga - fix data_present API

Bharat Bhushan (1):
crypto: caam - Using alloc_coherent for caam job rings

Hemant Agrawal (1):
crypto: caam - add PDB (Protocol Descriptor Block) definitions

Herbert Xu (1):
crypto: algapi - Move larval completion into algboss

Horia Geanta (4):
crypto: talitos - move talitos structures to header file
crypto: talitos - export the talitos_submit function
crypto: talitos - add sha224, sha384 and sha512 to existing AEAD algorithms
crypto: testmgr - add aead cbc aes hmac sha1,256,512 test vectors

Johannes Goetzfried (4):
crypto: twofish - add x86_64/avx assembler implementation
crypto: testmgr - expand twofish test vectors
crypto: serpent - add x86_64/avx assembler implementation
crypto: twofish-avx - remove useless instruction

Jonghwa Lee (1):
hwrng: exynos - Add support for Exynos random number generator

Jussi Kivilinna (15):
crypto: testmgr - add ecb(arc4) speed tests
crypto: arc4 - improve performance by adding ecb(arc4)
crypto: arc4 - improve performance by using u32 for ctx and variables
crypto: serpent-sse2/avx - allow both to be built into kernel
crypto: ablk_helper - move ablk_* functions from serpent-sse2/avx glue code to shared module
crypto: twofish-avx - change to use shared ablk_* functions
crypto: aes_ni - change to use shared ablk_* functions
crypto: serpent-sse2 - prepare serpent-sse2 glue code into generic x86 glue code for 128bit block ciphers
crypto: serpent-sse2 - split generic glue code to new helper module
crypto: serpent-avx: remove duplicated glue code and use shared glue code from glue_helper
crypto: camellia-x86_64 - remove duplicated glue code and use shared glue code from glue_helper
crypto: twofish-x86_64-3way - remove duplicated glue code and use shared glue code from glue_helper
crypto: twofish-avx - remove duplicated glue code and use shared glue code from glue_helper
crypto: move arch/x86/include/asm/serpent-{sse2|avx}.h to arch/x86/include/asm/crypto/
crypto: move arch/x86/include/asm/aes.h to arch/x86/include/asm/crypto/

Kim Phillips (10):
crypto: caam - remove line continuations from ablkcipher_append_src_dst
crypto: caam - fix input job ring element dma mapping size
crypto: caam - fix descriptor length adjustments for protocol descriptors
crypto: caam - assign 40-bit masks on SEC v5.0 and above
crypto: caam - add support for SEC v5.x RNG4
crypto: caam - disable IRQ coalescing by default
crypto: caam - use non-irq versions of spinlocks for job rings
crypto: caam - only query h/w in job ring dequeue path
crypto: caam - consolidate memory barriers from job ring en/dequeue
crypto: caam - one tasklet per job ring

Mathias Krause (1):
crypto: sha1 - use Kbuild supplied flags for AVX test

Milan Broz (2):
crypto: aesni-intel - fix wrong kfree pointer
crypto: testmgr - allow aesni-intel and ghash_clmulni-intel in fips mode

Nicolas Royer (5):
ARM: AT91SAM9G45: add crypto peripherals
crypto: atmel - add Atmel AES driver
crypto: atmel - add Atmel DES/TDES driver
crypto: atmel - add Atmel SHA1/SHA256 driver
crypto: atmel - add new tests to tcrypt

Paul Bolle (1):
crypto: s390 - clean up DES code a bit more

Phil Sutter (3):
crypto: mv_cesa - add an expiry timer in case anything goes wrong
crypto: mv_cesa - initialise the interrupt status field to zero
crypto: mv_cesa - fix for hash finalisation with data

Sebastian Andrzej Siewior (1):
crypto: arc4 - now arc needs blockcipher support

Seth Jennings (2):
crypto: nx - move nx build to driver/crypto Makefile
crypto: nx - fix typo in nx driver config option

Sonic Zhang (2):
crypto: testmgr - Add new test cases for Blackfin CRC crypto driver
crypto: bfin_crc - CRC hardware driver for BF60x family processors.

Steffen Klassert (1):
crypto: algapi - Fix hang on crypto allocation

Yashpal Dutta (1):
crypto: caam - fix start index for Protocol shared descriptors

Yuan Kang (8):
crypto: caam - support external seq in/out lengths
crypto: caam - remove jr register/deregister
crypto: caam - refactor key_gen, sg
crypto: caam - link_tbl rename
crypto: caam - ahash hmac support
crypto: caam - unkeyed ahash support
crypto: caam - chaining support
crypto: caam - hwrng support

arch/arm/mach-at91/at91sam9g45.c | 13 +-
arch/arm/mach-at91/at91sam9g45_devices.c | 128 ++
arch/arm/mach-at91/include/mach/at91sam9g45.h | 2 +
arch/powerpc/Makefile | 1 -
arch/s390/crypto/crypto_des.h | 18 -
arch/x86/crypto/Makefile | 14 +-
arch/x86/crypto/ablk_helper.c | 149 ++
arch/x86/crypto/aes_glue.c | 2 +-
arch/x86/crypto/aesni-intel_glue.c | 110 +-
arch/x86/crypto/camellia_glue.c | 355 +---
arch/x86/crypto/glue_helper.c | 307 ++++
arch/x86/crypto/serpent-avx-x86_64-asm_64.S | 704 ++++++++
.../{serpent_sse2_glue.c => serpent_avx_glue.c} | 592 ++-----
arch/x86/crypto/serpent_sse2_glue.c | 513 ++-----
arch/x86/crypto/sha1_ssse3_asm.S | 2 +-
arch/x86/crypto/sha1_ssse3_glue.c | 6 +-
arch/x86/crypto/twofish-avx-x86_64-asm_64.S | 300 ++++
arch/x86/crypto/twofish_avx_glue.c | 624 +++++++
arch/x86/crypto/twofish_glue_3way.c | 409 ++----
arch/x86/include/asm/crypto/ablk_helper.h | 31 +
arch/x86/include/asm/{ => crypto}/aes.h | 0
arch/x86/include/asm/crypto/glue_helper.h | 115 ++
arch/x86/include/asm/crypto/serpent-avx.h | 32 +
.../asm/{serpent.h => crypto/serpent-sse2.h} | 4 +-
arch/x86/include/asm/crypto/twofish.h | 46 +
crypto/Kconfig | 67 +-
crypto/algapi.c | 17 -
crypto/algboss.c | 17 +-
crypto/arc4.c | 115 +-
crypto/internal.h | 1 -
crypto/tcrypt.c | 86 +-
crypto/testmgr.c | 203 +++
crypto/testmgr.h | 1852 +++++++++++++++++++-
drivers/char/hw_random/Kconfig | 12 +
drivers/char/hw_random/Makefile | 1 +
drivers/char/hw_random/exynos-rng.c | 182 ++
drivers/char/hw_random/mxc-rnga.c | 21 +-
drivers/crypto/Kconfig | 56 +-
drivers/crypto/Makefile | 7 +-
drivers/crypto/atmel-aes-regs.h | 62 +
drivers/crypto/atmel-aes.c | 1206 +++++++++++++
drivers/crypto/atmel-sha-regs.h | 46 +
drivers/crypto/atmel-sha.c | 1112 ++++++++++++
drivers/crypto/atmel-tdes-regs.h | 89 +
drivers/crypto/atmel-tdes.c | 1215 +++++++++++++
drivers/crypto/bfin_crc.c | 780 ++++++++
drivers/crypto/caam/Kconfig | 30 +-
drivers/crypto/caam/Makefile | 4 +-
drivers/crypto/caam/caamalg.c | 572 ++----
drivers/crypto/caam/caamhash.c | 1878 ++++++++++++++++++++
drivers/crypto/caam/caamrng.c | 309 ++++
drivers/crypto/caam/compat.h | 2 +
drivers/crypto/caam/ctrl.c | 179 ++-
drivers/crypto/caam/ctrl.h | 13 +
drivers/crypto/caam/desc.h | 31 +-
drivers/crypto/caam/desc_constr.h | 57 +-
drivers/crypto/caam/error.c | 44 +-
drivers/crypto/caam/intern.h | 6 +-
drivers/crypto/caam/jr.c | 115 +-
drivers/crypto/caam/key_gen.c | 122 ++
drivers/crypto/caam/key_gen.h | 17 +
drivers/crypto/caam/pdb.h | 401 +++++
drivers/crypto/caam/regs.h | 38 +-
drivers/crypto/caam/sg_sw_sec4.h | 156 ++
drivers/crypto/mv_cesa.c | 61 +-
drivers/crypto/talitos.c | 283 ++--
drivers/crypto/talitos.h | 123 ++
include/linux/platform_data/atmel-aes.h | 22 +
68 files changed, 13795 insertions(+), 2292 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2012-10-04 09:53:57

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.7

Hi Linus:

Here is the crypto update for 3.7:

* Optimised AES/SHA1 for ARM.
* IPsec ESN support in talitos and caam.
* x86_64/avx implementation of cast5/cast6.
* Add/use multi-algorithm registration helpers where possible.
* Added IBM Power7+ in-Nest support.
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


David McCullough (1):
arm/crypto: Add optimized AES and SHA1 routines

Devendra Naga (1):
crypto: ux500/hash - remove unneeded return at ux500_hash_mod_fini

Fabio Estevam (2):
hwrng: mxc-rnga - Adapt clocks to new i.mx clock framework
hwrng: mxc-rnga - Access data via structure

Horia Geanta (7):
crypto: talitos - fix icv management on outbound direction
crypto: talitos - prune unneeded descriptor allocation param
crypto: talitos - change type and name for [src|dst]_is_chained
crypto: talitos - support for assoc data provided as scatterlist
crypto: talitos - add IPsec ESN support
crypto: caam - add IPsec ESN support
crypto: caam - fix error IDs for SEC v5.x RNG4

Johannes Goetzfried (6):
crypto: cast5 - prepare generic module for optimized implementations
crypto: testmgr - add larger cast5 testvectors
crypto: cast5 - add x86_64/avx assembler implementation
crypto: cast6 - prepare generic module for optimized implementations
crypto: testmgr - add larger cast6 testvectors
crypto: cast6 - add x86_64/avx assembler implementation

Julia Lawall (1):
drivers/char/hw_random/octeon-rng.c: drop frees of devm allocated data

Jussi Kivilinna (32):
crypto: tea - use crypto_[un]register_algs
crypto: crypto_null - use crypto_[un]register_algs
crypto: des - use crypto_[un]register_algs
crypto: serpent - use crypto_[un]register_algs
crypto: ansi_cprng - use crypto_[un]register_algs
crypto: add crypto_[un]register_shashes for [un]registering multiple shash entries at once
crypto: tiger - use crypto_[un]register_shashes
crypto: sha256 - use crypto_[un]register_shashes
crypto: sha512 - use crypto_[un]register_shashes
crypto: whirlpool - use crypto_[un]register_shashes
crypto: cleanup - remove unneeded crypto_alg.cra_list initializations
crypto: arch/x86 - cleanup - remove unneeded crypto_alg.cra_list initializations
crypto: drivers - remove cra_list initialization
crypto: arch/s390 - cleanup - remove unneeded cra_list initialization
crypto: aesni_intel - improve lrw and xts performance by utilizing parallel AES-NI hardware pipelines
crypto: twofish-avx - tune assembler code for more performance
crypto: cast5-avx - tune assembler code for more performance
crypto: cast6-avx - tune assembler code for more performance
crypto: crypto_user - fix sparse warnings (symbol was not declared, should be static?)
crypto: camellia-x86_64 - fix sparse warnings (constant is so big)
crypto: cast5 - fix sparse warnings (symbol was not declared, should be static?)
crypto: cast6 - fix sparse warnings (symbol was not declared, should be static?)
Revert "[CRYPTO] cast6: inline bloat--"
crypto: 842 - remove .cra_list initialization
crypto: testmgr - allow non-multi page and multi page skcipher tests from same test template
crypto: testmgr - add test vectors for partial ctr(cast5) and ctr(cast6)
crypto: testmgr - add test vectors for CTR mode IV increasement
crypto: testmgr - make test_skcipher also test 'dst != src' code paths
crypto: testmgr - make test_aead also test 'dst != src' code paths
crypto: tcrypt - add missing tests for camellia and ghash
crypto: cast5/avx - fix storing of new IV in CBC encryption
crypto: x86/glue_helper - fix storing of new IV in CBC encryption

Kent Yoder (1):
crypto: Add a MAINTAINERS entry for P7+ in-Nest crypto driver

Kim Phillips (6):
crypto: caam - fix possible deadlock condition
crypto: caam - set descriptor sharing type to SERIAL
crypto: talitos - consolidate cra_type assignments
crypto: talitos - consolidate common cra_* assignments
crypto: caam - coccicheck fixes
crypto: caam - increase TRNG clocks per sample

Michael Ellerman (1):
crypto: nx - Remove virt_to_abs() usage in nx-842.c

Peter Senna Tschudin (4):
crypto: ux500 - fix error return code
crypto: hifn_795x - fix error return code
crypto: crypto4xx - fix error return code
crypto: tegra-aes - fix error return code

Sachin Kamat (1):
crypto: geode-aes - Use module_pci_driver

Seth Jennings (4):
powerpc/crypto: rework Kconfig
powerpc/crypto: add compression support to arch vec
powerpc/crypto: add 842 hardware compression driver
powerpc/crypto: add 842 crypto driver

Shengzhou Liu (1):
crypto: caam - add backward compatible string sec4.0

Suresh Siddha (1):
crypto, tcrypt: remove local_bh_disable/enable() around local_irq_disable/enable()

Tushar Behera (1):
crypto: atmel - Remove possible typo error

Wei Yongjun (1):
crypto: remove duplicated include

MAINTAINERS | 12 +
arch/arm/Makefile | 1 +
arch/arm/crypto/Makefile | 9 +
arch/arm/crypto/aes-armv4.S | 1112 +++++
arch/arm/crypto/aes_glue.c | 108 +
arch/arm/crypto/sha1-armv4-large.S | 503 ++
arch/arm/crypto/sha1_glue.c | 179 +
arch/powerpc/configs/ppc64_defconfig | 3 +-
arch/powerpc/configs/pseries_defconfig | 3 +-
arch/powerpc/kernel/prom_init.c | 4 +-
arch/s390/crypto/aes_s390.c | 5 -
arch/s390/crypto/des_s390.c | 10 -
arch/s390/crypto/ghash_s390.c | 1 -
arch/x86/crypto/Makefile | 4 +
arch/x86/crypto/aes_glue.c | 1 -
arch/x86/crypto/aesni-intel_glue.c | 258 +-
arch/x86/crypto/blowfish_glue.c | 4 -
arch/x86/crypto/camellia_glue.c | 1382 +++---
arch/x86/crypto/cast5-avx-x86_64-asm_64.S | 376 ++
arch/x86/crypto/cast5_avx_glue.c | 530 ++
arch/x86/crypto/cast6-avx-x86_64-asm_64.S | 383 ++
.../{serpent_avx_glue.c => cast6_avx_glue.c} | 380 +-
arch/x86/crypto/ghash-clmulni-intel_glue.c | 2 -
arch/x86/crypto/glue_helper.c | 2 +-
arch/x86/crypto/salsa20_glue.c | 1 -
arch/x86/crypto/serpent_avx_glue.c | 10 -
arch/x86/crypto/serpent_sse2_glue.c | 10 -
arch/x86/crypto/twofish-avx-x86_64-asm_64.S | 227 +-
arch/x86/crypto/twofish_avx_glue.c | 10 -
arch/x86/crypto/twofish_glue.c | 1 -
arch/x86/crypto/twofish_glue_3way.c | 5 -
crypto/842.c | 182 +
crypto/Kconfig | 75 +
crypto/Makefile | 5 +-
crypto/aes_generic.c | 1 -
crypto/ansi_cprng.c | 63 +-
crypto/anubis.c | 1 -
crypto/blowfish_generic.c | 1 -
crypto/camellia_generic.c | 1 -
crypto/{cast5.c => cast5_generic.c} | 80 +-
crypto/{cast6.c => cast6_generic.c} | 73 +-
crypto/crypto_null.c | 57 +-
crypto/crypto_user.c | 2 +-
crypto/deflate.c | 1 -
crypto/des_generic.c | 25 +-
crypto/fcrypt.c | 1 -
crypto/ghash-generic.c | 1 -
crypto/khazad.c | 1 -
crypto/krng.c | 1 -
crypto/lzo.c | 1 -
crypto/salsa20_generic.c | 1 -
crypto/seed.c | 1 -
crypto/serpent_generic.c | 53 +-
crypto/sha256_generic.c | 25 +-
crypto/sha512_generic.c | 20 +-
crypto/shash.c | 36 +
crypto/tcrypt.c | 95 +-
crypto/tcrypt.h | 1 +
crypto/tea.c | 41 +-
crypto/testmgr.c | 472 ++-
crypto/testmgr.h | 5169 ++++++++++++++++----
crypto/tgr192.c | 38 +-
crypto/twofish_generic.c | 1 -
crypto/vmac.c | 10 +-
crypto/wp512.c | 39 +-
drivers/char/hw_random/mxc-rnga.c | 108 +-
drivers/char/hw_random/octeon-rng.c | 17 +-
drivers/crypto/Kconfig | 22 +-
drivers/crypto/amcc/crypto4xx_core.c | 1 +
drivers/crypto/atmel-aes.c | 7 -
drivers/crypto/atmel-sha.c | 5 -
drivers/crypto/atmel-tdes.c | 6 -
drivers/crypto/caam/caamalg.c | 51 +-
drivers/crypto/caam/caamhash.c | 22 +-
drivers/crypto/caam/caamrng.c | 9 +-
drivers/crypto/caam/compat.h | 1 +
drivers/crypto/caam/ctrl.c | 6 +-
drivers/crypto/caam/error.c | 2 -
drivers/crypto/caam/jr.c | 10 +-
drivers/crypto/caam/key_gen.c | 4 +
drivers/crypto/geode-aes.c | 18 +-
drivers/crypto/hifn_795x.c | 5 +-
drivers/crypto/nx/Kconfig | 26 +
drivers/crypto/nx/Makefile | 5 +-
drivers/crypto/nx/nx-842.c | 1617 ++++++
drivers/crypto/nx/nx-aes-cbc.c | 1 -
drivers/crypto/nx/nx-aes-ccm.c | 2 -
drivers/crypto/nx/nx-aes-ctr.c | 2 -
drivers/crypto/nx/nx-aes-ecb.c | 1 -
drivers/crypto/nx/nx-aes-gcm.c | 2 -
drivers/crypto/omap-aes.c | 1 -
drivers/crypto/padlock-aes.c | 3 -
drivers/crypto/s5p-sss.c | 1 -
drivers/crypto/talitos.c | 442 +-
drivers/crypto/tegra-aes.c | 3 +-
drivers/crypto/ux500/cryp/cryp_core.c | 1 +
drivers/crypto/ux500/hash/hash_core.c | 1 -
include/crypto/cast5.h | 27 +
include/crypto/cast6.h | 28 +
include/crypto/internal/hash.h | 2 +
include/linux/nx842.h | 11 +
101 files changed, 11832 insertions(+), 2748 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2012-12-14 10:32:04

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.8

Hi Linus:

Here is the crypto update for 3.8:

* Added aesni/avx/x86_64 implementations for camellia.
* Optimised AVX code for cast5/serpent/twofish/cast6.
* Fixed vmac bug with unaligned input.
* Allow compression algorithms in FIPS mode.
* Optimised crc32c implementation for Intel.
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Axel Lin (1):
crypto: picoxcell - Add terminating entry for platform_device_id table

Jussi Kivilinna (18):
crypto: testmgr - expand camellia test vectors
crypto: testmgr - expand blowfish test vectors
crypto: testmgr - expand serpent test vectors
crypto: testmgr - add new larger AES testvectors
crypto: testmgr - add new larger DES testvectors
crypto: testmgr - add new larger DES3_EDE testvectors
crypto: x86/glue_helper - use le128 instead of u128 for CTR mode
crypto: cast6/avx - avoid using temporary stack buffers
crypto: twofish/avx - avoid using temporary stack buffers
crypto: serpent/avx - avoid using temporary stack buffers
crypto: cast5/avx - avoid using temporary stack buffers
crypto: tcrypt - add async speed test for camellia cipher
crypto: camellia-x86_64 - share common functions and move structures and function definitions to header file
crypto: camellia - add AES-NI/AVX/x86_64 assembler implementation of camellia cipher
crypto: cast5/cast6 - move lookup tables to shared module
crypto: testmgr - remove fips_allowed flag from camellia-aesni null-tests
crypto: testmgr - clean alg_test_null entries in alg_test_descs[]
crypto: testmgr - add larger crc32c test vector to test FPU path in crc32c_intel

Mathias Krause (1):
crypto: testmgr - remove superfluous initializers for xts(aes)

Milan Broz (1):
crypto: testmgr - allow compression algs in fips mode

Sachin Kamat (1):
crypto: s5p-sss - Fix compilation error

Salman Qazi (1):
crypto: vmac - Make VMAC work when blocks aren't aligned

Sebastian Andrzej Siewior (1):
crypto: omap-aes - select BLKCIPHER2

Shan Wei (1):
padata: use __this_cpu_read per-cpu helper

Tim Chen (3):
crypto: crc32c - Rename crc32c-intel.c to crc32c-intel_glue.c
crypto: crc32c - Optimize CRC32C calculation with PCLMULQDQ instruction
crypto: tcrypt - Added speed test in tcrypt for crc32c

Vakul Garg (1):
crypto: caam - Updated SEC-4.0 device tree binding for ERA information.

Wei Yongjun (3):
crypto: talitos - convert to use be16_add_cpu()
crypto: tegra - fix missing unlock on error case
crypto: tegra-aes - fix error-valued pointer dereference

.../devicetree/bindings/crypto/fsl-sec4.txt | 5 +-
arch/x86/crypto/Makefile | 5 +
arch/x86/crypto/camellia-aesni-avx-asm_64.S | 1102 ++++
arch/x86/crypto/camellia_aesni_avx_glue.c | 558 ++
arch/x86/crypto/camellia_glue.c | 92 +-
arch/x86/crypto/cast5-avx-x86_64-asm_64.S | 348 +-
arch/x86/crypto/cast5_avx_glue.c | 79 +-
arch/x86/crypto/cast6-avx-x86_64-asm_64.S | 206 +-
arch/x86/crypto/cast6_avx_glue.c | 77 +-
.../crypto/{crc32c-intel.c => crc32c-intel_glue.c} | 81 +
arch/x86/crypto/crc32c-pcl-intel-asm_64.S | 460 ++
arch/x86/crypto/glue_helper-asm-avx.S | 91 +
arch/x86/crypto/glue_helper.c | 12 +-
arch/x86/crypto/serpent-avx-x86_64-asm_64.S | 166 +-
arch/x86/crypto/serpent_avx_glue.c | 49 +-
arch/x86/crypto/serpent_sse2_glue.c | 12 +-
arch/x86/crypto/twofish-avx-x86_64-asm_64.S | 208 +-
arch/x86/crypto/twofish_avx_glue.c | 73 +-
arch/x86/crypto/twofish_glue_3way.c | 20 +-
arch/x86/include/asm/crypto/camellia.h | 82 +
arch/x86/include/asm/crypto/glue_helper.h | 28 +-
arch/x86/include/asm/crypto/serpent-avx.h | 27 +-
arch/x86/include/asm/crypto/twofish.h | 4 +-
crypto/Kconfig | 42 +
crypto/Makefile | 1 +
crypto/cast5_generic.c | 277 +-
crypto/cast6_generic.c | 280 +-
crypto/cast_common.c | 290 +
crypto/tcrypt.c | 29 +
crypto/testmgr.c | 369 +--
crypto/testmgr.h | 5912 +++++++++++++++++++-
crypto/vmac.c | 47 +-
drivers/crypto/Kconfig | 1 +
drivers/crypto/picoxcell_crypto.c | 1 +
drivers/crypto/s5p-sss.c | 2 +-
drivers/crypto/talitos.c | 3 +-
drivers/crypto/tegra-aes.c | 10 +-
include/crypto/cast5.h | 6 +-
include/crypto/cast6.h | 6 +-
include/crypto/cast_common.h | 9 +
include/crypto/vmac.h | 2 +
kernel/padata.c | 5 +-
42 files changed, 9391 insertions(+), 1686 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2013-02-23 02:34:16

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.9

Hi Linus:

Here is the crypto update for 3.9:

* Added accelerated implementation of crc32 using pclmulqdq.
* Added test vector for fcrypt.
* Added support for OMAP4/AM33XX cipher and hash.
* Fixed loose crypto_user input checks.
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Alexander Boyko (1):
crypto: crc32 - add crc32 pclmulqdq implementation and wrappers for table implementation

Herbert Xu (1):
crypto: crc32-pclmul - Kill warning on x86-32

Jingoo Han (1):
crypto: s5p-sss - Use devm_clk_get()

Julia Lawall (3):
crypto: bfin_crc - reposition free_irq to avoid access to invalid data
crypto: atmel-aes - adjust duplicate test
crypto: use ERR_CAST

Jussi Kivilinna (13):
crypto: testmgr - add test vector for fcrypt
crypto: x86/aes - assembler clean-ups: use ENTRY/ENDPROC, localize jump targets
crypto: aesni-intel - add ENDPROC statements for assembler functions
crypto: blowfish-x86_64: use ENTRY()/ENDPROC() for assembler functions and localize jump targets
crypto: camellia-x86_64/aes-ni: use ENTRY()/ENDPROC() for assembler functions and localize jump targets
crypto: cast5-avx: use ENTRY()/ENDPROC() for assembler functions and localize jump targets
crypto: cast6-avx: use ENTRY()/ENDPROC() for assembler functions
crypto: x86/crc32c - assembler clean-up: use ENTRY/ENDPROC
crypto: x86/ghash - assembler clean-up: use ENDPROC at end of assember functions
crypto: x86/salsa20 - assembler cleanup, use ENTRY/ENDPROC for assember functions and rename ECRYPT_* to salsa20_*
crypto: x86/serpent - use ENTRY/ENDPROC for assember functions and localize jump targets
crypto: x86/sha1 - assembler clean-ups: use ENTRY/ENDPROC
crypto: x86/twofish - assembler clean-ups: use ENTRY/ENDPROC, localize jump labels

Mark A. Greer (20):
crypto: omap-sham - Remove unnecessary pr_info noise
crypto: omap-sham - Convert to use pm_runtime API
crypto: omap-sham - Add suspend/resume support
crypto: omap-sham - Add code to use dmaengine API
crypto: omap-sham - Remove usage of private DMA API
crypto: omap-sham - Add Device Tree Support
crypto: omap-sham - Convert to dma_request_slave_channel_compat()
crypto: omap-sham - Add OMAP4/AM33XX SHAM Support
crypto: omap-sham - Add SHA224 and SHA256 Support
crypto: omap-aes - Remmove unnecessary pr_info noise
crypto: omap-aes - Don't reset controller for every operation
crypto: omap-aes - Convert to use pm_runtime API
crypto: omap-aes - Add suspend/resume support
crypto: omap-aes - Add code to use dmaengine API
crypto: omap-aes - Remove usage of private DMA API
crypto: omap-aes - Add Device Tree Support
crypto: omap-aes - Convert to dma_request_slave_channel_compat()
crypto: omap-aes - Add OMAP4/AM33XX AES Support
crypto: omap-aes - Add CTR algorithm Support
crypto: omap-sham - Fix compile errors when CONFIG_OF not defined

Mathias Krause (3):
crypto: user - fix info leaks in report API
crypto: user - fix empty string test in report API
crypto: user - ensure user supplied strings are nul-terminated

Vakul Garg (1):
crypto: caam - Added property fsl,sec-era in SEC4.0 device tree binding.

.../devicetree/bindings/crypto/fsl-sec4.txt | 12 +-
arch/x86/crypto/Makefile | 2 +
arch/x86/crypto/aes-i586-asm_32.S | 15 +-
arch/x86/crypto/aes-x86_64-asm_64.S | 30 +-
arch/x86/crypto/aesni-intel_asm.S | 23 +-
arch/x86/crypto/blowfish-x86_64-asm_64.S | 39 +-
arch/x86/crypto/camellia-aesni-avx-asm_64.S | 38 +-
arch/x86/crypto/camellia-x86_64-asm_64.S | 50 +-
arch/x86/crypto/cast5-avx-x86_64-asm_64.S | 48 +-
arch/x86/crypto/cast6-avx-x86_64-asm_64.S | 35 +-
arch/x86/crypto/crc32-pclmul_asm.S | 246 ++++++
arch/x86/crypto/crc32-pclmul_glue.c | 201 +++++
arch/x86/crypto/crc32c-pcl-intel-asm_64.S | 8 +-
arch/x86/crypto/ghash-clmulni-intel_asm.S | 4 +
arch/x86/crypto/salsa20-i586-asm_32.S | 28 +-
arch/x86/crypto/salsa20-x86_64-asm_64.S | 28 +-
arch/x86/crypto/salsa20_glue.c | 5 -
arch/x86/crypto/serpent-avx-x86_64-asm_64.S | 35 +-
arch/x86/crypto/serpent-sse2-i586-asm_32.S | 20 +-
arch/x86/crypto/serpent-sse2-x86_64-asm_64.S | 20 +-
arch/x86/crypto/sha1_ssse3_asm.S | 10 +-
arch/x86/crypto/twofish-avx-x86_64-asm_64.S | 35 +-
arch/x86/crypto/twofish-i586-asm_32.S | 11 +-
arch/x86/crypto/twofish-x86_64-asm_64-3way.S | 20 +-
arch/x86/crypto/twofish-x86_64-asm_64.S | 11 +-
crypto/Kconfig | 21 +
crypto/Makefile | 1 +
crypto/ablkcipher.c | 12 +-
crypto/aead.c | 15 +-
crypto/ahash.c | 2 +-
crypto/algapi.c | 4 +-
crypto/authenc.c | 3 +-
crypto/authencesn.c | 3 +-
crypto/blkcipher.c | 12 +-
crypto/ccm.c | 23 +-
crypto/chainiv.c | 3 +-
crypto/crc32.c | 158 ++++
crypto/crypto_user.c | 38 +-
crypto/ctr.c | 3 +-
crypto/cts.c | 3 +-
crypto/gcm.c | 29 +-
crypto/pcompress.c | 3 +-
crypto/rng.c | 2 +-
crypto/seqiv.c | 3 +-
crypto/shash.c | 3 +-
crypto/testmgr.c | 15 +
drivers/crypto/atmel-aes.c | 2 +-
drivers/crypto/bfin_crc.c | 6 +-
drivers/crypto/omap-aes.c | 658 +++++++++++----
drivers/crypto/omap-sham.c | 915 +++++++++++++++-----
drivers/crypto/s5p-sss.c | 4 +-
51 files changed, 2153 insertions(+), 762 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2013-05-02 01:47:10

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.10

Hi Linus:

Here is the crypto update for 3.10:

* XTS mode optimisation for twofish/cast6/camellia/aes on x86.
* AVX2/x86_64 implementation for blowfish/twofish/serpent/camellia.
* SSSE3/AVX/AVX2 optimisations for sha256/sha512.
* Added driver for SAHARA2 crypto accelerator.
* Fix for GMAC when used in non-IPsec secnarios.
* Added generic CMAC implementation (including IPsec glue).
* IP update for crypto/atmel.
* Support for more than one device in hwrng/timeriomem.
* Added Broadcom BCM2835 RNG driver.
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Alexander Clouter (2):
hwrng: timeriomem - update to support more than one device
hwrng: timeriomem - added devicetree hooks

Fabio Estevam (1):
hwrng: mxc-rnga - Use devm_ioremap_resource()

Herbert Xu (1):
crypto: crc32c - Kill pointless CRYPTO_CRC32C_X86_64 option

Javier Martin (1):
crypto: sahara - Add driver for SAHARA2 accelerator.

Jingoo Han (1):
hwrng: exynos - add CONFIG_PM_SLEEP/CONFIG_PM_RUNTIME to suspend/resume

Joel A Fernandes (2):
crypto: omap-sham - Use pm_runtime_put instead of pm_runtime_put_sync in tasklet
crypto: omap-aes - Use pm_runtime_put instead of pm_runtime_put_sync in tasklet

Jussi Kivilinna (20):
crypto: x86/crc32-pclmul - assembly clean-ups: use ENTRY/ENDPROC
crypto: x86 - build AVX block cipher implementations only if assembler supports AVX instructions
crypto: gcm - make GMAC work when dst and src are different
crypto: gcm - fix rfc4543 to handle async crypto correctly
crypto: testmgr - add AES GMAC test vectors
crypto: testmgr - add empty test vectors for null ciphers
crypto: add CMAC support to CryptoAPI
xfrm: add rfc4494 AES-CMAC-96 support
crypto: x86 - add more optimized XTS-mode for serpent-avx
crypto: x86/twofish-avx - use optimized XTS code
crypto: cast6-avx: use new optimized XTS code
crypto: x86/camellia-aesni-avx - add more optimized XTS code
crypto: aesni_intel - add more optimized XTS mode for x86-64
crypto: aesni_intel - fix Kconfig problem with CRYPTO_GLUE_HELPER_X86
crypto: testmgr - extend camellia test-vectors for camellia-aesni/avx2
crypto: tcrypt - add async cipher speed tests for blowfish
crypto: blowfish - add AVX2/x86_64 implementation of blowfish cipher
crypto: twofish - add AVX2/x86_64 assembler implementation of twofish cipher
crypto: serpent - add AVX2/x86_64 assembler implementation of serpent cipher
crypto: camellia - add AVX2/AES-NI/x86_64 assembler implementation of camellia cipher

Kim Phillips (2):
crypto: caam - change key gen functions to return signed int
crypto: caam - static constify error data

Lubomir Rintel (1):
hwrng: bcm2835 - Add Broadcom BCM2835 RNG driver

Mathias Krause (1):
crypto: user - constify netlink dispatch table

Mihnea Dobrescu-Balaur (1):
crypto: ux500 - replace kmalloc and then memcpy with kmemdup

Nicolas Royer (4):
ARM: AT91SAM9G45: same platform data structure for all crypto peripherals
crypto: atmel-aes - add support for latest release of the IP (0x130)
crypto: atmel-tdes - add support for latest release of the IP (0x700)
crypto: atmel-sha - add support for latest release of the IP (0x410)

Paul Bolle (1):
crypto: caam - fix typo "CRYPTO_AHASH"

Sachin Kamat (3):
crypto: omap-aes - Use module_platform_driver macro
crypto: omap-sham - Use module_platform_driver macro
crypto: picoxcell - Use of_match_ptr() macro

Sandy Wu (1):
crypto: crc32-pclmul - Use gas macro for pclmulqdq

Syam Sidhardhan (1):
crypto: bfin_crc - Fix possible NULL pointer dereference

Tang Chen (1):
hwrng: Fix a wrong comment in Documentation/hw_random.txt

Tim Chen (11):
crypto: crc32c - Update the links to the white papers on CRC32C calculations with PCLMULQDQ instructions.
crypto: sha256 - Expose SHA256 generic routine to be callable externally.
crypto: sha256 - Optimized sha256 x86_64 assembly routine using Supplemental SSE3 instructions.
crypto: sha256 - Optimized sha256 x86_64 assembly routine with AVX instructions.
crypto: sha256 - Optimized sha256 x86_64 routine using AVX2's RORX instructions
crypto: sha256 - Create module providing optimized SHA256 routines using SSSE3, AVX or AVX2 instructions.
crypto: sha512 - Expose generic sha512 routine to be callable from other modules
crypto: sha512 - Optimized SHA512 x86_64 assembly routine using Supplemental SSE3 instructions.
crypto: sha512 - Optimized SHA512 x86_64 assembly routine using AVX instructions.
crypto: sha512 - Optimized SHA512 x86_64 assembly routine using AVX2 RORX instruction.
crypto: sha512 - Create module providing optimized SHA512 routines using SSSE3, AVX or AVX2 instructions.

Vakul Garg (3):
crypto: caam - set RDB bit in security configuration register
crypto: caam - Fix missing init of '.type' in AEAD algos.
crypto: caam - fix job ring cleanup code

Wei Yongjun (1):
crypto: ux500 - fix error return code in hash_dma_final()

.../devicetree/bindings/crypto/fsl-imx-sahara.txt | 15 +
.../devicetree/bindings/hwrng/timeriomem_rng.txt | 18 +
.../devicetree/bindings/rng/brcm,bcm2835.txt | 13 +
Documentation/hw_random.txt | 2 +-
arch/arm/mach-at91/at91sam9g45_devices.c | 14 +-
arch/x86/crypto/Makefile | 57 +-
arch/x86/crypto/aesni-intel_asm.S | 117 ++
arch/x86/crypto/aesni-intel_glue.c | 80 ++
arch/x86/crypto/blowfish-avx2-asm_64.S | 449 +++++++
.../{blowfish_glue.c => blowfish_avx2_glue.c} | 402 ++++---
arch/x86/crypto/blowfish_glue.c | 32 +-
arch/x86/crypto/camellia-aesni-avx-asm_64.S | 180 +++-
arch/x86/crypto/camellia-aesni-avx2-asm_64.S | 1368 ++++++++++++++++++++
...aesni_avx_glue.c => camellia_aesni_avx2_glue.c} | 182 ++--
arch/x86/crypto/camellia_aesni_avx_glue.c | 104 +-
arch/x86/crypto/cast6-avx-x86_64-asm_64.S | 48 +-
arch/x86/crypto/cast6_avx_glue.c | 91 +-
arch/x86/crypto/crc32-pclmul_asm.S | 6 +-
arch/x86/crypto/crc32c-pcl-intel-asm_64.S | 10 +-
arch/x86/crypto/glue_helper-asm-avx.S | 61 +-
arch/x86/crypto/glue_helper-asm-avx2.S | 180 +++
arch/x86/crypto/glue_helper.c | 97 ++-
arch/x86/crypto/serpent-avx-x86_64-asm_64.S | 45 +-
...t-avx-x86_64-asm_64.S => serpent-avx2-asm_64.S} | 207 ++--
.../{serpent_avx_glue.c => serpent_avx2_glue.c} | 323 +++---
arch/x86/crypto/serpent_avx_glue.c | 145 ++-
arch/x86/crypto/sha256-avx-asm.S | 496 +++++++
arch/x86/crypto/sha256-avx2-asm.S | 772 +++++++++++
arch/x86/crypto/sha256-ssse3-asm.S | 506 ++++++++
arch/x86/crypto/sha256_ssse3_glue.c | 275 ++++
arch/x86/crypto/sha512-avx-asm.S | 423 ++++++
arch/x86/crypto/sha512-avx2-asm.S | 743 +++++++++++
arch/x86/crypto/sha512-ssse3-asm.S | 421 ++++++
arch/x86/crypto/sha512_ssse3_glue.c | 282 ++++
arch/x86/crypto/twofish-avx-x86_64-asm_64.S | 48 +-
arch/x86/crypto/twofish-avx2-asm_64.S | 600 +++++++++
.../{twofish_avx_glue.c => twofish_avx2_glue.c} | 269 ++--
arch/x86/crypto/twofish_avx_glue.c | 101 +-
arch/x86/include/asm/cpufeature.h | 1 +
arch/x86/include/asm/crypto/blowfish.h | 43 +
arch/x86/include/asm/crypto/camellia.h | 19 +
arch/x86/include/asm/crypto/glue_helper.h | 24 +
arch/x86/include/asm/crypto/serpent-avx.h | 29 +
arch/x86/include/asm/crypto/twofish.h | 18 +
crypto/Kconfig | 133 ++-
crypto/Makefile | 1 +
crypto/cmac.c | 315 +++++
crypto/crypto_user.c | 4 +-
crypto/gcm.c | 116 ++-
crypto/sha256_generic.c | 11 +-
crypto/sha512_generic.c | 13 +-
crypto/tcrypt.c | 30 +-
crypto/testmgr.c | 95 ++-
crypto/testmgr.h | 1314 ++++++++++++++++++-
drivers/char/hw_random/Kconfig | 12 +
drivers/char/hw_random/Makefile | 1 +
drivers/char/hw_random/bcm2835-rng.c | 113 ++
drivers/char/hw_random/exynos-rng.c | 3 +-
drivers/char/hw_random/mxc-rnga.c | 21 +-
drivers/char/hw_random/timeriomem-rng.c | 190 ++-
drivers/crypto/Kconfig | 18 +-
drivers/crypto/Makefile | 1 +
drivers/crypto/atmel-aes.c | 471 +++++--
drivers/crypto/atmel-sha-regs.h | 7 +-
drivers/crypto/atmel-sha.c | 586 +++++++--
drivers/crypto/atmel-tdes-regs.h | 2 +
drivers/crypto/atmel-tdes.c | 394 +++++-
drivers/crypto/bfin_crc.c | 6 +-
drivers/crypto/caam/Kconfig | 2 +-
drivers/crypto/caam/caamalg.c | 6 +
drivers/crypto/caam/caamhash.c | 4 +-
drivers/crypto/caam/ctrl.c | 3 +
drivers/crypto/caam/error.c | 10 +-
drivers/crypto/caam/intern.h | 1 +
drivers/crypto/caam/jr.c | 4 +
drivers/crypto/caam/key_gen.c | 2 +-
drivers/crypto/caam/key_gen.h | 2 +-
drivers/crypto/caam/regs.h | 4 +-
drivers/crypto/omap-aes.c | 15 +-
drivers/crypto/omap-sham.c | 15 +-
drivers/crypto/picoxcell_crypto.c | 4 +-
drivers/crypto/sahara.c | 1070 +++++++++++++++
drivers/crypto/ux500/hash/hash_core.c | 6 +-
include/crypto/sha.h | 5 +
include/linux/platform_data/atmel-aes.h | 22 -
include/linux/platform_data/crypto-atmel.h | 22 +
include/linux/timeriomem-rng.h | 5 -
net/xfrm/xfrm_algo.c | 13 +
88 files changed, 13036 insertions(+), 1352 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2013-07-05 09:52:48

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.11

Hi Linus:

Here is the crypto update for 3.11:

* Do not idle omap device between crypto operations in one session.
* Added sha224/sha384 shims for SSSE3.
* More optimisations for camellia-aesni-avx2.
* Removed defunct blowfish/twofish AVX2 implementations.
* Added unaligned buffer self-tests.
* Added PCLMULQDQ optimisation for CRCT10DIF.
* Added support for Freescale's DCP co-processor
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Andrei Varvara (8):
crypto: caam - fix SEQ IN PTR command when RTO or PRE bit is set
crypto: caam - Fix STORE command to support overwriting Shared Descriptor's memory
crypto: caam - Add MATH command to support shld function
crypto: caam - Add new macros for building extended SEC descriptors (> 64 words)
crypto: caam - Add defines for overwriting Descriptor's memory
crypto: caam - Add defines for CAAM commands
crypto: caam - Add define for Adjust Output Frame Length in PDB
crypto: caam - add missing flag for the LOAD/STORE commands

Arnd Bergmann (1):
hwrng: bcm2835 - fix MODULE_LICENSE tag

Herbert Xu (2):
crypto: crct10dif - Use PTR_RET
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto

Jingoo Han (6):
hwrng: atmel - remove unnecessary platform_set_drvdata()
hwrng: bcm63xx - remove unnecessary platform_set_drvdata()
hwrng: timeriomem - remove unnecessary platform_set_drvdata()
hwrng: tx4939 - remove unnecessary platform_set_drvdata()
hwrng: use platform_{get,set}_drvdata()
crypto: picoxcell - replace strict_strtoul() with kstrtoul()

Joel A Fernandes (1):
crypto: omap-aes - Don't idle/start AES device between Encrypt operations

Jussi Kivilinna (10):
crypto: sha512_generic - set cra_driver_name
crypto: sha512_ssse3 - add sha384 support
crypto: sha256_ssse3 - add sha224 support
crypto: camellia-aesni-avx2 - tune assembly code for more performance
Revert "crypto: blowfish - add AVX2/x86_64 implementation of blowfish cipher"
Revert "crypto: twofish - add AVX2/x86_64 assembler implementation of twofish cipher"
crypto: testmgr - check that entries in alg_test_descs are in correct order
crypto: testmgr - test skciphers with unaligned buffers
crypto: testmgr - test AEADs with unaligned buffers
crypto: testmgr - test hash implementations with unaligned buffers

Lars-Peter Clausen (1):
crypto: hifn_795x - Pass correct pointer to free_irq()

Laurent Navet (1):
drivers: crypto: use devm_ioremap_resource()

Linus Walleij (1):
hwrng: nomadik - use clk_prepare_enable()

Paul Bolle (1):
crypto: sahara - remove dependency on EXPERIMENTAL

Ruchika Gupta (1):
crypto: caam - FIX RNG init for RNG greater than equal to 4

Sachin Kamat (6):
crypto: mv_cesa: Remove redundant platform_set_drvdata()
crypto: s5p-sss: Remove redundant platform_set_drvdata()
crypto: dcp - Remove redundant platform_set_drvdata()
crypto: dcp - Use devm_* APIs
crypto: dcp - Use NULL instead of 0
crypto: dcp - Staticize local symbols

Thomas Meyer (1):
crypto: ux500 - Cocci spatch "resource_size.spatch"

Tim Chen (4):
crypto: crct10dif - Wrap crc_t10dif function all to use crypto transform framework
crypto: crct10dif - Accelerated CRC T10 DIF computation with PCLMULQDQ instruction
crypto: crct10dif - Glue code to cast accelerated CRCT10DIF assembly as a crypto transform
crypto: crct10dif - Simple correctness and speed test for CRCT10DIF hash

Tobias Rauter (1):
crypto: dcp - Added support for Freescale's DCP co-processor

arch/arm/boot/dts/imx28.dtsi | 2 +-
arch/x86/crypto/Makefile | 8 +-
arch/x86/crypto/blowfish-avx2-asm_64.S | 449 -------------
arch/x86/crypto/blowfish_avx2_glue.c | 585 -----------------
arch/x86/crypto/blowfish_glue.c | 32 +-
arch/x86/crypto/camellia-aesni-avx2-asm_64.S | 160 +++--
arch/x86/crypto/crct10dif-pcl-asm_64.S | 643 ++++++++++++++++++
arch/x86/crypto/crct10dif-pclmul_glue.c | 151 +++++
arch/x86/crypto/sha256_ssse3_glue.c | 57 ++-
arch/x86/crypto/sha512_ssse3_glue.c | 58 ++-
arch/x86/crypto/twofish-avx2-asm_64.S | 600 -----------------
arch/x86/crypto/twofish_avx2_glue.c | 584 ----------------
arch/x86/crypto/twofish_avx_glue.c | 14 +-
arch/x86/include/asm/crypto/blowfish.h | 43 --
arch/x86/include/asm/crypto/twofish.h | 18 -
crypto/Kconfig | 63 +--
crypto/Makefile | 1 +
crypto/crct10dif.c | 178 +++++
crypto/sha512_generic.c | 2 +
crypto/tcrypt.c | 8 +
crypto/testmgr.c | 176 ++++-
crypto/testmgr.h | 33 +
drivers/char/hw_random/atmel-rng.c | 2 -
drivers/char/hw_random/bcm2835-rng.c | 2 +-
drivers/char/hw_random/bcm63xx-rng.c | 2 -
drivers/char/hw_random/n2-drv.c | 6 +-
drivers/char/hw_random/nomadik-rng.c | 2 +-
drivers/char/hw_random/octeon-rng.c | 4 +-
drivers/char/hw_random/omap-rng.c | 6 +-
drivers/char/hw_random/timeriomem-rng.c | 2 -
drivers/char/hw_random/tx4939-rng.c | 1 -
drivers/crypto/Kconfig | 12 +-
drivers/crypto/Makefile | 1 +
drivers/crypto/caam/ctrl.c | 10 +-
drivers/crypto/caam/desc.h | 22 +-
drivers/crypto/caam/desc_constr.h | 81 +++-
drivers/crypto/caam/pdb.h | 1 +
drivers/crypto/caam/regs.h | 42 ++-
drivers/crypto/dcp.c | 912 ++++++++++++++++++++++++++
drivers/crypto/hifn_795x.c | 4 +-
drivers/crypto/mv_cesa.c | 1 -
drivers/crypto/omap-aes.c | 36 +-
drivers/crypto/omap-sham.c | 7 +-
drivers/crypto/picoxcell_crypto.c | 2 +-
drivers/crypto/s5p-sss.c | 2 -
drivers/crypto/ux500/cryp/cryp_core.c | 2 +-
include/linux/crc-t10dif.h | 4 +
lib/Kconfig | 2 +
lib/crc-t10dif.c | 73 +--
49 files changed, 2542 insertions(+), 2564 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2013-09-07 03:55:52

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.12

Hi Linus:

Here is the crypto update for 3.12:

* Added MODULE_SOFTDEP to allow pre-loading of modules.
* Reinstated crct10dif driver using the module softdep feature.
* Allow via rng driver to be auto-loaded.

* Split large input data when necessary in nx.
* Handle zero length messages correctly for GCM/XCBC in nx.
* Handle SHA-2 chunks bigger than block size properly in nx.

* Handle unaligned lengths in omap-aes.
* Added SHA384/SHA512 to omap-sham.
* Added OMAP5/AM43XX SHAM support.
* Added OMAP4 TRNG support.

* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Alex Porosanu (2):
crypto: caam - replace xstr macro with __stringify
crypto: caam - add option for enabling DEBUG mode

Andi Kleen (1):
crypto: make tables used from assembler __visible

Andreas Robinson (1):
modules: add support for soft module dependencies

Ben Hutchings (1):
hwrng: via - Add MODULE_DEVICE_TABLE

Chen Gang (1):
padata - share code between CPU_ONLINE and CPU_DOWN_FAILED, same to CPU_DOWN_PREPARE and CPU_UP_CANCELED

Cristian Stoica (1):
crypto: testmgr - remove double execution of the same test suite

Dan Carpenter (2):
crypto: sahara - checking the wrong variable
crypto: tegra-aes - bitwise vs logical and

Fabio Estevam (1):
hwrng: mxc-rnga - Check the return value from clk_prepare_enable()

Fionnuala Gunter (3):
crypto: nx - saves chaining value from co-processor
crypto: nx - fix limits to sg lists for AES-XCBC
crypto: nx - fix limits to sg lists for AES-CCM

Herbert Xu (2):
Merge git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux
Reinstate "crypto: crct10dif - Wrap crc_t10dif function all to use crypto transform framework"

Jan-Simon M?ller (1):
crypto: fcrypt - Fix bitoperation for compilation with clang

Jingoo Han (3):
hwrng: pixocel - Staticize 'rng_dev'
crypto: sahara - Staticize local symbol
crypto: crypto4xx - Staticize local symbols

Joe Perches (1):
crypto: ux500 - Fix logging, make arrays const, neatening

Joel Fernandes (14):
crypto: scatterwalk - Add support for calculating number of SG elements
crypto: omap-aes - Add useful debug macros
crypto: omap-aes - Populate number of SG elements
crypto: omap-aes - Simplify DMA usage by using direct SGs
crypto: omap-aes - Sync SG before DMA operation
crypto: omap-aes - Remove previously used intermediate buffers
crypto: omap-aes - Add IRQ info and helper macros
crypto: omap-aes - PIO mode: Add IRQ handler and walk SGs
crypto: omap-aes - PIO mode: platform data for OMAP4/AM437x and trigger
crypto: omap-aes - Switch to PIO mode during probe
crypto: omap-aes - Add support for cases of unaligned lengths
crypto: omap-aes - Convert kzalloc to devm_kzalloc
crypto: omap-aes - Convert request_irq to devm_request_irq
crypto: omap-aes - Kconfig: Add build support for AM437x

John Haxby (1):
crypto: xor - Check for osxsave as well as avx in crypto/xor

Julia Lawall (3):
hwrng: tx4939 - simplify use of devm_ioremap_resource
crypto: camellia-x86-64 - replace commas by semicolons and adjust code alignment
crypto: camellia_generic - replace commas by semicolons and adjust code alignment

Lokesh Vutla (12):
crypto: omap-sham - Add SHA384 and SHA512 Support
crypto: omap-sham - Add OMAP5/AM43XX SHAM Support
crypto: omap-sham - Convert to devm_request_irq()
crypto: omap-sham - Convert to devm_kzalloc()
hwrng: omap - Use module_platform_driver macro
hwrng: omap - Convert to devm_kzalloc()
hwrng: omap - Remove duplicated function call
hwrng: omap - Add device tree support
ARM: OMAP2+: Only manually add hwmod data when DT not used.
hwrng: omap - Add OMAP4 TRNG support
crypto: omap-sham - Enable Polling mode if DMA fails
crypto: omap-sham - correct dma burst size

Marcelo Cerri (11):
crypto: nx - fix physical addresses added to sg lists
crypto: nx - fix limits to sg lists for SHA-2
crypto: nx - fix concurrency issue
crypto: nx - add offset to nx_build_sg_lists()
crypto: nx - fix limits to sg lists for AES-ECB
crypto: nx - fix limits to sg lists for AES-CBC
crypto: nx - fix limits to sg lists for AES-CTR
crypto: nx - fix limits to sg lists for AES-GCM
crypto: nx - fix XCBC for zero length messages
crypto: nx - fix GCM for zero length messages
crypto: nx - fix SHA-2 for chunks bigger than block size

Olof Johansson (1):
hwrng: omap - reorder OMAP TRNG driver code

Richard Weinberger (1):
padata - Register hotcpu notifier after initialization

Ruchika Gupta (2):
crypto: caam - RNG instantiation by directly programming DECO
crypto: caam - Remove unused functions from Job Ring

Vakul Garg (1):
crypto: caam - Moved macro DESC_JOB_IO_LEN to desc_constr.h

[email protected] (1):
crypto: nx - fix nx-aes-gcm verification

arch/arm/mach-omap2/devices.c | 2 +-
arch/x86/crypto/Makefile | 2 +
arch/x86/crypto/camellia_glue.c | 64 +--
arch/x86/crypto/crct10dif-pcl-asm_64.S | 643 +++++++++++++++++++++++++++++++
arch/x86/crypto/crct10dif-pclmul_glue.c | 151 ++++++++
arch/x86/include/asm/xor_avx.h | 4 +-
crypto/Kconfig | 19 +
crypto/Makefile | 1 +
crypto/aes_generic.c | 8 +-
crypto/camellia_generic.c | 48 +--
crypto/cast_common.c | 8 +-
crypto/crct10dif.c | 178 +++++++++
crypto/fcrypt.c | 2 +-
crypto/scatterwalk.c | 22 ++
crypto/tcrypt.c | 8 +
crypto/testmgr.c | 12 +-
crypto/testmgr.h | 33 ++
drivers/char/hw_random/Kconfig | 6 +-
drivers/char/hw_random/mxc-rnga.c | 4 +-
drivers/char/hw_random/omap-rng.c | 386 +++++++++++++++----
drivers/char/hw_random/picoxcell-rng.c | 2 +-
drivers/char/hw_random/tx4939-rng.c | 4 +-
drivers/char/hw_random/via-rng.c | 7 +
drivers/crypto/Kconfig | 13 +-
drivers/crypto/amcc/crypto4xx_alg.c | 15 +-
drivers/crypto/caam/Kconfig | 8 +
drivers/crypto/caam/Makefile | 3 +
drivers/crypto/caam/caamalg.c | 80 ++--
drivers/crypto/caam/caamhash.c | 70 ++--
drivers/crypto/caam/ctrl.c | 77 ++--
drivers/crypto/caam/desc_constr.h | 1 +
drivers/crypto/caam/intern.h | 5 -
drivers/crypto/caam/jr.c | 67 ----
drivers/crypto/caam/jr.h | 2 -
drivers/crypto/caam/key_gen.c | 6 +-
drivers/crypto/caam/regs.h | 12 +-
drivers/crypto/nx/nx-aes-cbc.c | 57 ++-
drivers/crypto/nx/nx-aes-ccm.c | 283 ++++++++++----
drivers/crypto/nx/nx-aes-ctr.c | 52 ++-
drivers/crypto/nx/nx-aes-ecb.c | 50 ++-
drivers/crypto/nx/nx-aes-gcm.c | 296 ++++++++++----
drivers/crypto/nx/nx-aes-xcbc.c | 205 +++++++---
drivers/crypto/nx/nx-sha256.c | 124 +++---
drivers/crypto/nx/nx-sha512.c | 131 ++++---
drivers/crypto/nx/nx.c | 35 +-
drivers/crypto/nx/nx.h | 3 +-
drivers/crypto/omap-aes.c | 468 ++++++++++++----------
drivers/crypto/omap-sham.c | 382 ++++++++++++++----
drivers/crypto/sahara.c | 4 +-
drivers/crypto/tegra-aes.c | 6 +-
drivers/crypto/ux500/hash/hash_core.c | 586 ++++++++++++++--------------
include/crypto/scatterwalk.h | 2 +
include/linux/crc-t10dif.h | 4 +
include/linux/module.h | 5 +
kernel/padata.c | 32 +-
lib/Kconfig | 2 +
lib/crc-t10dif.c | 74 ++--
57 files changed, 3410 insertions(+), 1364 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2013-11-07 08:01:37

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.13

Hi Linus:

Here is the crypto update for 3.13:

* Made x86 ablk_helper generic for ARM.
* Phase out chainiv in favour of eseqiv (affects IPsec).
* Fixed aes-cbc IV corruption on s390.
* Added constant-time crypto_memneq which replaces memcmp.

* Fixed aes-ctr in omap-aes.
* Added OMAP3 ROM RNG support.
* Add PRNG support for MSM SoC's
* Add and use Job Ring API in caam.

* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git



Alex Porosanu (7):
crypto: caam - fix RNG state handle instantiation descriptor
crypto: caam - fix hash, alg and rng registration if CAAM driver not initialized
crypto: caam - fix RNG4 instantiation
crypto: caam - split RNG4 instantiation function
crypto: caam - uninstantiate RNG state handle 0 if instantiated by caam driver
crypto: caam - fix RNG4 AAI defines
crypto: caam - enable instantiation of all RNG4 state handles

Ard Biesheuvel (2):
crypto: create generic version of ablk_helper
crypto: move x86 to the generic version of ablk_helper

Ben Hutchings (1):
hwrng: via-rng - Mark device ID table as __maybe_unused

Fabio Estevam (4):
crypto: dcp - Use devm_ioremap_resource()
crypto: dcp - Use devm_request_irq()
crypto: dcp - Fix the path for releasing the resources
crypto: dcp - Check the return value from devm_ioremap_resource()

Herbert Xu (2):
crypto: skcipher - Use eseqiv even on UP machines
crypto: s390 - Fix aes-cbc IV corruption

James Yonan (1):
crypto: crypto_memneq - add equality testing of memory regions w/o timing leaks

Joel Fernandes (1):
crypto: omap-aes - Fix CTR mode counter length

Joni Lapilainen (1):
crypto: omap-sham - Add missing modalias

Jussi Kivilinna (2):
crypto: sha256_ssse3 - use correct module alias for sha224
crypto: x86 - restore avx2_supported check

Linus Walleij (1):
crypto: tegra - use kernel entropy instead of ad-hoc

Mathias Krause (6):
crypto: authenc - Export key parsing helper function
crypto: authencesn - Simplify key parsing
crypto: ixp4xx - Simplify and harden key parsing
crypto: picoxcell - Simplify and harden key parsing
crypto: talitos - Simplify key parsing
padata: make the sequence counter an atomic_t

Michael Ellerman (2):
hwrng: pseries - Use KBUILD_MODNAME in pseries-rng.c
hwrng: pseries - Return errors to upper levels in pseries-rng.c

Michael Opdenacker (1):
crypto: mv_cesa: remove deprecated IRQF_DISABLED

Neil Horman (1):
crypto: ansi_cprng - Fix off by one error in non-block size request

Oliver Neukum (1):
crypto: sha256_ssse3 - also test for BMI2

Pali Roh?r (1):
hwrng: OMAP3 ROM Random Number Generator support

Ruchika Gupta (3):
crypto: caam - Add Platform driver for Job Ring
crypto: caam - Add API's to allocate/free Job Rings
crypto: caam - Modify the interface layers to use JR API's

Sachin Kamat (7):
crypto: mv_cesa - Staticize local symbols
crypto: omap-aes - Staticize local symbols
crypto: tegra-aes - Staticize tegra_aes_cra_exit
crypto: tegra-aes - Fix NULL pointer dereference
crypto: tegra-aes - Use devm_clk_get
crypto: sahara - Remove redundant of_match_ptr
crypto: mv_cesa - Remove redundant of_match_ptr

Stanimir Varbanov (2):
ARM: DT: msm: Add Qualcomm's PRNG driver binding document
hwrng: msm - Add PRNG support for MSM SoC's

Stephen Warren (1):
ARM: tegra: remove tegra_chip_uid()

Yashpal Dutta (1):
crypto: caam - map src buffer before access

kbuild test robot (1):
crypto: ablk_helper - Replace memcpy with struct assignment

.../devicetree/bindings/rng/qcom,prng.txt | 17 +
arch/arm/mach-tegra/fuse.c | 10 -
arch/s390/crypto/aes_s390.c | 19 +-
arch/x86/crypto/Makefile | 3 +-
arch/x86/crypto/aesni-intel_glue.c | 2 +-
arch/x86/crypto/camellia_aesni_avx2_glue.c | 2 +-
arch/x86/crypto/camellia_aesni_avx_glue.c | 2 +-
arch/x86/crypto/cast5_avx_glue.c | 2 +-
arch/x86/crypto/cast6_avx_glue.c | 2 +-
arch/x86/crypto/serpent_avx2_glue.c | 2 +-
arch/x86/crypto/serpent_avx_glue.c | 2 +-
arch/x86/crypto/serpent_sse2_glue.c | 2 +-
arch/x86/crypto/sha256_ssse3_glue.c | 4 +-
arch/x86/crypto/twofish_avx_glue.c | 2 +-
arch/x86/include/asm/simd.h | 11 +
crypto/Kconfig | 23 +-
crypto/Makefile | 8 +-
{arch/x86/crypto => crypto}/ablk_helper.c | 13 +-
crypto/ablkcipher.c | 21 +-
crypto/ansi_cprng.c | 4 +-
crypto/asymmetric_keys/rsa.c | 5 +-
crypto/authenc.c | 54 ++-
crypto/authencesn.c | 34 +--
crypto/ccm.c | 4 +-
crypto/gcm.c | 2 +-
crypto/memneq.c | 138 +++++++
drivers/char/hw_random/Kconfig | 25 ++
drivers/char/hw_random/Makefile | 2 +
drivers/char/hw_random/msm-rng.c | 197 +++++++++
drivers/char/hw_random/omap3-rom-rng.c | 141 +++++++
drivers/char/hw_random/pseries-rng.c | 19 +-
drivers/char/hw_random/via-rng.c | 2 +-
drivers/crypto/caam/Kconfig | 25 +-
drivers/crypto/caam/Makefile | 4 +-
drivers/crypto/caam/caamalg.c | 83 +---
drivers/crypto/caam/caamhash.c | 88 ++---
drivers/crypto/caam/caamrng.c | 29 +-
drivers/crypto/caam/ctrl.c | 418 ++++++++++++++++----
drivers/crypto/caam/desc.h | 17 +-
drivers/crypto/caam/intern.h | 20 +-
drivers/crypto/caam/jr.c | 339 +++++++++++-----
drivers/crypto/caam/jr.h | 5 +-
drivers/crypto/caam/regs.h | 14 +-
drivers/crypto/caam/sg_sw_sec4.h | 34 ++-
drivers/crypto/dcp.c | 49 +--
drivers/crypto/ixp4xx_crypto.c | 26 +-
drivers/crypto/mv_cesa.c | 14 +-
drivers/crypto/omap-aes.c | 6 +-
drivers/crypto/omap-sham.c | 1 +
drivers/crypto/picoxcell_crypto.c | 32 +--
drivers/crypto/sahara.c | 2 +-
drivers/crypto/talitos.c | 35 +--
drivers/crypto/tegra-aes.c | 26 +-
include/asm-generic/simd.h | 14 +
.../include/asm => include}/crypto/ablk_helper.h | 0
include/crypto/algapi.h | 18 +-
include/crypto/authenc.h | 12 +-
include/linux/padata.h | 3 +-
kernel/padata.c | 9 +-
59 files changed, 1454 insertions(+), 643 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2013-11-12 16:41:59

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.13

Hi Linus:

Here is the crypto update for 3.13:

* Made x86 ablk_helper generic for ARM.
* Phase out chainiv in favour of eseqiv (affects IPsec).
* Fixed aes-cbc IV corruption on s390.
* Added constant-time crypto_memneq which replaces memcmp.

* Fixed aes-ctr in omap-aes.
* Added OMAP3 ROM RNG support.
* Add PRNG support for MSM SoC's
* Add and use Job Ring API in caam.

* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git



Alex Porosanu (7):
crypto: caam - fix RNG state handle instantiation descriptor
crypto: caam - fix hash, alg and rng registration if CAAM driver not initialized
crypto: caam - fix RNG4 instantiation
crypto: caam - split RNG4 instantiation function
crypto: caam - uninstantiate RNG state handle 0 if instantiated by caam driver
crypto: caam - fix RNG4 AAI defines
crypto: caam - enable instantiation of all RNG4 state handles

Ard Biesheuvel (2):
crypto: create generic version of ablk_helper
crypto: move x86 to the generic version of ablk_helper

Ben Hutchings (1):
hwrng: via-rng - Mark device ID table as __maybe_unused

Fabio Estevam (4):
crypto: dcp - Use devm_ioremap_resource()
crypto: dcp - Use devm_request_irq()
crypto: dcp - Fix the path for releasing the resources
crypto: dcp - Check the return value from devm_ioremap_resource()

Herbert Xu (2):
crypto: skcipher - Use eseqiv even on UP machines
crypto: s390 - Fix aes-cbc IV corruption

James Yonan (1):
crypto: crypto_memneq - add equality testing of memory regions w/o timing leaks

Joel Fernandes (1):
crypto: omap-aes - Fix CTR mode counter length

Joni Lapilainen (1):
crypto: omap-sham - Add missing modalias

Jussi Kivilinna (2):
crypto: sha256_ssse3 - use correct module alias for sha224
crypto: x86 - restore avx2_supported check

Linus Walleij (1):
crypto: tegra - use kernel entropy instead of ad-hoc

Mathias Krause (6):
crypto: authenc - Export key parsing helper function
crypto: authencesn - Simplify key parsing
crypto: ixp4xx - Simplify and harden key parsing
crypto: picoxcell - Simplify and harden key parsing
crypto: talitos - Simplify key parsing
padata: make the sequence counter an atomic_t

Michael Ellerman (2):
hwrng: pseries - Use KBUILD_MODNAME in pseries-rng.c
hwrng: pseries - Return errors to upper levels in pseries-rng.c

Michael Opdenacker (1):
crypto: mv_cesa: remove deprecated IRQF_DISABLED

Neil Horman (1):
crypto: ansi_cprng - Fix off by one error in non-block size request

Oliver Neukum (1):
crypto: sha256_ssse3 - also test for BMI2

Pali Roh?r (1):
hwrng: OMAP3 ROM Random Number Generator support

Ruchika Gupta (3):
crypto: caam - Add Platform driver for Job Ring
crypto: caam - Add API's to allocate/free Job Rings
crypto: caam - Modify the interface layers to use JR API's

Sachin Kamat (7):
crypto: mv_cesa - Staticize local symbols
crypto: omap-aes - Staticize local symbols
crypto: tegra-aes - Staticize tegra_aes_cra_exit
crypto: tegra-aes - Fix NULL pointer dereference
crypto: tegra-aes - Use devm_clk_get
crypto: sahara - Remove redundant of_match_ptr
crypto: mv_cesa - Remove redundant of_match_ptr

Stanimir Varbanov (2):
ARM: DT: msm: Add Qualcomm's PRNG driver binding document
hwrng: msm - Add PRNG support for MSM SoC's

Stephen Warren (1):
ARM: tegra: remove tegra_chip_uid()

Yashpal Dutta (1):
crypto: caam - map src buffer before access

kbuild test robot (1):
crypto: ablk_helper - Replace memcpy with struct assignment

.../devicetree/bindings/rng/qcom,prng.txt | 17 +
arch/arm/mach-tegra/fuse.c | 10 -
arch/s390/crypto/aes_s390.c | 19 +-
arch/x86/crypto/Makefile | 3 +-
arch/x86/crypto/aesni-intel_glue.c | 2 +-
arch/x86/crypto/camellia_aesni_avx2_glue.c | 2 +-
arch/x86/crypto/camellia_aesni_avx_glue.c | 2 +-
arch/x86/crypto/cast5_avx_glue.c | 2 +-
arch/x86/crypto/cast6_avx_glue.c | 2 +-
arch/x86/crypto/serpent_avx2_glue.c | 2 +-
arch/x86/crypto/serpent_avx_glue.c | 2 +-
arch/x86/crypto/serpent_sse2_glue.c | 2 +-
arch/x86/crypto/sha256_ssse3_glue.c | 4 +-
arch/x86/crypto/twofish_avx_glue.c | 2 +-
arch/x86/include/asm/simd.h | 11 +
crypto/Kconfig | 23 +-
crypto/Makefile | 8 +-
{arch/x86/crypto => crypto}/ablk_helper.c | 13 +-
crypto/ablkcipher.c | 21 +-
crypto/ansi_cprng.c | 4 +-
crypto/asymmetric_keys/rsa.c | 5 +-
crypto/authenc.c | 54 ++-
crypto/authencesn.c | 34 +--
crypto/ccm.c | 4 +-
crypto/gcm.c | 2 +-
crypto/memneq.c | 138 +++++++
drivers/char/hw_random/Kconfig | 25 ++
drivers/char/hw_random/Makefile | 2 +
drivers/char/hw_random/msm-rng.c | 197 +++++++++
drivers/char/hw_random/omap3-rom-rng.c | 141 +++++++
drivers/char/hw_random/pseries-rng.c | 19 +-
drivers/char/hw_random/via-rng.c | 2 +-
drivers/crypto/caam/Kconfig | 25 +-
drivers/crypto/caam/Makefile | 4 +-
drivers/crypto/caam/caamalg.c | 83 +---
drivers/crypto/caam/caamhash.c | 88 ++---
drivers/crypto/caam/caamrng.c | 29 +-
drivers/crypto/caam/ctrl.c | 418 ++++++++++++++++----
drivers/crypto/caam/desc.h | 17 +-
drivers/crypto/caam/intern.h | 20 +-
drivers/crypto/caam/jr.c | 339 +++++++++++-----
drivers/crypto/caam/jr.h | 5 +-
drivers/crypto/caam/regs.h | 14 +-
drivers/crypto/caam/sg_sw_sec4.h | 34 ++-
drivers/crypto/dcp.c | 49 +--
drivers/crypto/ixp4xx_crypto.c | 26 +-
drivers/crypto/mv_cesa.c | 14 +-
drivers/crypto/omap-aes.c | 6 +-
drivers/crypto/omap-sham.c | 1 +
drivers/crypto/picoxcell_crypto.c | 32 +--
drivers/crypto/sahara.c | 2 +-
drivers/crypto/talitos.c | 35 +--
drivers/crypto/tegra-aes.c | 26 +-
include/asm-generic/simd.h | 14 +
.../include/asm => include}/crypto/ablk_helper.h | 0
include/crypto/algapi.h | 18 +-
include/crypto/authenc.h | 12 +-
include/linux/padata.h | 3 +-
kernel/padata.c | 9 +-
59 files changed, 1454 insertions(+), 643 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2013-11-12 16:59:59

by Borislav Petkov

[permalink] [raw]
Subject: Re: Crypto Update for 3.13

On Wed, Nov 13, 2013 at 12:41:52AM +0800, Herbert Xu wrote:
> Hi Linus:
>
> Here is the crypto update for 3.13:
>
> * Made x86 ablk_helper generic for ARM.
> * Phase out chainiv in favour of eseqiv (affects IPsec).
> * Fixed aes-cbc IV corruption on s390.
> * Added constant-time crypto_memneq which replaces memcmp.
>
> * Fixed aes-ctr in omap-aes.
> * Added OMAP3 ROM RNG support.
> * Add PRNG support for MSM SoC's
> * Add and use Job Ring API in caam.
>
> * Misc fixes.

Maybe add this one to that:

http://marc.info/?l=linux-kernel&m=138078878205385&w=2

?

--
Regards/Gruss,
Boris.

Sent from a fat crate under my desk. Formatting is fine.
--

2013-11-12 18:27:56

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Update for 3.13

On Tue, Nov 12, 2013 at 05:59:34PM +0100, Borislav Petkov wrote:
> On Wed, Nov 13, 2013 at 12:41:52AM +0800, Herbert Xu wrote:
> > Hi Linus:
> >
> > Here is the crypto update for 3.13:
> >
> > * Made x86 ablk_helper generic for ARM.
> > * Phase out chainiv in favour of eseqiv (affects IPsec).
> > * Fixed aes-cbc IV corruption on s390.
> > * Added constant-time crypto_memneq which replaces memcmp.
> >
> > * Fixed aes-ctr in omap-aes.
> > * Added OMAP3 ROM RNG support.
> > * Add PRNG support for MSM SoC's
> > * Add and use Job Ring API in caam.
> >
> > * Misc fixes.
>
> Maybe add this one to that:
>
> http://marc.info/?l=linux-kernel&m=138078878205385&w=2
>
> ?

I think this should probably go through James Morris's tree.

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2013-11-19 02:21:24

by Herbert Xu

[permalink] [raw]
Subject: [GIT] Crypto Update for 3.13

Hi Linus:

Here is a resend of crypto the update for 3.13:

* Made x86 ablk_helper generic for ARM.
* Phase out chainiv in favour of eseqiv (affects IPsec).
* Fixed aes-cbc IV corruption on s390.
* Added constant-time crypto_memneq which replaces memcmp.

* Fixed aes-ctr in omap-aes.
* Added OMAP3 ROM RNG support.
* Add PRNG support for MSM SoC's
* Add and use Job Ring API in caam.

* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git



Alex Porosanu (7):
crypto: caam - fix RNG state handle instantiation descriptor
crypto: caam - fix hash, alg and rng registration if CAAM driver not initialized
crypto: caam - fix RNG4 instantiation
crypto: caam - split RNG4 instantiation function
crypto: caam - uninstantiate RNG state handle 0 if instantiated by caam driver
crypto: caam - fix RNG4 AAI defines
crypto: caam - enable instantiation of all RNG4 state handles

Ard Biesheuvel (2):
crypto: create generic version of ablk_helper
crypto: move x86 to the generic version of ablk_helper

Ben Hutchings (1):
hwrng: via-rng - Mark device ID table as __maybe_unused

Fabio Estevam (4):
crypto: dcp - Use devm_ioremap_resource()
crypto: dcp - Use devm_request_irq()
crypto: dcp - Fix the path for releasing the resources
crypto: dcp - Check the return value from devm_ioremap_resource()

Herbert Xu (2):
crypto: skcipher - Use eseqiv even on UP machines
crypto: s390 - Fix aes-cbc IV corruption

James Yonan (1):
crypto: crypto_memneq - add equality testing of memory regions w/o timing leaks

Joel Fernandes (1):
crypto: omap-aes - Fix CTR mode counter length

Joni Lapilainen (1):
crypto: omap-sham - Add missing modalias

Jussi Kivilinna (2):
crypto: sha256_ssse3 - use correct module alias for sha224
crypto: x86 - restore avx2_supported check

Linus Walleij (1):
crypto: tegra - use kernel entropy instead of ad-hoc

Mathias Krause (6):
crypto: authenc - Export key parsing helper function
crypto: authencesn - Simplify key parsing
crypto: ixp4xx - Simplify and harden key parsing
crypto: picoxcell - Simplify and harden key parsing
crypto: talitos - Simplify key parsing
padata: make the sequence counter an atomic_t

Michael Ellerman (2):
hwrng: pseries - Use KBUILD_MODNAME in pseries-rng.c
hwrng: pseries - Return errors to upper levels in pseries-rng.c

Michael Opdenacker (1):
crypto: mv_cesa: remove deprecated IRQF_DISABLED

Neil Horman (1):
crypto: ansi_cprng - Fix off by one error in non-block size request

Oliver Neukum (1):
crypto: sha256_ssse3 - also test for BMI2

Pali Roh?r (1):
hwrng: OMAP3 ROM Random Number Generator support

Ruchika Gupta (3):
crypto: caam - Add Platform driver for Job Ring
crypto: caam - Add API's to allocate/free Job Rings
crypto: caam - Modify the interface layers to use JR API's

Sachin Kamat (7):
crypto: mv_cesa - Staticize local symbols
crypto: omap-aes - Staticize local symbols
crypto: tegra-aes - Staticize tegra_aes_cra_exit
crypto: tegra-aes - Fix NULL pointer dereference
crypto: tegra-aes - Use devm_clk_get
crypto: sahara - Remove redundant of_match_ptr
crypto: mv_cesa - Remove redundant of_match_ptr

Stanimir Varbanov (2):
ARM: DT: msm: Add Qualcomm's PRNG driver binding document
hwrng: msm - Add PRNG support for MSM SoC's

Stephen Warren (1):
ARM: tegra: remove tegra_chip_uid()

Yashpal Dutta (1):
crypto: caam - map src buffer before access

kbuild test robot (1):
crypto: ablk_helper - Replace memcpy with struct assignment

.../devicetree/bindings/rng/qcom,prng.txt | 17 +
arch/arm/mach-tegra/fuse.c | 10 -
arch/s390/crypto/aes_s390.c | 19 +-
arch/x86/crypto/Makefile | 3 +-
arch/x86/crypto/aesni-intel_glue.c | 2 +-
arch/x86/crypto/camellia_aesni_avx2_glue.c | 2 +-
arch/x86/crypto/camellia_aesni_avx_glue.c | 2 +-
arch/x86/crypto/cast5_avx_glue.c | 2 +-
arch/x86/crypto/cast6_avx_glue.c | 2 +-
arch/x86/crypto/serpent_avx2_glue.c | 2 +-
arch/x86/crypto/serpent_avx_glue.c | 2 +-
arch/x86/crypto/serpent_sse2_glue.c | 2 +-
arch/x86/crypto/sha256_ssse3_glue.c | 4 +-
arch/x86/crypto/twofish_avx_glue.c | 2 +-
arch/x86/include/asm/simd.h | 11 +
crypto/Kconfig | 23 +-
crypto/Makefile | 8 +-
{arch/x86/crypto => crypto}/ablk_helper.c | 13 +-
crypto/ablkcipher.c | 21 +-
crypto/ansi_cprng.c | 4 +-
crypto/asymmetric_keys/rsa.c | 5 +-
crypto/authenc.c | 54 ++-
crypto/authencesn.c | 34 +--
crypto/ccm.c | 4 +-
crypto/gcm.c | 2 +-
crypto/memneq.c | 138 +++++++
drivers/char/hw_random/Kconfig | 25 ++
drivers/char/hw_random/Makefile | 2 +
drivers/char/hw_random/msm-rng.c | 197 +++++++++
drivers/char/hw_random/omap3-rom-rng.c | 141 +++++++
drivers/char/hw_random/pseries-rng.c | 19 +-
drivers/char/hw_random/via-rng.c | 2 +-
drivers/crypto/caam/Kconfig | 25 +-
drivers/crypto/caam/Makefile | 4 +-
drivers/crypto/caam/caamalg.c | 83 +---
drivers/crypto/caam/caamhash.c | 88 ++---
drivers/crypto/caam/caamrng.c | 29 +-
drivers/crypto/caam/ctrl.c | 418 ++++++++++++++++----
drivers/crypto/caam/desc.h | 17 +-
drivers/crypto/caam/intern.h | 20 +-
drivers/crypto/caam/jr.c | 339 +++++++++++-----
drivers/crypto/caam/jr.h | 5 +-
drivers/crypto/caam/regs.h | 14 +-
drivers/crypto/caam/sg_sw_sec4.h | 34 ++-
drivers/crypto/dcp.c | 49 +--
drivers/crypto/ixp4xx_crypto.c | 26 +-
drivers/crypto/mv_cesa.c | 14 +-
drivers/crypto/omap-aes.c | 6 +-
drivers/crypto/omap-sham.c | 1 +
drivers/crypto/picoxcell_crypto.c | 32 +--
drivers/crypto/sahara.c | 2 +-
drivers/crypto/talitos.c | 35 +--
drivers/crypto/tegra-aes.c | 26 +-
include/asm-generic/simd.h | 14 +
.../include/asm => include}/crypto/ablk_helper.h | 0
include/crypto/algapi.h | 18 +-
include/crypto/authenc.h | 12 +-
include/linux/padata.h | 3 +-
kernel/padata.c | 9 +-
59 files changed, 1454 insertions(+), 643 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2013-11-23 01:34:47

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.13

Hi Linus:

This is a resend.

Here is the crypto update for 3.13:

* Made x86 ablk_helper generic for ARM.
* Phase out chainiv in favour of eseqiv (affects IPsec).
* Fixed aes-cbc IV corruption on s390.
* Added constant-time crypto_memneq which replaces memcmp.

* Fixed aes-ctr in omap-aes.
* Added OMAP3 ROM RNG support.
* Add PRNG support for MSM SoC's
* Add and use Job Ring API in caam.

* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git



Alex Porosanu (7):
crypto: caam - fix RNG state handle instantiation descriptor
crypto: caam - fix hash, alg and rng registration if CAAM driver not initialized
crypto: caam - fix RNG4 instantiation
crypto: caam - split RNG4 instantiation function
crypto: caam - uninstantiate RNG state handle 0 if instantiated by caam driver
crypto: caam - fix RNG4 AAI defines
crypto: caam - enable instantiation of all RNG4 state handles

Ard Biesheuvel (2):
crypto: create generic version of ablk_helper
crypto: move x86 to the generic version of ablk_helper

Ben Hutchings (1):
hwrng: via-rng - Mark device ID table as __maybe_unused

Fabio Estevam (4):
crypto: dcp - Use devm_ioremap_resource()
crypto: dcp - Use devm_request_irq()
crypto: dcp - Fix the path for releasing the resources
crypto: dcp - Check the return value from devm_ioremap_resource()

Herbert Xu (2):
crypto: skcipher - Use eseqiv even on UP machines
crypto: s390 - Fix aes-cbc IV corruption

James Yonan (1):
crypto: crypto_memneq - add equality testing of memory regions w/o timing leaks

Joel Fernandes (1):
crypto: omap-aes - Fix CTR mode counter length

Joni Lapilainen (1):
crypto: omap-sham - Add missing modalias

Jussi Kivilinna (2):
crypto: sha256_ssse3 - use correct module alias for sha224
crypto: x86 - restore avx2_supported check

Linus Walleij (1):
crypto: tegra - use kernel entropy instead of ad-hoc

Mathias Krause (6):
crypto: authenc - Export key parsing helper function
crypto: authencesn - Simplify key parsing
crypto: ixp4xx - Simplify and harden key parsing
crypto: picoxcell - Simplify and harden key parsing
crypto: talitos - Simplify key parsing
padata: make the sequence counter an atomic_t

Michael Ellerman (2):
hwrng: pseries - Use KBUILD_MODNAME in pseries-rng.c
hwrng: pseries - Return errors to upper levels in pseries-rng.c

Michael Opdenacker (1):
crypto: mv_cesa: remove deprecated IRQF_DISABLED

Neil Horman (1):
crypto: ansi_cprng - Fix off by one error in non-block size request

Oliver Neukum (1):
crypto: sha256_ssse3 - also test for BMI2

Pali Roh?r (1):
hwrng: OMAP3 ROM Random Number Generator support

Ruchika Gupta (3):
crypto: caam - Add Platform driver for Job Ring
crypto: caam - Add API's to allocate/free Job Rings
crypto: caam - Modify the interface layers to use JR API's

Sachin Kamat (7):
crypto: mv_cesa - Staticize local symbols
crypto: omap-aes - Staticize local symbols
crypto: tegra-aes - Staticize tegra_aes_cra_exit
crypto: tegra-aes - Fix NULL pointer dereference
crypto: tegra-aes - Use devm_clk_get
crypto: sahara - Remove redundant of_match_ptr
crypto: mv_cesa - Remove redundant of_match_ptr

Stanimir Varbanov (2):
ARM: DT: msm: Add Qualcomm's PRNG driver binding document
hwrng: msm - Add PRNG support for MSM SoC's

Stephen Warren (1):
ARM: tegra: remove tegra_chip_uid()

Yashpal Dutta (1):
crypto: caam - map src buffer before access

kbuild test robot (1):
crypto: ablk_helper - Replace memcpy with struct assignment

.../devicetree/bindings/rng/qcom,prng.txt | 17 +
arch/arm/mach-tegra/fuse.c | 10 -
arch/s390/crypto/aes_s390.c | 19 +-
arch/x86/crypto/Makefile | 3 +-
arch/x86/crypto/aesni-intel_glue.c | 2 +-
arch/x86/crypto/camellia_aesni_avx2_glue.c | 2 +-
arch/x86/crypto/camellia_aesni_avx_glue.c | 2 +-
arch/x86/crypto/cast5_avx_glue.c | 2 +-
arch/x86/crypto/cast6_avx_glue.c | 2 +-
arch/x86/crypto/serpent_avx2_glue.c | 2 +-
arch/x86/crypto/serpent_avx_glue.c | 2 +-
arch/x86/crypto/serpent_sse2_glue.c | 2 +-
arch/x86/crypto/sha256_ssse3_glue.c | 4 +-
arch/x86/crypto/twofish_avx_glue.c | 2 +-
arch/x86/include/asm/simd.h | 11 +
crypto/Kconfig | 23 +-
crypto/Makefile | 8 +-
{arch/x86/crypto => crypto}/ablk_helper.c | 13 +-
crypto/ablkcipher.c | 21 +-
crypto/ansi_cprng.c | 4 +-
crypto/asymmetric_keys/rsa.c | 5 +-
crypto/authenc.c | 54 ++-
crypto/authencesn.c | 34 +--
crypto/ccm.c | 4 +-
crypto/gcm.c | 2 +-
crypto/memneq.c | 138 +++++++
drivers/char/hw_random/Kconfig | 25 ++
drivers/char/hw_random/Makefile | 2 +
drivers/char/hw_random/msm-rng.c | 197 +++++++++
drivers/char/hw_random/omap3-rom-rng.c | 141 +++++++
drivers/char/hw_random/pseries-rng.c | 19 +-
drivers/char/hw_random/via-rng.c | 2 +-
drivers/crypto/caam/Kconfig | 25 +-
drivers/crypto/caam/Makefile | 4 +-
drivers/crypto/caam/caamalg.c | 83 +---
drivers/crypto/caam/caamhash.c | 88 ++---
drivers/crypto/caam/caamrng.c | 29 +-
drivers/crypto/caam/ctrl.c | 418 ++++++++++++++++----
drivers/crypto/caam/desc.h | 17 +-
drivers/crypto/caam/intern.h | 20 +-
drivers/crypto/caam/jr.c | 339 +++++++++++-----
drivers/crypto/caam/jr.h | 5 +-
drivers/crypto/caam/regs.h | 14 +-
drivers/crypto/caam/sg_sw_sec4.h | 34 ++-
drivers/crypto/dcp.c | 49 +--
drivers/crypto/ixp4xx_crypto.c | 26 +-
drivers/crypto/mv_cesa.c | 14 +-
drivers/crypto/omap-aes.c | 6 +-
drivers/crypto/omap-sham.c | 1 +
drivers/crypto/picoxcell_crypto.c | 32 +--
drivers/crypto/sahara.c | 2 +-
drivers/crypto/talitos.c | 35 +--
drivers/crypto/tegra-aes.c | 26 +-
include/asm-generic/simd.h | 14 +
.../include/asm => include}/crypto/ablk_helper.h | 0
include/crypto/algapi.h | 18 +-
include/crypto/authenc.h | 12 +-
include/linux/padata.h | 3 +-
kernel/padata.c | 9 +-
59 files changed, 1454 insertions(+), 643 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2013-11-23 01:40:41

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.13

Hi Linus:

This is a resend with the recipients in the cc field instead of the
to field.

Here is the crypto update for 3.13:

* Made x86 ablk_helper generic for ARM.
* Phase out chainiv in favour of eseqiv (affects IPsec).
* Fixed aes-cbc IV corruption on s390.
* Added constant-time crypto_memneq which replaces memcmp.

* Fixed aes-ctr in omap-aes.
* Added OMAP3 ROM RNG support.
* Add PRNG support for MSM SoC's
* Add and use Job Ring API in caam.

* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git



Alex Porosanu (7):
crypto: caam - fix RNG state handle instantiation descriptor
crypto: caam - fix hash, alg and rng registration if CAAM driver not initialized
crypto: caam - fix RNG4 instantiation
crypto: caam - split RNG4 instantiation function
crypto: caam - uninstantiate RNG state handle 0 if instantiated by caam driver
crypto: caam - fix RNG4 AAI defines
crypto: caam - enable instantiation of all RNG4 state handles

Ard Biesheuvel (2):
crypto: create generic version of ablk_helper
crypto: move x86 to the generic version of ablk_helper

Ben Hutchings (1):
hwrng: via-rng - Mark device ID table as __maybe_unused

Fabio Estevam (4):
crypto: dcp - Use devm_ioremap_resource()
crypto: dcp - Use devm_request_irq()
crypto: dcp - Fix the path for releasing the resources
crypto: dcp - Check the return value from devm_ioremap_resource()

Herbert Xu (2):
crypto: skcipher - Use eseqiv even on UP machines
crypto: s390 - Fix aes-cbc IV corruption

James Yonan (1):
crypto: crypto_memneq - add equality testing of memory regions w/o timing leaks

Joel Fernandes (1):
crypto: omap-aes - Fix CTR mode counter length

Joni Lapilainen (1):
crypto: omap-sham - Add missing modalias

Jussi Kivilinna (2):
crypto: sha256_ssse3 - use correct module alias for sha224
crypto: x86 - restore avx2_supported check

Linus Walleij (1):
crypto: tegra - use kernel entropy instead of ad-hoc

Mathias Krause (6):
crypto: authenc - Export key parsing helper function
crypto: authencesn - Simplify key parsing
crypto: ixp4xx - Simplify and harden key parsing
crypto: picoxcell - Simplify and harden key parsing
crypto: talitos - Simplify key parsing
padata: make the sequence counter an atomic_t

Michael Ellerman (2):
hwrng: pseries - Use KBUILD_MODNAME in pseries-rng.c
hwrng: pseries - Return errors to upper levels in pseries-rng.c

Michael Opdenacker (1):
crypto: mv_cesa: remove deprecated IRQF_DISABLED

Neil Horman (1):
crypto: ansi_cprng - Fix off by one error in non-block size request

Oliver Neukum (1):
crypto: sha256_ssse3 - also test for BMI2

Pali Roh?r (1):
hwrng: OMAP3 ROM Random Number Generator support

Ruchika Gupta (3):
crypto: caam - Add Platform driver for Job Ring
crypto: caam - Add API's to allocate/free Job Rings
crypto: caam - Modify the interface layers to use JR API's

Sachin Kamat (7):
crypto: mv_cesa - Staticize local symbols
crypto: omap-aes - Staticize local symbols
crypto: tegra-aes - Staticize tegra_aes_cra_exit
crypto: tegra-aes - Fix NULL pointer dereference
crypto: tegra-aes - Use devm_clk_get
crypto: sahara - Remove redundant of_match_ptr
crypto: mv_cesa - Remove redundant of_match_ptr

Stanimir Varbanov (2):
ARM: DT: msm: Add Qualcomm's PRNG driver binding document
hwrng: msm - Add PRNG support for MSM SoC's

Stephen Warren (1):
ARM: tegra: remove tegra_chip_uid()

Yashpal Dutta (1):
crypto: caam - map src buffer before access

kbuild test robot (1):
crypto: ablk_helper - Replace memcpy with struct assignment

.../devicetree/bindings/rng/qcom,prng.txt | 17 +
arch/arm/mach-tegra/fuse.c | 10 -
arch/s390/crypto/aes_s390.c | 19 +-
arch/x86/crypto/Makefile | 3 +-
arch/x86/crypto/aesni-intel_glue.c | 2 +-
arch/x86/crypto/camellia_aesni_avx2_glue.c | 2 +-
arch/x86/crypto/camellia_aesni_avx_glue.c | 2 +-
arch/x86/crypto/cast5_avx_glue.c | 2 +-
arch/x86/crypto/cast6_avx_glue.c | 2 +-
arch/x86/crypto/serpent_avx2_glue.c | 2 +-
arch/x86/crypto/serpent_avx_glue.c | 2 +-
arch/x86/crypto/serpent_sse2_glue.c | 2 +-
arch/x86/crypto/sha256_ssse3_glue.c | 4 +-
arch/x86/crypto/twofish_avx_glue.c | 2 +-
arch/x86/include/asm/simd.h | 11 +
crypto/Kconfig | 23 +-
crypto/Makefile | 8 +-
{arch/x86/crypto => crypto}/ablk_helper.c | 13 +-
crypto/ablkcipher.c | 21 +-
crypto/ansi_cprng.c | 4 +-
crypto/asymmetric_keys/rsa.c | 5 +-
crypto/authenc.c | 54 ++-
crypto/authencesn.c | 34 +--
crypto/ccm.c | 4 +-
crypto/gcm.c | 2 +-
crypto/memneq.c | 138 +++++++
drivers/char/hw_random/Kconfig | 25 ++
drivers/char/hw_random/Makefile | 2 +
drivers/char/hw_random/msm-rng.c | 197 +++++++++
drivers/char/hw_random/omap3-rom-rng.c | 141 +++++++
drivers/char/hw_random/pseries-rng.c | 19 +-
drivers/char/hw_random/via-rng.c | 2 +-
drivers/crypto/caam/Kconfig | 25 +-
drivers/crypto/caam/Makefile | 4 +-
drivers/crypto/caam/caamalg.c | 83 +---
drivers/crypto/caam/caamhash.c | 88 ++---
drivers/crypto/caam/caamrng.c | 29 +-
drivers/crypto/caam/ctrl.c | 418 ++++++++++++++++----
drivers/crypto/caam/desc.h | 17 +-
drivers/crypto/caam/intern.h | 20 +-
drivers/crypto/caam/jr.c | 339 +++++++++++-----
drivers/crypto/caam/jr.h | 5 +-
drivers/crypto/caam/regs.h | 14 +-
drivers/crypto/caam/sg_sw_sec4.h | 34 ++-
drivers/crypto/dcp.c | 49 +--
drivers/crypto/ixp4xx_crypto.c | 26 +-
drivers/crypto/mv_cesa.c | 14 +-
drivers/crypto/omap-aes.c | 6 +-
drivers/crypto/omap-sham.c | 1 +
drivers/crypto/picoxcell_crypto.c | 32 +--
drivers/crypto/sahara.c | 2 +-
drivers/crypto/talitos.c | 35 +--
drivers/crypto/tegra-aes.c | 26 +-
include/asm-generic/simd.h | 14 +
.../include/asm => include}/crypto/ablk_helper.h | 0
include/crypto/algapi.h | 18 +-
include/crypto/authenc.h | 12 +-
include/linux/padata.h | 3 +-
kernel/padata.c | 9 +-
59 files changed, 1454 insertions(+), 643 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2014-01-23 11:53:28

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.14

Hi Linus:

Here is the crypto update for 3.14:

* Improved crypto_memneq helper.
* Use cyprto_memneq in arch-specific crypto code.
* Replaced orphaned DCP driver with Freescale MXS DCP driver.
* Added AVX/AVX2 version of AESNI-GCM encode and decode.
* Added AMD Cryptographic Coprocessor (CCP) driver.
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git



Andy Shevchenko (1):
crypto: aesni - fix build on x86 (32bit)

Cesar Eduardo Barros (1):
crypto: more robust crypto_memneq

Daniel Borkmann (2):
crypto: memneq - fix for archs without efficient unaligned access
crypto: arch - use crypto_memneq instead of memcmp

Fengguang Wu (1):
crytpo: ccp - fix coccinelle warnings

Horia Geanta (2):
crypto: talitos - fix locating offending descriptor in error path
crypto: caam - simplify and harden key parsing

Lokesh Vutla (1):
crypto: omap-sham - Fix Polling mode for larger blocks

Marek Vasut (5):
crypto: ahash - Fully restore ahash request before completing
crypto: mxs - Remove the old DCP driver
crypto: mxs - Add Freescale MXS DCP driver
ARM: mxs: dts: Enable DCP for MXS
crypto: drivers - Sort drivers/crypto/Makefile

Mark A. Greer (1):
crypto: omap-sham - Only release DMA channel if successfully requested

Mathias Krause (2):
crypto: pcrypt - Fix wrong usage of rcu_dereference()
padata: Fix wrong usage of rcu_dereference()

Nishanth Menon (1):
crypto: omap-aes - add error check for pm_runtime_get_sync

Sachin Kamat (3):
crypto: crypto4xx - Remove redundant dev_set_drvdata
crypto: ccp - Remove redundant dev_set_drvdata
crypto: talitos - Remove redundant dev_set_drvdata

Tim Chen (3):
crypto: aesni - AVX and AVX2 version of AESNI-GCM encode and decode
crypto: tcrypt - Added speed tests for AEAD crypto alogrithms in tcrypt test suite
crypto: aesni - fix build on x86 (32bit)

Tom Lendacky (17):
crypto: ccp - CCP device driver and interface support
crypto: ccp - crypto API interface to the CCP device driver
crypto: ccp - CCP AES crypto API support
crypto: ccp - CCP AES CMAC mode crypto API support
crypto: ccp - CCP XTS-AES crypto API support
crypto: ccp - CCP SHA crypto API support
crytpo: ccp - CCP device driver build files
crypto: ccp - CCP maintainer information
crypto: ccp - Fix sparse warnings in ccp-crypto-sha.c
crypto: ccp - CCP Kconfig fixes
crypto: ccp - Remove user triggerable pr_err calls
crypto: ccp - Apply appropriate gfp_t type to memory allocations
crypto: ccp - Cleanup scatterlist usage
crypto: ccp - Check for caller result area before using it
crypto: ccp - Change data length declarations to u64
crypto: ccp - Cleanup hash invocation calls
crypto: ccp - CCP device enabled/disabled changes

Wei Yongjun (1):
crypto: mxs - Fix sparse non static symbol warning

.../devicetree/bindings/crypto/fsl-dcp.txt | 17 +
MAINTAINERS | 7 +
arch/arm/boot/dts/imx23.dtsi | 4 +-
arch/arm/boot/dts/imx28.dtsi | 3 +-
arch/s390/crypto/des_s390.c | 6 +-
arch/x86/crypto/Makefile | 1 +
arch/x86/crypto/aesni-intel_avx-x86_64.S | 2811 ++++++++++++++++++++
arch/x86/crypto/aesni-intel_glue.c | 147 +-
crypto/Makefile | 5 -
crypto/ahash.c | 5 +-
crypto/memneq.c | 80 +-
crypto/pcrypt.c | 2 +-
crypto/tcrypt.c | 270 ++
crypto/tcrypt.h | 10 +
drivers/crypto/Kconfig | 39 +-
drivers/crypto/Makefile | 33 +-
drivers/crypto/amcc/crypto4xx_core.c | 1 -
drivers/crypto/caam/caamalg.c | 36 +-
drivers/crypto/ccp/Kconfig | 24 +
drivers/crypto/ccp/Makefile | 10 +
drivers/crypto/ccp/ccp-crypto-aes-cmac.c | 365 +++
drivers/crypto/ccp/ccp-crypto-aes-xts.c | 279 ++
drivers/crypto/ccp/ccp-crypto-aes.c | 369 +++
drivers/crypto/ccp/ccp-crypto-main.c | 432 +++
drivers/crypto/ccp/ccp-crypto-sha.c | 517 ++++
drivers/crypto/ccp/ccp-crypto.h | 197 ++
drivers/crypto/ccp/ccp-dev.c | 595 +++++
drivers/crypto/ccp/ccp-dev.h | 272 ++
drivers/crypto/ccp/ccp-ops.c | 2024 ++++++++++++++
drivers/crypto/ccp/ccp-pci.c | 361 +++
drivers/crypto/dcp.c | 903 -------
drivers/crypto/mxs-dcp.c | 1100 ++++++++
drivers/crypto/omap-aes.c | 16 +-
drivers/crypto/omap-sham.c | 19 +-
drivers/crypto/talitos.c | 23 +-
include/linux/ccp.h | 537 ++++
include/linux/compiler-gcc.h | 3 +
include/linux/compiler-intel.h | 7 +
include/linux/compiler.h | 4 +
kernel/padata.c | 2 +-
40 files changed, 10527 insertions(+), 1009 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2014-04-01 10:00:10

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.15

Hi Linus:

Here is the crypto update for 3.15:

* Added 3DES driver for OMAP4/AM43xx.
* Added AVX2 acceleration for SHA.
* Added hash-only AEAD algorithms in caam.
* Removed tegra driver as it is not functioning and the hardware is too slow.
* Allow blkcipher walks over AEAD (needed for ARM).
* Fixed unprotected FPU/SSE access in ghash-clmulni-intel.
* Fixed highmem crash in omap-sham.
* Add (zero entropy) randomness when initialising hardware RNGs.
* Fixed unaligned ahash comletion functions.
* Added soft module depedency for crc32c for initrds that use crc32c.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git



Alex Porosanu (1):
crypto: caam - fix ERA retrieval function

Alexander Shiyan (1):
crypto: sahara - Use return value of devm_request_irq() on error

Ard Biesheuvel (3):
crypto: remove direct blkcipher_walk dependency on transform
crypto: allow blkcipher walks over AEAD data
crypto: ghash-clmulni-intel - use C implementation for setkey()

Dan Carpenter (3):
hwrng: cleanup in hwrng_register()
crypto: remove a duplicate checks in __cbc_decrypt()
crypto: caam - writel() arguments are swapped

Dave Jones (1):
crypto: ccp - Fix ccp_run_passthru_cmd dma variable assignments

Fabio Estevam (3):
crypto: mxs-dcp: Use devm_kzalloc()
crypto: mxs-dcp: Check the return value of stmp_reset_block()
crypto: mxs-dcp - Fix platform_get_irq() error handling

Herbert Xu (1):
crypto: caam - Fix first parameter to caam_init_rng

Horia Geanta (5):
crypto: caam - remove error propagation handling
crypto: export NULL algorithms defines
crypto: testmgr - add aead null encryption test vectors
crypto: caam - add support for aead null encryption
crypto: caam - add missing key_dma unmap

Jingoo Han (14):
crypto: picoxcell - Use devm_ioremap_resource()
crypto: sahara - Use devm_ioremap_resource()
crypto: s5p-sss - Use devm_ioremap_resource()
hwrng: atmel - Use devm_ioremap_resource()
hwrng: pixocell - Use devm_ioremap_resource()
hwrng: atmel - Use devm_clk_get()
hwrng: omap3-rom - Use devm_clk_get()
hwrng: pixocell - Use devm_clk_get()
hwrng: nomadik - Use devm_*() functions
hwrng: timeriomem - Use devm_*() functions
crypto: omap-aes - Use SIMPLE_DEV_PM_OPS macro
crypto: omap-des - Use SIMPLE_DEV_PM_OPS macro
crypto: omap-sham - Use SIMPLE_DEV_PM_OPS macro
crypto: omap-des - make local functions static

Joel Fernandes (3):
crypto: omap-des - Add omap-des driver for OMAP4/AM43xx
crypto: omap-des - Add config and build options
crypto: omap-sham - Map SG pages if they are HIGHMEM before accessing

Kees Cook (1):
hwrng: add randomness to system from rng sources

Kevin Hao (1):
crypto: talitos: init the priv->alg_list more earlier in talitos_probe()

Marek Vasut (6):
crypto: dcp - Move the AES operation type from actx to rctx
crypto: mxs-dcp - Align the bounce buffers
crypto: mxs-dcp - Optimize hashing
crypto: hash - Fix the pointer voodoo in unaligned ahash
crypto: hash - Pull out the functions to save/restore request
crypto: hash - Simplify the ahash_finup implementation

Mathias Krause (3):
crypto: x86/sha1 - re-enable the AVX variant
crypto: x86/sha1 - fix stack alignment of AVX2 variant
crypto: x86/sha1 - reduce size of the AVX2 asm implementation

Nitesh Lal (2):
crypto: caam - Fix job ring discovery in controller driver
crypto: caam - Dynamic memory allocation for caam_rng_ctx object

Sonic Zhang (1):
crypt: bfin_crc - Remove useless SSYNC instruction and cache flush to DMA coherent memory

Stephen Warren (1):
crypto: tegra - remove driver

Tim Chen (2):
CRC32C: Add soft module dependency to load other accelerated crc32c modules
crypto: crypto_wq - Fix late crypto work queue initialization

Tom Lendacky (7):
crypto: ccp - Allow for selective disablement of crypto API algorithms
crypto: ccp - Move HMAC calculation down to ccp ops file
crypto: ccp - Use a single queue for proper ordering of tfm requests
crypto: ccp - Perform completion callbacks using a tasklet
crypto: ccp - Prevent a possible lost CCP command request
crypto: ccp - Invoke context callback when there is a backlog error
crypto: ccp - Account for CCP backlog processing

chandramouli narayanan (1):
crypto: sha - SHA1 transform x86_64 AVX2

arch/x86/crypto/Makefile | 3 +
arch/x86/crypto/blowfish_glue.c | 3 -
arch/x86/crypto/cast5_avx_glue.c | 3 -
arch/x86/crypto/ghash-clmulni-intel_asm.S | 29 -
arch/x86/crypto/ghash-clmulni-intel_glue.c | 14 +-
arch/x86/crypto/sha1_avx2_x86_64_asm.S | 708 ++++++++++++++++
arch/x86/crypto/sha1_ssse3_glue.c | 53 ++-
crypto/Kconfig | 4 +-
crypto/Makefile | 2 +-
crypto/ahash.c | 147 +++--
crypto/blkcipher.c | 81 ++-
crypto/{crc32c.c => crc32c_generic.c} | 2 +
crypto/crypto_null.c | 6 +-
crypto/crypto_wq.c | 2 +-
crypto/tcrypt.c | 8 +
crypto/testmgr.c | 32 +
crypto/testmgr.h | 180 ++++
drivers/char/hw_random/atmel-rng.c | 23 +-
drivers/char/hw_random/core.c | 17 +-
drivers/char/hw_random/nomadik-rng.c | 13 +-
drivers/char/hw_random/omap3-rom-rng.c | 3 +-
drivers/char/hw_random/picoxcell-rng.c | 27 +-
drivers/char/hw_random/timeriomem-rng.c | 40 +-
drivers/crypto/Kconfig | 22 +-
drivers/crypto/Makefile | 2 +-
drivers/crypto/bfin_crc.c | 45 +-
drivers/crypto/caam/caamalg.c | 384 ++++++++--
drivers/crypto/caam/caamrng.c | 17 +-
drivers/crypto/caam/compat.h | 1 +
drivers/crypto/caam/ctrl.c | 61 +-
drivers/crypto/caam/ctrl.h | 2 +-
drivers/crypto/caam/desc_constr.h | 27 +-
drivers/crypto/caam/regs.h | 4 +-
drivers/crypto/ccp/ccp-crypto-main.c | 224 ++---
drivers/crypto/ccp/ccp-crypto-sha.c | 130 +---
drivers/crypto/ccp/ccp-crypto.h | 8 +-
drivers/crypto/ccp/ccp-dev.c | 21 +-
drivers/crypto/ccp/ccp-ops.c | 108 +++-
drivers/crypto/mxs-dcp.c | 83 ++-
drivers/crypto/omap-aes.c | 4 +-
drivers/crypto/omap-des.c | 1216 ++++++++++++++++++++++++++++
drivers/crypto/omap-sham.c | 12 +-
drivers/crypto/picoxcell_crypto.c | 16 +-
drivers/crypto/s5p-sss.c | 13 +-
drivers/crypto/sahara.c | 26 +-
drivers/crypto/talitos.c | 4 +-
drivers/crypto/tegra-aes.c | 1087 -------------------------
drivers/crypto/tegra-aes.h | 103 ---
include/crypto/algapi.h | 9 +-
include/crypto/null.h | 11 +
include/linux/ccp.h | 7 +
51 files changed, 3140 insertions(+), 1907 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2014-06-05 06:23:50

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.16

Hi Linus:

Here is the crypto update for 3.16:

* Added test vectors for SHA/AES-CCM/DES-CBC/3DES-CBC.
* Fixed a number of error-path memory leaks in tcrypt.
* Fixed error-path memory leak in caam.
* Removed unnecessary global mutex from mxs-dcp.
* Added ahash walk interface that can actually be asynchronous.
* Cleaned up caam error reporting.
* Allow crypto_user get operation to be used by non-root users.
* Add support for SSS module on Exynos.
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git


Alexander Gordeev (1):
crypto: ccp - Use pci_enable_msix_range() instead of pci_enable_msix()

Ard Biesheuvel (1):
crypto: testmgr - add test cases for SHA-1, SHA-224, SHA-256 and AES-CCM

Arnd Bergmann (1):
crypto: s5p-sss - fix multiplatform build

Christian Engelmayer (3):
crypto: tcrypt - Fix potential leak in test_aead_speed() if aad_size is too big
crypto: tcrypt - Fix potential leak in test_aead_speed() if crypto_alloc_aead() fails
crypto: tcrypt - Fix leak of struct aead_request in test_aead_speed()

Fabio Estevam (1):
crypto: mxs-dcp - Remove global mutex

Herbert Xu (2):
crypto: ghash-clmulni-intel - Use u128 instead of be128 for internal key
crypto: hash - Add real ahash walk interface

Himangi Saraogi (1):
hwrng: n2-drv - Introduce the use of the managed version of kzalloc

Horia Geanta (1):
crypto: caam - fix mem leak in ahash_setkey

Jean Delvare (3):
hwrng: Move UML_RANDOM at the last position
hwrng: Turn HW_RANDOM into a menuconfig
hwrng: Fix a few driver dependencies and defaults

Jingoo Han (3):
crypto: omap-des - use devm_ioremap_resource()
hwrng: omap - remove unnecessary OOM messages
hwrng: timeriomem - remove unnecessary OOM messages

Jussi Kivilinna (1):
crypto: testmgr - add empty and large test vectors for SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512

Leilei Zhao (2):
crypto: atmel-aes - correct block size of cfb8 mode
crypto: atmel-aes - check alignment of cfb64 mode

Marek Vasut (23):
crypto: caam - Contain caam_jr_strstatus() ugliness
crypto: caam - Pull all the error codes out
crypto: caam - Implement fast-path for error codes with no handler
crypto: caam - Pass error type into the functions
crypto: caam - Kill the easy targets
crypto: caam - Dissolve report_jump_idx()
crypto: caam - Clean up report_ccb_status()
crypto: caam - Clean up report_deco_status()
crypto: caam - Kill SPRINTFCAT() with fire
crypto: caam - Sweep the remnants
crypto: caam - Fix the 'quoted string split across lines'
crypto: geode - Kill AES_MIN_BLOCK_SIZE
crypto: geode - Kill AES_IV_LENGTH
crypto: geode - Consistently use AES_KEYSIZE_128
crypto: geode - Weed out printk() from probe()
crypto: geode - Don't use tfm->__crt_alg->cra_name directly
crypto: ccp - tfm->__crt_alg->cra_name directly
crypto: cesa - tfm->__crt_alg->cra_name directly
crypto: dcp - tfm->__crt_alg->cra_name directly
crypto: n2 - tfm->__crt_alg->cra_name directly
crypto: padlock - tfm->__crt_alg->cra_name directly
crypto: sahara - tfm->__crt_alg->cra_name directly
crypto: cesa - tfm->__crt_alg->cra_type directly

Matthias-Christian Ott (1):
crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN

Monam Agarwal (1):
crypto: nx - Use RCU_INIT_POINTER(x, NULL)

Naveen Krishna Chatradhi (7):
crypto: s5p-sss - Use platform_get_irq() instead of _byname()
crypto: s5p-sss - Add device tree support
crypto: s5p-sss - Add support for SSS module on Exynos
crypto: s5p-sss - Let Exynos SoCs select SSS driver
crypto: s5p-sss - validate iv before memcpy
crypto: s5p-sss - Use clk_prepare/clk_unprepare
crypto: s5p-sss - Look for the next request in the queue

Nishanth Menon (1):
crypto: omap-des - handle error of pm_runtime_get_sync

Nitesh Lal (1):
crypto: testmgr - add aead cbc des, des3_ede tests

Paul Bolle (1):
hwrng: picoxcell - remove unbuildable picoxcell TRNG

Sonic Zhang (3):
crypto: bfin_crc - access crc registers by readl and writel functions
crypto: bfin_crc - ignore duplicated registration of the same algorithm
cryptoo: bfin_crc - avoid get physical address of coherence memory by dma_map_single

Tadeusz Struk (1):
crypto: testmgr - Fix DMA-API warning

Vakul Garg (1):
crypto: caam - reinitialize keys_fit_inline for decrypt and givencrypt

.../devicetree/bindings/crypto/samsung-sss.txt | 34 +
arch/x86/crypto/ghash-clmulni-intel_asm.S | 4 +-
arch/x86/crypto/ghash-clmulni-intel_glue.c | 12 +-
crypto/ahash.c | 41 +-
crypto/crypto_user.c | 12 +-
crypto/tcrypt.c | 52 +-
crypto/testmgr.c | 181 ++-
crypto/testmgr.h | 1441 +++++++++++++++++++-
drivers/char/hw_random/Kconfig | 103 +-
drivers/char/hw_random/Makefile | 1 -
drivers/char/hw_random/n2-drv.c | 24 +-
drivers/char/hw_random/omap-rng.c | 4 +-
drivers/char/hw_random/picoxcell-rng.c | 181 ---
drivers/char/hw_random/timeriomem-rng.c | 4 +-
drivers/crypto/Kconfig | 6 +-
drivers/crypto/atmel-aes.c | 8 +-
drivers/crypto/bfin_crc.c | 103 +-
.../include/asm => drivers/crypto}/bfin_crc.h | 0
drivers/crypto/caam/caamalg.c | 31 +-
drivers/crypto/caam/caamhash.c | 32 +-
drivers/crypto/caam/caamrng.c | 7 +-
drivers/crypto/caam/error.c | 389 +++---
drivers/crypto/caam/error.h | 2 +-
drivers/crypto/caam/key_gen.c | 7 +-
drivers/crypto/ccp/ccp-crypto-aes-xts.c | 4 +-
drivers/crypto/ccp/ccp-pci.c | 7 +-
drivers/crypto/geode-aes.c | 28 +-
drivers/crypto/geode-aes.h | 6 +-
drivers/crypto/mv_cesa.c | 6 +-
drivers/crypto/mxs-dcp.c | 52 +-
drivers/crypto/n2_core.c | 4 +-
drivers/crypto/nx/nx-842.c | 4 +-
drivers/crypto/omap-des.c | 33 +-
drivers/crypto/padlock-sha.c | 2 +-
drivers/crypto/s5p-sss.c | 148 +-
drivers/crypto/sahara.c | 2 +-
include/crypto/internal/hash.h | 13 +
37 files changed, 2245 insertions(+), 743 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2014-06-08 02:56:53

by Linus Torvalds

[permalink] [raw]
Subject: Re: Crypto Update for 3.16

On Wed, Jun 4, 2014 at 11:23 PM, Herbert Xu <[email protected]> wrote:
>
> Here is the crypto update for 3.16:

There's something odd going on with bfin_crc.h.

You moved it in commit 52e6e543f2d8 ("crypto: bfin_crc - access crc
registers by readl and writel functions").

It got *deleted* by commit 3356c99ea392 ("bfin_crc: Move architecture
independant crc header file out of the blackfin folder") which claims
to just move things.

Both of those commits are by Sonic Zhang, just came to me through two
different trees (though your crypto tree, and through Steven Miao's
bfin tree).

I'm assuming that the delete was actually incorrect, and should have
been a move, because it looks like the bfin_crc.c file won't compile
without it. So I've re-instated that file.

But the state of the bfin tree seems to be crap. Somebody should take
a look at what happened here. My suspicion is that commit 3356c99ea392
was broken by Steven Miao trying to only touch files in arch/blackfin
or something.

Linus

2014-06-08 04:56:12

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Update for 3.16

On Sat, Jun 07, 2014 at 07:56:53PM -0700, Linus Torvalds wrote:
>
> I'm assuming that the delete was actually incorrect, and should have
> been a move, because it looks like the bfin_crc.c file won't compile
> without it. So I've re-instated that file.

Yes that would be my assumption as well.

Sonic/Steven, could you please double-check the current tree to see
whether it's in the right state?

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2014-06-09 01:47:23

by Steven Miao

[permalink] [raw]
Subject: Re: Crypto Update for 3.16

Hi Linus,

On Sun, Jun 8, 2014 at 10:56 AM, Linus Torvalds
<[email protected]> wrote:
> On Wed, Jun 4, 2014 at 11:23 PM, Herbert Xu <[email protected]> wrote:
>>
>> Here is the crypto update for 3.16:
>
> There's something odd going on with bfin_crc.h.
>
> You moved it in commit 52e6e543f2d8 ("crypto: bfin_crc - access crc
> registers by readl and writel functions").
>
> It got *deleted* by commit 3356c99ea392 ("bfin_crc: Move architecture
> independant crc header file out of the blackfin folder") which claims
> to just move things.
>
> Both of those commits are by Sonic Zhang, just came to me through two
> different trees (though your crypto tree, and through Steven Miao's
> bfin tree).
>
> I'm assuming that the delete was actually incorrect, and should have
> been a move, because it looks like the bfin_crc.c file won't compile
> without it. So I've re-instated that file.
>
> But the state of the bfin tree seems to be crap. Somebody should take
> a look at what happened here. My suspicion is that commit 3356c99ea392
> was broken by Steven Miao trying to only touch files in arch/blackfin
> or something.
Yes. I should be a move from arch/blackfin to drivers/crypto, sorry
for I only formating the arch/blackfin changes.
>
> Linus


-steven

2014-08-04 13:03:39

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.17

Hi Linus:

Here is the crypto update for 3.17:

* Added CTR(AES) optimisation on x86_64 using "by8" AVX.
* Added arm64 support to ccp.
* Added Intel QAT crypto driver.
* Added Qualcomm crypto engine driver.
* Added x86-64 assembly optimisation for 3DES.
* Added CTR(3DES) speed test.
* Moved FIPS panic from module.c so that it only triggers on crypto modules.
* Added SP800-90A Deterministic Random Bit Generator (drbg).
* Added more test vectors for ghash.
* Tweaked self tests to catch partial block bugs.
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Ard Biesheuvel (2):
crypto: testmgr - add 4 more test vectors for GHASH
crypto: testmgr - use chunks smaller than algo block size in chunk tests

Arnd Bergmann (1):
crypto: ux500 - make interrupt mode plausible

Chen Gang (1):
crypto: qce - Let 'DEV_QCE' depend on both HAS_DMA and HAS_IOMEM

Dan Carpenter (2):
crypto: caam - remove duplicate FIFOST_CONT_MASK define
crypto: qat - remove an unneeded cast

Eric Dumazet (2):
crypto: lzo - try kmalloc() before vmalloc()
crypto: lzo - use kvfree() helper

Fengguang Wu (1):
crypto: drbg - drbg_exit() can be static

George Spelvin (1):
crypto: crc32c-pclmul - Shrink K_table to 32-bit words

Herbert Xu (2):
crypto: qat - Fix build problem with O=
crypto: drbg - Use Kconfig to ensure at least one RNG option is set

Himangi Saraogi (1):
crypto: caam - Introduce the use of the managed version of kzalloc

Horia Geanta (12):
crypto: testmgr - avoid DMA mapping from text, rodata, stack
crypto: caam - set coherent_dma_mask
crypto: caam - fix typo in dma_mapping_error
crypto: caam - fix "failed to check map error" DMA warnings
crypto: caam - fix DMA unmapping error in hash_digest_key
crypto: caam - fix DMA direction mismatch in ahash_done_ctx_dst
crypto: caam - fix DMA direction mismatch in ahash_done_ctx_src
crypto: caam - fix uninitialized S/G table size in ahash_digest
crypto: caam - fix uninitialized edesc->dst_dma field
crypto: caam - fix uninitialized state->buf_dma field
crypto: caam - set DK (Decrypt Key) bit only for AES accelerator
crypto: caam - fix DECO RSR polling

Jarod Wilson (2):
crypto: fips - only panic on bad/missing crypto mod signatures
crypto: testmgr - add missing spaces to drbg error strings

Jean Delvare (1):
crypto: drivers - Add 2 missing __exit_p

Jussi Kivilinna (3):
crypto: tcrypt - add ctr(des3_ede) sync speed test
crypto: des_3des - add x86-64 assembly implementation
crypto: des3_ede-x86_64 - fix parse warning

Luca Clementi (1):
crypto: tcrypt - print cra driver name in tcrypt tests output

Marek Vasut (2):
crypto: api - Move crypto_yield() to algapi.h
crypto: skcipher - Don't use __crypto_dequeue_request()

Mark Rustad (1):
crypto: Resolve shadow warnings

Nitesh Narayan Lal (2):
crypto: dts - Addition of missing SEC compatibile property in c29x device tree
crypto: caam - Enabling multiple caam debug support for C29x platform

Pramod Gurav (2):
crypto: atmel-sha - Switch to managed version of kzalloc
crypto: atmel-tdes - Switch to managed version of kzalloc

Ruchika Gupta (5):
crypto: caam - Correct definition of registers in memory map
crypto: caam - Configuration for platforms with virtualization enabled in CAAM
crypto: caam - Add definition of rd/wr_reg64 for little endian platform
crypto: caam - Correct the dma mapping for sg table
crypto: caam - Check for CAAM block presence before registering with crypto layer

Stanimir Varbanov (5):
crypto: qce - Qualcomm crypto engine driver
crypto: qce - Build Qualcomm crypto driver
ARM: DT: qcom: Add Qualcomm crypto driver binding document
crypto: qce - fix sparse warnings
crypto: qce - add dependancy to Kconfig

Stephan Mueller (16):
crypto: drbg - SP800-90A Deterministic Random Bit Generator
crypto: drbg - header file for DRBG
crypto: drbg - DRBG kernel configuration options
crypto: drbg - compile the DRBG code
crypto: drbg - DRBG testmgr test vectors
crypto: drbg - Add DRBG test code to testmgr
crypto: drbg - simplify ordering of linked list in drbg_ctr_df
crypto: drbg - fix memory corruption for AES192
crypto: drbg - use of kernel linked list
crypto: drbg - cleanup of preprocessor macros
crypto: drbg - Fix format string for debugging statements
crypto: drbg - Call CTR DRBG DF function only once
crypto: drbg - Select correct DRBG core for stdrng
crypto: drbg - Mix a time stamp into DRBG state
crypto: drbg - HMAC-SHA1 DRBG has crypto strength of 128 bits
crypto: drbg - fix failure of generating multiple of 2**16 bytes

Tadeusz Struk (22):
crypto: qat - Intel(R) QAT driver framework
crypto: qat - Intel(R) QAT transport code
crypto: qat - Intel(R) QAT FW interface
crypto: qat - Intel(R) QAT crypto interface
crypto: qat - Intel(R) QAT ucode part of fw loader
crypto: qat - Intel(R) QAT accelengine part of fw loader
crypto: qat - Intel(R) QAT DH895xcc accelerator
crypto: qat - Update to makefiles
crypto: qat - Fix random config build warnings
crypto: qat - Updated Firmware Info Metadata
crypto: qat - Fixed new checkpatch warnings
crypto: qat - Fix error path crash when no firmware is present
crypto: qat - remove unnecessary return codes
crypto: qat - checkpatch blank lines
crypto: qat - remove unneeded header
crypto: qat - remove unnecessary parentheses
crypto: qat - use min_t macro
crypto: qat - change slice->regions to slice->region
crypto: qat - change ae_num to ae_id
crypto: qat - Updated print outputs
crypto: qat - Use hweight for bit counting
crypto: qat - Fixed SKU1 dev issue

Tom Lendacky (6):
crypto: ccp - Modify PCI support in prep for arm64 support
crypto: ccp - CCP device bindings documentation
crypto: ccp - Add platform device support for arm64
crypto: ccp - Base AXI DMA cache settings on device tree
crypto: ccp - Remove "select OF" from Kconfig
crypto: ccp - Do not sign extend input data to CCP

chandramouli narayanan (1):
crypto: aes - AES CTR x86_64 "by8" AVX optimization

.../devicetree/bindings/crypto/amd-ccp.txt | 19 +
.../devicetree/bindings/crypto/qcom-qce.txt | 25 +
Documentation/ioctl/ioctl-number.txt | 1 +
MAINTAINERS | 6 +
arch/powerpc/boot/dts/fsl/qoriq-sec6.0-0.dtsi | 3 +-
arch/x86/crypto/Makefile | 4 +-
arch/x86/crypto/aes_ctrby8_avx-x86_64.S | 546 ++++++
arch/x86/crypto/aesni-intel_glue.c | 40 +-
arch/x86/crypto/crc32c-pcl-intel-asm_64.S | 281 ++-
arch/x86/crypto/des3_ede-asm_64.S | 805 ++++++++
arch/x86/crypto/des3_ede_glue.c | 509 +++++
crypto/Kconfig | 50 +-
crypto/Makefile | 1 +
crypto/algapi.c | 14 +
crypto/cryptd.c | 12 +-
crypto/des_generic.c | 22 +-
crypto/drbg.c | 2044 ++++++++++++++++++++
crypto/eseqiv.c | 8 +-
crypto/gcm.c | 30 +-
crypto/lzo.c | 8 +-
crypto/seqiv.c | 16 +-
crypto/tcrypt.c | 114 +-
crypto/testmgr.c | 304 ++-
crypto/testmgr.h | 1158 +++++++++--
drivers/crypto/Kconfig | 20 +-
drivers/crypto/Makefile | 2 +
drivers/crypto/amcc/crypto4xx_core.c | 2 +-
drivers/crypto/atmel-sha.c | 9 +-
drivers/crypto/atmel-tdes.c | 8 +-
drivers/crypto/caam/caamalg.c | 80 +-
drivers/crypto/caam/caamhash.c | 186 +-
drivers/crypto/caam/caamrng.c | 79 +-
drivers/crypto/caam/ctrl.c | 76 +-
drivers/crypto/caam/desc.h | 1 -
drivers/crypto/caam/intern.h | 1 +
drivers/crypto/caam/jr.c | 6 +-
drivers/crypto/caam/regs.h | 105 +-
drivers/crypto/ccp/Makefile | 5 +
drivers/crypto/ccp/ccp-dev.c | 34 +
drivers/crypto/ccp/ccp-dev.h | 14 +-
drivers/crypto/ccp/ccp-ops.c | 26 +-
drivers/crypto/ccp/ccp-pci.c | 39 +-
drivers/crypto/ccp/ccp-platform.c | 230 +++
drivers/crypto/nx/nx-842.c | 2 +-
drivers/crypto/qat/Kconfig | 23 +
drivers/crypto/qat/Makefile | 2 +
drivers/crypto/qat/qat_common/Makefile | 14 +
drivers/crypto/qat/qat_common/adf_accel_devices.h | 205 ++
drivers/crypto/qat/qat_common/adf_accel_engine.c | 168 ++
drivers/crypto/qat/qat_common/adf_aer.c | 259 +++
drivers/crypto/qat/qat_common/adf_cfg.c | 361 ++++
drivers/crypto/qat/qat_common/adf_cfg.h | 87 +
drivers/crypto/qat/qat_common/adf_cfg_common.h | 100 +
drivers/crypto/qat/qat_common/adf_cfg_strings.h | 83 +
drivers/crypto/qat/qat_common/adf_cfg_user.h | 94 +
drivers/crypto/qat/qat_common/adf_common_drv.h | 192 ++
drivers/crypto/qat/qat_common/adf_ctl_drv.c | 490 +++++
drivers/crypto/qat/qat_common/adf_dev_mgr.c | 215 ++
drivers/crypto/qat/qat_common/adf_init.c | 388 ++++
drivers/crypto/qat/qat_common/adf_transport.c | 567 ++++++
drivers/crypto/qat/qat_common/adf_transport.h | 63 +
.../qat/qat_common/adf_transport_access_macros.h | 160 ++
.../crypto/qat/qat_common/adf_transport_debug.c | 304 +++
.../crypto/qat/qat_common/adf_transport_internal.h | 118 ++
drivers/crypto/qat/qat_common/icp_qat_fw.h | 316 +++
.../crypto/qat/qat_common/icp_qat_fw_init_admin.h | 131 ++
drivers/crypto/qat/qat_common/icp_qat_fw_la.h | 404 ++++
.../qat/qat_common/icp_qat_fw_loader_handle.h | 78 +
drivers/crypto/qat/qat_common/icp_qat_hal.h | 125 ++
drivers/crypto/qat/qat_common/icp_qat_hw.h | 305 +++
drivers/crypto/qat/qat_common/icp_qat_uclo.h | 377 ++++
drivers/crypto/qat/qat_common/qat_algs.c | 1038 ++++++++++
drivers/crypto/qat/qat_common/qat_crypto.c | 284 +++
drivers/crypto/qat/qat_common/qat_crypto.h | 83 +
drivers/crypto/qat/qat_common/qat_hal.c | 1393 +++++++++++++
drivers/crypto/qat/qat_common/qat_uclo.c | 1181 +++++++++++
drivers/crypto/qat/qat_dh895xcc/Makefile | 8 +
drivers/crypto/qat/qat_dh895xcc/adf_admin.c | 144 ++
.../crypto/qat/qat_dh895xcc/adf_dh895xcc_hw_data.c | 214 ++
.../crypto/qat/qat_dh895xcc/adf_dh895xcc_hw_data.h | 86 +
drivers/crypto/qat/qat_dh895xcc/adf_drv.c | 449 +++++
drivers/crypto/qat/qat_dh895xcc/adf_drv.h | 67 +
drivers/crypto/qat/qat_dh895xcc/adf_hw_arbiter.c | 159 ++
drivers/crypto/qat/qat_dh895xcc/adf_isr.c | 266 +++
drivers/crypto/qat/qat_dh895xcc/qat_admin.c | 107 +
drivers/crypto/qce/Makefile | 6 +
drivers/crypto/qce/ablkcipher.c | 431 +++++
drivers/crypto/qce/cipher.h | 68 +
drivers/crypto/qce/common.c | 438 +++++
drivers/crypto/qce/common.h | 102 +
drivers/crypto/qce/core.c | 286 +++
drivers/crypto/qce/core.h | 68 +
drivers/crypto/qce/dma.c | 186 ++
drivers/crypto/qce/dma.h | 58 +
drivers/crypto/qce/regs-v5.h | 334 ++++
drivers/crypto/qce/sha.c | 588 ++++++
drivers/crypto/qce/sha.h | 81 +
drivers/crypto/ux500/cryp/cryp_core.c | 25 +-
include/crypto/aead.h | 4 +-
include/crypto/algapi.h | 6 +
include/crypto/des.h | 3 +
include/crypto/drbg.h | 290 +++
include/crypto/hash.h | 4 +-
include/crypto/internal/skcipher.h | 3 +-
include/crypto/scatterwalk.h | 6 -
include/crypto/skcipher.h | 4 +-
include/linux/crypto.h | 8 +-
kernel/module.c | 4 -
108 files changed, 20473 insertions(+), 583 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2014-10-07 13:19:17

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.18

Hi Linus:

Here is the crypto update for 3.18:

* Add multibuffer infrastructure:
. Add single_task_running scheduler helper, OKed by Peter on lkml.
* Add SHA1 multibuffer implementation for AVX2.
* Reenable "by8" AVX CTR optimisation after fixing counter overflow.
* Add APM X-Gene SoC RNG support.
* SHA256/SHA512 now handles unaligned input correctly.
* Set lz4 decompressed length correctly.
* Fix algif socket buffer allocation failure for 64K page machines.
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Alex Porosanu (3):
crypto: caam - disable RNG oscillator maximum frequency check
crypto: caam - change starting entropy delay value
crypto: caam - enable raw data instead of von Neumann data

Alexander Gordeev (1):
crypto: qat - Use pci_enable_msix_exact() instead of pci_enable_msix()

Cristian Stoica (7):
crypto: testmgr - white space fix-ups on test_aead
crypto: testmgr - white space removal on __test_hash
crypto: testmgr - white space removal on __test_skcipher
crypto: testmgr - delay execution of set-up code
crypto: testmgr - remove unused function argument
crypto: caam - remove duplicated sg copy functions
crypto: caam - fix addressing of struct member

David S. Miller (1):
crypto: sha - Handle unaligned input data in generic sha256 and sha512.

Feng Kan (3):
hwrng: xgene - add support for APM X-Gene SoC RNG support
Documentation: rng: Add X-Gene SoC RNG driver documentation
arm64: dts: add random number generator dts node to APM X-Gene platform.

Fengguang Wu (2):
crypto: mcryptd - mcryptd_flist can be static
crypto: sha-mb - sha1_mb_alg_state can be static

Herbert Xu (2):
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

KOVACS Krisztian (2):
crypto: lz4,lz4hc - fix decompression
crypto: testmgr - add test for lz4 and lz4hc

Mathias Krause (3):
crypto: aesni - fix counter overflow handling in "by8" variant
crypto: aesni - remove unused defines in "by8" variant
Revert "crypto: aesni - disable "by8" AVX CTR optimization"

Nitesh Narayan Lal (1):
crypto: caam - Dynamic allocation of addresses for various memory blocks in CAAM.

Ondrej Kozina (1):
crypto: algif - avoid excessive use of socket buffer in skcipher

Rasmus Villemoes (1):
crypto: mv_cesa - Add missing #define

Stephan Mueller (10):
crypto: drbg - replace int2byte with cpu_to_be
crypto: drbg - kzfree does not need a check for NULL pointer
crypto: drbg - remove superflowous checks
crypto: drbg - remove superflowous memset(0)
crypto: drbg - use kmalloc instead of kzalloc for V and C
crypto: drbg - remove unnecessary sanity checks
crypto: drbg - remove configuration of fixed values
crypto: drbg - remove unnecessary sanity check for shadow state
crypto: drbg - fix sparse warning for cpu_to_be[32|64]
crypto: drbg - fix maximum value checks on 32 bit systems

Sudip Mukherjee (1):
hwrng: printk replacement

Tadeusz Struk (2):
crypto: qat - Fix typo in name of tasklet_struct
crypto: qat - Removed unneeded partial state

Ted Percival (1):
crypto: mcryptd - Fix typos in CRYPTO_MCRYPTD description

Tim Chen (7):
crypto: hash - initialize entry len for null input in crypto hash sg list walk
sched: Add function single_task_running to let a task check if it is the only task running on a cpu
crypto: sha-mb - multibuffer crypto infrastructure
crypto: sha-mb - SHA1 multibuffer algorithm data structures
crypto: sha-mb - SHA1 multibuffer submit and flush routines for AVX2
crypto: sha-mb - SHA1 multibuffer crypto computation (x8 AVX2)
crypto: sha-mb - SHA1 multibuffer job manager and glue code

Wei Yongjun (1):
crypto: qat - Fix return value check in adf_chr_drv_create()

Documentation/devicetree/bindings/rng/apm,rng.txt | 17 +
arch/arm64/boot/dts/apm-storm.dtsi | 21 +
arch/x86/crypto/Makefile | 1 +
arch/x86/crypto/aes_ctrby8_avx-x86_64.S | 20 +-
arch/x86/crypto/aesni-intel_glue.c | 4 +-
arch/x86/crypto/sha-mb/Makefile | 11 +
arch/x86/crypto/sha-mb/sha1_mb.c | 935 +++++++++++++++++++
arch/x86/crypto/sha-mb/sha1_mb_mgr_datastruct.S | 287 ++++++
arch/x86/crypto/sha-mb/sha1_mb_mgr_flush_avx2.S | 327 +++++++
arch/x86/crypto/sha-mb/sha1_mb_mgr_init_avx2.c | 64 ++
arch/x86/crypto/sha-mb/sha1_mb_mgr_submit_avx2.S | 228 +++++
arch/x86/crypto/sha-mb/sha1_x8_avx2.S | 472 ++++++++++
arch/x86/crypto/sha-mb/sha_mb_ctx.h | 136 +++
arch/x86/crypto/sha-mb/sha_mb_mgr.h | 110 +++
crypto/Kconfig | 30 +
crypto/Makefile | 1 +
crypto/ahash.c | 12 +-
crypto/algif_skcipher.c | 2 +-
crypto/drbg.c | 130 +--
crypto/lz4.c | 2 +-
crypto/lz4hc.c | 2 +-
crypto/mcryptd.c | 705 ++++++++++++++
crypto/sha256_generic.c | 3 +-
crypto/sha512_generic.c | 3 +-
crypto/testmgr.c | 966 ++++++++++----------
crypto/testmgr.h | 66 ++
drivers/char/hw_random/Kconfig | 13 +
drivers/char/hw_random/Makefile | 1 +
drivers/char/hw_random/amd-rng.c | 4 +-
drivers/char/hw_random/geode-rng.c | 4 +-
drivers/char/hw_random/intel-rng.c | 13 +-
drivers/char/hw_random/pasemi-rng.c | 2 +-
drivers/char/hw_random/pseries-rng.c | 2 +-
drivers/char/hw_random/via-rng.c | 8 +-
drivers/char/hw_random/xgene-rng.c | 423 +++++++++
drivers/crypto/caam/caamhash.c | 28 +-
drivers/crypto/caam/ctrl.c | 138 ++-
drivers/crypto/caam/intern.h | 9 +-
drivers/crypto/caam/regs.h | 51 +-
drivers/crypto/caam/sg_sw_sec4.h | 54 --
drivers/crypto/mv_cesa.h | 1 +
drivers/crypto/qat/qat_common/adf_ctl_drv.c | 2 +-
.../crypto/qat/qat_common/adf_transport_internal.h | 2 +-
drivers/crypto/qat/qat_common/qat_algs.c | 66 +-
drivers/crypto/qat/qat_dh895xcc/adf_isr.c | 14 +-
include/crypto/drbg.h | 19 +-
include/crypto/internal/hash.h | 9 +
include/crypto/mcryptd.h | 112 +++
include/linux/sched.h | 1 +
kernel/sched/core.c | 12 +
50 files changed, 4706 insertions(+), 837 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2014-12-11 12:51:32

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.19

Hi Linus:

Here is the crypto update for 3.19:

* The crypto API is now documented :)
* Disallow arbitrary module loading through crypto API.
* Allow get request with empty driver name through crypto_user.
* Allow speed testing of arbitrary hash functions.
* Add caam support for ctr(aes), gcm(aes) and their derivatives.
* nx now supports concurrent hashing properly.
* Add sahara support for SHA1/256.
* Add ARM64 version of CRC32.
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Boris Brezillon (4):
hwrng: atmel - use clk_prepapre_enable/_disable_unprepare
hwrng: atmel - add DT support
hwrng: atmel - Add TRNG DT binding doc
ARM: at91/dt: add trng node to at91sam9g45

Bruce Allan (4):
crypto: qat - fix bad unlock balance
crypto: qat - cleanup coccicheck warning - NULL check before freeing functions
crypto: qat - cleanup unnecessary break checkpatch warning
crypto: qat - misspelling typo - "reseting" should be "resetting"

Catalin Vasile (5):
crypto: caam - add support for ctr(aes)
crypto: caam - add support for rfc3686(ctr(aes))
crypto: caam - add support for rfc3686 with authenc md5, sha1 and sha2
crypto: caam - add support for givencrypt cbc(aes) and rfc3686(ctr(aes))
crypto: caam - add support for givencrypt cbc(des) and cbc(des3_ede)

Cristian Stoica (1):
crypto: caam - fix error reporting

Dan Carpenter (1):
crypto: sha-mb - remove a bogus NULL check

Daniel Borkmann (1):
crypto: algif - add and use sock_kzfree_s() instead of memzero_explicit()

Herbert Xu (4):
Merge git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux
crypto: user - Allow get request with empty driver name
crypto: algif_skcipher - Fixed blocking recvmsg
crypto: tcrypt - Allow speed testing of arbitrary hash functions

Johannes Berg (1):
crypto: bfin_crc - don't include linux/unaligned/access_ok.h

Julia Lawall (4):
crypto: sparc - replace memset by memzero_explicit
crypto: sha - replace memset by memzero_explicit
crypto: powerpc - replace memset by memzero_explicit
crypto: arm - replace memset by memzero_explicit

Kees Cook (2):
crypto: prefix module autoloading with "crypto-"
crypto: include crypto- module prefix in template

Leonidas S. Barbosa (8):
crypto: nx - Moving NX-AES-CBC to be processed logic
crypto: nx - Moving NX-AES-CCM to be processed logic and sg_list bounds
crypto: nx - Moving limit and bound logic in CTR and fix IV vector
crypto: nx - Moving NX-AES-ECB to be processed logic
crypto: nx - Moving NX-AES-GCM to be processed logic
crypto: nx - Moving NX-AES-XCBC to be processed logic
crypto: nx - Fix SHA concurrence issue and sg limit bounds
crypto: nx - Fixing the limit number of bytes to be processed

Masanari Iida (1):
crypto: testmgr - Remove unnecessary KERN_INFO from testmgr.c

Nickolaus Woodruff (1):
crypto: drbg - use memzero_explicit() for clearing sensitive data

Pranith Kumar (1):
crypto: caam - Remove unnecessary smp_read_barrier_depends()

Rickard Strandqvist (1):
hwrng: core - Changed from using strncat to strlcat

Steffen Trumtrar (4):
crypto: sahara - fix spinlock initialization
crypto: sahara - add support for i.MX53
crypto: sahara - replace tasklets with kthread
crypto: sahara - add support for SHA1/256

Stephan Mueller (22):
crypto: drbg - use crypto_inc
crypto: drbg - add MODULE_ALIAS for all DRBG types
crypto: algif - zeroize message digest buffer
crypto: algif - zeroize IV buffer
crypto: doc - crypto API high level spec
crypto: doc - compile crypto API spec
crypto: doc - userspace interface spec
crypto: doc - RNG API documentation
crypto: doc - hash data structures
crypto: doc - AHASH API documentation
crypto: doc - SHASH API documentation
crypto: doc - cipher data structures
crypto: doc - ABLKCIPHER API documentation
crypto: doc - AEAD API documentation
crypto: doc - BLKCIPHER API documentation
crypto: doc - CIPHER API documentation
crypto: doc - HASH API documentation
crypto: doc - document uncovered member variables
crypto: user - add MODULE_ALIAS
crypto: drbg - use MODULE_ALIAS_CRYPTO
crypto: algif_skcipher - initialize upon init request
crypto: af_alg - add user space interface for AEAD

Struk, Tadeusz (3):
crypto: qat - Use memzero_explicit
crytpo: qat - Fix 64 bytes requests
crypto: algif_skcipher - removed unneeded code

Tadeusz Struk (2):
crypto: qat - Move BAR definitions to device specific module
crypto: qat - fix problem with coalescing enable logic

Tudor Ambarus (4):
crypto: caam - add support for gcm(aes)
crypto: caam - add support for rfc4106(gcm(aes))
crypto: caam - fix output sequence contiguity check
crypto: caam - add support for rfc4543(gcm(aes))

Ulf Hansson (2):
crypto: ux500/cryp - Silence compiler warning for !CONFIG_PM
crypto: ux500/hash - Silence compiler warning for !CONFIG_PM

Valentin Rothberg (1):
crypto: aesni - remove unnecessary #define

Yazen Ghannam (1):
crypto: crc32 - Add ARM64 CRC32 hw accelerated module

Documentation/DocBook/Makefile | 2 +-
Documentation/DocBook/crypto-API.tmpl | 1253 ++++++++++
Documentation/crypto/crypto-API-userspace.txt | 205 ++
.../devicetree/bindings/crypto/fsl-imx-sahara.txt | 2 +-
.../devicetree/bindings/hwrng/atmel-trng.txt | 16 +
arch/arm/boot/dts/at91sam9g45.dtsi | 7 +
arch/arm/crypto/aes_glue.c | 4 +-
arch/arm/crypto/sha1_glue.c | 2 +-
arch/arm/crypto/sha1_neon_glue.c | 2 +-
arch/arm/crypto/sha512_neon_glue.c | 6 +-
arch/arm64/crypto/Kconfig | 4 +
arch/arm64/crypto/Makefile | 4 +
arch/arm64/crypto/aes-ce-ccm-glue.c | 2 +-
arch/arm64/crypto/aes-glue.c | 8 +-
arch/arm64/crypto/crc32-arm64.c | 274 +++
arch/powerpc/crypto/sha1.c | 4 +-
arch/s390/crypto/aes_s390.c | 2 +-
arch/s390/crypto/des_s390.c | 4 +-
arch/s390/crypto/ghash_s390.c | 2 +-
arch/s390/crypto/sha1_s390.c | 2 +-
arch/s390/crypto/sha256_s390.c | 4 +-
arch/s390/crypto/sha512_s390.c | 4 +-
arch/sparc/crypto/aes_glue.c | 2 +-
arch/sparc/crypto/camellia_glue.c | 2 +-
arch/sparc/crypto/crc32c_glue.c | 2 +-
arch/sparc/crypto/des_glue.c | 2 +-
arch/sparc/crypto/md5_glue.c | 2 +-
arch/sparc/crypto/sha1_glue.c | 2 +-
arch/sparc/crypto/sha256_glue.c | 6 +-
arch/sparc/crypto/sha512_glue.c | 6 +-
arch/x86/crypto/aes_glue.c | 4 +-
arch/x86/crypto/aesni-intel_glue.c | 10 +-
arch/x86/crypto/blowfish_glue.c | 4 +-
arch/x86/crypto/camellia_aesni_avx2_glue.c | 4 +-
arch/x86/crypto/camellia_aesni_avx_glue.c | 4 +-
arch/x86/crypto/camellia_glue.c | 4 +-
arch/x86/crypto/cast5_avx_glue.c | 2 +-
arch/x86/crypto/cast6_avx_glue.c | 2 +-
arch/x86/crypto/crc32-pclmul_glue.c | 4 +-
arch/x86/crypto/crc32c-intel_glue.c | 4 +-
arch/x86/crypto/crct10dif-pclmul_glue.c | 4 +-
arch/x86/crypto/des3_ede_glue.c | 8 +-
arch/x86/crypto/fpu.c | 3 +
arch/x86/crypto/ghash-clmulni-intel_glue.c | 2 +-
arch/x86/crypto/salsa20_glue.c | 4 +-
arch/x86/crypto/serpent_avx2_glue.c | 4 +-
arch/x86/crypto/serpent_avx_glue.c | 2 +-
arch/x86/crypto/serpent_sse2_glue.c | 2 +-
arch/x86/crypto/sha-mb/sha1_mb.c | 3 +-
arch/x86/crypto/sha1_ssse3_glue.c | 2 +-
arch/x86/crypto/sha256_ssse3_glue.c | 6 +-
arch/x86/crypto/sha512_ssse3_glue.c | 6 +-
arch/x86/crypto/twofish_avx_glue.c | 2 +-
arch/x86/crypto/twofish_glue.c | 4 +-
arch/x86/crypto/twofish_glue_3way.c | 4 +-
crypto/842.c | 1 +
crypto/aes_generic.c | 2 +-
crypto/af_alg.c | 6 +
crypto/algapi.c | 4 +-
crypto/algif_hash.c | 4 +-
crypto/algif_skcipher.c | 15 +-
crypto/ansi_cprng.c | 2 +-
crypto/anubis.c | 1 +
crypto/api.c | 4 +-
crypto/arc4.c | 1 +
crypto/authenc.c | 1 +
crypto/authencesn.c | 1 +
crypto/blowfish_generic.c | 2 +-
crypto/camellia_generic.c | 2 +-
crypto/cast5_generic.c | 2 +-
crypto/cast6_generic.c | 2 +-
crypto/cbc.c | 1 +
crypto/ccm.c | 5 +-
crypto/chainiv.c | 1 +
crypto/cmac.c | 1 +
crypto/crc32.c | 1 +
crypto/crc32c_generic.c | 2 +-
crypto/crct10dif_generic.c | 2 +-
crypto/cryptd.c | 1 +
crypto/crypto_null.c | 6 +-
crypto/crypto_user.c | 6 +-
crypto/ctr.c | 3 +-
crypto/cts.c | 1 +
crypto/deflate.c | 2 +-
crypto/des_generic.c | 2 +-
crypto/drbg.c | 127 +-
crypto/ecb.c | 1 +
crypto/eseqiv.c | 1 +
crypto/fcrypt.c | 1 +
crypto/gcm.c | 7 +-
crypto/ghash-generic.c | 2 +-
crypto/hmac.c | 1 +
crypto/khazad.c | 1 +
crypto/krng.c | 2 +-
crypto/lrw.c | 1 +
crypto/lz4.c | 1 +
crypto/lz4hc.c | 1 +
crypto/lzo.c | 1 +
crypto/mcryptd.c | 1 +
crypto/md4.c | 2 +-
crypto/md5.c | 1 +
crypto/michael_mic.c | 1 +
crypto/pcbc.c | 1 +
crypto/pcrypt.c | 1 +
crypto/rmd128.c | 1 +
crypto/rmd160.c | 1 +
crypto/rmd256.c | 1 +
crypto/rmd320.c | 1 +
crypto/salsa20_generic.c | 2 +-
crypto/seed.c | 1 +
crypto/seqiv.c | 1 +
crypto/serpent_generic.c | 4 +-
crypto/sha1_generic.c | 2 +-
crypto/sha256_generic.c | 4 +-
crypto/sha512_generic.c | 4 +-
crypto/tcrypt.c | 32 +-
crypto/tea.c | 4 +-
crypto/testmgr.c | 3 +-
crypto/tgr192.c | 4 +-
crypto/twofish_generic.c | 2 +-
crypto/vmac.c | 1 +
crypto/wp512.c | 4 +-
crypto/xcbc.c | 1 +
crypto/xts.c | 1 +
crypto/zlib.c | 1 +
drivers/char/hw_random/Kconfig | 2 +-
drivers/char/hw_random/atmel-rng.c | 15 +-
drivers/char/hw_random/core.c | 12 +-
drivers/crypto/bfin_crc.c | 2 +-
drivers/crypto/caam/caamalg.c | 2412 +++++++++++++++++---
drivers/crypto/caam/compat.h | 1 +
drivers/crypto/caam/desc_constr.h | 2 +
drivers/crypto/caam/error.c | 25 +-
drivers/crypto/caam/jr.c | 3 -
drivers/crypto/nx/nx-aes-cbc.c | 12 +-
drivers/crypto/nx/nx-aes-ccm.c | 61 +-
drivers/crypto/nx/nx-aes-ctr.c | 13 +-
drivers/crypto/nx/nx-aes-ecb.c | 12 +-
drivers/crypto/nx/nx-aes-gcm.c | 66 +-
drivers/crypto/nx/nx-aes-xcbc.c | 81 +-
drivers/crypto/nx/nx-sha256.c | 208 +-
drivers/crypto/nx/nx-sha512.c | 222 +-
drivers/crypto/nx/nx.c | 127 +-
drivers/crypto/nx/nx.h | 8 +-
drivers/crypto/padlock-aes.c | 2 +-
drivers/crypto/padlock-sha.c | 8 +-
drivers/crypto/qat/qat_common/adf_accel_devices.h | 2 -
drivers/crypto/qat/qat_common/adf_aer.c | 2 +-
drivers/crypto/qat/qat_common/adf_ctl_drv.c | 3 +-
drivers/crypto/qat/qat_common/adf_dev_mgr.c | 6 +-
drivers/crypto/qat/qat_common/adf_transport.c | 15 +-
.../qat/qat_common/adf_transport_access_macros.h | 9 +-
drivers/crypto/qat/qat_common/qat_algs.c | 37 +-
drivers/crypto/qat/qat_common/qat_hal.c | 3 +-
.../crypto/qat/qat_dh895xcc/adf_dh895xcc_hw_data.h | 2 +
drivers/crypto/qat/qat_dh895xcc/adf_isr.c | 12 +-
drivers/crypto/sahara.c | 794 ++++++-
drivers/crypto/ux500/cryp/cryp_core.c | 6 +-
drivers/crypto/ux500/hash/hash_core.c | 10 +-
drivers/s390/crypto/ap_bus.c | 3 +-
include/crypto/hash.h | 492 ++++
include/crypto/if_alg.h | 1 +
include/crypto/rng.h | 80 +
include/linux/crypto.h | 1112 ++++++++-
include/net/sock.h | 1 +
include/uapi/linux/if_alg.h | 2 +
net/core/sock.c | 24 +-
167 files changed, 7090 insertions(+), 1068 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2014-12-12 11:54:31

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Update for 3.19

Hi Linus:

Here is a resend of the crypto update for 3.19 since I accidentally
pushed out an old tree instead of the current crypto tree.

* The crypto API is now documented :)
* Disallow arbitrary module loading through crypto API.
* Allow get request with empty driver name through crypto_user.
* Allow speed testing of arbitrary hash functions.
* Add caam support for ctr(aes), gcm(aes) and their derivatives.
* nx now supports concurrent hashing properly.
* Add sahara support for SHA1/256.
* Add ARM64 version of CRC32.
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Boris Brezillon (4):
hwrng: atmel - use clk_prepapre_enable/_disable_unprepare
hwrng: atmel - add DT support
hwrng: atmel - Add TRNG DT binding doc
ARM: at91/dt: add trng node to at91sam9g45

Bruce Allan (4):
crypto: qat - fix bad unlock balance
crypto: qat - cleanup coccicheck warning - NULL check before freeing functions
crypto: qat - cleanup unnecessary break checkpatch warning
crypto: qat - misspelling typo - "reseting" should be "resetting"

Catalin Vasile (5):
crypto: caam - add support for ctr(aes)
crypto: caam - add support for rfc3686(ctr(aes))
crypto: caam - add support for rfc3686 with authenc md5, sha1 and sha2
crypto: caam - add support for givencrypt cbc(aes) and rfc3686(ctr(aes))
crypto: caam - add support for givencrypt cbc(des) and cbc(des3_ede)

Cristian Stoica (1):
crypto: caam - fix error reporting

Dan Carpenter (1):
crypto: sha-mb - remove a bogus NULL check

Daniel Borkmann (1):
crypto: algif - add and use sock_kzfree_s() instead of memzero_explicit()

Herbert Xu (4):
Merge git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux
crypto: user - Allow get request with empty driver name
crypto: algif_skcipher - Fixed blocking recvmsg
crypto: tcrypt - Allow speed testing of arbitrary hash functions

Johannes Berg (1):
crypto: bfin_crc - don't include linux/unaligned/access_ok.h

Julia Lawall (4):
crypto: sparc - replace memset by memzero_explicit
crypto: sha - replace memset by memzero_explicit
crypto: powerpc - replace memset by memzero_explicit
crypto: arm - replace memset by memzero_explicit

Kees Cook (2):
crypto: prefix module autoloading with "crypto-"
crypto: include crypto- module prefix in template

Leonidas S. Barbosa (8):
crypto: nx - Moving NX-AES-CBC to be processed logic
crypto: nx - Moving NX-AES-CCM to be processed logic and sg_list bounds
crypto: nx - Moving limit and bound logic in CTR and fix IV vector
crypto: nx - Moving NX-AES-ECB to be processed logic
crypto: nx - Moving NX-AES-GCM to be processed logic
crypto: nx - Moving NX-AES-XCBC to be processed logic
crypto: nx - Fix SHA concurrence issue and sg limit bounds
crypto: nx - Fixing the limit number of bytes to be processed

Masanari Iida (1):
crypto: testmgr - Remove unnecessary KERN_INFO from testmgr.c

Nickolaus Woodruff (1):
crypto: drbg - use memzero_explicit() for clearing sensitive data

Pranith Kumar (1):
crypto: caam - Remove unnecessary smp_read_barrier_depends()

Rickard Strandqvist (1):
hwrng: core - Changed from using strncat to strlcat

Steffen Trumtrar (4):
crypto: sahara - fix spinlock initialization
crypto: sahara - add support for i.MX53
crypto: sahara - replace tasklets with kthread
crypto: sahara - add support for SHA1/256

Stephan Mueller (22):
crypto: drbg - use crypto_inc
crypto: drbg - add MODULE_ALIAS for all DRBG types
crypto: algif - zeroize message digest buffer
crypto: algif - zeroize IV buffer
crypto: doc - crypto API high level spec
crypto: doc - compile crypto API spec
crypto: doc - userspace interface spec
crypto: doc - RNG API documentation
crypto: doc - hash data structures
crypto: doc - AHASH API documentation
crypto: doc - SHASH API documentation
crypto: doc - cipher data structures
crypto: doc - ABLKCIPHER API documentation
crypto: doc - AEAD API documentation
crypto: doc - BLKCIPHER API documentation
crypto: doc - CIPHER API documentation
crypto: doc - HASH API documentation
crypto: doc - document uncovered member variables
crypto: user - add MODULE_ALIAS
crypto: drbg - use MODULE_ALIAS_CRYPTO
crypto: algif_skcipher - initialize upon init request
crypto: af_alg - add user space interface for AEAD

Struk, Tadeusz (3):
crypto: qat - Use memzero_explicit
crytpo: qat - Fix 64 bytes requests
crypto: algif_skcipher - removed unneeded code

Tadeusz Struk (2):
crypto: qat - Move BAR definitions to device specific module
crypto: qat - fix problem with coalescing enable logic

Tudor Ambarus (4):
crypto: caam - add support for gcm(aes)
crypto: caam - add support for rfc4106(gcm(aes))
crypto: caam - fix output sequence contiguity check
crypto: caam - add support for rfc4543(gcm(aes))

Ulf Hansson (2):
crypto: ux500/cryp - Silence compiler warning for !CONFIG_PM
crypto: ux500/hash - Silence compiler warning for !CONFIG_PM

Valentin Rothberg (1):
crypto: aesni - remove unnecessary #define

Yazen Ghannam (1):
crypto: crc32 - Add ARM64 CRC32 hw accelerated module

Documentation/DocBook/Makefile | 2 +-
Documentation/DocBook/crypto-API.tmpl | 1253 ++++++++++
Documentation/crypto/crypto-API-userspace.txt | 205 ++
.../devicetree/bindings/crypto/fsl-imx-sahara.txt | 2 +-
.../devicetree/bindings/hwrng/atmel-trng.txt | 16 +
arch/arm/boot/dts/at91sam9g45.dtsi | 7 +
arch/arm/crypto/aes_glue.c | 4 +-
arch/arm/crypto/sha1_glue.c | 2 +-
arch/arm/crypto/sha1_neon_glue.c | 2 +-
arch/arm/crypto/sha512_neon_glue.c | 6 +-
arch/arm64/crypto/Kconfig | 4 +
arch/arm64/crypto/Makefile | 4 +
arch/arm64/crypto/aes-ce-ccm-glue.c | 2 +-
arch/arm64/crypto/aes-glue.c | 8 +-
arch/arm64/crypto/crc32-arm64.c | 274 +++
arch/powerpc/crypto/sha1.c | 4 +-
arch/s390/crypto/aes_s390.c | 2 +-
arch/s390/crypto/des_s390.c | 4 +-
arch/s390/crypto/ghash_s390.c | 2 +-
arch/s390/crypto/sha1_s390.c | 2 +-
arch/s390/crypto/sha256_s390.c | 4 +-
arch/s390/crypto/sha512_s390.c | 4 +-
arch/sparc/crypto/aes_glue.c | 2 +-
arch/sparc/crypto/camellia_glue.c | 2 +-
arch/sparc/crypto/crc32c_glue.c | 2 +-
arch/sparc/crypto/des_glue.c | 2 +-
arch/sparc/crypto/md5_glue.c | 2 +-
arch/sparc/crypto/sha1_glue.c | 2 +-
arch/sparc/crypto/sha256_glue.c | 6 +-
arch/sparc/crypto/sha512_glue.c | 6 +-
arch/x86/crypto/aes_glue.c | 4 +-
arch/x86/crypto/aesni-intel_glue.c | 10 +-
arch/x86/crypto/blowfish_glue.c | 4 +-
arch/x86/crypto/camellia_aesni_avx2_glue.c | 4 +-
arch/x86/crypto/camellia_aesni_avx_glue.c | 4 +-
arch/x86/crypto/camellia_glue.c | 4 +-
arch/x86/crypto/cast5_avx_glue.c | 2 +-
arch/x86/crypto/cast6_avx_glue.c | 2 +-
arch/x86/crypto/crc32-pclmul_glue.c | 4 +-
arch/x86/crypto/crc32c-intel_glue.c | 4 +-
arch/x86/crypto/crct10dif-pclmul_glue.c | 4 +-
arch/x86/crypto/des3_ede_glue.c | 8 +-
arch/x86/crypto/fpu.c | 3 +
arch/x86/crypto/ghash-clmulni-intel_glue.c | 2 +-
arch/x86/crypto/salsa20_glue.c | 4 +-
arch/x86/crypto/serpent_avx2_glue.c | 4 +-
arch/x86/crypto/serpent_avx_glue.c | 2 +-
arch/x86/crypto/serpent_sse2_glue.c | 2 +-
arch/x86/crypto/sha-mb/sha1_mb.c | 3 +-
arch/x86/crypto/sha1_ssse3_glue.c | 2 +-
arch/x86/crypto/sha256_ssse3_glue.c | 6 +-
arch/x86/crypto/sha512_ssse3_glue.c | 6 +-
arch/x86/crypto/twofish_avx_glue.c | 2 +-
arch/x86/crypto/twofish_glue.c | 4 +-
arch/x86/crypto/twofish_glue_3way.c | 4 +-
crypto/842.c | 1 +
crypto/aes_generic.c | 2 +-
crypto/af_alg.c | 6 +
crypto/algapi.c | 4 +-
crypto/algif_hash.c | 4 +-
crypto/algif_skcipher.c | 15 +-
crypto/ansi_cprng.c | 2 +-
crypto/anubis.c | 1 +
crypto/api.c | 4 +-
crypto/arc4.c | 1 +
crypto/authenc.c | 1 +
crypto/authencesn.c | 1 +
crypto/blowfish_generic.c | 2 +-
crypto/camellia_generic.c | 2 +-
crypto/cast5_generic.c | 2 +-
crypto/cast6_generic.c | 2 +-
crypto/cbc.c | 1 +
crypto/ccm.c | 5 +-
crypto/chainiv.c | 1 +
crypto/cmac.c | 1 +
crypto/crc32.c | 1 +
crypto/crc32c_generic.c | 2 +-
crypto/crct10dif_generic.c | 2 +-
crypto/cryptd.c | 1 +
crypto/crypto_null.c | 6 +-
crypto/crypto_user.c | 6 +-
crypto/ctr.c | 3 +-
crypto/cts.c | 1 +
crypto/deflate.c | 2 +-
crypto/des_generic.c | 2 +-
crypto/drbg.c | 127 +-
crypto/ecb.c | 1 +
crypto/eseqiv.c | 1 +
crypto/fcrypt.c | 1 +
crypto/gcm.c | 7 +-
crypto/ghash-generic.c | 2 +-
crypto/hmac.c | 1 +
crypto/khazad.c | 1 +
crypto/krng.c | 2 +-
crypto/lrw.c | 1 +
crypto/lz4.c | 1 +
crypto/lz4hc.c | 1 +
crypto/lzo.c | 1 +
crypto/mcryptd.c | 1 +
crypto/md4.c | 2 +-
crypto/md5.c | 1 +
crypto/michael_mic.c | 1 +
crypto/pcbc.c | 1 +
crypto/pcrypt.c | 1 +
crypto/rmd128.c | 1 +
crypto/rmd160.c | 1 +
crypto/rmd256.c | 1 +
crypto/rmd320.c | 1 +
crypto/salsa20_generic.c | 2 +-
crypto/seed.c | 1 +
crypto/seqiv.c | 1 +
crypto/serpent_generic.c | 4 +-
crypto/sha1_generic.c | 2 +-
crypto/sha256_generic.c | 4 +-
crypto/sha512_generic.c | 4 +-
crypto/tcrypt.c | 32 +-
crypto/tea.c | 4 +-
crypto/testmgr.c | 3 +-
crypto/tgr192.c | 4 +-
crypto/twofish_generic.c | 2 +-
crypto/vmac.c | 1 +
crypto/wp512.c | 4 +-
crypto/xcbc.c | 1 +
crypto/xts.c | 1 +
crypto/zlib.c | 1 +
drivers/char/hw_random/Kconfig | 2 +-
drivers/char/hw_random/atmel-rng.c | 15 +-
drivers/char/hw_random/core.c | 12 +-
drivers/crypto/bfin_crc.c | 2 +-
drivers/crypto/caam/caamalg.c | 2412 +++++++++++++++++---
drivers/crypto/caam/compat.h | 1 +
drivers/crypto/caam/desc_constr.h | 2 +
drivers/crypto/caam/error.c | 25 +-
drivers/crypto/caam/jr.c | 3 -
drivers/crypto/nx/nx-aes-cbc.c | 12 +-
drivers/crypto/nx/nx-aes-ccm.c | 61 +-
drivers/crypto/nx/nx-aes-ctr.c | 13 +-
drivers/crypto/nx/nx-aes-ecb.c | 12 +-
drivers/crypto/nx/nx-aes-gcm.c | 66 +-
drivers/crypto/nx/nx-aes-xcbc.c | 81 +-
drivers/crypto/nx/nx-sha256.c | 208 +-
drivers/crypto/nx/nx-sha512.c | 222 +-
drivers/crypto/nx/nx.c | 127 +-
drivers/crypto/nx/nx.h | 8 +-
drivers/crypto/padlock-aes.c | 2 +-
drivers/crypto/padlock-sha.c | 8 +-
drivers/crypto/qat/qat_common/adf_accel_devices.h | 2 -
drivers/crypto/qat/qat_common/adf_aer.c | 2 +-
drivers/crypto/qat/qat_common/adf_ctl_drv.c | 3 +-
drivers/crypto/qat/qat_common/adf_dev_mgr.c | 6 +-
drivers/crypto/qat/qat_common/adf_transport.c | 15 +-
.../qat/qat_common/adf_transport_access_macros.h | 9 +-
drivers/crypto/qat/qat_common/qat_algs.c | 37 +-
drivers/crypto/qat/qat_common/qat_hal.c | 3 +-
.../crypto/qat/qat_dh895xcc/adf_dh895xcc_hw_data.h | 2 +
drivers/crypto/qat/qat_dh895xcc/adf_isr.c | 12 +-
drivers/crypto/sahara.c | 794 ++++++-
drivers/crypto/ux500/cryp/cryp_core.c | 6 +-
drivers/crypto/ux500/hash/hash_core.c | 10 +-
drivers/s390/crypto/ap_bus.c | 3 +-
include/crypto/hash.h | 492 ++++
include/crypto/if_alg.h | 1 +
include/crypto/rng.h | 80 +
include/linux/crypto.h | 1112 ++++++++-
include/net/sock.h | 1 +
include/uapi/linux/if_alg.h | 2 +
net/core/sock.c | 24 +-
167 files changed, 7090 insertions(+), 1068 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-02-14 09:43:44

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 3.20

Hi Linus:

Here is the crypto update for 3.20:

* Added 192/256-bit key support to aesni GCM.
* Added MIPS OCTEON MD5 support.
* Fixed hwrng starvation and race conditions.
* Added note that memzero_explicit is not a subsitute for memset.
* Added user-space interface for crypto_rng.
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Aaro Koskinen (5):
MIPS: OCTEON: add crypto helper functions
crypto: octeon - add instruction definitions for MD5
MIPS: OCTEON: reintroduce crypto features check
crypto: octeon - add MD5 module
crypto: octeon - enable OCTEON MD5 module selection

Allan, Bruce W (5):
crypto: qat - fix device reset flow
crypto: qat - correctly type a boolean
crypto: qat - adf_ae_stop() is never called
crypto: qat - use pci_wait_for_pending_transaction()
crypto: qat - remove unnecessary include of atomic.h header file

Amos Kong (1):
hwrng: move some code out mutex_lock for avoiding underlying deadlock

Andrey Ryabinin (1):
crypto: ccp - terminate ccp_support array with empty element

Asaf Vertz (2):
crypto: ux500 - fix checkpatch errors
crypto: omap-des - fix BUG_ON condition

Christophe Jaillet (1):
crypto: atmel - Free memory in error path

Cristian Stoica (8):
crypto: replace scatterwalk_sg_next with sg_next
crypto: caam - remove dead code
crypto: caam - remove unused local variable
crypto: caam - pair irq map and dispose in the same function
crypto: caam - fix resource clean-up on error path for caam_jr_init
crypto: tcrypt - fix buflen reminder calculation
crypto: testmgr - limit IV copy length in aead tests
crypto: tcrypt - do not allocate iv on stack for aead speed tests

Daniel Borkmann (1):
lib: memzero_explicit: add comment for its usage

Herbert Xu (11):
hwrng: core - Use struct completion for cleanup_done
hwrng: core - Fix current_rng init/cleanup race yet again
hwrng: core - Do not register device opportunistically
hwrng: core - Drop current rng in set_current_rng
hwrng: core - Move hwrng_init call into set_current_rng
Revert "crypto: drbg - use memzero_explicit() for clearing sensitive data"
crypto: qat - Fix incorrect uses of memzero_explicit
crypto: qat - Ensure ipad and opad are zeroed
crypto: cts - Remove bogus use of seqiv
crypto: cts - Weed out non-CBC algorithms
crypto: seqiv - Ensure that IV size is at least 8 bytes

Jarod Wilson (1):
crypto: testmgr - mark rfc4106(gcm(aes)) as fips_allowed

Joshua I. James (5):
crypto: ablkcipher - fixed style errors in ablkcipher.c
crypto: aead - fixed style error in aead.c
crypto: af_alg - fixed style error in af_alg.c
crypto: ahash - fixed style error in ahash.c
crypto: api - fixed style erro in algapi.c

Kim Phillips (1):
crypto: caam - don't emit ICV check failures to dmesg

Masanari Iida (1):
crypto: bfin_crc - Remove unnecessary KERN_ERR in bfin_crc.c

Mathias Krause (5):
crypto: sparc64/aes - fix module description
crypto: sparc64/camellia - fix module alias
crypto: sparc64/des - add "des3_ede" module alias
crypto: sparc64/md5 - fix module description
crypto: x86/des3_ede - drop bogus module aliases

Michael S. Tsirkin (2):
MAINTAINERS: add linux-crypto to hw random
hwrng: virtio - drop extra empty line

Rabin Vincent (1):
crypto: testmgr - don't use interruptible wait in tests

Rickard Strandqvist (1):
crypto: amcc - Remove unused function

Rusty Russell (5):
hwrng: place mutex around read functions and buffers.
hwrng: use reference counts on each struct hwrng.
hwrng: fix unregister race.
hwrng: don't double-check old_rng.
hwrng: don't init list element we're about to add to list.

Stephan Mueller (7):
crypto: drbg - panic on continuous self test error
crypto: af_alg - add setsockopt for auth tag size
crypto: af_alg - zeroize key data
crypto: algif_rng - add random number generator support
crypto: algif_rng - enable RNG interface compilation
crypto: aead - add check for presence of auth tag
crypto: doc - remove colons in comments

Svenning S?rensen (1):
crypto: atmel_sha - remove unused shash fallback instance.

Tadeusz Struk (4):
crypto: algif - Mark sgl end at the end of data
crypto: qat - Fix assumption that sg in and out will have the same nents
crypto: qat - add support for cbc(aes) ablkcipher
crypto: qat - don't need qat_auth_state struct

Timothy McCaffrey (1):
crypto: aesni - Add support for 192 & 256 bit keys to AESNI RFC4106

Wei Yongjun (1):
crypto: algif_rng - fix sparse non static symbol warning

MAINTAINERS | 1 +
arch/mips/cavium-octeon/Makefile | 1 +
arch/mips/cavium-octeon/crypto/Makefile | 7 +
arch/mips/cavium-octeon/crypto/octeon-crypto.c | 66 ++
arch/mips/cavium-octeon/crypto/octeon-crypto.h | 75 +++
arch/mips/cavium-octeon/crypto/octeon-md5.c | 216 +++++++
arch/mips/cavium-octeon/executive/octeon-model.c | 6 +
arch/mips/include/asm/octeon/octeon-feature.h | 17 +-
arch/mips/include/asm/octeon/octeon.h | 5 -
arch/sparc/crypto/aes_glue.c | 2 +-
arch/sparc/crypto/camellia_glue.c | 2 +-
arch/sparc/crypto/des_glue.c | 1 +
arch/sparc/crypto/md5_glue.c | 2 +-
arch/x86/crypto/aesni-intel_asm.S | 343 ++++++-----
arch/x86/crypto/aesni-intel_glue.c | 34 +-
arch/x86/crypto/des3_ede_glue.c | 2 -
crypto/Kconfig | 18 +
crypto/Makefile | 1 +
crypto/ablkcipher.c | 7 +-
crypto/aead.c | 3 +-
crypto/af_alg.c | 11 +-
crypto/ahash.c | 3 +-
crypto/algapi.c | 1 +
crypto/algif_rng.c | 192 ++++++
crypto/algif_skcipher.c | 8 +
crypto/cts.c | 5 +-
crypto/drbg.c | 34 +-
crypto/scatterwalk.c | 6 +-
crypto/seqiv.c | 12 +
crypto/tcrypt.c | 37 +-
crypto/testmgr.c | 58 +-
drivers/char/hw_random/core.c | 215 ++++---
drivers/char/hw_random/virtio-rng.c | 1 -
drivers/crypto/amcc/crypto4xx_sa.c | 23 -
drivers/crypto/atmel-aes.c | 2 +-
drivers/crypto/atmel-sha.c | 50 +-
drivers/crypto/atmel-tdes.c | 2 +-
drivers/crypto/bfin_crc.c | 4 +-
drivers/crypto/caam/caamalg.c | 14 +-
drivers/crypto/caam/ctrl.c | 6 +-
drivers/crypto/caam/error.c | 13 +-
drivers/crypto/caam/jr.c | 37 +-
drivers/crypto/caam/sg_sw_sec4.h | 8 +-
drivers/crypto/ccp/ccp-dev.c | 1 +
drivers/crypto/ixp4xx_crypto.c | 4 +-
drivers/crypto/nx/nx.c | 6 +-
drivers/crypto/omap-aes.c | 4 +-
drivers/crypto/omap-des.c | 8 +-
drivers/crypto/qat/qat_common/adf_accel_devices.h | 6 +-
drivers/crypto/qat/qat_common/adf_aer.c | 24 +-
drivers/crypto/qat/qat_common/adf_cfg.c | 2 +
drivers/crypto/qat/qat_common/adf_common_drv.h | 2 +-
drivers/crypto/qat/qat_common/adf_ctl_drv.c | 7 +-
drivers/crypto/qat/qat_common/adf_init.c | 98 ++-
.../crypto/qat/qat_common/adf_transport_internal.h | 1 -
drivers/crypto/qat/qat_common/icp_qat_hw.h | 2 +-
drivers/crypto/qat/qat_common/qat_algs.c | 642 +++++++++++++++-----
drivers/crypto/qat/qat_common/qat_crypto.h | 16 +-
.../crypto/qat/qat_dh895xcc/adf_dh895xcc_hw_data.c | 19 +
drivers/crypto/qat/qat_dh895xcc/adf_drv.c | 42 +-
drivers/crypto/qce/dma.c | 6 +-
drivers/crypto/qce/sha.c | 2 +-
drivers/crypto/sahara.c | 2 +-
drivers/crypto/talitos.c | 8 +-
drivers/crypto/ux500/cryp/cryp_core.c | 10 +-
include/crypto/if_alg.h | 1 +
include/crypto/scatterwalk.h | 10 +-
include/linux/crypto.h | 11 +-
include/linux/hw_random.h | 4 +
lib/string.c | 5 +
70 files changed, 1785 insertions(+), 709 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-04-15 03:40:00

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 4.1

Hi Linus:

Here is the crypto update for 4.1:

* Added user-space interface for AEAD.
* Added user-space interface for RNG (i.e., pseudo RNG).
* Prevent internal helper algos from being exposed to user-space.
* Merged common code from assembly/C SHA implementations .
* Added ARMv8 SHA1/256.
* Added ARMv8 AES.
* Added ARMv8 GHASH.
* Added ARM assmelber and NEON SHA256.
* Added MIPS OCTEON SHA1/256/512.
* Added MIPS img-hash SHA1/256 and MD5.
* Added Power 8 VMX AES/CBC/CTR/GHASH.
* Added PPC assembler AES, SHA1/256 and MD5.
* Added Broadcom IPROC RNG driver.
* Misc fixes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Aaro Koskinen (7):
crypto: octeon - don't disable bottom half in octeon-md5
crypto: octeon - always disable preemption when using crypto engine
crypto: octeon - add instruction definitions for SHA1/256/512
crypto: octeon - add SHA1 module
crypto: octeon - add SHA256 module
crypto: octeon - add SHA512 module
crypto: octeon - enable OCTEON SHA1/256/512 module selection

Allan, Bruce W (10):
crypto: qat - remove duplicate definition of Intel PCI vendor id
crypto: qat - fix typo in string
crypto: qat - make error and info log messages more descriptive
crypto: qat - fix typo
crypto: qat - fix checkpatch CHECK_SPACING issues
crypto: qat - checkpatch PARENTHESIS_ALIGNMENT and LOGICAL_CONTINUATIONS
crypto: qat - fix checkpatch CONCATENATED_STRING issues
crypto: qat - fix checkpatch BIT_MACRO issues
crypto: qat - fix checkpatch COMPARISON_TO_NULL issue
crypto: qat - fix checkpatch CODE_INDENT issue

Ameen Ali (1):
crypto: sha1-mb - Syntax error

Andre Wolokita (2):
hwrng: omap - Change RNG_CONFIG_REG to RNG_CONTROL_REG when checking and disabling TRNG
hwrng: omap - Change RNG_CONFIG_REG to RNG_CONTROL_REG in init

Ard Biesheuvel (23):
crypto: arm - move ARM specific Kconfig definitions to a dedicated file
crypto: arm - add support for SHA1 using ARMv8 Crypto Instructions
crypto: arm - add support for SHA-224/256 using ARMv8 Crypto Extensions
crypto: arm - AES in ECB/CBC/CTR/XTS modes using ARMv8 Crypto Extensions
crypto: arm - add support for GHASH using ARMv8 Crypto Extensions
crypto: arm/ghash - fix big-endian bug in ghash
crypto: sha1 - implement base layer for SHA-1
crypto: sha256 - implement base layer for SHA-256
crypto: sha512 - implement base layer for SHA-512
crypto: sha1-generic - move to generic glue implementation
crypto: sha256-generic - move to generic glue implementation
crypto: sha512-generic - move to generic glue implementation
crypto: arm/sha1 - move SHA-1 ARM asm implementation to base layer
crypto: arm/sha1_neon - move SHA-1 NEON implementation to base layer
crypto: arm/sha1-ce - move SHA-1 ARMv8 implementation to base layer
crypto: arm/sha256 - move SHA-224/256 ASM/NEON implementation to base layer
crypto: arm/sha2-ce - move SHA-224/256 ARMv8 implementation to base layer
crypto: arm64/sha1-ce - move SHA-1 ARMv8 implementation to base layer
crypto: arm64/sha2-ce - move SHA-224/256 ARMv8 implementation to base layer
crypto: x86/sha1_ssse3 - move SHA-1 SSSE3 implementation to base layer
crypto: x86/sha256_ssse3 - move SHA-224/256 SSSE3 implementation to base layer
crypto: x86/sha512_ssse3 - move SHA-384/512 SSSE3 implementation to base layer
crypto: arm - workaround for building with old binutils

Arnd Bergmann (1):
crypto: arm/sha256 - avoid sha256 code on ARMv7-M

Colin Ian King (1):
crypto: atmel - fix typo in dev_err error message

Dan Carpenter (2):
crypto: img-hash - fix some compile warnings
crypto: img-hash - shift wrapping bug in img_hash_hw_init()

Dmitry Torokhov (12):
hwrng: omap - remove incorrect __exit markups
hwrng: octeon - remove incorrect __exit markups
hwrng: pseries - remove incorrect __init/__exit markups
crypto: qat - remove incorrect __exit markup
crypto: amcc - remove incorrect __init/__exit markups
hwrng: omap - remove #ifdefery around PM methods
hwrng: add devm_* interfaces
hwrng: bcm63xx - make use of devm_hwrng_register
hwrng: exynos - make use of devm_hwrng_register
hwrng: msm - make use of devm_hwrng_register
hwrng: iproc-rng200 - do not use static structure
hwrng: iproc-rng200 - make use of devm_hwrng_register

Feng Kan (1):
hwrng: xgene - add ACPI support for APM X-Gene RNG unit

Florian Fainelli (4):
hwrng: bcm63xx - drop bcm_{readl,writel} macros
hwrng: bcm63xx - move register definitions to driver
MIPS: BCM63xx: remove RSET_RNG register definitions
hwrng: bcm63xx - use devm_* helpers

Geert Uytterhoeven (1):
crypto: ux500 - Update error message for dmaengine_prep_slave_sg() API

Herbert Xu (6):
linux-next: Tree for Mar 11 (powerpc build failure due to vmx crypto code)
linux-next: build failure after merge of the crypto tree
crypto: api - Fix races in crypto_unregister_instance
crypto: api - Change crypto_unregister_instance argument type
crypto: user - Fix crypto_alg_match race
crypto: api - Move alg ref count init to crypto_check_alg

Horia Geant? (1):
crypto: tcrypt - fix uninit sg entries in test_acipher_speed

James Hartley (3):
crypto: img-hash - Add Imagination Technologies hw hash accelerator
Documentation: crypto: Add DT binding info for the img hw hash accelerator
crypto: img-hash - Fix Kconfig selections

Julia Lawall (1):
crypto: don't export static symbol

Keith Packard (1):
hwrng: core - allow perfect entropy from hardware devices

Kim Phillips (1):
crypto: powerpc - move files to fix build error

Lad, Prabhakar (1):
crypto: sha-mb - Fix big integer constant sparse warning

Leilei Zhao (9):
crypto: atmel-aes - add new version
crypto: atmel-sha - add new version
crypto: atmel-sha - fix sg list management
crypto: atmel-sha - initialize spinlock in probe
crypto: atmel-sha - correct the max burst size
crypto: atmel-tdes - initialize spinlock in probe
crypto: atmel-aes - initialize spinlock in probe
crypto: atmel-aes - sync the buf used in DMA or CPU
crypto: atmel-aes - correct usage of dma_sync_* API

Leonidas S. Barbosa (2):
crypto: vmx - Add support for VMS instructions by ASM
crypto: vmx - Enabling VMX module for PPC64

Ludovic Desroches (1):
crypto: atmel-sha - correct the way data are split

Marcelo H. Cerri (5):
crypto: vmx - Adding VMX module for Power 8
crypto: vmx - Adding AES routines for VMX module
crypto: vmx - Adding CBC routines for VMX module
crypto: vmx - Adding CTR routines for VMX module
crypto: vmx - Adding GHASH routines for VMX module

Markus Stockhausen (16):
crypto: ppc/sha256 - assembler
crypto: ppc/sha256 - glue
crypto: ppc/sha256 - kernel config
crypto: powerpc/aes - register defines
crypto: powerpc/aes - aes tables
crypto: powerpc/aes - assembler core
crypto: powerpc/aes - key handling
crypto: powerpc/aes - ECB/CBC/CTR/XTS modes
cyprot: powerpc/aes - glue code
crypto: powerpc/aes - kernel config
crypto: powerpc/sha1 - assembler
crypto: powerpc/sha1 - glue
crypto: powerpc/sha1 - kernel config
crypto: powerpc/md5 - assembler
crypto: powerpc/md5 - glue
crypto: powerpc/md5 - kernel config

Martin Hicks (2):
crypto: talitos - Simplify per-channel initialization
crypto: talitos - Remove MD5_BLOCK_SIZE

Masanari Iida (1):
crypto: serpent_sse2 - Fix a typo in Kconfig

Nicholas Mc Guire (4):
crypto: mxs-dcp - fix type of ret for wait_for_completion_timeout
crypto: sahara - fix type of ret for wait_for_completion_timeout
crypto: sahara - pass on error condition
crypto: sahara - drop unnecessary default assignment

Sami Tolvanen (1):
crypto: arm/sha256 - Add optimized SHA-256/224

Scott Branden (2):
hwrng: iproc-rng200 - Add device tree bindings
hwrng: iproc-rng200 - Add Broadcom IPROC RNG driver

Steffen Trumtrar (2):
crypto: sahara - use the backlog
crypto: sahara - fix AES descriptor create

Stephan Mueller (31):
crypto: doc - describe internal structure
crypto: algif - add AEAD support
crypto: algif - enable AEAD interface compilation
crypto: drbg - use single block cipher API
crypto: drbg - remove superflowous memsets
crypto: rng - RNGs must return 0 in success case
crypto: doc - AEAD / RNG AF_ALG interface
MAINTAINERS: add crypto-API.tmpl
crypto: testmgr - fix RNG return code enforcement
crypto: algif_rng - zeroize buffer with random data
crypto: api - prevent helper ciphers from being used
crypto: testmgr - use CRYPTO_ALG_INTERNAL
crypto: cryptd - process CRYPTO_ALG_INTERNAL
crypto: proc - identify internal ciphers
crypto: aesni - mark AES-NI helper ciphers
crypto: clmulni - mark ghash clmulni helper ciphers
crypto: ghash-ce - mark GHASH ARMv8 vmull.p64 helper ciphers
crypto: camellia_aesni_avx2 - mark AES-NI Camellia helper ciphers
crypto: cast5_avx - mark CAST5 helper ciphers
crypto: camellia_aesni_avx - mark AVX Camellia helper ciphers
crypto: cast6_avx - mark CAST6 helper ciphers
crypto: serpent_avx2 - mark Serpent AVX2 helper ciphers
crypto: serpent_avx - mark Serpent AVX helper ciphers
crypto: serpent_sse2 - mark Serpent SSE2 helper ciphers
crypto: twofish_avx - mark Twofish AVX helper ciphers
crypto: aesbs - mark NEON bit sliced AES helper ciphers
crypto: aes-ce - mark ARMv8 AES helper ciphers
crypto: arm64/aes - mark 64 bit ARMv8 AES helper ciphers
crypto: mcryptd - process CRYPTO_ALG_INTERNAL
crypto: sha-mb - mark Multi buffer SHA1 helper cipher
crypto: api - remove instance when test failed

Tadeusz Struk (3):
crypto: aesni - make driver-gcm-aes-aesni helper a proper aead alg
crypto: qat - print ring name in debug output
crypto: qat - fix double release_firmware on error path

Tom Lendacky (5):
crypto: ccp - Updates for checkpatch warnings/errors
crypto: ccp - Update CCP build support
crypto: ccp - Use dma_set_mask_and_coherent to set DMA mask
crypto: ccp - Convert calls to their devm_ counterparts
crypto: ccp - Add ACPI support

Vutla, Lokesh (3):
crypto: omap-sham - Use pm_runtime_irq_safe()
crypto: omap-aes - Fix support for unequal lengths
crypto: omap-sham - Add the offset of sg page to vaddr

Yanjiang Jin (2):
crypto: caam - fix uninitialized edesc->sec4_sg_bytes field
hwrng: caam - fix rng_unmap_ctx's DMA_UNMAP size problem

mancha security (1):
lib: memzero_explicit: use barrier instead of OPTIMIZER_HIDE_VAR

Documentation/DocBook/crypto-API.tmpl | 860 ++++++
Documentation/crypto/crypto-API-userspace.txt | 205 --
.../devicetree/bindings/crypto/img-hash.txt | 27 +
.../bindings/hwrng/brcm,iproc-rng200.txt | 12 +
MAINTAINERS | 1 +
arch/arm/Kconfig | 3 +
arch/arm/crypto/Kconfig | 130 +
arch/arm/crypto/Makefile | 27 +-
arch/arm/crypto/aes-ce-core.S | 518 ++++
arch/arm/crypto/aes-ce-glue.c | 524 ++++
arch/arm/crypto/aesbs-glue.c | 9 +-
arch/arm/crypto/ghash-ce-core.S | 94 +
arch/arm/crypto/ghash-ce-glue.c | 320 +++
arch/arm/crypto/sha1-ce-core.S | 125 +
arch/arm/crypto/sha1-ce-glue.c | 96 +
arch/arm/{include/asm => }/crypto/sha1.h | 3 +
arch/arm/crypto/sha1_glue.c | 112 +-
arch/arm/crypto/sha1_neon_glue.c | 137 +-
arch/arm/crypto/sha2-ce-core.S | 125 +
arch/arm/crypto/sha2-ce-glue.c | 114 +
arch/arm/crypto/sha256-armv4.pl | 716 +++++
arch/arm/crypto/sha256-core.S_shipped | 2808 ++++++++++++++++++++
arch/arm/crypto/sha256_glue.c | 128 +
arch/arm/crypto/sha256_glue.h | 14 +
arch/arm/crypto/sha256_neon_glue.c | 101 +
arch/arm64/crypto/aes-glue.c | 12 +-
arch/arm64/crypto/sha1-ce-core.S | 33 +-
arch/arm64/crypto/sha1-ce-glue.c | 151 +-
arch/arm64/crypto/sha2-ce-core.S | 29 +-
arch/arm64/crypto/sha2-ce-glue.c | 227 +-
arch/mips/cavium-octeon/crypto/Makefile | 5 +-
arch/mips/cavium-octeon/crypto/octeon-crypto.c | 4 +-
arch/mips/cavium-octeon/crypto/octeon-crypto.h | 83 +-
arch/mips/cavium-octeon/crypto/octeon-md5.c | 8 -
arch/mips/cavium-octeon/crypto/octeon-sha1.c | 241 ++
arch/mips/cavium-octeon/crypto/octeon-sha256.c | 280 ++
arch/mips/cavium-octeon/crypto/octeon-sha512.c | 277 ++
arch/mips/include/asm/mach-bcm63xx/bcm63xx_regs.h | 14 -
arch/powerpc/crypto/Makefile | 8 +
arch/powerpc/crypto/aes-spe-core.S | 351 +++
arch/powerpc/crypto/aes-spe-glue.c | 512 ++++
arch/powerpc/crypto/aes-spe-keys.S | 283 ++
arch/powerpc/crypto/aes-spe-modes.S | 630 +++++
arch/powerpc/crypto/aes-spe-regs.h | 42 +
arch/powerpc/crypto/aes-tab-4k.S | 331 +++
arch/powerpc/crypto/md5-asm.S | 243 ++
arch/powerpc/crypto/md5-glue.c | 165 ++
arch/powerpc/crypto/sha1-spe-asm.S | 299 +++
arch/powerpc/crypto/sha1-spe-glue.c | 210 ++
arch/powerpc/crypto/sha256-spe-asm.S | 323 +++
arch/powerpc/crypto/sha256-spe-glue.c | 275 ++
arch/x86/crypto/aesni-intel_glue.c | 187 +-
arch/x86/crypto/camellia_aesni_avx2_glue.c | 15 +-
arch/x86/crypto/camellia_aesni_avx_glue.c | 15 +-
arch/x86/crypto/cast5_avx_glue.c | 9 +-
arch/x86/crypto/cast6_avx_glue.c | 15 +-
arch/x86/crypto/ghash-clmulni-intel_glue.c | 7 +-
arch/x86/crypto/glue_helper.c | 1 -
arch/x86/crypto/serpent_avx2_glue.c | 15 +-
arch/x86/crypto/serpent_avx_glue.c | 15 +-
arch/x86/crypto/serpent_sse2_glue.c | 15 +-
arch/x86/crypto/sha-mb/sha1_mb.c | 9 +-
arch/x86/crypto/sha-mb/sha1_mb_mgr_init_avx2.c | 2 +-
arch/x86/crypto/sha1_ssse3_glue.c | 139 +-
arch/x86/crypto/sha256-avx-asm.S | 10 +-
arch/x86/crypto/sha256-avx2-asm.S | 10 +-
arch/x86/crypto/sha256-ssse3-asm.S | 10 +-
arch/x86/crypto/sha256_ssse3_glue.c | 193 +-
arch/x86/crypto/sha512-avx-asm.S | 6 +-
arch/x86/crypto/sha512-avx2-asm.S | 6 +-
arch/x86/crypto/sha512-ssse3-asm.S | 6 +-
arch/x86/crypto/sha512_ssse3_glue.c | 202 +-
arch/x86/crypto/twofish_avx_glue.c | 15 +-
crypto/Kconfig | 142 +-
crypto/Makefile | 1 +
crypto/ablk_helper.c | 3 +-
crypto/algapi.c | 42 +-
crypto/algif_aead.c | 666 +++++
crypto/algif_rng.c | 2 +-
crypto/ansi_cprng.c | 6 +-
crypto/api.c | 10 +
crypto/cryptd.c | 49 +-
crypto/crypto_user.c | 39 +-
crypto/drbg.c | 64 +-
crypto/mcryptd.c | 25 +-
crypto/proc.c | 3 +
crypto/sha1_generic.c | 102 +-
crypto/sha256_generic.c | 133 +-
crypto/sha512_generic.c | 123 +-
crypto/tcrypt.c | 4 +-
crypto/testmgr.c | 24 +-
drivers/char/hw_random/Kconfig | 13 +
drivers/char/hw_random/Makefile | 1 +
drivers/char/hw_random/bcm63xx-rng.c | 120 +-
drivers/char/hw_random/core.c | 45 +-
drivers/char/hw_random/exynos-rng.c | 12 +-
drivers/char/hw_random/iproc-rng200.c | 239 ++
drivers/char/hw_random/msm-rng.c | 11 +-
drivers/char/hw_random/octeon-rng.c | 4 +-
drivers/char/hw_random/omap-rng.c | 23 +-
drivers/char/hw_random/pseries-rng.c | 4 +-
drivers/char/hw_random/xgene-rng.c | 10 +
drivers/crypto/Kconfig | 24 +-
drivers/crypto/Makefile | 2 +
drivers/crypto/amcc/crypto4xx_core.c | 6 +-
drivers/crypto/atmel-aes.c | 26 +-
drivers/crypto/atmel-sha.c | 37 +-
drivers/crypto/atmel-tdes.c | 3 +-
drivers/crypto/caam/caamhash.c | 1 +
drivers/crypto/caam/caamrng.c | 6 +-
drivers/crypto/ccp/Makefile | 9 +-
drivers/crypto/ccp/ccp-crypto-aes-cmac.c | 12 +-
drivers/crypto/ccp/ccp-crypto-aes-xts.c | 4 +-
drivers/crypto/ccp/ccp-crypto-aes.c | 3 +-
drivers/crypto/ccp/ccp-crypto-main.c | 5 +-
drivers/crypto/ccp/ccp-crypto-sha.c | 12 +-
drivers/crypto/ccp/ccp-crypto.h | 3 -
drivers/crypto/ccp/ccp-dev.c | 7 +-
drivers/crypto/ccp/ccp-dev.h | 12 +-
drivers/crypto/ccp/ccp-ops.c | 24 +-
drivers/crypto/ccp/ccp-pci.c | 21 +-
drivers/crypto/ccp/ccp-platform.c | 111 +-
drivers/crypto/img-hash.c | 1029 +++++++
drivers/crypto/mxs-dcp.c | 2 +-
drivers/crypto/omap-aes.c | 14 +-
drivers/crypto/omap-sham.c | 2 +
drivers/crypto/qat/qat_common/adf_accel_devices.h | 1 -
drivers/crypto/qat/qat_common/adf_accel_engine.c | 35 +-
drivers/crypto/qat/qat_common/adf_aer.c | 21 +-
drivers/crypto/qat/qat_common/adf_cfg.c | 5 +-
drivers/crypto/qat/qat_common/adf_cfg_strings.h | 10 +-
drivers/crypto/qat/qat_common/adf_common_drv.h | 2 +-
drivers/crypto/qat/qat_common/adf_ctl_drv.c | 66 +-
drivers/crypto/qat/qat_common/adf_dev_mgr.c | 3 +-
drivers/crypto/qat/qat_common/adf_init.c | 88 +-
drivers/crypto/qat/qat_common/adf_transport.c | 31 +-
.../crypto/qat/qat_common/adf_transport_debug.c | 2 +
drivers/crypto/qat/qat_common/icp_qat_hw.h | 2 +-
drivers/crypto/qat/qat_common/qat_crypto.c | 9 +-
drivers/crypto/qat/qat_common/qat_hal.c | 6 +-
drivers/crypto/qat/qat_dh895xcc/adf_admin.c | 3 +-
.../crypto/qat/qat_dh895xcc/adf_dh895xcc_hw_data.c | 3 +-
.../crypto/qat/qat_dh895xcc/adf_dh895xcc_hw_data.h | 6 +-
drivers/crypto/qat/qat_dh895xcc/adf_drv.c | 4 +-
drivers/crypto/qat/qat_dh895xcc/adf_isr.c | 15 +-
drivers/crypto/sahara.c | 51 +-
drivers/crypto/talitos.c | 17 +-
drivers/crypto/ux500/hash/hash_core.c | 2 +-
drivers/crypto/vmx/Kconfig | 8 +
drivers/crypto/vmx/Makefile | 19 +
drivers/crypto/vmx/aes.c | 139 +
drivers/crypto/vmx/aes_cbc.c | 184 ++
drivers/crypto/vmx/aes_ctr.c | 167 ++
drivers/crypto/vmx/aesp8-ppc.h | 20 +
drivers/crypto/vmx/aesp8-ppc.pl | 1930 ++++++++++++++
drivers/crypto/vmx/ghash.c | 214 ++
drivers/crypto/vmx/ghashp8-ppc.pl | 228 ++
drivers/crypto/vmx/ppc-xlate.pl | 207 ++
drivers/crypto/vmx/vmx.c | 88 +
include/crypto/algapi.h | 2 +-
include/crypto/rng.h | 3 +-
include/crypto/sha.h | 15 +-
include/crypto/sha1_base.h | 106 +
include/crypto/sha256_base.h | 128 +
include/crypto/sha512_base.h | 131 +
include/linux/crypto.h | 6 +
include/linux/hw_random.h | 4 +
lib/string.c | 2 +-
168 files changed, 18223 insertions(+), 2202 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-04-16 01:58:33

by Linus Torvalds

[permalink] [raw]
Subject: Re: Crypto Update for 4.1

On Tue, Apr 14, 2015 at 8:39 PM, Herbert Xu <[email protected]> wrote:
>
> Here is the crypto update for 4.1:

Just a heads-up: this breaks iwlwifi for me after suspend.

I'm bisecting right now. But because this laptop is what I expect to
travel with tomorrow, I will ruthlessly revert anything I find,
because I need it to work.

Linus

2015-04-16 02:37:20

by Linus Torvalds

[permalink] [raw]
Subject: Re: Crypto Update for 4.1

On Wed, Apr 15, 2015 at 6:58 PM, Linus Torvalds
<[email protected]> wrote:
> On Tue, Apr 14, 2015 at 8:39 PM, Herbert Xu <[email protected]> wrote:
>>
>> Here is the crypto update for 4.1:
>
> Just a heads-up: this breaks iwlwifi for me after suspend.

Ok, bisect completed:

[[email protected] linux]$ git bisect bad
9c521a200bc3c12bd724e48a75c57d5358f672be is the first bad commit
commit 9c521a200bc3c12bd724e48a75c57d5358f672be
Author: Stephan Mueller <[email protected]>
Date: Thu Apr 9 12:09:55 2015 +0200

crypto: api - remove instance when test failed
...

and while I have no idea *why* it breaks iwlwifi after a
suspend/resume cycle, it is 100% repeatable. The bisect zoomed right
to that commit, and reverting it on top of the current tree also makes
everything work again.

So it gets reverted. I'll be happy to test things out, but with the
merge window *and* travel, I may or may not be quick about it.

Linus

2015-04-16 02:38:30

by Linus Torvalds

[permalink] [raw]
Subject: Re: Crypto Update for 4.1

Oh, and I forgot to add Stephan to the email recipients list..

Sorry for the duplicate email,

Linus

On Wed, Apr 15, 2015 at 7:37 PM, Linus Torvalds
<[email protected]> wrote:
> On Wed, Apr 15, 2015 at 6:58 PM, Linus Torvalds
> <[email protected]> wrote:
>> On Tue, Apr 14, 2015 at 8:39 PM, Herbert Xu <[email protected]> wrote:
>>>
>>> Here is the crypto update for 4.1:
>>
>> Just a heads-up: this breaks iwlwifi for me after suspend.
>
> Ok, bisect completed:
>
> [[email protected] linux]$ git bisect bad
> 9c521a200bc3c12bd724e48a75c57d5358f672be is the first bad commit
> commit 9c521a200bc3c12bd724e48a75c57d5358f672be
> Author: Stephan Mueller <[email protected]>
> Date: Thu Apr 9 12:09:55 2015 +0200
>
> crypto: api - remove instance when test failed
> ...
>
> and while I have no idea *why* it breaks iwlwifi after a
> suspend/resume cycle, it is 100% repeatable. The bisect zoomed right
> to that commit, and reverting it on top of the current tree also makes
> everything work again.
>
> So it gets reverted. I'll be happy to test things out, but with the
> merge window *and* travel, I may or may not be quick about it.
>
> Linus

2015-04-16 02:43:07

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Update for 4.1

On Wed, Apr 15, 2015 at 07:38:29PM -0700, Linus Torvalds wrote:
>
> > Ok, bisect completed:
> >
> > [[email protected] linux]$ git bisect bad
> > 9c521a200bc3c12bd724e48a75c57d5358f672be is the first bad commit
> > commit 9c521a200bc3c12bd724e48a75c57d5358f672be
> > Author: Stephan Mueller <[email protected]>
> > Date: Thu Apr 9 12:09:55 2015 +0200
> >
> > crypto: api - remove instance when test failed

Is CONFIG_CRYPTO_MANAGER_DISABLE_TESTS set or unset in you .config?

Cheers,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-04-16 02:49:01

by Linus Torvalds

[permalink] [raw]
Subject: Re: Crypto Update for 4.1

On Wed, Apr 15, 2015 at 7:42 PM, Herbert Xu <[email protected]> wrote:
>
> Is CONFIG_CRYPTO_MANAGER_DISABLE_TESTS set or unset in you .config?

# CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set

I'll send you the full .config in private (no need to spam the mailing
list) in case you have any other questions about my setup.

Linus

2015-04-16 03:07:26

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Update for 4.1

On Wed, Apr 15, 2015 at 07:49:01PM -0700, Linus Torvalds wrote:
> On Wed, Apr 15, 2015 at 7:42 PM, Herbert Xu <[email protected]> wrote:
> >
> > Is CONFIG_CRYPTO_MANAGER_DISABLE_TESTS set or unset in you .config?
>
> # CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set
>
> I'll send you the full .config in private (no need to spam the mailing
> list) in case you have any other questions about my setup.

Thanks! It actually appears to be a very simple bug that I somehow
missed during reviewing.

---8<---
The commit 9c521a200bc3c12bd724e48a75c57d5358f672be ("crypto:
api - remove instance when test failed") tried to grab a module
reference count before the module was even set. Worse, it then
goes on to free the module reference count after it is set so
you quickly end up with a negative module reference count which
prevents people from using any instances belonging to that module.

This patch moves the module initialisation before the reference
count.

Reported-by: Linus Torvalds <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>

diff --git a/crypto/algapi.c b/crypto/algapi.c
index 2d0a1c6..d2627a3 100644
--- a/crypto/algapi.c
+++ b/crypto/algapi.c
@@ -525,12 +525,12 @@ int crypto_register_instance(struct crypto_template *tmpl,
if (err)
return err;

- if (unlikely(!crypto_mod_get(&inst->alg)))
- return -EAGAIN;
-
inst->alg.cra_module = tmpl->module;
inst->alg.cra_flags |= CRYPTO_ALG_INSTANCE;

+ if (unlikely(!crypto_mod_get(&inst->alg)))
+ return -EAGAIN;
+
down_write(&crypto_alg_sem);

larval = __crypto_register_alg(&inst->alg);
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-04-16 03:34:59

by Linus Torvalds

[permalink] [raw]
Subject: Re: Crypto Update for 4.1

On Wed, Apr 15, 2015 at 8:07 PM, Herbert Xu <[email protected]> wrote:
>
> Thanks! It actually appears to be a very simple bug that I somehow
> missed during reviewing.

Ok, this patch seems to fix it for me, so I undid my revert that I
hadn't pushed out yet, and pushed out this instead.

Thanks,

Linus

2015-04-23 19:27:01

by Bobby Powers

[permalink] [raw]
Subject: Re: Crypto Update for 4.1

Hello,

Linus Torvalds <[email protected]> wrote:
> Ok, this patch seems to fix it for me, so I undid my revert that I
> hadn't pushed out yet, and pushed out this instead.

Commit e68410ebf62676dfb93aafff7c55b76644f37072 in Linus's tree from
this crpyto update (crypto: x86/sha512_ssse3 - move SHA-384/512 SSSE3
implementation to base layer) causes a GPF on boot in
sha512_ssse3_finup for me on a Broadwell i7-5600U, rendering the
kernel unbootable.

Reverting that commit enables me to boot. I don't know enough about
the code to comment. Config is attached, and I can provide a photo of
the reported Call Trace if thats helpful. It is quite reproducible
for me.

yours,
Bobby


Attachments:
config (119.82 kB)

2015-04-23 20:10:26

by Ard Biesheuvel

[permalink] [raw]
Subject: Re: Crypto Update for 4.1

On 23 April 2015 at 21:27, Bobby Powers <[email protected]> wrote:
> Hello,
>
> Linus Torvalds <[email protected]> wrote:
>> Ok, this patch seems to fix it for me, so I undid my revert that I
>> hadn't pushed out yet, and pushed out this instead.
>
> Commit e68410ebf62676dfb93aafff7c55b76644f37072 in Linus's tree from
> this crpyto update (crypto: x86/sha512_ssse3 - move SHA-384/512 SSSE3
> implementation to base layer) causes a GPF on boot in
> sha512_ssse3_finup for me on a Broadwell i7-5600U, rendering the
> kernel unbootable.
>
> Reverting that commit enables me to boot. I don't know enough about
> the code to comment. Config is attached, and I can provide a photo of
> the reported Call Trace if thats helpful. It is quite reproducible
> for me.
>

Hello Bobby,

Would you be able to check whether the following patch fixes the crash?

diff --git a/arch/x86/crypto/sha512-avx2-asm.S
b/arch/x86/crypto/sha512-avx2-asm.S
index a4771dcd1fcf..1f20b35d8573 100644
--- a/arch/x86/crypto/sha512-avx2-asm.S
+++ b/arch/x86/crypto/sha512-avx2-asm.S
@@ -79,7 +79,7 @@ NUM_BLKS = %rdx
c = %rcx
d = %r8
e = %rdx
-y3 = %rdi
+y3 = %rsi

TBL = %rbp

If not, please share the call trace and the content of /proc/cpuinfo

Regards,
Ard.

2015-04-23 21:35:29

by Bobby Powers

[permalink] [raw]
Subject: Re: Crypto Update for 4.1

On Thu, Apr 23, 2015 at 4:10 PM, Ard Biesheuvel
<[email protected]> wrote:
>
> Hello Bobby,
>
> Would you be able to check whether the following patch fixes the crash?
>
> diff --git a/arch/x86/crypto/sha512-avx2-asm.S
> b/arch/x86/crypto/sha512-avx2-asm.S
> index a4771dcd1fcf..1f20b35d8573 100644
> --- a/arch/x86/crypto/sha512-avx2-asm.S
> +++ b/arch/x86/crypto/sha512-avx2-asm.S
> @@ -79,7 +79,7 @@ NUM_BLKS = %rdx
> c = %rcx
> d = %r8
> e = %rdx
> -y3 = %rdi
> +y3 = %rsi
>
> TBL = %rbp
>

Tested-By: Bobby Powers <[email protected]>


Thanks Ard. Yes, this fixes things for me. Good eye :)

yours,
Bobby

2015-04-24 06:37:22

by Ard Biesheuvel

[permalink] [raw]
Subject: [PATCH] crypto: x86/sha512_ssse3 - fixup for asm function prototype change

Patch e68410ebf626 ("crypto: x86/sha512_ssse3 - move SHA-384/512
SSSE3 implementation to base layer") changed the prototypes of the
core asm SHA-512 implementations so that they are compatible with
the prototype used by the base layer.

However, in one instance, the register that was used for passing the
input buffer was reused as a scratch register later on in the code,
and since the input buffer param changed places with the digest param
-which needs to be written back before the function returns- this
resulted in the scratch register to be dereferenced in a memory write
operation, causing a GPF.

Fix this by changing the scratch register to use the same register as
the input buffer param again.

Fixes: e68410ebf626 ("crypto: x86/sha512_ssse3 - move SHA-384/512 SSSE3 implementation to base layer")
Reported-By: Bobby Powers <[email protected]gmail.com>
Tested-By: Bobby Powers <[email protected]>
Signed-off-by: Ard Biesheuvel <[email protected]>
---
arch/x86/crypto/sha512-avx2-asm.S | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/x86/crypto/sha512-avx2-asm.S b/arch/x86/crypto/sha512-avx2-asm.S
index a4771dcd1fcf..1f20b35d8573 100644
--- a/arch/x86/crypto/sha512-avx2-asm.S
+++ b/arch/x86/crypto/sha512-avx2-asm.S
@@ -79,7 +79,7 @@ NUM_BLKS = %rdx
c = %rcx
d = %r8
e = %rdx
-y3 = %rdi
+y3 = %rsi

TBL = %rbp

--
1.8.3.2

2015-04-24 12:20:13

by Herbert Xu

[permalink] [raw]
Subject: Re: [PATCH] crypto: x86/sha512_ssse3 - fixup for asm function prototype change

On Fri, Apr 24, 2015 at 08:37:09AM +0200, Ard Biesheuvel wrote:
> Patch e68410ebf626 ("crypto: x86/sha512_ssse3 - move SHA-384/512
> SSSE3 implementation to base layer") changed the prototypes of the
> core asm SHA-512 implementations so that they are compatible with
> the prototype used by the base layer.
>
> However, in one instance, the register that was used for passing the
> input buffer was reused as a scratch register later on in the code,
> and since the input buffer param changed places with the digest param
> -which needs to be written back before the function returns- this
> resulted in the scratch register to be dereferenced in a memory write
> operation, causing a GPF.
>
> Fix this by changing the scratch register to use the same register as
> the input buffer param again.
>
> Fixes: e68410ebf626 ("crypto: x86/sha512_ssse3 - move SHA-384/512 SSSE3 implementation to base layer")
> Reported-By: Bobby Powers <[email protected]>
> Tested-By: Bobby Powers <[email protected]>
> Signed-off-by: Ard Biesheuvel <[email protected]>

Patch applied. Thanks!
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-06-22 08:45:08

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 4.2

Hi Linus:

Here is the crypto update for 4.2:

API:

* Convert RNG interface to new style.
* New AEAD interface with one SG list for AD and plain/cipher text.
All external AEAD users have been converted.
* New asymmetric key interface (akcipher).

Algorithms:
* Chacha20, Poly1305 and RFC7539 support.
* New RSA implementation.
* Jitter RNG.
* DRBG is now seeded with both /dev/random and Jitter RNG. If
kernel pool isn't ready then DRBG will be reseeded when it is.
* DRBG is now the default crypto API RNG, replacing krng.
* 842 compression (previously part of powerpc nx driver).

Drivers:

* Accelerated SHA-512 for arm64.
* New Marvell CESA driver that supports DMA and more algorithms.
* Updated powerpc nx 842 support.
* Added support for SEC1 hardware to talitos.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Allan, Bruce W (2):
crypto: qat - do not duplicate string containing firmware name
crypto: qat - add driver version

Ard Biesheuvel (3):
crypto: testmgr - add test cases for CRC32
crypto: arm/sha512 - accelerated SHA-512 using ARM generic ASM and NEON
crypto: arm/aes - streamline AES-192 code path

Arnaud Ebalard (4):
crypto: marvell/cesa - add Triple-DES support
crypto: marvell/cesa - add MD5 support
crypto: marvell/cesa - add SHA256 support
crypto: marvell/cesa - add support for Kirkwood and Dove SoCs

Boris BREZILLON (11):
crypto: mv_cesa - request registers memory region
crypto: mv_cesa - document the clocks property
crypto: mv_cesa - use gen_pool to reserve the SRAM memory region
crypto: mv_cesa - explicitly define kirkwood and dove compatible strings
crypto: marvell/cesa - add a new driver for Marvell's CESA
crypto: marvell/cesa - add TDMA support
crypto: marvell/cesa - add DES support
crypto: marvell/cesa - add support for all armada SoCs
crypto: marvell/cesa - add allhwsupport module parameter
crypto: marvell/cesa - add support for Orion SoCs
crypto: marvell/cesa - add DT bindings documentation

Boris Brezillon (1):
crypto: marvell/cesa - remove COMPILE_TEST dependency

Colin Ian King (1):
crypto: mv_cesa - ensure backlog is initialised

Dan Carpenter (1):
crypto: talitos - fix size calculation in talitos_edesc_alloc()

Dan Streetman (19):
powerpc: export of_get_ibm_chip_id function
powerpc: Add ICSWX instruction
lib: add software 842 compression/decompression
crypto: 842 - change 842 alg to use software
crypto: nx - rename nx-842.c to nx-842-pseries.c
crypto: nx - add NX-842 platform frontend driver
crypto: nx - add nx842 constraints
crypto: nx - add PowerNV platform NX-842 driver
crypto: nx - simplify pSeries nx842 driver
crypto: nx - add hardware 842 crypto comp alg
lib: make lib/842 decompress functions static
lib: correct 842 decompress for 32 bit
crypto: nx - remove 842-nx null checks
crypto: nx - prevent nx 842 load if no hw driver
crypto: nx - fix nx-842 pSeries driver minimum buffer size
crypto: nx - move include/linux/nx842.h into drivers/crypto/nx/nx-842.h
crypto: nx - replace NX842_MEM_COMPRESS with function
crypto: nx - add LE support to pSeries platform driver
MAINTAINERS: clarify drivers/crypto/nx/ file ownership

David Howells (2):
crypto: pcomp - Constify (de)compression parameters
crypto: testmgr - Wrap the LHS in expressions of the form !x == y

Fabio Estevam (1):
crypto: sahara - propagate the error on clk_disable_unprepare() failure

Harald Freudenberger (1):
crypto: testmgr - Added one larger ghash testvector (400 bytes) to the testmgr.

Herbert Xu (166):
crypto: drbg - Initialise mutex in drbg_healthcheck_sanity
crypto: drbg - Do not seed RNG in drbg_kcapi_init
crypto: api - Add crypto_alg_extsize helper
crypto: shash - Use crypto_alg_extsize helper
crypto: pcomp - Use crypto_alg_extsize helper
crypto: rng - Convert crypto_rng to new style crypto_type
crypto: rng - Introduce crypto_rng_generate
crypto: rng - Mark crypto_rng_reset seed as const
crypto: rng - Convert low-level crypto_rng to new style
crypto: rng - Add crypto_rng_set_entropy
crypto: rng - Add multiple algorithm registration interface
crypto: drbg - Convert to new rng interface
crypto: ansi_cprng - Remove bogus inclusion of internal.h
crypto: ansi_cprng - Convert to new rng interface
crypto: krng - Convert to new rng interface
crypto: rng - Remove old low-level rng interface
crypto: algif_rng - Remove obsolete const-removal cast
crypto: rng - Zero seed in crypto_rng_reset
crypto: tcrypt - Handle async return from crypto_ahash_init
crypto: api - Move module sig ifdef into accessor function
crypto: drbg - Remove FIPS ifdef from drbg_healthcheck_sanity
crypto: caam - Remove bogus references to crypto API internals
crypto: api - Include linux/fips.h
crypto: fips - Remove bogus inclusion of internal.h
crypto: fips - Move fips_enabled sysctl into fips.c
crypto: tcrypt - Include linux/fips.h for fips_enabled
crypto: testmgr - Include linux/fips.h for fips_enabled
crypto: api - Remove linux/fips.h from internal.h
crypto: arm64/aes-ce-ccm - Include crypto/internal/aead.h
crypto: algif_aead - Include crypto/aead.h
crypto: tcrypt - Include crypto/aead.h
crypto: testmgr - Include crypto/aead.h
mac80211: Include crypto/aead.h
mac802154: Include crypto/aead.h
crypto: api - Fix build error when modules are disabled
crypto: skcipher - Fix corner case in crypto_lookup_skcipher
crypto: aead - Fix corner case in crypto_lookup_aead
crypto: api - Add crypto_grab_spawn primitive
crypto: authenc - Include internal/aead.h
crypto: authencesn - Include internal/aead.h
crypto: caam - Include internal/aead.h
crypto: ixp4xx - Include internal/aead.h
crypto: nx - Include internal/aead.h
crypto: qat - Include internal/aead.h
crypto: talitos - Include internal/aead.h
crypto: blkcipher - Include crypto/aead.h
crypto: caam - Remove unnecessary reference to crt_aead
crypto: aead - Add crypto_aead_set_reqsize helper
crypto: authenc - Use crypto_aead_set_reqsize helper
crypto: authencesn - Use crypto_aead_set_reqsize helper
crypto: ccm - Use crypto_aead_set_reqsize helper
crypto: cryptd - Use crypto_aead_set_reqsize helper
crypto: gcm - Use crypto_aead_set_reqsize helper
crypto: pcrypt - Use crypto_aead_set_reqsize helper
crypto: seqiv - Use crypto_aead_set_reqsize helper
crypto: aesni - Use crypto_aead_set_reqsize helper
crypto: ixp4xx - Use crypto_aead_set_reqsize helper
crypto: picoxcell - Use crypto_aead_set_reqsize helper
crypto: qat - Use crypto_aead_set_reqsize helper
crypto: cryptd - Add missing aead.h inclusion
crypto: aead - Convert top level interface to new style
crypto: cryptd - Use crypto_grab_aead
crypto: pcrypt - Use crypto_grab_aead
crypto: scatterwalk - Add scatterwalk_ffwd helper
crypto: aead - Add new interface with single SG list
crypto: aead - Rename aead_alg to old_aead_alg
crypto: caam - Use old_aead_alg
crypto: aead - Add crypto_aead_maxauthsize
crypto: ixp4xx - Use crypto_aead_maxauthsize
crypto: nx - Remove unnecessary maxauthsize check
crypto: aead - Add support for new AEAD implementations
crypto: null - Add default null skcipher
crypto: gcm - Use default null skcipher
crypto: scatterwalk - Check for same address in map_and_copy
crypto: seqiv - Add support for new AEAD interface
crypto: seqiv - Add seqniv
crypto: echainiv - Add encrypted chain IV generator
crypto: aead - Add crypto_aead_alg_ivsize/maxauthsize
crypto: pcrypt - Make tfm_count an atomic_t
crypto: skcipher - Use tmpl->create
crypto: aead - Use tmpl->create
crypto: seqiv - Use aead_register_instance
crypto: echainiv - Use aead_register_instance
crypto: aead - Do not set cra_type for new style instances
crypto: echainiv - Stop using cryptoff
crypto: seqiv - Stop using cryptoff
crypto: aead - Remove unused cryptoff parameter
random: Wake up all getrandom(2) callers when pool is ready
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
crypto: aead - Document behaviour of AD in destination buffer
crypto: scatterwalk - Add missing sg_init_table to scatterwalk_ffwd
crypto: aead - Preserve in-place processing in old_crypt
crypto: aead - Add common IV generation code
crypto: echainiv - Copy AD along with plain text
crypto: echainiv - Use common IV generation code
crypto: echainiv - Fix IV size in context size calculation
crypto: seqiv - Copy AD along with plain/cipher text
crypto: seqiv - Use common IV generation code
crypto: seqiv - Fix IV size in context size calculation
crypto: seqiv - Fix module unload/reload crash
crypto: testmgr - Switch to new AEAD interface
xfrm: Add IV generator information to xfrm_algo_desc
ipsec: Add IV generator information to xfrm_state
esp4: Switch to new AEAD interface
esp6: Switch to new AEAD interface
mac802154: Switch to new AEAD interface
mac80211: Switch to new AEAD interface
crypto: tcrypt - Switch to new AEAD interface
crypto: algif_aead - Switch to new AEAD interface
Revert "crypto: algif_aead - Disable AEAD user-space for now"
crypto: aead - Add type-safe init/exit functions
crypto: aead - Add aead_alg_instance
crypto: api - Include alignment in crypto_alg_extsize
crypto: aead - Ignore return value from crypto_unregister_alg
crypto: aead - Add multiple algorithm registration interface
crypto: pcrypt - Add support for new AEAD interface
crypto: cryptd - Add setkey/setauthsize functions for AEAD
crypto: aesni - Convert top-level rfc4106 algorithm to new interface
crypto: cryptd - Convert to new AEAD interface
crypto: aesni - Convert rfc4106 to new AEAD interface
crypto: scatterwalk - Hide PageSlab call to optimise away flush_dcache_page
crypto: chainiv - Move IV seeding into init function
crypto: echainiv - Move IV seeding into init function
crypto: eseqiv - Move IV seeding into init function
crypto: seqiv - Move IV seeding into init function
crypto: drbg - Add stdrng alias and increase priority
crypto: echainiv - Set Kconfig default to m
crypto: rng - Make DRBG the default RNG
crypto: rng - Remove krng
crypto: caam - Clamp AEAD SG list by input length
nios2: Export get_cycles
random: Add callback API for random pool readiness
random: Remove kernel blocking API
crypto: drbg - Add select on sha256
crypto: picoxcell - Include linux/sizes.h
crypto: picoxcell - Make use of sg_nents_for_len
crypto: picoxcell - Clamp AEAD SG list by input length
crypto: vmx - Remove duplicate PPC64 dependency
crypto: vmx - Reindent to kernel style
crypto: testmgr - Disable rfc4543 test
crypto: gcm - Convert to new AEAD interface
crypto: testmgr - Update rfc4543 test vectors
crypto: nx - Convert GCM to new AEAD interface
crypto: caam - Handle errors in dma_map_sg_chained
crypto: caam - Convert GCM to new AEAD interface
Revert "crypto: testmgr - Disable rfc4543 test"
crypto: testmgr - Add mcgrew test vectors for rfc4106
crypto: tcrypt - Add rfc4309(ccm(aes)) speed test
crypto: tcrypt - Fixed AEAD speed test setup
crypto: drivers - Fix Kconfig selects
crypto: api - Add CRYPTO_MINALIGN_ATTR to struct crypto_alg
crypto: aead - Fix aead_instance struct size
crypto: caam - Reintroduce DESC_MAX_USED_BYTES
crypto: caam - Set last bit on src SG list
Merge branch 'mvebu/drivers' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc
crypto: nx - Check for bogus firmware properties
crypto: skcipher - Allow givencrypt to be NULL
crypto: rng - Do not free default RNG when it becomes unused
crypto: user - Move cryptouser.h to uapi
crypto: user - Add CRYPTO_MSG_DELRNG
crypto: chainiv - Offer normal cipher functionality without RNG
crypto: eseqiv - Offer normal cipher functionality without RNG
crypto: seqiv - Add compatibility support without RNG
crypto: echainiv - Only hold RNG during initialisation
crypto: af_alg - Forbid the use internal algorithms
crypto: algif_aead - Temporarily disable all AEAD algorithms

Horia Geant? (4):
crypto: talitos - avoid memleak in talitos_alg_alloc()
Revert "crypto: talitos - convert to use be16_add_cpu()"
crypto: talitos - avoid out of bound scatterlist iterator
crypto: talitos - static code checker fixes

Jeremiah Mahler (1):
crypto: aesni - fix crypto_fpu_exit() section mismatch

LABBE Corentin (7):
crypto: md5 - add MD5 initial vectors
crypto: md5 - use md5 IV MD5_HX instead of their raw value
crypto: powerpc/md5 - use md5 IV MD5_HX instead of their raw value
crypto: sparc/md5 - use md5 IV MD5_HX instead of their raw value
crypto: n2 - use md5 IV MD5_HX instead of their raw value
crypto: octeon - use md5 IV MD5_HX instead of their raw value
crypto: testmgr - Document struct cipher_testvec

LEROY Christophe (17):
crypto: talitos - Use zero entry to init descriptors ptrs to zero
crypto: talitos - Refactor the sg in/out chain allocation
crypto: talitos - talitos_ptr renamed ptr for more lisibility
crypto: talitos - Add a helper function to clear j_extent field
crypto: talitos - remove param 'extent' in map_single_talitos_ptr()
crypto: talitos - helper function for ptr len
crypto: talitos - enhanced talitos_desc struct for SEC1
crypto: talitos - add sub-choice in talitos CONFIG for SEC1
crypto: talitos - Add a feature to tag SEC1
crypto: talitos - fill in talitos descriptor iaw SEC1 or SEC2+
crypto: talitos - adaptation of talitos_submit() for SEC1
crypto: talitos - base address for Execution Units
crypto: talitos - adapt interrupts and reset functions to SEC1
crypto: talitos - implement scatter/gather copy for SEC1
crypto: talitos - SEC1 bugs on 0 data hash
crypto: talitos - Add fsl,sec1.0 compatible
crypto: talitos - Update DT bindings with SEC1

Leonidas Da Silva Barbosa (2):
crypto: nx - Fixing NX data alignment with nx_sg list
crypto: nx - Fixing SHA update bug

Martin Willi (10):
crypto: chacha20 - Add a generic ChaCha20 stream cipher implementation
crypto: testmgr - Add ChaCha20 test vectors from RFC7539
crypto: poly1305 - Add a generic Poly1305 authenticator implementation
crypto: testmgr - Add Poly1305 test vectors from RFC7539
crypto: chacha20poly1305 - Add a ChaCha20-Poly1305 AEAD construction, RFC7539
crypto: testmgr - Add ChaCha20-Poly1305 test vectors from RFC7539
crypto: chacha20poly1305 - Add an IPsec variant for RFC7539 AEAD
crypto: testmgr - Add draft-ietf-ipsecme-chacha20-poly1305 test vector
xfrm: Define ChaCha20-Poly1305 AEAD XFRM algo for IPsec users
crypto: poly1305 - Pass key as first two message blocks to each desc_ctx

Masanari Iida (2):
crypto: doc - Fix typo in crypto-API.tmpl
crypto: doc - Fix typo in crypto-API.xml

Michael van der Westhuizen (1):
crypto: picoxcell - Update to the current clk API

Pali Roh?r (2):
crypto: omap-sham - Check for return value from pm_runtime_get_sync
crypto: omap-sham - Add support for omap3 devices

Paulo Flabiano Smorigo (1):
crypto: vmx - fix two mistyped texts

Sergey Senozhatsky (1):
crypto: drbg - report backend_cra_name when allocation fails

Steffen Trumtrar (1):
crypto: caam - fix non-64-bit write/read access

Stephan Mueller (15):
cryoto: drbg - clear all temporary memory
crypto: drbg - fix drbg_generate return val check
crypto: drbg - replace spinlock with mutex
crypto: drbg - leave cipher handles operational
crypto: doc - change header file locations
random: Blocking API for accessing nonblocking_pool
crypto: drbg - prepare for async seeding
crypto: drbg - add async seeding operation
crypto: drbg - use Jitter RNG to obtain seed
crypto: jitterentropy - add jitterentropy RNG
crypto: jitterentropy - remove timekeeping_valid_for_hres
crypto: doc - cover new AEAD interface
crypto: drbg - use pragmas for disabling optimization
crypto: drbg - Use callback API for random readiness
crypto: drbg - reseed often if seedsource is degraded

Tadeusz Struk (9):
crypto: qat - remove unused structure members
crypto: qat - rm unneeded header include
crypto: qat - Set max request size
crypto: qat: fix issue when mapping assoc to internal AD struct
MPILIB: add mpi_read_buf() and mpi_get_size() helpers
crypto: akcipher - add PKE API
crypto: rsa - add a new rsa generic implementation
crypto: testmgr - add tests vectors for RSA
crypto: rsa - fix invalid select for AKCIPHER

Tom Lendacky (4):
crypto: ccp - Remove manual check and set of dma_mask pointer
crypto: ccp - Remove unused structure field
scatterlist: introduce sg_nents_for_len
crypto: ccp - Protect against poorly marked end of sg list

Victoria Milhoan (2):
crypto: caam - Fix incorrect size when DMA unmapping buffer
crypto: caam - Provide correct value to iounmap() in controller driver

Wu Fengguang (1):
crypto: echainiv - echainiv_read_iv() can be static

firo yang (1):
crypto: sha1-mb - Remove pointless cast

Documentation/DocBook/crypto-API.tmpl | 67 +-
.../devicetree/bindings/crypto/fsl-sec2.txt | 6 +-
.../devicetree/bindings/crypto/marvell-cesa.txt | 45 +
.../devicetree/bindings/crypto/mv_cesa.txt | 31 +-
MAINTAINERS | 26 +-
arch/arm/boot/dts/armada-375.dtsi | 2 +-
arch/arm/boot/dts/armada-38x.dtsi | 2 +-
arch/arm/boot/dts/armada-39x.dtsi | 2 +-
arch/arm/boot/dts/armada-xp-linksys-mamba.dts | 5 +
arch/arm/boot/dts/armada-xp-openblocks-ax3-4.dts | 4 +
arch/arm/boot/dts/dove-cubox.dts | 1 +
arch/arm/crypto/Kconfig | 15 +-
arch/arm/crypto/Makefile | 10 +-
arch/arm/crypto/aes-ce-core.S | 7 +-
arch/arm/crypto/sha512-armv4.pl | 649 ++++++
arch/arm/crypto/sha512-armv7-neon.S | 455 ----
arch/arm/crypto/sha512-core.S_shipped | 1861 +++++++++++++++
arch/arm/crypto/sha512-glue.c | 121 +
arch/arm/crypto/sha512-neon-glue.c | 98 +
arch/arm/crypto/sha512.h | 8 +
arch/arm/crypto/sha512_neon_glue.c | 305 ---
arch/arm64/crypto/aes-ce-ccm-glue.c | 2 +-
arch/arm64/crypto/crc32-arm64.c | 22 +-
arch/arm64/crypto/sha1-ce-glue.c | 3 +
arch/arm64/crypto/sha2-ce-glue.c | 3 +
arch/mips/cavium-octeon/crypto/octeon-md5.c | 8 +-
arch/nios2/kernel/time.c | 2 +
arch/powerpc/crypto/md5-glue.c | 8 +-
arch/powerpc/include/asm/icswx.h | 184 ++
arch/powerpc/include/asm/ppc-opcode.h | 13 +
arch/powerpc/kernel/prom.c | 1 +
arch/s390/crypto/ghash_s390.c | 25 +-
arch/sparc/crypto/md5_glue.c | 8 +-
arch/x86/crypto/aesni-intel_glue.c | 423 ++--
arch/x86/crypto/fpu.c | 2 +-
arch/x86/crypto/sha-mb/sha1_mb.c | 3 +-
crypto/842.c | 174 +-
crypto/Kconfig | 97 +-
crypto/Makefile | 15 +-
crypto/ablkcipher.c | 12 +-
crypto/aead.c | 684 ++++--
crypto/af_alg.c | 5 +-
crypto/akcipher.c | 117 +
crypto/algapi.c | 31 +-
crypto/algif_aead.c | 79 +-
crypto/algif_rng.c | 2 +-
crypto/ansi_cprng.c | 88 +-
crypto/authenc.c | 17 +-
crypto/authencesn.c | 17 +-
crypto/blkcipher.c | 1 +
crypto/ccm.c | 14 +-
crypto/chacha20_generic.c | 216 ++
crypto/chacha20poly1305.c | 695 ++++++
crypto/chainiv.c | 105 +-
crypto/cryptd.c | 135 +-
crypto/crypto_null.c | 39 +
crypto/crypto_user.c | 34 +-
crypto/drbg.c | 567 ++---
crypto/echainiv.c | 312 +++
crypto/eseqiv.c | 52 +-
crypto/fips.c | 53 +-
crypto/gcm.c | 940 +++-----
crypto/internal.h | 3 +-
crypto/jitterentropy.c | 928 ++++++++
crypto/krng.c | 66 -
crypto/md5.c | 8 +-
crypto/pcompress.c | 7 +-
crypto/pcrypt.c | 199 +-
crypto/poly1305_generic.c | 321 +++
crypto/proc.c | 41 -
crypto/rng.c | 132 +-
crypto/rsa.c | 315 +++
crypto/rsa_helper.c | 121 +
crypto/rsakey.asn1 | 5 +
crypto/scatterwalk.c | 45 +-
crypto/seqiv.c | 587 ++++-
crypto/shash.c | 7 +-
crypto/tcrypt.c | 36 +-
crypto/tcrypt.h | 1 +
crypto/testmgr.c | 314 ++-
crypto/testmgr.h | 2443 +++++++++++++++++++-
crypto/zlib.c | 4 +-
drivers/bus/mvebu-mbus.c | 120 +-
drivers/char/hw_random/bcm63xx-rng.c | 18 +-
drivers/char/random.c | 80 +-
drivers/crypto/Kconfig | 87 +-
drivers/crypto/Makefile | 1 +
drivers/crypto/caam/Kconfig | 5 +-
drivers/crypto/caam/caamalg.c | 1497 ++++++------
drivers/crypto/caam/caamhash.c | 9 +-
drivers/crypto/caam/compat.h | 2 +-
drivers/crypto/caam/ctrl.c | 4 +-
drivers/crypto/caam/regs.h | 38 +-
drivers/crypto/caam/sg_sw_sec4.h | 50 +-
drivers/crypto/ccp/Kconfig | 1 -
drivers/crypto/ccp/ccp-ops.c | 9 +-
drivers/crypto/ccp/ccp-platform.c | 2 -
drivers/crypto/ixp4xx_crypto.c | 9 +-
drivers/crypto/marvell/Makefile | 2 +
drivers/crypto/marvell/cesa.c | 548 +++++
drivers/crypto/marvell/cesa.h | 791 +++++++
drivers/crypto/marvell/cipher.c | 797 +++++++
drivers/crypto/marvell/hash.c | 1441 ++++++++++++
drivers/crypto/marvell/tdma.c | 224 ++
drivers/crypto/mv_cesa.c | 73 +-
drivers/crypto/n2_core.c | 8 +-
drivers/crypto/nx/Kconfig | 61 +-
drivers/crypto/nx/Makefile | 9 +-
drivers/crypto/nx/nx-842-crypto.c | 580 +++++
drivers/crypto/nx/nx-842-platform.c | 84 +
drivers/crypto/nx/nx-842-powernv.c | 637 +++++
drivers/crypto/nx/nx-842-pseries.c | 1140 +++++++++
drivers/crypto/nx/nx-842.c | 1610 +------------
drivers/crypto/nx/nx-842.h | 144 ++
drivers/crypto/nx/nx-aes-gcm.c | 110 +-
drivers/crypto/nx/nx-sha256.c | 84 +-
drivers/crypto/nx/nx-sha512.c | 85 +-
drivers/crypto/nx/nx.c | 233 +-
drivers/crypto/nx/nx.h | 9 +-
drivers/crypto/omap-sham.c | 27 +-
drivers/crypto/picoxcell_crypto.c | 41 +-
drivers/crypto/qat/Kconfig | 6 +-
drivers/crypto/qat/qat_common/adf_accel_devices.h | 1 -
drivers/crypto/qat/qat_common/adf_cfg_user.h | 12 -
drivers/crypto/qat/qat_common/adf_common_drv.h | 7 +
drivers/crypto/qat/qat_common/adf_ctl_drv.c | 1 +
drivers/crypto/qat/qat_common/qat_algs.c | 39 +-
drivers/crypto/qat/qat_dh895xcc/adf_drv.c | 5 +-
drivers/crypto/sahara.c | 13 +-
drivers/crypto/talitos.c | 743 ++++--
drivers/crypto/talitos.h | 153 +-
drivers/crypto/ux500/Kconfig | 4 +-
drivers/crypto/vmx/Kconfig | 2 +-
drivers/crypto/vmx/Makefile | 2 +-
drivers/crypto/vmx/aes.c | 166 +-
drivers/crypto/vmx/aes_cbc.c | 236 +-
drivers/crypto/vmx/aes_ctr.c | 225 +-
drivers/crypto/vmx/aesp8-ppc.h | 15 +-
drivers/crypto/vmx/ghash.c | 278 +--
drivers/crypto/vmx/vmx.c | 68 +-
include/crypto/aead.h | 533 ++++-
include/crypto/akcipher.h | 340 +++
include/crypto/algapi.h | 35 +-
include/crypto/compress.h | 8 +-
include/crypto/cryptd.h | 1 +
include/crypto/drbg.h | 59 +-
include/crypto/hash.h | 2 +-
include/crypto/internal/aead.h | 102 +-
include/crypto/internal/akcipher.h | 60 +
include/crypto/internal/geniv.h | 24 +
include/crypto/internal/rng.h | 21 +-
include/crypto/internal/rsa.h | 27 +
include/crypto/md5.h | 5 +
include/crypto/null.h | 3 +
include/crypto/rng.h | 100 +-
include/crypto/scatterwalk.h | 4 +
include/linux/compiler-gcc.h | 16 +-
include/linux/compiler-intel.h | 3 +
include/linux/compiler.h | 4 +
include/linux/crypto.h | 501 +---
include/linux/mbus.h | 5 +
include/linux/module.h | 12 +
include/linux/mpi.h | 15 +
include/linux/nx842.h | 11 -
include/linux/random.h | 9 +
include/linux/scatterlist.h | 1 +
include/linux/sw842.h | 12 +
include/net/xfrm.h | 3 +
include/{ => uapi}/linux/cryptouser.h | 6 +
lib/842/842.h | 127 +
lib/842/842_compress.c | 626 +++++
lib/842/842_debugfs.h | 52 +
lib/842/842_decompress.c | 405 ++++
lib/842/Makefile | 2 +
lib/Kconfig | 6 +
lib/Makefile | 2 +
lib/mpi/mpicoder.c | 87 +-
lib/mpi/mpiutil.c | 6 +-
lib/scatterlist.c | 32 +
lib/string.c | 2 +-
net/ipv4/esp4.c | 200 +-
net/ipv6/esp6.c | 200 +-
net/key/af_key.c | 1 +
net/mac80211/aes_ccm.c | 33 +-
net/mac80211/aes_gcm.c | 33 +-
net/mac80211/aes_gmac.c | 14 +-
net/mac802154/llsec.c | 44 +-
net/xfrm/xfrm_algo.c | 28 +
net/xfrm/xfrm_user.c | 40 +-
189 files changed, 23661 insertions(+), 7358 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-06-23 04:26:52

by Linus Torvalds

[permalink] [raw]
Subject: Re: Crypto Update for 4.2

On Mon, Jun 22, 2015 at 1:44 AM, Herbert Xu <[email protected]> wrote:
>
> Here is the crypto update for 4.2:

So this generates conflicts with your earlier changes (that I got
through the networking tree - they are your patches, but they went
through Steffen Klassert and then David Miller).

I resolved them, but I want you to double-check the end result.

Some of the conflicts are just trivial (but annoying) conflicts due to
whitespace changes to the vmx routines.

But the changes to net/ipv4/esp4.c and net/ipv6/esp6.c are actual real
code conflicts, even though the in the merge they look like no change
at all, because I picked your side and the changes on the other side
just went away.

I did that, because ss far as I can tell, the changes in commits
7021b2e1cddd and 000ae7b2690e (that switch esp4/6 over to the new AEAD
interface) obviate the commits I got earlier to use the high-order
sequence number bits for IV generation.

So it looks to me like those AEAD interface changes already make sure
to use the full 64 bits of the sequence number.

But if I'm wrong, please holler. You clearly know both sides of this,
since you wrote all the patches involved, so I'd like you to
double-check me.

Linus

2015-06-23 04:32:21

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Update for 4.2

On Mon, Jun 22, 2015 at 09:26:51PM -0700, Linus Torvalds wrote:
>
> So it looks to me like those AEAD interface changes already make sure
> to use the full 64 bits of the sequence number.
>
> But if I'm wrong, please holler. You clearly know both sides of this,
> since you wrote all the patches involved, so I'd like you to
> double-check me.

Yes the AEAD conversion does the right thing and uses the full 64
bits of the sequence number. In fact it was during that conversion
when I noticed the bug and sent in a fix to Steffen.

Thanks for the heads up!
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-06-24 02:11:19

by Linus Torvalds

[permalink] [raw]
Subject: Re: Crypto Update for 4.2

On Mon, Jun 22, 2015 at 1:44 AM, Herbert Xu <[email protected]> wrote:
>
> Here is the crypto update for 4.2:

Hmm. I noticed a new annoyance:

I get this at bootup:

[ +0.001504] alg: No test for __gcm-aes-aesni (__driver-gcm-aes-aesni)
[ +0.002233] alg: aead: setkey failed on test 1 for
rfc4106-gcm-aesni: flags=0

in general, I'm not at all convinced that the crypto tests make sense.
I absolutely destest that horrid "testmgr.h" file that is 32
_thousand_ lines of noise. And now it's apparently complaining about a
missing test, so that nasty mess will presumably grow.

Could you not make the test infrastructure be something that gets run
in user space?

Linus

2015-06-24 13:29:48

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Update for 4.2

On Tue, Jun 23, 2015 at 07:11:19PM -0700, Linus Torvalds wrote:
> On Mon, Jun 22, 2015 at 1:44 AM, Herbert Xu <[email protected]> wrote:
> >
> > Here is the crypto update for 4.2:
>
> Hmm. I noticed a new annoyance:
>
> I get this at bootup:
>
> [ +0.001504] alg: No test for __gcm-aes-aesni (__driver-gcm-aes-aesni)

This is indeed bogus and I'll make sure it disappears.

> [ +0.002233] alg: aead: setkey failed on test 1 for
> rfc4106-gcm-aesni: flags=0

This however is a real bug. It looks like aesni is somehow broken
and is failing on setkey. I'll look into it.

> in general, I'm not at all convinced that the crypto tests make sense.
> I absolutely destest that horrid "testmgr.h" file that is 32
> _thousand_ lines of noise. And now it's apparently complaining about a
> missing test, so that nasty mess will presumably grow.
>
> Could you not make the test infrastructure be something that gets run
> in user space?

I too think the current testmgr model has reached its limit.
However, it has been quite useful in catching bugs like the
one you saw which may otherwise result in hard-to-track-down
bugs in other subsystems such as IPsec or disk encryption.

What I was planning to do is to instead bundle the test vectors
with the algorithms themselves. So for each algorithm we would
have the test vectors in the canonical C implementation which then
would be used to test every other implmenetation of that algorithm.

The test code could similarly be distributed out to the individual
types, e.g., RNG tests would go into rng.c, hash tests into ahash.c,
etc.

When this is done there would be no central repository of testing
information anymore.

Cheers,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-06-26 10:22:43

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.2

Hi Linus:

This push fixes the following issues:

* Move -O0 jitterentropy code into its own file instead of using
gcc pragma magic.
* Kill testmgr warning for gcm-aes-aesni.
* Fix build failure in old rsa.

Other minor fixes:

* Ignore asn1 files generated by new rsa.
* Remove unnecessary kzfree NULL checks in jitterentropy.
* Typo fix in akcipher.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Alexander Kuleshov (1):
crypto: rsa - add .gitignore for crypto/*.-asn1.[ch] files

Guenter Roeck (1):
crypto: asymmetric_keys/rsa - Use non-conflicting variable name

Markus Elfring (1):
crypto: jitterentropy - Delete unnecessary checks before the function call "kzfree"

Stephan Mueller (1):
crypto: jitterentropy - avoid compiler warnings

Tadeusz Struk (2):
crypto: akcipher - fix spelling cihper -> cipher
crypto: testmgr - don't print info about missing test for gcm-aes-aesni

crypto/.gitignore | 1 +
crypto/Makefile | 4 +-
crypto/akcipher.c | 2 +-
crypto/asymmetric_keys/rsa.c | 4 +-
crypto/jitterentropy-kcapi.c | 208 ++++++++++++++++++++++++++++++++++++++++
crypto/jitterentropy.c | 215 ++++++++----------------------------------
crypto/testmgr.c | 4 +
7 files changed, 256 insertions(+), 182 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-06-26 20:07:03

by Linus Torvalds

[permalink] [raw]
Subject: Re: Crypto Fixes for 4.2

On Fri, Jun 26, 2015 at 3:22 AM, Herbert Xu <[email protected]> wrote:
>
> * Kill testmgr warning for gcm-aes-aesni.

Hmm. You killed one of the warnings, but the setkey one remains.

alg: aead: setkey failed on test 1 for rfc4106-gcm-aesni: flags=0

Expected?

Linus

2015-06-27 06:56:49

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Fixes for 4.2

On Fri, Jun 26, 2015 at 01:07:02PM -0700, Linus Torvalds wrote:
> On Fri, Jun 26, 2015 at 3:22 AM, Herbert Xu <[email protected]> wrote:
> >
> > * Kill testmgr warning for gcm-aes-aesni.
>
> Hmm. You killed one of the warnings, but the setkey one remains.
>
> alg: aead: setkey failed on test 1 for rfc4106-gcm-aesni: flags=0
>
> Expected?

I wanted to explore a more complete fix with delaying the testing
until all built-in registrations are complete but it turned out to
be too complicated for now.

So I think Tadeusz's patch is the simplest fix for 4.2. Could you
please test it to see if it makes your warning go away? Just in
case you're running into something else that happens to look the
same.

Here is his patch again with a corrected changelog.

Thanks!

---8<---
From: Tadeusz Struk <[email protected]>
Subject: crypto: aesni - fix failing setkey for rfc4106-gcm-aesni

rfc4106(gcm(aes)) uses ctr(aes) to generate hash key. ctr(aes) needs
chainiv, but the chainiv gets initialized after aesni_intel when both
are statically linked so the setkey fails.
This patch forces aesni_intel to be initialized after chainiv.

Signed-off-by: Tadeusz Struk <[email protected]>
---
arch/x86/crypto/aesni-intel_glue.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/x86/crypto/aesni-intel_glue.c b/arch/x86/crypto/aesni-intel_glue.c
index ebcb981d..cb630a8 100644
--- a/arch/x86/crypto/aesni-intel_glue.c
+++ b/arch/x86/crypto/aesni-intel_glue.c
@@ -1537,7 +1537,7 @@ static void __exit aesni_exit(void)
crypto_fpu_exit();
}

-module_init(aesni_init);
+late_initcall(aesni_init);
module_exit(aesni_exit);

MODULE_DESCRIPTION("Rijndael (AES) Cipher Algorithm, Intel AES-NI instructions optimized");


--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-06-27 16:40:25

by Linus Torvalds

[permalink] [raw]
Subject: Re: Crypto Fixes for 4.2

On Fri, Jun 26, 2015 at 11:56 PM, Herbert Xu
<[email protected]> wrote:
>
> So I think Tadeusz's patch is the simplest fix for 4.2. Could you
> please test it to see if it makes your warning go away?

Seems to silence it here.

I get the feeling that the patch is still wrong - why are not the
*tests* run at late time when everything is properly set up, rather
than forcing ordering at the code init level - but at least I don't
see the annoying error, so it's certainly better than it was before.

Linus

2015-06-29 07:32:59

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Fixes for 4.2

On Sat, Jun 27, 2015 at 09:40:24AM -0700, Linus Torvalds wrote:
> On Fri, Jun 26, 2015 at 11:56 PM, Herbert Xu
> <[email protected]> wrote:
> >
> > So I think Tadeusz's patch is the simplest fix for 4.2. Could you
> > please test it to see if it makes your warning go away?
>
> Seems to silence it here.

OK I'll apply this patch for 4.2.

> I get the feeling that the patch is still wrong - why are not the
> *tests* run at late time when everything is properly set up, rather
> than forcing ordering at the code init level - but at least I don't
> see the annoying error, so it's certainly better than it was before.

That's what I was exploring but I think it'll take a while so
it's best to postpone it to 4.3 or later. The two alternatives
I was toying with are 1) delay the testing until the first time
the given algorithm is used; 2) perform testing for all built-in
algorithms at late_initcall.

Cheers,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-06-30 13:51:45

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.2

Hi Linus:

This push fixes the aesni setkey error and removes a couple of
unnecessary NULL checks in the Intel qat driver.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Markus Elfring (1):
crypto: qat - Deletion of unnecessary checks before two function calls

Tadeusz Struk (1):
crypto: aesni - fix failing setkey for rfc4106-gcm-aesni

arch/x86/crypto/aesni-intel_glue.c | 2 +-
drivers/crypto/qat/qat_common/adf_accel_engine.c | 5 +----
drivers/crypto/qat/qat_common/adf_transport.c | 2 +-
3 files changed, 3 insertions(+), 6 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-07-13 04:08:58

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.2

Hi Linus:

This push fixes a duplicate dma_unmap_sg call in omap-des and
reentrancy bugs in the powerpc nx driver which may cause bogus
output or worse memory corruption.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Herbert Xu (1):
crypto: nx - Fix reentrancy bugs

Vutla, Lokesh (1):
crypto: omap-des - Fix unmapping of dma channels

drivers/crypto/nx/nx-aes-ccm.c | 6 ++--
drivers/crypto/nx/nx-aes-ctr.c | 7 ++--
drivers/crypto/nx/nx-aes-gcm.c | 17 ++++++----
drivers/crypto/nx/nx-aes-xcbc.c | 70 ++++++++++++++++++++++++---------------
drivers/crypto/nx/nx-sha256.c | 43 +++++++++++++-----------
drivers/crypto/nx/nx-sha512.c | 44 +++++++++++++-----------
drivers/crypto/nx/nx.c | 3 ++
drivers/crypto/nx/nx.h | 14 ++++++--
drivers/crypto/omap-des.c | 3 --
9 files changed, 125 insertions(+), 82 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-08-03 07:16:45

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.2

Hi Linus:

This push fixes the following issues:

* A bogus BUG_ON in ixp4xx that can be triggered by a dst buffer
that is an SG list.
* The error handling in hwrngd may cause a crash in case of an error.
* Fix a race condition in qat registration when multiple devices are
present.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Herbert Xu (1):
crypto: ixp4xx - Remove bogus BUG_ON on scattered dst buffer

Martin Schwidefsky (1):
hwrng: core - correct error check of kthread_run call

Tadeusz Struk (1):
crypto: qat - Fix invalid synchronization between register/unregister sym algs

drivers/char/hw_random/core.c | 2 +-
drivers/crypto/ixp4xx_crypto.c | 1 -
drivers/crypto/qat/qat_common/qat_algs.c | 24 ++++++++++++++++--------
3 files changed, 17 insertions(+), 10 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-08-17 08:27:27

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.2

Hi Linus:

This push fixes the following issues:

* A regression caused by the conversion of IPsec ESP to the new
AEAD interface: ESN with authencesn no longer works because it
relied on the AD input SG list having a specific layout which
is no longer the case. In linux-next authencesn is fixed properly
and no longer assumes anything about the SG list format. While
for this release a minimal fix is applied to authencesn so that
it works with the new linear layout.
* Fix memory corruption caused by bogus index in the caam hash code.
* Fix powerpc nx SHA hashing which could cause module load failures
if module signature verification is enabled.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Herbert Xu (1):
crypto: authencesn - Fix breakage with new ESP code

Horia Geant? (1):
crypto: caam - fix memory corruption in ahash_final_ctx

Jan Stancek (1):
crypto: nx - respect sg limit bounds when building sg lists for SHA

crypto/authencesn.c | 44 +++++++++++-----------------------------
drivers/crypto/caam/caamhash.c | 7 ++++---
drivers/crypto/nx/nx-sha256.c | 27 ++++++++++++++----------
drivers/crypto/nx/nx-sha512.c | 28 ++++++++++++++-----------
4 files changed, 48 insertions(+), 58 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-08-31 13:57:16

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 4.3

Hi Linus:

Here is the crypto update for 4.3:

API:

* The AEAD interface transition is now complete.
* Add top-level skcipher interface.

Drivers:

* x86-64 acceleration for chacha20/poly1305.
* Add sunxi-ss Allwinner Security System crypto accelerator.
* Add RSA algorithm to qat driver.
* Add SRIOV support to qat driver.
* Add LS1021A support to caam.
* Add i.MX6 support to caam.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Aaron Sierra (2):
crypto: talitos - Remove zero_entry static initializer
crypto: talitos - Prevent panic in probe error path

Ahsan Atta (1):
crypto: qat - Fix typo othewise->otherwise

Alex Porosanu (1):
crypto: caam - fix ERA property reading

Baruch Siach (1):
crypto: arm - ignore generated SHA2 assembly files

Brian Norris (1):
crypto: doc - make URL into hyperlink

Bruce Allan (4):
crypto: qat - remove redundant struct elem
crypto: qat - fix bug in ADF_RING_SIZE_BYTES_MIN macro
crypto: qat - remove unused define
crypto: qat - remove unnecessary list iteration

Chen-Yu Tsai (3):
crypto: sunxi-ss - Document optional reset control bindings
crypto: sunxi-ss - Add optional reset control support
ARM: dts: sun6i: Add security system crypto engine clock and device nodes

Colin Ian King (1):
crypto: img-hash - fix spelling mistake in dev_err error message

Dan Streetman (11):
crypto: nx - remove __init/__exit from VIO functions
crypto: nx - remove pSeries NX 'status' field
crypto: nx - move kzalloc() out of spinlock
crypto: nx - don't register pSeries driver if ENODEV
crypto: nx - use common code for both NX decompress success cases
crypto: nx - merge nx-compress and nx-compress-crypto
crypto: nx - rename nx-842-crypto.c to nx-842.c
crypto: nx - make platform drivers directly register with crypto
crypto: nx - don't err if compressed output > input
crypto: nx - use be32_to_cpu for __be32 field in debug msg
MAINTAINERS: change 842 NX owner email address

Fabio Estevam (6):
crypto: caam - Fix error handling in caam_rng_init()
crypto: caam - Remove unneeded 'ret' variable
crypto: amcc - Do a NULL check for pointer
crypto: caam - Fix the error handling in caam_probe
crypto: caam - Propagate the real error code in caam_probe
crypto: caam - Use the preferred style for memory allocations

Herbert Xu (56):
crypto: cryptd - Fix AEAD request context corruption
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
crypto: api - Remove unused __crypto_dequeue_request
crypto: aead - Add aead_queue interface
crypto: nx/842 - Fix context corruption
crypto: api - Add instance free function to crypto_type
crypto: aead - Add type-safe function for freeing instances
crypto: pcrypt - Propagate new AEAD implementation flag
crypto: cryptd - Propagate new AEAD implementation flag
crypto: echainiv - Fix encryption convention
crypto: seqiv - Replace seqniv with seqiv
crypto: aead - Propagate new AEAD implementation flag for IV generators
crypto: testmgr - Disable rfc4106 test and convert test vectors
crypto: tcrypt - Add support for new IV convention
crypto: aesni - Use new IV convention
crypto: gcm - Use new IV convention
crypto: nx - Use new IV convention
crypto: caam - Use new IV convention
crypto: testmgr - Reenable rfc4106 test
crypto: testmgr - Disable rfc4309 test and convert test vectors
crypto: ccm - Convert to new AEAD interface
crypto: aes-ce-ccm - Convert to new AEAD interface
crypto: nx - Convert ccm to new AEAD interface
crypto: testmgr - Reenable rfc4309 test
crypto: chacha20poly1305 - Convert to new AEAD interface
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
crypto: testmgr - Disable authenc test and convert test vectors
crypto: authenc - Convert to new AEAD interface
crypto: caam - Convert authenc to new AEAD interface
crypto: ixp4xx - Convert to new AEAD interface
crypto: picoxcell - Convert to new AEAD interface
crypto: qat - Convert to new AEAD interface
crypto: talitos - Convert to new AEAD interface
crypto: testmgr - Reenable authenc tests
crypto: authenc - Add Kconfig dependency on CRYPTO_NULL
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
crypto: authencesn - Convert to new AEAD interface
crypto: algboss - Remove reference to nivaead
crypto: user - Remove crypto_lookup_aead call
ipsec: Replace seqniv with seqiv
crypto: seqiv - Remove seqniv
crypto: seqiv - Remove AEAD compatibility code
crypto: echainiv - Remove AEAD compatibility code
crypto: aead - Add type-safe geniv init/exit helpers
crypto: seqiv - Use generic geniv init/exit helpers
crypto: echainiv - Use generic geniv init/exit helpers
crypto: cryptd - Remove reference to crypto_aead_crt
crypto: qat - Remove reference to crypto_aead_crt
crypto: aead - Remove old AEAD interfaces
crypto: aead - Remove CRYPTO_ALG_AEAD_NEW flag
crypto: null - Use NULL2 in Makefile
crypto: nx - Add forward declaration for struct crypto_aead
crypto: null - Add missing Kconfig tristate for NULL2
crypto: skcipher - Add top-level skcipher interface
crypto: testmgr - Use new skcipher interface
crypto: hash - Add AHASH_REQUEST_ON_STACK

Horia Geant? (5):
crypto: caam - fix snooping for write transactions
crypto: caam - fix RNG init descriptor ret. code checking
crypto: caam - fix rfc4106 encap shared descriptor
crypto: caam - add support for LS1021A
crypto: caam - fix writing to JQCR_MS when using service interface

Kees Cook (1):
crypto: jitterentropy - use safe format string parameters

Krzysztof Kozlowski (1):
crypto: marvell/cesa - Drop owner assignment from platform_driver

LABBE Corentin (6):
crypto: testmgr - add a chunking test for cbc(aes)
ARM: sun4i: dt: Add Security System to A10 SoC DTS
ARM: sun7i: dt: Add Security System to A20 SoC DTS
ARM: sun4i: dt: Add DT bindings documentation for SUN4I Security System
crypto: sunxi-ss - Add Allwinner Security System crypto accelerator
MAINTAINERS: Add myself as maintainer of Allwinner Security System

Lars Persson (1):
crypto: algif_aead - fix for multiple operations on AF_ALG sockets

Leonidas Da Silva Barbosa (7):
powerpc: Uncomment and make enable_kernel_vsx() routine available
crypto: vmx - Adding enable_kernel_vsx() to access VSX instructions
Update NX crypto driver maintainers and adding VMX maintainers
crypto: nx - Removing CTR mode from NX driver
crypto: vmx - Fixing AES-CTR counter bug
crypto: vmx - Fixing GHASH Key issue on little endian
crypto: vmx - Fixing opcode issue

Martin Willi (10):
crypto: tcrypt - Add ChaCha20/Poly1305 speed tests
crypto: chacha20 - Export common ChaCha20 helpers
crypto: chacha20 - Add a SSSE3 SIMD variant for x86_64
crypto: chacha20 - Add a four block SSSE3 variant for x86_64
crypto: chacha20 - Add an eight block AVX2 variant for x86_64
crypto: testmgr - Add a longer ChaCha20 test vector
crypto: poly1305 - Export common Poly1305 helpers
crypto: poly1305 - Add a SSE2 SIMD variant for x86_64
crypto: poly1305 - Add a two block SSE2 variant for x86_64
crypto: poly1305 - Add a four block AVX2 variant for x86_64

Nishanth Aravamudan (4):
crypto: nx - nx842_OF_upd_status should return ENODEV if device is not 'okay'
crypto: nx - rename nx842_{init, exit} to nx842_pseries_{init, exit}
crypto: nx - do not emit extra output if status is disabled
crypto: nx - reduce chattiness of platform drivers

Paulo Flabiano Smorigo (1):
Fix email address mistypo for NX/VMX crypto driver maintainers

Pingchao Yang (1):
crypto: qat - add support for MMP FW

Stephan Mueller (2):
crypto: doc - AEAD API conversion
crypto: cmac - allow usage in FIPS mode

Steve Cornelius (1):
crypto: caam - Enable MXC devices to select CAAM driver in Kconfig

Tadeusz Struk (17):
crypto: qat - add MMP FW support to accel engine
crypto: qat - Add support for RSA algorithm
crypto: rsa - limit supported key lengths
crypto: rsa - fix invalid check for keylen in fips mode
crypto: qat - fix invalid check for RSA keylen in fips mode
crypto: qat - Don't attempt to register algorithm multiple times
crypto: qat - Move adf admin and adf hw arbitrer to common code
crypto: qat - Add support for SRIOV
crypto: qat - Add qat dh895xcc VF driver
crypto: qat - Add FW const table
PCI: Add quirk for Intel DH895xCC VF PCI config erratum
crypto: qat - Fix adf_isr_resource_free name clash
crypto: qat - Fix unmet direct dependencies for QAT_DH895xCCVF
crypto: qat - Don't move data inside output buffer
crypto: qat - silence a static checker warning
MPI: Fix mpi_read_buffer
crypto: qat - enable legacy VFs

Tom Lendacky (1):
crypto: ccp - Provide support to autoload CCP driver

Tudor Ambarus (1):
crypto: caam - fix warning in APPEND_MATH_IMM_u64

Vaishali Thakkar (1):
crypto: sahara - Use dmam_alloc_coherent

Victoria Milhoan (13):
crypto: caam - Add cache coherency support
crypto: caam - Add setbits32/clrbits32/clrsetbits primitives for ARM compatibility
crypto: caam - Enable and disable clocks on Freescale i.MX platforms
crypto: caam - Modify Freescale CAAM driver Scatter Gather entry definition
crypto: caam - Change kmalloc to kzalloc to avoid residual data
crypto: caam - Correct DMA unmap size in ahash_update_ctx()
crypto: caam - Use local sg pointers to walk the scatterlist
crypto: caam - Added clocks and clock-names properties to SEC4.0 device tree binding
ARM: clk-imx6q: Add CAAM clock support
ARM: dts: mx6qdl: Add CAAM device node
ARM: dts: mx6sx: Add CAAM device node
crypto: caam - Detect hardware features during algorithm registration
ARM: imx_v6_v7_defconfig: Select CAAM

Vutla, Lokesh (5):
crypto: omap-aes - Fix CTR mode
crypto: omap-aes - Increase priority of hw accelerator
crypto: omap-aes - Fix configuring of AES mode
crypto: omap-aes - Use BIT() macro
crypto: tcrypt - Fix AEAD speed tests

Wu Fengguang (1):
crypto: qat - fix simple_return.cocci warnings

Documentation/DocBook/crypto-API.tmpl | 8 +-
.../devicetree/bindings/crypto/fsl-sec4.txt | 17 +
.../devicetree/bindings/crypto/sun4i-ss.txt | 23 +
MAINTAINERS | 24 +-
arch/arm/boot/dts/imx6qdl.dtsi | 29 +-
arch/arm/boot/dts/imx6sx.dtsi | 27 +
arch/arm/boot/dts/sun4i-a10.dtsi | 8 +
arch/arm/boot/dts/sun6i-a31.dtsi | 18 +
arch/arm/boot/dts/sun7i-a20.dtsi | 8 +
arch/arm/configs/imx_v6_v7_defconfig | 3 +-
arch/arm/crypto/.gitignore | 2 +
arch/arm64/crypto/aes-ce-ccm-glue.c | 68 +-
arch/powerpc/include/asm/switch_to.h | 1 +
arch/powerpc/kernel/process.c | 3 -
arch/x86/crypto/Makefile | 6 +
arch/x86/crypto/aesni-intel_glue.c | 53 +-
arch/x86/crypto/chacha20-avx2-x86_64.S | 443 +++
arch/x86/crypto/chacha20-ssse3-x86_64.S | 625 +++++
arch/x86/crypto/chacha20_glue.c | 150 +
arch/x86/crypto/poly1305-avx2-x86_64.S | 386 +++
arch/x86/crypto/poly1305-sse2-x86_64.S | 582 ++++
arch/x86/crypto/poly1305_glue.c | 207 ++
crypto/Kconfig | 40 +-
crypto/Makefile | 3 +-
crypto/aead.c | 635 +----
crypto/algapi.c | 25 +-
crypto/algboss.c | 12 +-
crypto/algif_aead.c | 4 +-
crypto/authenc.c | 580 ++--
crypto/authencesn.c | 716 ++---
crypto/ccm.c | 380 +--
crypto/chacha20_generic.c | 28 +-
crypto/chacha20poly1305.c | 216 +-
crypto/cryptd.c | 23 +-
crypto/crypto_user.c | 32 -
crypto/echainiv.c | 86 +-
crypto/gcm.c | 102 +-
crypto/jitterentropy-kcapi.c | 2 +-
crypto/pcrypt.c | 7 +
crypto/poly1305_generic.c | 73 +-
crypto/rsa.c | 26 +-
crypto/rsa_helper.c | 4 +-
crypto/seqiv.c | 445 +--
crypto/skcipher.c | 245 ++
crypto/tcrypt.c | 82 +-
crypto/tcrypt.h | 20 +
crypto/testmgr.c | 63 +-
crypto/testmgr.h | 2948 +++++++++++++++-----
drivers/clk/imx/clk-imx6q.c | 3 +
drivers/crypto/Kconfig | 17 +
drivers/crypto/Makefile | 1 +
drivers/crypto/amcc/crypto4xx_core.c | 2 +-
drivers/crypto/caam/Kconfig | 10 +-
drivers/crypto/caam/caamalg.c | 2877 ++++++++++---------
drivers/crypto/caam/caamhash.c | 69 +-
drivers/crypto/caam/caamrng.c | 26 +-
drivers/crypto/caam/compat.h | 1 +
drivers/crypto/caam/ctrl.c | 154 +-
drivers/crypto/caam/desc.h | 23 +-
drivers/crypto/caam/desc_constr.h | 2 +-
drivers/crypto/caam/intern.h | 5 +
drivers/crypto/caam/jr.c | 30 +-
drivers/crypto/caam/regs.h | 64 +-
drivers/crypto/caam/sg_sw_sec4.h | 25 +-
drivers/crypto/ccp/ccp-platform.c | 2 +
drivers/crypto/img-hash.c | 2 +-
drivers/crypto/ixp4xx_crypto.c | 312 ++-
drivers/crypto/marvell/cesa.c | 1 -
drivers/crypto/nx/Kconfig | 17 +-
drivers/crypto/nx/Makefile | 8 +-
drivers/crypto/nx/nx-842-crypto.c | 580 ----
drivers/crypto/nx/nx-842-platform.c | 84 -
drivers/crypto/nx/nx-842-powernv.c | 42 +-
drivers/crypto/nx/nx-842-pseries.c | 139 +-
drivers/crypto/nx/nx-842.c | 554 +++-
drivers/crypto/nx/nx-842.h | 65 +-
drivers/crypto/nx/nx-aes-ccm.c | 151 +-
drivers/crypto/nx/nx-aes-ctr.c | 21 -
drivers/crypto/nx/nx-aes-gcm.c | 64 +-
drivers/crypto/nx/nx.c | 30 +-
drivers/crypto/nx/nx.h | 9 +-
drivers/crypto/omap-aes.c | 86 +-
drivers/crypto/picoxcell_crypto.c | 677 ++---
drivers/crypto/qat/Kconfig | 15 +
drivers/crypto/qat/Makefile | 1 +
drivers/crypto/qat/qat_common/.gitignore | 1 +
drivers/crypto/qat/qat_common/Makefile | 8 +
drivers/crypto/qat/qat_common/adf_accel_devices.h | 46 +-
drivers/crypto/qat/qat_common/adf_accel_engine.c | 42 +-
drivers/crypto/qat/qat_common/adf_admin.c | 290 ++
drivers/crypto/qat/qat_common/adf_aer.c | 5 +-
drivers/crypto/qat/qat_common/adf_cfg.c | 9 +-
drivers/crypto/qat/qat_common/adf_cfg_common.h | 3 +-
drivers/crypto/qat/qat_common/adf_common_drv.h | 53 +-
drivers/crypto/qat/qat_common/adf_ctl_drv.c | 6 +-
drivers/crypto/qat/qat_common/adf_dev_mgr.c | 286 +-
.../{qat_dh895xcc => qat_common}/adf_hw_arbiter.c | 37 +-
drivers/crypto/qat/qat_common/adf_init.c | 104 +-
drivers/crypto/qat/qat_common/adf_pf2vf_msg.c | 438 +++
drivers/crypto/qat/qat_common/adf_pf2vf_msg.h | 146 +
drivers/crypto/qat/qat_common/adf_sriov.c | 309 ++
drivers/crypto/qat/qat_common/adf_transport.c | 13 +-
.../qat/qat_common/adf_transport_access_macros.h | 5 +-
drivers/crypto/qat/qat_common/icp_qat_fw.h | 2 +
drivers/crypto/qat/qat_common/icp_qat_fw_pke.h | 112 +
drivers/crypto/qat/qat_common/qat_algs.c | 338 +--
drivers/crypto/qat/qat_common/qat_asym_algs.c | 652 +++++
drivers/crypto/qat/qat_common/qat_crypto.c | 26 +-
drivers/crypto/qat/qat_common/qat_crypto.h | 2 -
drivers/crypto/qat/qat_common/qat_hal.c | 14 +-
drivers/crypto/qat/qat_common/qat_rsakey.asn1 | 5 +
drivers/crypto/qat/qat_common/qat_uclo.c | 27 +-
drivers/crypto/qat/qat_dh895xcc/Makefile | 5 +-
drivers/crypto/qat/qat_dh895xcc/adf_admin.c | 145 -
.../crypto/qat/qat_dh895xcc/adf_dh895xcc_hw_data.c | 38 +-
.../crypto/qat/qat_dh895xcc/adf_dh895xcc_hw_data.h | 12 +-
drivers/crypto/qat/qat_dh895xcc/adf_drv.c | 97 +-
drivers/crypto/qat/qat_dh895xcc/adf_drv.h | 9 -
drivers/crypto/qat/qat_dh895xcc/adf_isr.c | 139 +-
drivers/crypto/qat/qat_dh895xccvf/Makefile | 5 +
.../qat/qat_dh895xccvf/adf_dh895xccvf_hw_data.c | 172 ++
.../qat/qat_dh895xccvf/adf_dh895xccvf_hw_data.h | 68 +
drivers/crypto/qat/qat_dh895xccvf/adf_drv.c | 393 +++
.../qat_admin.c => qat_dh895xccvf/adf_drv.h} | 70 +-
drivers/crypto/qat/qat_dh895xccvf/adf_isr.c | 258 ++
drivers/crypto/sahara.c | 46 +-
drivers/crypto/sunxi-ss/Makefile | 2 +
drivers/crypto/sunxi-ss/sun4i-ss-cipher.c | 542 ++++
drivers/crypto/sunxi-ss/sun4i-ss-core.c | 425 +++
drivers/crypto/sunxi-ss/sun4i-ss-hash.c | 492 ++++
drivers/crypto/sunxi-ss/sun4i-ss.h | 201 ++
drivers/crypto/talitos.c | 618 ++--
drivers/crypto/talitos.h | 8 +-
drivers/crypto/vmx/aes.c | 3 +
drivers/crypto/vmx/aes_cbc.c | 3 +
drivers/crypto/vmx/aes_ctr.c | 11 +-
drivers/crypto/vmx/aesp8-ppc.pl | 34 +-
drivers/crypto/vmx/ghash.c | 4 +
drivers/crypto/vmx/ghashp8-ppc.pl | 6 +
drivers/crypto/vmx/ppc-xlate.pl | 1 +
drivers/pci/quirks.c | 85 +
include/crypto/aead.h | 172 +-
include/crypto/algapi.h | 3 +-
include/crypto/chacha20.h | 25 +
include/crypto/hash.h | 5 +
include/crypto/internal/aead.h | 72 +-
include/crypto/internal/geniv.h | 9 +
include/crypto/internal/skcipher.h | 15 +
include/crypto/poly1305.h | 41 +
include/crypto/skcipher.h | 391 ++-
include/dt-bindings/clock/imx6qdl-clock.h | 5 +-
include/linux/crypto.h | 54 +-
lib/mpi/mpicoder.c | 38 +-
net/xfrm/xfrm_algo.c | 14 +-
154 files changed, 15834 insertions(+), 7538 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-09-08 09:25:11

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.3

Hi Linus:

This push fixes a memory corruption bug in ghash-clmulni-intel
due to insufficient memory allocation.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Andrey Ryabinin (1):
crypto: ghash-clmulni: specify context size for ghash async algorithm

arch/x86/crypto/ghash-clmulni-intel_glue.c | 1 +
1 file changed, 1 insertion(+)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-09-16 10:30:26

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.3

Hi Linus:

This push fixes the following issues:

* The selftest overreads the IV test vector.
* Fix potential infinite loop in sunxi-ss driver.
* Fix powerpc build failure when VMX is set without VSX.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Andrey Ryabinin (1):
crypto: testmgr - don't copy from source IV too much

LABBE Corentin (1):
crypto: sunxi-ss - Fix a possible driver hang with ciphers

Michael Ellerman (1):
crypto: vmx - VMX crypto should depend on CONFIG_VSX

crypto/testmgr.c | 5 +++--
drivers/crypto/Kconfig | 2 +-
drivers/crypto/sunxi-ss/sun4i-ss-cipher.c | 2 +-
3 files changed, 5 insertions(+), 4 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-09-26 20:01:42

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.3

Hi Linus:

This push fixes the following issues:

* Check the return value of platform_get_irq as signed int in xgene.
* Skip adf_dev_restore on virtual functions in qat.
* Fix double-free with backlogged requests in marvell_cesa.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Andrzej Hajda (1):
hwrng: xgene - fix handling platform_get_irq

Conor McLoughlin (1):
crypto: qat - VF should never trigger SBR on PH

Thomas Petazzoni (1):
crypto: marvell - properly handle CRYPTO_TFM_REQ_MAY_BACKLOG-flagged requests

drivers/char/hw_random/xgene-rng.c | 7 ++++---
drivers/crypto/marvell/cesa.h | 27 +++++++++++++++++++++++++++
drivers/crypto/marvell/cipher.c | 7 +++----
drivers/crypto/marvell/hash.c | 8 +++-----
drivers/crypto/qat/qat_common/adf_aer.c | 3 +++
5 files changed, 40 insertions(+), 12 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-10-13 12:17:50

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.3

Hi Linus:

This push fixes the following issues:

* Fix AVX detection to prevent use of non-existent AESNI.
* Some SPARC ciphers did not set their IV size which may lead
to memory corruption.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git


Ben Hutchings (1):
crypto: camellia_aesni_avx - Fix CPU feature checks

Dave Kleikamp (1):
crypto: sparc - initialize blkcipher.ivsize

arch/sparc/crypto/aes_glue.c | 2 ++
arch/sparc/crypto/camellia_glue.c | 1 +
arch/sparc/crypto/des_glue.c | 2 ++
arch/x86/crypto/camellia_aesni_avx_glue.c | 5 +++++
4 files changed, 10 insertions(+)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-10-13 17:23:39

by Linus Torvalds

[permalink] [raw]
Subject: Re: Crypto Fixes for 4.3

On Tue, Oct 13, 2015 at 5:17 AM, Herbert Xu <[email protected]> wrote:
>
> This push fixes the following issues:
>
> * Fix AVX detection to prevent use of non-existent AESNI.
> * Some SPARC ciphers did not set their IV size which may lead
> to memory corruption.

Hmm. It looks like you also quietly added a ahash fix this morning.

I took it despite it not being described or in the diffstat. But
please send new pull requests when you update a branch you asked me to
pull.

Linus

2015-10-14 01:03:32

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Fixes for 4.3

On Tue, Oct 13, 2015 at 10:23:39AM -0700, Linus Torvalds wrote:
>
> Hmm. It looks like you also quietly added a ahash fix this morning.
>
> I took it despite it not being described or in the diffstat. But
> please send new pull requests when you update a branch you asked me to
> pull.

Oops, I should've waited for you to pull the previous one before
pushing this one out.

Anyway, this one is meant to fix a potential crash that can be
triggered by user-space but only if you have the relevant hardware,
in particular, Marvell CESA on ARM.

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-10-14 02:00:21

by Linus Torvalds

[permalink] [raw]
Subject: Re: Crypto Fixes for 4.3

On Tue, Oct 13, 2015 at 6:03 PM, Herbert Xu <[email protected]> wrote:
>
> Oops, I should've waited for you to pull the previous one before
> pushing this one out.

You might try to start using signed tags for your pull requests. That
lessens this kind of issue, because now only will you write the tag
message and then your signing key pass phrase etc, the tag would
specify one very particular commit at the time of the tagging rather
than just have it be the default branch of your public repository.

Linus

2015-10-14 02:38:18

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Fixes for 4.3

On Tue, Oct 13, 2015 at 07:00:20PM -0700, Linus Torvalds wrote:
>
> You might try to start using signed tags for your pull requests. That
> lessens this kind of issue, because now only will you write the tag
> message and then your signing key pass phrase etc, the tag would
> specify one very particular commit at the time of the tagging rather
> than just have it be the default branch of your public repository.

Right. I'll start using branches for the next push.

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-10-26 11:03:17

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.3

Hi Linus:

This push fixes a problem in the Crypto API that may cause spurious
errors when signals are received by the process that made the orignal
system call into the kernel.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Herbert Xu (1):
crypto: api - Only abort operations on fatal signal

crypto/ablkcipher.c | 2 +-
crypto/algapi.c | 2 +-
crypto/api.c | 6 +++---
crypto/crypto_user.c | 2 +-
4 files changed, 6 insertions(+), 6 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-11-02 08:04:38

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 4.4

Hi Linus:

Here is the crypto update for 4.4:

API:

* Add support for cipher output IVs in testmgr.
* Add missing crypto_ahash_blocksize helper.
* Mark authenc and des ciphers as not allowed under FIPS.

Algorithms:

* Add CRC support to 842 compression.
* Add keywrap algorithm.
* A number of changes to the akcipher interface:
+ Separate functions for setting public/private keys.
+ Use SG lists.

Drivers:

* Add Intel SHA Extension optimised SHA1 and SHA256.
* Use dma_map_sg instead of custom functions in crypto drivers.
* Add support for STM32 RNG.
* Add support for ST RNG.
* Add Device Tree support to exynos RNG driver.
* Add support for mxs-dcp crypto device on MX6SL.
* Add xts(aes) support to caam.
* Add ctr(aes) and xts(aes) support to qat.
* A large set of fixes from Russell King for the marvell/cesa driver.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Alexander Kuleshov (1):
crypto: jitterentropy - remove unnecessary information from a comment

Arnd Bergmann (1):
crypto: mxs-dcp - mxs-dcp is an stmp device

Boris BREZILLON (1):
crypto: testmgr - test IV value after a cipher operation

Boris Brezillon (1):
crypto: marvell/cesa - fix memory leak

Catalin Vasile (1):
crypto: caam - add support for acipher xts(aes)

Daniel Thompson (5):
dt-bindings: Document the STM32 HW RNG bindings
hwrng: stm32 - add support for STM32 HW RNG
ARM: dts: stm32f429: Adopt STM32 RNG driver
hwrng: stm32 - Fix build with CONFIG_PM
hwrng: exynos - Fix unbalanced PM runtime get/puts

David Howells (1):
crypto: akcipher - Don't #include crypto/public_key.h as the contents aren't used

Fabio Estevam (6):
crypto: mxs-dcp - Allow MXS_DCP to be used on MX6SL
hwrng: mxc-rnga - Remove unneeded goto label
hwrng: mxc-rnga - Remove uneeded initialization
hwrng: mxc-rnga - Remove unnecessary dev_info message
hwrng: mxc-rnga - Use the preferred format for kzalloc
crypto: caam - Remove unused JUMP_TYPE_MASK definition

Geliang Tang (1):
crypto: skcipher - blkcipher and ablkcipher should it be static

Haren Myneni (1):
crypto: 842 - Add CRC and validation support

Herbert Xu (1):
crypto: ahash - Add crypto_ahash_blocksize

Horia Geant? (1):
crypto: tcrypt - avoid mapping from module image addresses

John Griffin (1):
crypto: qat - don't check for iommu

John Haxby (1):
crypto: testmgr - Disable fips-allowed for authenc() and des() ciphers

Krzysztof Kozlowski (4):
dt-bindings: rng: Describe Exynos4 PRNG bindings
hwrng: exynos - Add timeout for waiting on init done
hwrng: exynos - Fix missing configuration after suspend to RAM
hwrng: exynos - Add Device Tree support

LABBE Corentin (14):
crypto: bfin_crc - replace sg_count by sg_nents
crypto: amcc - replace get_sg_count by sg_nents_for_len
crypto: sahara - replace sahara_sg_length with sg_nents_for_len
crypto: talitos - dma_map_sg can handle chained SG
crypto: caam - dma_map_sg can handle chained SG
crypto: sahara - dma_map_sg can handle chained SG
crypto: qce - dma_map_sg can handle chained SG
crypto: atmel - Check for clk_prepare_enable() return value
crypto: atmel - use devm_xxx() managed function
crypto: ux500 - Use devm_xxx() managed function
crypto: s390/sha - replace raw value by their coresponding define
crypto: sahara - set array of const as const
crypto: n2 - set array of const as const
lib/mpi: clean unused SHA1_DIGEST_LENGTH

Lee Jones (10):
hwrng: doc - Fix device node name reference /dev/hw_random => /dev/hwrng
hwrng: Kconfig - Fix device node name reference /dev/hw_random => /dev/hwrng
hwrng: core - Simplify RNG switching from sysfs
hwrng: st - Provide DT bindings for ST's Random Number Generator
hwrng: st - Add support for ST's HW Random Number Generator
ARM: STi: STiH407: Enable the 2 HW Random Number Generators for STiH4{07, 10}
MAINTAINERS: Add ST's Random Number Generator to the ST entry
hwrng: st: dt: Fix trivial typo in node address
hwrng: st - Use real-world device timings for timeout
hwrng: st - Improve FIFO size/depth description

Luis de Bethencourt (4):
crypto: amcc - Fix module autoload for OF platform driver
crypto: picoxcell - Fix module autoload for OF platform driver
crypto: ux500 - Fix module autoload for OF platform drivers
hwrng: Fix module autoload for OF platform drivers

Nicolas Iooss (1):
crypto: crc32c-pclmul - use .rodata instead of .rotata

Russell King (32):
crypto: marvell/cesa - fix stack smashing in marvell/hash.c
crypto: marvell/cesa - initialise struct mv_cesa_ahash_req
crypto: marvell/cesa - fix wrong hash results
crypto: marvell/cesa - factor out common import/export functions
crypto: marvell/cesa - easier way to get the transform
crypto: marvell/cesa - keep creq->state in CPU endian format at all times
crypto: marvell/cesa - add flag to determine algorithm endianness
crypto: marvell/cesa - fix the bit length endianness
crypto: marvell/cesa - ensure template operation is initialised
crypto: marvell/cesa - const-ify argument to mv_cesa_get_op_cfg()
crypto: marvell/cesa - factor out first fragment decisions to helper
crypto: marvell/cesa - factor out adding an operation and launching it
crypto: marvell/cesa - always ensure mid-fragments after first-fragment
crypto: marvell/cesa - move mv_cesa_dma_add_frag() calls
crypto: marvell/cesa - use presence of scatterlist to determine data load
crypto: marvell/cesa - ensure iter.base.op_len is the full op length
crypto: marvell/cesa - avoid adding final operation within loop
crypto: marvell/cesa - rearrange last request handling
crypto: marvell/cesa - rearrange handling for hw finished hashes
crypto: marvell/cesa - rearrange handling for sw padded hashes
crypto: marvell/cesa - fix first-fragment handling in mv_cesa_ahash_dma_last_req()
crypto: caam - print errno code when hash registration fails
crypto: caam - avoid needlessly saving and restoring caam_hash_ctx
crypto: caam - fix non-block aligned hash calculation
crypto: caam - only export the state we really need to export
crypto: caam - fix indentation of close braces
crypto: marvell/cesa - use readl_relaxed()/writel_relaxed()
crypto: marvell/cesa - use dma_addr_t for cur_dma
crypto: marvell/cesa - use gfp_t for gfp flags
crypto: marvell/cesa - use memcpy_fromio()/memcpy_toio()
crypto: marvell/cesa - fix missing cpu_to_le32() in mv_cesa_dma_add_op()
crypto: marvell/cesa - use __le32 for hardware descriptors

Sowmini Varadhan (2):
crypto: pkcs7 - Fix unaligned access in pkcs7_verify()
crypto: asymmetric_keys - Fix unaligned access in x509_get_sig_params()

Stephan Mueller (4):
crypto: keywrap - add key wrapping block chaining mode
crypto: keywrap - enable compilation
crypto: keywrap - add testmgr support
lib/mpi: fix off by one in mpi_read_raw_from_sgl

Tadeusz Struk (7):
crypto: qat - Add load balancing across devices
crypto: qat - remove empty functions and turn qat_uregister fn to void
crypto: qat - add support for ctr(aes) and xts(aes)
crypto: qat - remove unneeded variable
lib/mpi: Add mpi sgl helpers
crypto: akcipher - Changes to asymmetric key API
crypto: qat - fix crypto_get_instance_node function

Thomas Petazzoni (1):
MAINTAINERS: add maintainers for the Marvell Crypto driver

Tom Lendacky (4):
crypto: ccp - Replace BUG_ON with WARN_ON and a return code
crypto: ccp - Remove use ACPI field
crypto: ccp - Change references to accelerator to offload
crypto: ccp - Use module name in driver structures

Vaishali Thakkar (1):
hwrng: octeon - Use devm_hwrng_register

sudip (1):
crypto: asymmetric_keys - remove always false comparison

tim (7):
crypto: x86/sha - Intel SHA Extensions optimized SHA1 transform function
crypto: x86/sha - Intel SHA Extensions optimized SHA256 transform function
crypto: x86/sha - glue code for Intel SHA extensions optimized SHA1 & SHA256
crypto: x86/sha - Add build support for Intel SHA Extensions optimized SHA1 and SHA256
crypto: x86/sha - Restructure x86 sha1 glue code to expose all the available sha1 transforms
crypto: x86/sha - Restructure x86 sha256 glue code to expose all the available sha256 transforms
crypto: x86/sha - Restructure x86 sha512 glue code to expose all the available sha512 transforms

.../bindings/rng/samsung,exynos-rng4.txt | 17 +
Documentation/devicetree/bindings/rng/st,rng.txt | 15 +
.../devicetree/bindings/rng/st,stm32-rng.txt | 21 +
Documentation/hw_random.txt | 8 +-
MAINTAINERS | 8 +
arch/arm/boot/dts/stih407-family.dtsi | 14 +
arch/arm/boot/dts/stm32f429.dtsi | 7 +
arch/s390/crypto/sha.h | 2 +-
arch/x86/Makefile | 6 +-
arch/x86/crypto/Makefile | 8 +
arch/x86/crypto/crc32c-pcl-intel-asm_64.S | 2 +-
arch/x86/crypto/sha1_ni_asm.S | 302 +++++++++++++
arch/x86/crypto/sha1_ssse3_glue.c | 314 ++++++++++---
arch/x86/crypto/sha256_ni_asm.S | 353 +++++++++++++++
arch/x86/crypto/sha256_ssse3_glue.c | 329 ++++++++++++--
arch/x86/crypto/sha512_ssse3_glue.c | 249 +++++++++--
crypto/Kconfig | 17 +-
crypto/Makefile | 10 +-
crypto/akcipher.c | 1 -
crypto/asymmetric_keys/pkcs7_verify.c | 5 +-
crypto/asymmetric_keys/x509_cert_parser.c | 6 +-
crypto/asymmetric_keys/x509_public_key.c | 5 +-
crypto/jitterentropy-kcapi.c | 4 -
crypto/keywrap.c | 419 +++++++++++++++++
crypto/rsa.c | 83 ++--
crypto/rsa_helper.c | 42 +-
crypto/rsakey.asn1 | 5 -
crypto/rsaprivkey.asn1 | 11 +
crypto/rsapubkey.asn1 | 4 +
crypto/skcipher.c | 4 +-
crypto/tcrypt.c | 17 +-
crypto/testmgr.c | 83 ++--
crypto/testmgr.h | 77 +++-
drivers/char/hw_random/Kconfig | 24 +-
drivers/char/hw_random/Makefile | 2 +
drivers/char/hw_random/core.c | 2 +-
drivers/char/hw_random/exynos-rng.c | 58 ++-
drivers/char/hw_random/mxc-rnga.c | 14 +-
drivers/char/hw_random/octeon-rng.c | 12 +-
drivers/char/hw_random/pasemi-rng.c | 1 +
drivers/char/hw_random/ppc4xx-rng.c | 1 +
drivers/char/hw_random/st-rng.c | 151 +++++++
drivers/char/hw_random/stm32-rng.c | 202 +++++++++
drivers/crypto/Kconfig | 5 +-
drivers/crypto/amcc/crypto4xx_core.c | 23 +-
drivers/crypto/atmel-aes.c | 44 +-
drivers/crypto/atmel-sha.c | 33 +-
drivers/crypto/atmel-tdes.c | 35 +-
drivers/crypto/bfin_crc.c | 25 +-
drivers/crypto/caam/caamalg.c | 232 +++++++---
drivers/crypto/caam/caamhash.c | 131 +++---
drivers/crypto/caam/desc.h | 1 -
drivers/crypto/caam/sg_sw_sec4.h | 72 +--
drivers/crypto/ccp/Kconfig | 13 +-
drivers/crypto/ccp/ccp-crypto-aes-cmac.c | 20 +-
drivers/crypto/ccp/ccp-crypto-main.c | 6 +-
drivers/crypto/ccp/ccp-crypto-sha.c | 13 +
drivers/crypto/ccp/ccp-ops.c | 108 +++--
drivers/crypto/ccp/ccp-pci.c | 2 +-
drivers/crypto/ccp/ccp-platform.c | 6 +-
drivers/crypto/marvell/cesa.h | 55 ++-
drivers/crypto/marvell/cipher.c | 13 +-
drivers/crypto/marvell/hash.c | 471 ++++++++++----------
drivers/crypto/marvell/tdma.c | 42 +-
drivers/crypto/n2_core.c | 2 +-
drivers/crypto/nx/nx-842-powernv.c | 4 +-
drivers/crypto/nx/nx-842-pseries.c | 8 +-
drivers/crypto/picoxcell_crypto.c | 1 +
drivers/crypto/qat/qat_common/Makefile | 12 +-
drivers/crypto/qat/qat_common/adf_common_drv.h | 4 +-
drivers/crypto/qat/qat_common/adf_ctl_drv.c | 6 -
drivers/crypto/qat/qat_common/adf_init.c | 8 +-
drivers/crypto/qat/qat_common/adf_sriov.c | 7 +-
drivers/crypto/qat/qat_common/qat_algs.c | 178 +++++---
drivers/crypto/qat/qat_common/qat_asym_algs.c | 213 ++++++---
drivers/crypto/qat/qat_common/qat_crypto.c | 79 ++--
drivers/crypto/qat/qat_common/qat_hal.c | 5 +-
drivers/crypto/qat/qat_common/qat_rsakey.asn1 | 5 -
drivers/crypto/qat/qat_common/qat_rsaprivkey.asn1 | 11 +
drivers/crypto/qat/qat_common/qat_rsapubkey.asn1 | 4 +
drivers/crypto/qce/ablkcipher.c | 30 +-
drivers/crypto/qce/cipher.h | 4 -
drivers/crypto/qce/dma.c | 52 ---
drivers/crypto/qce/dma.h | 5 -
drivers/crypto/qce/sha.c | 18 +-
drivers/crypto/qce/sha.h | 2 -
drivers/crypto/sahara.c | 108 +----
drivers/crypto/talitos.c | 104 +----
drivers/crypto/ux500/cryp/cryp_core.c | 71 +--
drivers/crypto/ux500/hash/hash_core.c | 50 +--
include/crypto/akcipher.h | 90 +++-
include/crypto/hash.h | 14 +
include/crypto/internal/rsa.h | 7 +-
include/linux/mpi.h | 10 +-
lib/842/842.h | 2 +
lib/842/842_compress.c | 13 +
lib/842/842_decompress.c | 17 +
lib/mpi/mpicoder.c | 199 +++++++++
98 files changed, 4070 insertions(+), 1538 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-11-11 07:08:28

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.4

Hi Linus:

This push fixes a bug in the algif_hash interface that may lead
to crashes when used with certain algorithms such as HMAC.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Herbert Xu (1):
crypto: algif_hash - Only export and import on sockets with data

crypto/algif_hash.c | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-11-17 09:41:21

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.4

Hi Linus:

This push fixes a bug in the qat driver where a user-space pointer
is dereferenced.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Tadeusz Struk (1):
crypto: qat - don't use userspace pointer

drivers/crypto/qat/qat_common/adf_ctl_drv.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-12-05 01:04:25

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.4

Hi Linus:

This push fixes a couple of crypto drivers that were using memcmp
to verify authentication tags. They now use crypto_memneq instead.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


David Gstir (2):
crypto: nx - Fix timing leak in GCM and CCM decryption
crypto: talitos - Fix timing leak in ESP ICV verification

drivers/crypto/nx/nx-aes-ccm.c | 2 +-
drivers/crypto/nx/nx-aes-gcm.c | 3 ++-
drivers/crypto/talitos.c | 2 +-
3 files changed, 4 insertions(+), 3 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-12-14 09:30:07

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.4

Hi Linus:

This push fixes a boundary condition in the blkcipher SG walking
code that can lead to a crash when used with the new chacha20
algorithm.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Jason A. Donenfeld (1):
crypto: skcipher - Copy iv from desc even for 0-len walks

crypto/ablkcipher.c | 2 +-
crypto/blkcipher.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2015-12-28 13:26:25

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.4

Hi Linus:

This push fixes a bug in the algif_skcipher interface that can
trigger a kernel WARN_ON from user-space. It does so by using
the new skcipher interface which unlike the previous ablkcipher
does not need to create extra geniv objects which is what was
used to trigger the WARN_ON.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Herbert Xu (1):
crypto: algif_skcipher - Use new skcipher interface

crypto/algif_skcipher.c | 61 +++++++++++++++++++++++------------------------
1 file changed, 30 insertions(+), 31 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-01-11 10:15:05

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 4.5

Hi Linus:

Here is the crypto update for 4.5:

Algorithms:

* Add RSA padding algorithm.

Drivers:

* Add GCM mode support to atmel.
* Add atmel support for SAMA5D2 devices.
* Add cipher modes to talitos.
* Add rockchip driver for rk3288.
* Add qat support for C3XXX and C62X.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Aaro Koskinen (1):
hwrng: omap3-rom - convert timer to delayed work

Ahsan Atta (1):
crypto: qat - Rename dh895xcc mmp firmware

Alexander Kuleshov (1):
crypto: cryptod - use crypto_skcipher_type() for getting skcipher type

Andrzej Zaborowski (5):
lib/mpi: only require buffers as big as needed for the integer
crypto: rsa - only require output buffers as big as needed.
crypto: akcipher - add akcipher declarations needed by templates.
crypto: rsa - RSA padding algorithm
crypto: rsa-pkcs1pad - don't allocate buffer on stack

Arnd Bergmann (4):
crypto: atmel - fix 64-bit warnings
crypto: atmel: fix bogus select
crypto: sahara - fix 64-bit dma_addr_t compilation
crypto: sahara - fix debug output for 64-bit dma_addr_t

Cyrille Pitchen (24):
crypto: tcrypt - fix keysize argument of test_aead_speed for gcm(aes)
crypto: atmel-aes - constify value argument of atmel_aes_write_n()
crypto: atmel-aes - change algorithm priorities
crypto: atmel-aes - fix unregistration order of crypto algorithms
crypto: atmel-aes - remove unused header includes
crypto: atmel-aes - propagate error from atmel_aes_hw_version_init()
crypto: atmel-aes - change atmel_aes_write_ctrl() signature
crypto: atmel-aes - make crypto request queue management more generic
crypto: atmel-aes - remove useless write in the Control Register
crypto: atmel-aes - simplify the configuration of the AES IP
crypto: atmel-aes - rework crypto request completion
crypto: atmel-aes - remove unused 'err' member of struct atmel_aes_dev
crypto: atmel-aes - reduce latency of DMA completion
crypto: atmel-aes - remove useless AES_FLAGS_DMA flag
crypto: atmel-aes - fix atmel_aes_remove()
crypto: atmel-aes - improve performances of data transfer
crypto: atmel-aes - use SIZE_IN_WORDS() helper macro
crypto: atmel-aes - fix typo and indentation
crypto: atmel-aes - create sections to regroup functions by usage
crypto: atmel-aes - fix atmel-ctr-aes driver for RFC 3686
crypto: atmel-aes - fix the counter overflow in CTR mode
crypto: atmel-aes - change the DMA threshold
crypto: atmel-aes - add support to GCM mode
crypto: atmel-aes - add debug facilities to monitor register accesses.

Dan Streetman (1):
crypto: 842 - remove WARN inside printk

Fabio Estevam (1):
crypto: caam - pass the correct buffer length

Geliang Tang (6):
crypto: api - use list_first_entry_or_null and list_next_entry
crypto: mcryptd - use list_first_entry_or_null()
crypto: padlock-aes - use offset_in_page macro
crypto: qat - use list_for_each_entry*
crypto: ccp - use to_pci_dev and to_platform_device
crypto: hifn_795x, picoxcell - use ablkcipher_request_cast

Haren Myneni (1):
crypto: nx-842 - Mask XERS0 bit in return value

Harvijay Saini (1):
crypto: qat - ring returning retry even though ring has BW

Heiko Stuebner (1):
crypto: rockchip - fix possible deadlock

Jason A. Donenfeld (1):
crypto: chacha20poly1305 - Skip encryption/decryption for 0-len

Jim Davis (1):
crypto: qat - fix typo in clean-files

Jiri Slaby (1):
hwrng: core - sleep interruptible in read

Julia Lawall (2):
crypto: qat - constify pci_error_handlers structures
crypto: drbg - constify drbg_state_ops structures

LABBE Corentin (19):
crypto: hifn_795x - remove the hifn_test function
crypto: hifn_795x - use dev_xx/pr_xx instead of printk
crypto: hifn_795x - fix coding style
crypto: algif - Change some variable to size_t
crypto: marvell - check return value of sg_nents_for_len
crypto: talitos - check return value of sg_nents_for_len
crypto: sahara - check return value of sg_nents_for_len
crypto: qce - check return value of sg_nents_for_len
crypto: picoxcell - check return value of sg_nents_for_len
crypto: caam - check return value of sg_nents_for_len
crypto: amcc - check return value of sg_nents_for_len
crypto: sun4i-ss - add missing statesize
crypto: sahara - set nb_[in|out]_sg as signed int
crypto: picoxcell - set [src|dst]_nents and nents as signed int
crypto: akcipher - fix typos in include/crypto/akcipher.h
crypto: hash - add zero length message hash for shax and md5
crypto: n2 - Use precalculated hash from headers
crypto: ccp - Use precalculated hash from headers
crypto: ux500 - Use precalculated hash from headers

LEROY Christophe (1):
crypto: talitos - add new crypto modes

Leilei Zhao (1):
crypto: atmel-aes - add new version

Leonidas Da Silva Barbosa (1):
crypto: vmx - IV size failing on skcipher API

Markus Elfring (1):
crypto: ixp4xx - Delete unnecessary checks before the function call "dma_pool_destroy"

Paul Gortmaker (1):
crypto: asymmetric_keys - signature.c does not need <module.h>

Pingchao Yang (3):
crypto: qat - add support for new devices to FW loader
crypto: qat - fix CTX_ENABLES bits shift direction issue
crypto: qat - fix some timeout tests

Rahul Pathak (2):
crypto: atmel-sha - Removed unused variable "err"
crypto: omap - Removed unused variable "err"

Randy Dunlap (1):
crypto: aead - fix kernel-doc warnings in crypto/aead.h

Salvatore Benedetto (1):
crypto: qat - remove superfluous check from adf_probe

Sam Protsenko (1):
crypto: omap-des - Fix "schedule while atomic" bug

Tadeusz Struk (12):
crypto: qat - when stopping all devices make fure VF are stopped first
crypto: qat - fix get instance function
crypto: qat - add new device definitions
crypto: qat - move isr files to qat common so that they can be reused
crypto: qat - add support for c3xxx accel type
crypto: qat - add support for c62x accel type
crypto: qat - add support for c3xxxvf accel type
crypto: qat - add support for c62xvf accel type
crypto: qat - select PCI_IOV when VF are enabled
crypto: qat - uint8_t is not large enough for accel_id
crypto: qat - Fix random config build issue
crypto: qat - fix SKU definiftion for c3xxx dev

Thierry Reding (1):
crypto: n2 - Use platform_register/unregister_drivers()

Wang, Rui Y (2):
crypto: ghash-clmulni - Fix load failure
crypto: cryptd - Assign statesize properly

Zain Wang (2):
crypto: rockchip - add DT bindings documentation
crypto: rockchip - add crypto driver for rk3288

Zeng Xin (1):
crypto: qat - enable VF irq after guest exits ungracefully

saurabh (1):
crypto: nx - use of_property_read_u32()

.../devicetree/bindings/crypto/rockchip-crypto.txt | 29 +
arch/powerpc/include/asm/icswx.h | 1 +
arch/x86/crypto/ghash-clmulni-intel_glue.c | 26 +
crypto/Makefile | 1 +
crypto/akcipher.c | 34 +-
crypto/algapi.c | 9 +-
crypto/algif_aead.c | 6 +-
crypto/algif_skcipher.c | 10 +-
crypto/asymmetric_keys/signature.c | 2 +-
crypto/chacha20poly1305.c | 8 +
crypto/cryptd.c | 4 +-
crypto/drbg.c | 6 +-
crypto/mcryptd.c | 8 +-
crypto/md5.c | 6 +
crypto/rsa-pkcs1pad.c | 628 +++++++
crypto/rsa.c | 40 +-
crypto/sha1_generic.c | 7 +
crypto/sha256_generic.c | 16 +
crypto/tcrypt.c | 2 +-
drivers/char/hw_random/core.c | 6 +-
drivers/char/hw_random/omap3-rom-rng.c | 13 +-
drivers/crypto/Kconfig | 18 +-
drivers/crypto/Makefile | 1 +
drivers/crypto/amcc/crypto4xx_core.c | 4 +
drivers/crypto/atmel-aes-regs.h | 10 +
drivers/crypto/atmel-aes.c | 1843 ++++++++++++++------
drivers/crypto/atmel-sha.c | 3 +-
drivers/crypto/caam/caamhash.c | 26 +-
drivers/crypto/ccp/Kconfig | 2 +
drivers/crypto/ccp/ccp-ops.c | 39 +-
drivers/crypto/ccp/ccp-pci.c | 8 +-
drivers/crypto/ccp/ccp-platform.c | 6 +-
drivers/crypto/hifn_795x.c | 512 +++---
drivers/crypto/ixp4xx_crypto.c | 6 +-
drivers/crypto/marvell/cipher.c | 8 +
drivers/crypto/marvell/hash.c | 4 +
drivers/crypto/n2_core.c | 50 +-
drivers/crypto/nx/nx-842-powernv.c | 23 +-
drivers/crypto/omap-aes.c | 4 +-
drivers/crypto/omap-des.c | 5 +-
drivers/crypto/padlock-aes.c | 4 +-
drivers/crypto/picoxcell_crypto.c | 56 +-
drivers/crypto/qat/Kconfig | 46 +
drivers/crypto/qat/Makefile | 4 +
drivers/crypto/qat/qat_c3xxx/Makefile | 3 +
drivers/crypto/qat/qat_c3xxx/adf_c3xxx_hw_data.c | 238 +++
drivers/crypto/qat/qat_c3xxx/adf_c3xxx_hw_data.h | 83 +
drivers/crypto/qat/qat_c3xxx/adf_drv.c | 335 ++++
drivers/crypto/qat/qat_c3xxxvf/Makefile | 3 +
.../crypto/qat/qat_c3xxxvf/adf_c3xxxvf_hw_data.c | 173 ++
.../adf_c3xxxvf_hw_data.h} | 31 +-
drivers/crypto/qat/qat_c3xxxvf/adf_drv.c | 305 ++++
drivers/crypto/qat/qat_c62x/Makefile | 3 +
drivers/crypto/qat/qat_c62x/adf_c62x_hw_data.c | 248 +++
drivers/crypto/qat/qat_c62x/adf_c62x_hw_data.h | 84 +
drivers/crypto/qat/qat_c62x/adf_drv.c | 335 ++++
drivers/crypto/qat/qat_c62xvf/Makefile | 3 +
drivers/crypto/qat/qat_c62xvf/adf_c62xvf_hw_data.c | 173 ++
.../adf_drv.h => qat_c62xvf/adf_c62xvf_hw_data.h} | 32 +-
drivers/crypto/qat/qat_c62xvf/adf_drv.c | 305 ++++
drivers/crypto/qat/qat_common/Makefile | 4 +-
drivers/crypto/qat/qat_common/adf_accel_devices.h | 16 +-
drivers/crypto/qat/qat_common/adf_accel_engine.c | 9 +-
drivers/crypto/qat/qat_common/adf_admin.c | 4 +-
drivers/crypto/qat/qat_common/adf_aer.c | 4 +-
drivers/crypto/qat/qat_common/adf_cfg_common.h | 8 +-
drivers/crypto/qat/qat_common/adf_common_drv.h | 31 +-
drivers/crypto/qat/qat_common/adf_ctl_drv.c | 21 +-
drivers/crypto/qat/qat_common/adf_dev_mgr.c | 36 +-
drivers/crypto/qat/qat_common/adf_hw_arbiter.c | 8 +-
drivers/crypto/qat/qat_common/adf_init.c | 21 +-
.../qat/{qat_dh895xcc => qat_common}/adf_isr.c | 44 +-
drivers/crypto/qat/qat_common/adf_pf2vf_msg.c | 23 -
drivers/crypto/qat/qat_common/adf_transport.c | 28 +-
.../qat/qat_common/adf_transport_access_macros.h | 5 +
.../crypto/qat/qat_common/adf_transport_internal.h | 2 +-
.../adf_isr.c => qat_common/adf_vf_isr.c} | 64 +-
.../qat/qat_common/icp_qat_fw_loader_handle.h | 10 +
drivers/crypto/qat/qat_common/icp_qat_hal.h | 37 +-
drivers/crypto/qat/qat_common/icp_qat_uclo.h | 165 +-
drivers/crypto/qat/qat_common/qat_crypto.c | 136 +-
drivers/crypto/qat/qat_common/qat_hal.c | 124 +-
drivers/crypto/qat/qat_common/qat_uclo.c | 555 +++++-
drivers/crypto/qat/qat_dh895xcc/Makefile | 4 +-
.../crypto/qat/qat_dh895xcc/adf_dh895xcc_hw_data.c | 5 +-
.../crypto/qat/qat_dh895xcc/adf_dh895xcc_hw_data.h | 9 +-
drivers/crypto/qat/qat_dh895xcc/adf_drv.c | 103 +-
drivers/crypto/qat/qat_dh895xccvf/Makefile | 4 +-
.../qat/qat_dh895xccvf/adf_dh895xccvf_hw_data.c | 5 +-
.../qat/qat_dh895xccvf/adf_dh895xccvf_hw_data.h | 10 +-
drivers/crypto/qat/qat_dh895xccvf/adf_drv.c | 96 +-
drivers/crypto/qce/ablkcipher.c | 8 +
drivers/crypto/qce/sha.c | 5 +
drivers/crypto/rockchip/Makefile | 3 +
drivers/crypto/rockchip/rk3288_crypto.c | 394 +++++
drivers/crypto/rockchip/rk3288_crypto.h | 216 +++
drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c | 505 ++++++
drivers/crypto/sahara.c | 42 +-
drivers/crypto/sunxi-ss/sun4i-ss-core.c | 2 +
drivers/crypto/talitos.c | 124 +-
drivers/crypto/talitos.h | 1 +
drivers/crypto/ux500/Kconfig | 2 +
drivers/crypto/ux500/hash/hash_core.c | 20 +-
drivers/crypto/vmx/aes_cbc.c | 2 +-
drivers/crypto/vmx/aes_ctr.c | 2 +-
include/crypto/aead.h | 1 +
include/crypto/akcipher.h | 10 +-
include/crypto/internal/akcipher.h | 78 +
include/crypto/internal/rsa.h | 2 +
include/crypto/md5.h | 2 +
include/crypto/sha.h | 6 +
lib/842/842_decompress.c | 14 +-
lib/mpi/mpicoder.c | 21 +-
113 files changed, 7344 insertions(+), 1605 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-01-22 10:18:41

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.5

Hi Linus:

This push fixes the following issues:

API:

* A large number of bug fixes for the af_alg interface, credit
goes to Dmitry Vyukov for discovering and reporting these issues.

Algorithms:

* sw842 needs to select crc32.
* The soft dependency on crc32c is now in the correct spot.

Drivers:

* The atmel AES driver needs HAS_DMA.
* The atmel AES driver was a missing break statement, fortunately
it's only a debug function.
* A number of bug fixes for the Intel qat driver.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Arnd Bergmann (1):
lib: sw842: select crc32

Geert Uytterhoeven (1):
crypto: CRYPTO_DEV_ATMEL_AES should depend on HAS_DMA

Herbert Xu (18):
crypto: algif_skcipher - Require setkey before accept(2)
crypto: af_alg - Disallow bind/setkey/... after accept(2)
crypto: af_alg - Fix socket double-free when accept fails
crypto: af_alg - Add nokey compatibility path
crypto: algif_skcipher - Add nokey compatibility path
crypto: hash - Add crypto_ahash_has_setkey
crypto: algif_hash - Require setkey before accept(2)
crypto: skcipher - Add crypto_skcipher_has_setkey
crypto: algif_skcipher - Add key check exception for cipher_null
crypto: af_alg - Allow af_af_alg_release_parent to be called on nokey path
crypto: algif_hash - Remove custom release parent function
crypto: algif_skcipher - Remove custom release parent function
crypto: af_alg - Forbid bind(2) when nokey child sockets are present
crypto: algif_hash - Fix race condition in hash_check_key
crypto: algif_skcipher - Fix race condition in skcipher_check_key
crypto: atmel-aes - Add missing break to atmel_aes_reg_name
crypto: algif_skcipher - Load TX SG list after waiting
crypto: algif_skcipher - sendmsg SG marking is off by one

Jean Delvare (1):
crypto: crc32c - Fix crc32c soft dependency

Pingchao Yang (2):
crypto: qat - remove to call get_sram_bar_id for qat_c3xxx
crypto: qat - fix timeout issues

Tadeusz Struk (1):
crypto: qat - update init_esram for C3xxx dev type

crypto/af_alg.c | 55 ++++++++--
crypto/ahash.c | 5 +-
crypto/algif_hash.c | 165 +++++++++++++++++++++++++++--
crypto/algif_skcipher.c | 172 ++++++++++++++++++++++++++++---
crypto/crc32c_generic.c | 1 -
crypto/shash.c | 4 +-
crypto/skcipher.c | 2 +
drivers/crypto/Kconfig | 1 +
drivers/crypto/atmel-aes.c | 1 +
drivers/crypto/qat/qat_common/qat_hal.c | 23 +++--
include/crypto/hash.h | 6 ++
include/crypto/if_alg.h | 11 +-
include/crypto/skcipher.h | 7 ++
lib/Kconfig | 2 +
lib/libcrc32c.c | 1 +
15 files changed, 411 insertions(+), 45 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-02-01 08:32:08

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.5

Hi Linus:

This push fixes the following issues:

API:

* algif_hash needs to wait for init operations to complete.
* The has_key setting for shash was always true.

Algorithms:

* Add missing selections of CRYPTO_HASH.
* Fix pkcs7 authentication.

Drivers:

* Fix stack alignment bug in chacha20-ssse3.
* Fix performance regression in caam due to incorrect setting.
* Fix potential compile-only build failure of stm32.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Arnd Bergmann (1):
crypto: ghash,poly1305 - select CRYPTO_HASH where needed

Cyrille Pitchen (1):
crypto: atmel-aes - remove calls of clk_prepare() from atomic contexts

Eli Cooper (1):
crypto: chacha20-ssse3 - Align stack pointer to 64 bytes

Herbert Xu (1):
crypto: shash - Fix has_key setting

Horia Geant? (1):
crypto: caam - make write transactions bufferable on PPC platforms

Peter Jones (1):
PKCS#7: Don't require SpcSpOpusInfo in Authenticode pkcs7 signatures

Richard Weinberger (1):
hwrng: stm32 - Fix dependencies for !HAS_IOMEM archs

Wang, Rui Y (1):
crypto: algif_hash - wait for crypto_ahash_init() to complete

arch/x86/crypto/chacha20-ssse3-x86_64.S | 6 ++++--
crypto/Kconfig | 2 ++
crypto/algif_hash.c | 4 +++-
crypto/asymmetric_keys/pkcs7_parser.c | 4 +---
crypto/shash.c | 7 +++----
drivers/char/hw_random/Kconfig | 1 +
drivers/crypto/atmel-aes.c | 16 ++++++++++++----
drivers/crypto/caam/ctrl.c | 4 ++--
8 files changed, 28 insertions(+), 16 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-02-09 17:54:11

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.5

Hi Linus:

This push fixes the following issues:

API:

* Fix async algif_skcipher, it was broken by recent fixes.
* Fix potential race condition in algif_skcipher with ctx.
* Fix potential memory corruption in algif_skcipher.
* Add missing lock to crypto_user when doing an alg dump.

Drivers:

* marvell/cesa was testing the wrong variable for NULL after
allocation.
* Fix potential double-free in atmel-sha.
* Fix illegal call to sleepin function from atomic context in
atmel-sha.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Boris BREZILLON (1):
crypto: marvell/cesa - fix test in mv_cesa_dev_dma_init()

Cyrille Pitchen (2):
crypto: atmel-sha - fix atmel_sha_remove()
crypto: atmel-sha - remove calls of clk_prepare() from atomic contexts

Herbert Xu (3):
crypto: algif_skcipher - Do not assume that req is unchanged
crypto: algif_skcipher - Do not dereference ctx without socket lock
crypto: algif_skcipher - Do not set MAY_BACKLOG on the async path

Mathias Krause (1):
crypto: user - lock crypto_alg_list on alg dump

crypto/algif_skcipher.c | 80 +++++++++++++++++++++--------------------
crypto/crypto_user.c | 6 +++-
drivers/crypto/atmel-sha.c | 23 ++++++------
drivers/crypto/marvell/cesa.c | 2 +-
4 files changed, 60 insertions(+), 51 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-03-15 07:20:50

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 4.6

Hi Linus:

Here is the crypto update for 4.6:

API:

* Convert remaining crypto_hash users to shash or ahash,
also convert blkcipher/ablkcipher users to skcipher.
Please note taht this conflicts with the net, staging
and f2fs trees but the resolution should be fairly simple.
* Remove crypto_hash interface.
* Remove crypto_pcomp interface.
* Add crypto engine for async cipher drivers.
* Add akcipher documentation.
* Add skcipher documentation.

Algorithms:

* Rename crypto/crc32 to avoid name clash with lib/crc32.
* Fix bug in keywrap where we zero the wrong pointer.

Drivers:

* Support T5/M5, T7/M7 SPARC CPUs in n2 hwrng driver.
* Add PIC32 hwrng driver.
* Support BCM6368 in bcm63xx hwrng driver.
* Pack structs for 32-bit compat users in qat.
* Use crypto engine in omap-aes.
* Add support for sama5d2x SoCs in atmel-sha.
* Make atmel-sha available again.
* Make sahara hashing available again.
* Make ccp hashing available again.
* Make sha1-mb available again.
* Add support for multiple devices in ccp.
* Improve DMA performance in caam.
* Add hashing support to rockchip.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Anatoly Pugachev (2):
hwrng: n2 - documentation, add DT bindings, vendor prefixes
hwrng: n2 - Attach on T5/M5, T7/M7 SPARC CPUs

Andre Przywara (1):
crypto: sunxi-ss - prevent compilation on 64-bit

Arnd Bergmann (5):
crypto: sunxi - don't print confusing data
crypto: jitterentropy - always select CRYPTO_RNG
lib/mpi: avoid assembler warning
lib/mpi: use "static inline" instead of "extern inline"
hwrng: exynos - use __maybe_unused to hide pm functions

Atta, Ahsan (1):
crypto: qat - Pack cfg ctl structs

Baolin Wang (3):
crypto: api - Introduce crypto_queue_len() helper function
crypto: engine - Introduce the block request crypto engine framework
crypto: omap-aes - Support crypto engine framework

Cabiddu, Giovanni (1):
crypto: qat - Reduced reqsize in qat_algs

Cyrille Pitchen (7):
crypto: atmel-sha - fix crash when computing digest on empty message
crypto: atmel-sha - fix a race between the 'done' tasklet and the crypto client
crypto: atmel-sha - add support of sama5d2x SoCs
crypto: atmel-sha - fix context switches
crypto: atmel-sha - fix algorihtm registration
crypto: atmel-sha - fix .import()/.export() implementation
crypto: atmel-sha - fix race in atmel_sha_final()

Dan Carpenter (1):
crypto: keywrap - memzero the correct memory

Fabio Estevam (4):
crypto: sahara - remove unneeded mutex in the exported state
crypto: sahara - avoid needlessly saving and restoring sahara_ctx
crypto: sahara - fill the statesize field
crypto: caam - Staticize caam_jr_shutdown()

Gary R Hook (4):
crypto: ccp - Remove check for x86 family and model
crypto: ccp - Support for multiple CCPs
crypto: ccp - CCP versioning support
crypto: ccp - Add abstraction for device-specific calls

Herbert Xu (41):
crypto: ixp4xx - Fix false lastlen uninitialised warning
crypto: skcipher - Add default key size helper
crypto: hash - Add helpers to zero stack request/descriptor
crypto: skcipher - Add helper to zero stack request
crypto: api - Add crypto_type_has_alg helper
crypto: hash - Add crypto_has_ahash helper
crypto: skcipher - Add helper to retrieve driver name
block: cryptoloop - Use new skcipher interface
ppp_mppe: Use skcipher and ahash
staging: rtl8192e: Replace uses of obsolete blkcipher and hash
dm crypt: Use skcipher and ahash
orinoco: Use ahash
staging: rtl8192u: Use skcipher and ahash
wusb: Use skcipher
cifs: Use skcipher
ext4: Use skcipher
f2fs: Use skcipher
sunrpc: Use skcipher and ahash/shash
lib80211: Use skcipher and ahash
KEYS: Use skcipher
Bluetooth: Use skcipher and hash
libceph: Use skcipher
mac802154: Use skcipher
rxrpc: Use skcipher
ipsec: Use skcipher and ahash when probing algorithms
drbd: Use shash and ahash
nfc: s3fwrn5: Use shash
iscsi_tcp: Use ahash
iscsi-target: Use shash and ahash
nfsd: Use shash
sctp: Use shash
tcp: Use ahash
eCryptfs: Use skcipher and shash
crypto: crc32 - Rename generic implementation
crypto: tcrypt - Use ahash
crypto: doc - Use ahash
crypto: skcipher - Fix driver name helper
crypto: hash - Add helpers to return alg and driver names
staging: lustre: Use ahash
crypto: hash - Remove crypto_hash interface
crypto: keys - Revert "convert public key to akcipher api"

Horia Geant? (1):
crypto: caam - enable LARGE_BURST for enhancing DMA transactions size

Ilya Dryomov (1):
libceph: Remove unnecessary ivsize variables

Jerome Marchand (1):
crypto: testmgr - fix out of bound read in __test_aead()

Joonsoo Kim (1):
crypto: compress - remove unused pcomp interface

Joshua Henderson (2):
dt/bindings: Add bindings for the PIC32 random number generator
hwrng: pic32 - Add PIC32 RNG hardware driver

Krzysztof Koz?owski (2):
crypto: s5p-sss - Fix minor coding style violations
crypto: s5p-sss - Use memcpy_toio for iomem annotated memory

Marcus Meissner (3):
crypto: testmgr - mark more algorithms as FIPS compliant
crypto: testmgr - mark authenticated ctr(aes) also as FIPS able
crypto: testmgr - allow rfc3686 aes-ctr variants in fips mode.

Megha Dey (1):
crypto: sha1-mb - Add missing args_digest offset

Michal Marek (1):
lib/mpi: Endianness fix

Pingchao Yang (3):
crypto: qat - remove redundant function call
crypto: qat - The AE id should be less than the maximal AE number
crypto: qat - Change the definition of icp_qat_uof_regtype

Stephan Mueller (8):
crypto: ansi_cprng - ANSI X9.31 DRNG is not allowed in FIPS 140-2
crypto: drbg - remove FIPS 140-2 continuous test
crypto: xts - consolidate sanity check for keys
crypto: doc - add akcipher API
crypto: doc - add crypto_rng_generate
crypto: doc - update AEAD AD handling
crypto: doc - add skcipher API documentation
crypto: xts - fix compile errors

Tadeusz Struk (7):
crypto: qat - change name for c6xx dev type
crypto: aead - move aead_request_cast helper to aead.h
crypto: asymmetric_keys - convert public key and digsig asym to the akcipher api
integrity: convert digsig to akcipher api
crypto: public_key - remove MPIs from public_key_signature struct
crypto: qat - fix leak on error path
crypto: qat - remove redundant arbiter configuration

Tom Lendacky (4):
crypto: ccp - Add hash state import and export support
crypto: ccp - Limit the amount of information exported
crypto: ccp - Don't assume export/import areas are aligned
crypto: ccp - memset request context to zero during import

Vladimir Zapolskiy (2):
crypto: atmel - fix checks of error code returned by devm_ioremap_resource()
crypto: ux500 - fix checks of error code returned by devm_ioremap_resource()

Wang, Rui Y (3):
crypto: mcryptd - Fix load failure
crypto: sha-mb - Fix load failure
crypto: testmgr - Add a test case for import()/export()

Zain Wang (1):
crypto: rockchip - add hash support for crypto engine in rk3288

?lvaro Fern?ndez Rojas (5):
hwrng: bcm63xx - remove unused variables
hwrng: bcm63xx - add device tree support
hwrng: bcm63xx - allow building for BMIPS_GENERIC
hwrng: brcm63xx - document device tree bindings
hwrng: bcm63xx - fix non device tree compatibility

Documentation/DocBook/crypto-API.tmpl | 242 ++++-----
Documentation/crypto/api-intro.txt | 23 +-
.../devicetree/bindings/rng/brcm,bcm6368.txt | 17 +
.../bindings/rng/microchip,pic32-rng.txt | 17 +
.../devicetree/bindings/sparc_sun_oracle_rng.txt | 30 ++
.../devicetree/bindings/vendor-prefixes.txt | 2 +
arch/arm/crypto/aes-ce-glue.c | 5 +
arch/arm/crypto/aesbs-glue.c | 6 +
arch/arm64/crypto/aes-glue.c | 5 +
arch/powerpc/crypto/aes-spe-glue.c | 6 +
arch/s390/crypto/aes_s390.c | 6 +
arch/x86/crypto/aesni-intel_glue.c | 11 +-
arch/x86/crypto/camellia_glue.c | 10 +-
arch/x86/crypto/cast6_avx_glue.c | 10 +-
arch/x86/crypto/serpent_avx_glue.c | 11 +-
arch/x86/crypto/serpent_sse2_glue.c | 11 +-
arch/x86/crypto/sha-mb/sha1_mb.c | 35 ++
arch/x86/crypto/sha-mb/sha1_mb_mgr_submit_avx2.S | 2 +-
arch/x86/crypto/twofish_glue_3way.c | 10 +-
crypto/Kconfig | 23 +-
crypto/Makefile | 5 +-
crypto/ahash.c | 24 +-
crypto/algapi.c | 15 +
crypto/{crc32.c => crc32_generic.c} | 3 +-
crypto/crypto_engine.c | 355 +++++++++++++
crypto/drbg.c | 64 ---
crypto/internal.h | 3 +
crypto/keywrap.c | 4 +-
crypto/mcryptd.c | 1 +
crypto/pcompress.c | 115 -----
crypto/shash.c | 147 ------
crypto/skcipher.c | 4 +-
crypto/tcrypt.c | 239 +--------
crypto/testmgr.c | 401 +++++++--------
crypto/testmgr.h | 144 ------
crypto/xts.c | 11 +-
crypto/zlib.c | 381 --------------
drivers/block/cryptoloop.c | 48 +-
drivers/block/drbd/drbd_int.h | 16 +-
drivers/block/drbd/drbd_main.c | 16 +-
drivers/block/drbd/drbd_nl.c | 59 ++-
drivers/block/drbd/drbd_receiver.c | 56 +-
drivers/block/drbd/drbd_worker.c | 43 +-
drivers/char/hw_random/Kconfig | 15 +-
drivers/char/hw_random/Makefile | 1 +
drivers/char/hw_random/bcm63xx-rng.c | 11 +-
drivers/char/hw_random/exynos-rng.c | 10 +-
drivers/char/hw_random/n2-drv.c | 10 +
drivers/char/hw_random/pic32-rng.c | 155 ++++++
drivers/crypto/Kconfig | 7 +-
drivers/crypto/atmel-aes.c | 10 +-
drivers/crypto/atmel-sha-regs.h | 4 +
drivers/crypto/atmel-sha.c | 200 +++++---
drivers/crypto/atmel-tdes.c | 4 +-
drivers/crypto/caam/ctrl.c | 2 +-
drivers/crypto/caam/jr.c | 2 +-
drivers/crypto/caam/regs.h | 3 +-
drivers/crypto/ccp/Makefile | 2 +-
drivers/crypto/ccp/ccp-crypto-aes-cmac.c | 36 ++
drivers/crypto/ccp/ccp-crypto-aes.c | 12 +-
drivers/crypto/ccp/ccp-crypto-sha.c | 49 +-
drivers/crypto/ccp/ccp-crypto.h | 22 +
drivers/crypto/ccp/ccp-dev-v3.c | 533 ++++++++++++++++++++
drivers/crypto/ccp/ccp-dev.c | 471 ++++++-----------
drivers/crypto/ccp/ccp-dev.h | 155 +++++-
drivers/crypto/ccp/ccp-ops.c | 381 +-------------
drivers/crypto/ccp/ccp-pci.c | 23 +-
drivers/crypto/ccp/ccp-platform.c | 48 +-
drivers/crypto/ixp4xx_crypto.c | 26 +-
drivers/crypto/omap-aes.c | 97 ++--
drivers/crypto/qat/qat_common/adf_accel_devices.h | 4 +-
drivers/crypto/qat/qat_common/adf_aer.c | 1 -
drivers/crypto/qat/qat_common/adf_cfg_user.h | 6 +-
drivers/crypto/qat/qat_common/adf_hw_arbiter.c | 19 -
drivers/crypto/qat/qat_common/icp_qat_uclo.h | 42 +-
drivers/crypto/qat/qat_common/qat_algs.c | 6 +-
drivers/crypto/qat/qat_common/qat_asym_algs.c | 70 +--
drivers/crypto/qat/qat_common/qat_uclo.c | 2 +-
drivers/crypto/rockchip/Makefile | 1 +
drivers/crypto/rockchip/rk3288_crypto.c | 28 +-
drivers/crypto/rockchip/rk3288_crypto.h | 56 +-
drivers/crypto/rockchip/rk3288_crypto_ablkcipher.c | 20 +-
drivers/crypto/rockchip/rk3288_crypto_ahash.c | 404 +++++++++++++++
drivers/crypto/s5p-sss.c | 12 +-
drivers/crypto/sahara.c | 19 +-
drivers/crypto/sunxi-ss/sun4i-ss-cipher.c | 5 +-
drivers/crypto/ux500/cryp/cryp_core.c | 4 +-
drivers/crypto/ux500/hash/hash_core.c | 4 +-
drivers/md/dm-crypt.c | 93 ++--
drivers/net/ppp/ppp_mppe.c | 99 ++--
drivers/net/wireless/intersil/orinoco/mic.c | 29 +-
drivers/net/wireless/intersil/orinoco/mic.h | 4 +-
drivers/net/wireless/intersil/orinoco/orinoco.h | 4 +-
drivers/nfc/s3fwrn5/firmware.c | 36 +-
drivers/scsi/iscsi_tcp.c | 54 +-
drivers/scsi/iscsi_tcp.h | 4 +-
drivers/scsi/libiscsi_tcp.c | 29 +-
.../lustre/lustre/libcfs/linux/linux-crypto.c | 92 ++--
drivers/staging/rtl8192e/rtllib_crypt_tkip.c | 99 ++--
drivers/staging/rtl8192e/rtllib_crypt_wep.c | 48 +-
.../rtl8192u/ieee80211/ieee80211_crypt_tkip.c | 92 ++--
.../rtl8192u/ieee80211/ieee80211_crypt_wep.c | 46 +-
drivers/target/iscsi/iscsi_target.c | 86 ++--
drivers/target/iscsi/iscsi_target_auth.c | 98 ++--
drivers/target/iscsi/iscsi_target_login.c | 45 +-
drivers/usb/wusbcore/crypto.c | 30 +-
fs/cifs/cifsencrypt.c | 32 +-
fs/cifs/smbencrypt.c | 26 +-
fs/ecryptfs/crypto.c | 107 ++--
fs/ecryptfs/ecryptfs_kernel.h | 12 +-
fs/ecryptfs/inode.c | 1 -
fs/ecryptfs/keystore.c | 218 ++++----
fs/ecryptfs/main.c | 1 -
fs/ecryptfs/mmap.c | 1 -
fs/ecryptfs/super.c | 1 -
fs/ext4/crypto.c | 24 +-
fs/ext4/crypto_fname.c | 32 +-
fs/ext4/crypto_key.c | 42 +-
fs/ext4/ext4_crypto.h | 2 +-
fs/f2fs/crypto.c | 24 +-
fs/f2fs/crypto_fname.c | 32 +-
fs/f2fs/crypto_key.c | 40 +-
fs/f2fs/f2fs_crypto.h | 2 +-
fs/nfsd/nfs4recover.c | 28 +-
include/crypto/aead.h | 6 +-
include/crypto/akcipher.h | 28 +-
include/crypto/algapi.h | 92 +++-
include/crypto/compress.h | 145 ------
include/crypto/drbg.h | 4 -
include/crypto/hash.h | 45 ++
include/crypto/internal/aead.h | 6 +
include/crypto/internal/compress.h | 28 -
include/crypto/internal/hash.h | 3 -
include/crypto/skcipher.h | 24 +-
include/crypto/xts.h | 27 +
include/linux/ccp.h | 17 +
include/linux/crypto.h | 252 ---------
include/linux/sunrpc/gss_krb5.h | 32 +-
include/net/sctp/auth.h | 4 +-
include/net/sctp/structs.h | 6 +-
include/net/tcp.h | 6 +-
include/scsi/libiscsi_tcp.h | 13 +-
include/target/iscsi/iscsi_target_core.h | 4 +-
lib/mpi/longlong.h | 2 +-
lib/mpi/mpi-inline.h | 2 +-
lib/mpi/mpi-internal.h | 8 +-
lib/mpi/mpicoder.c | 39 +-
net/bluetooth/smp.c | 135 +++--
net/ceph/crypto.c | 101 ++--
net/ipv4/tcp.c | 41 +-
net/ipv4/tcp_fastopen.c | 1 +
net/ipv4/tcp_ipv4.c | 23 +-
net/ipv6/tcp_ipv6.c | 23 +-
net/mac802154/llsec.c | 41 +-
net/mac802154/llsec.h | 3 +-
net/rxrpc/ar-internal.h | 2 +-
net/rxrpc/ar-key.c | 12 +-
net/rxrpc/rxkad.c | 172 ++++---
net/sctp/auth.c | 36 +-
net/sctp/endpointola.c | 1 -
net/sctp/sm_make_chunk.c | 51 +-
net/sctp/socket.c | 8 +-
net/sunrpc/auth_gss/gss_krb5_crypto.c | 350 ++++++++-----
net/sunrpc/auth_gss/gss_krb5_keys.c | 12 +-
net/sunrpc/auth_gss/gss_krb5_mech.c | 89 ++--
net/sunrpc/auth_gss/gss_krb5_seqnum.c | 22 +-
net/sunrpc/auth_gss/gss_krb5_wrap.c | 24 +-
net/wireless/lib80211_crypt_tkip.c | 99 ++--
net/wireless/lib80211_crypt_wep.c | 46 +-
net/xfrm/xfrm_algo.c | 7 +-
security/keys/encrypted-keys/encrypted.c | 82 +--
171 files changed, 4904 insertions(+), 4511 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-03-23 13:09:50

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.6

Hi Linus:

This push fixes the following issues:

API:

* Fix kzalloc error path crash in ecryptfs added by skcipher
conversion. Note the subject of the commit is screwed up and
the correct subject is actually in the body.

Drivers:

* A number of fixes to the marvell cesa hashing code.
* Remove bogus nested irqsave that clobbers the saved flags in ccp.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Boris BREZILLON (3):
crypto: marvell/cesa - fix memory leak
crypto: marvell/cesa - initialize hash states
crypto: marvell/cesa - forward devm_ioremap_resource() error code

Gary R Hook (1):
crypto: ccp - fix lock acquisition code

Herbert Xu (1):
eCryptfs: Use skcipher and shash

drivers/crypto/ccp/ccp-dev.c | 6 +--
drivers/crypto/marvell/cesa.c | 2 +-
drivers/crypto/marvell/cesa.h | 3 +-
drivers/crypto/marvell/hash.c | 106 +++++++++++++++--------------------------
fs/ecryptfs/keystore.c | 6 +--
5 files changed, 46 insertions(+), 77 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-03-30 09:11:50

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.6

Hi Linus:

This push fixes a bug in pkcs7_validate_trust and its users where
the output value may in fact be taken from uninitialised memory.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Nicolai Stange (1):
PKCS#7: pkcs7_validate_trust(): initialize the _trusted output argument

crypto/asymmetric_keys/pkcs7_trust.c | 2 ++
1 file changed, 2 insertions(+)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-04-14 06:25:45

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.6

Hi Linus:

This push fixes an NFS regression caused by the skcipher/hash
conversion in sunrpc. It also fixes a build problem in certain
configurations with bcm63xx.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Herbert Xu (1):
sunrpc: Fix skcipher/shash conversion

?lvaro Fern?ndez Rojas (1):
hwrng: bcm63xx - fix device tree compilation

drivers/char/hw_random/bcm63xx-rng.c | 1 +
net/sunrpc/auth_gss/gss_krb5_crypto.c | 8 ++++++--
net/sunrpc/auth_gss/gss_krb5_mech.c | 3 ++-
3 files changed, 9 insertions(+), 3 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-04-20 09:49:34

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.6

Hi Linus:

This push fixes the following issues:

- Incorrect output buffer size calculation in rsa-pkcs1pad.
- Uninitialised padding bytes on exported state in ccp driver.
- Potentially freed pointer used on completion callback in sha1-mb.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Tadeusz Struk (1):
crypto: rsa-pkcs1pad - fix dst len

Tom Lendacky (1):
crypto: ccp - Prevent information leakage on export

Xiaodong Liu (1):
crypto: sha1-mb - use corrcet pointer while completing jobs

arch/x86/crypto/sha-mb/sha1_mb.c | 4 ++--
crypto/rsa-pkcs1pad.c | 12 ++++++------
drivers/crypto/ccp/ccp-crypto-aes-cmac.c | 3 +++
drivers/crypto/ccp/ccp-crypto-sha.c | 3 +++
4 files changed, 14 insertions(+), 8 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-04-25 11:12:26

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.6

Hi Linus:

This push fixes a couple of regressions in the talitos driver
that were introduced back in 4.3. The first bug causes a crash
when the driver's AEAD functionality is used while the second
bug prevents its AEAD feature from working once you get past the
first bug.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Horia Geant? (1):
crypto: talitos - fix AEAD tcrypt tests

Jonas Eymann (1):
crypto: talitos - fix crash in talitos_cra_init()

drivers/crypto/talitos.c | 87 ++++++++++++++++++++++++++++++----------------
1 file changed, 57 insertions(+), 30 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-05-09 08:46:47

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.6

Hi Linus:

This push fixes the following issues:

- Bug in ahash SG list walking that may lead to crashes.
- Resource leak in qat.
- Missing RSA dependency that causes it to fail.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Herbert Xu (1):
crypto: hash - Fix page length clamping in hash walk

Tadeusz Struk (3):
crypto: qat - fix invalid pf2vf_resp_wq logic
crypto: qat - fix adf_ctl_drv.c:undefined reference to adf_init_pf_wq
crypto: rsa - select crypto mgr dependency

crypto/Kconfig | 1 +
crypto/ahash.c | 3 ++-
drivers/crypto/qat/qat_common/adf_common_drv.h | 11 ++++++++++
drivers/crypto/qat/qat_common/adf_ctl_drv.c | 6 ++++++
drivers/crypto/qat/qat_common/adf_sriov.c | 26 +++++++++++++++---------
5 files changed, 36 insertions(+), 11 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-05-13 05:59:21

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.6

Hi Linus:

This push fixes a bug in the RSA self-test that may cause crashes
on some architectures such as SPARC.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Herbert Xu (1):
crypto: testmgr - Use kmalloc memory for RSA input

crypto/testmgr.c | 27 ++++++++++++++++++++++-----
1 file changed, 22 insertions(+), 5 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-05-16 07:16:27

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 4.7

Hi Linus:

Here is the crypto update for 4.7:

API:

* Crypto self tests can now be disabled at boot/run time.
* Add async support to algif_aead.

Algorithms:

* A large number of fixes to MPI from Nicolai Stange.
* Performance improvement for HMAC DRBG.

Drivers:

* Use generic crypto engine in omap-des.
* Merge ppc4xx-rng and crypto4xx drivers.
* Fix lockups in sun4i-ss driver by disabling IRQs.
* Add DMA engine support to ccp.
* Reenable talitos hash algorithms.
* Add support for Hisilicon SoC RNG.
* Add basic crypto driver for the MXC SCC.

Others:

* Do not allocate crypto hash tfm in NORECLAIM context in ecryptfs.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus

Ahsan Atta (1):
crypto: qat - Remove redundant nrbg rings

Amitoj Kaur Chawla (1):
crypto: n2 - Remove return statement from void function

Baolin Wang (1):
crypto: omap-des - Integrate with the crypto engine framework

Catalin Vasile (1):
crypto: caam - fix caam_jr_alloc() ret code

Christian Lamparter (1):
crypto4xx: integrate ppc4xx-rng into crypto4xx

Colin Ian King (1):
PKCS#7: fix missing break on OID_sha224 case

Corentin LABBE (1):
crypto: sun4i-ss - Replace spinlock_bh by spin_lock_irq{save|restore}

Dan Carpenter (3):
crypto: marvell/cesa - remove unneeded condition
crypto: mxc-scc - signedness bugs in mxc_scc_ablkcipher_req_init()
crypto: mxc-scc - fix unwinding in mxc_scc_crypto_register()

Eric Biggers (1):
crypto: doc - document correct return value for request allocation

Gary R Hook (2):
crypto: ccp - Register the CCP as a DMA resource
crypto: ccp - Ensure all dependencies are specified

Herbert Xu (3):
eCryptfs: Do not allocate hash tfm in NORECLAIM context
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

Horia Geant? (1):
crypto: talitos - fix ahash algorithms registration

Julia Lawall (2):
crypto: marvell/cesa - Use dma_pool_zalloc
crypto: ccp - constify ccp_actions structure

Kefeng Wang (2):
dt/bindings: Add bindings for hisilicon random number generator
hwrng: hisi - Add support for Hisilicon SoC RNG

Krzysztof Kozlowski (14):
hwrng: exynos - Runtime suspend device after init
hwrng: exynos - Fix unbalanced PM runtime put on timeout error path
hwrng: exynos - Disable runtime PM on probe failure
hwrng: exynos - Disable runtime PM on driver unbind
hwrng: exynos - Enable COMPILE_TEST
crypto: s5p-sss - Enable COMPILE_TEST
crypto: s5p-sss - Minor coding cleanups
crypto: s5p-sss - Handle unaligned buffers
crypto: s5p-sss - Sort the headers to improve readability
hwrng: exynos - Fix misspelled Samsung address
crypto: s5p-sss - Fix use after free of copied input buffer in error path
crypto: s5p-sss - Remove useless hash interrupt handler
crypto: s5p-sss - Use common BIT macro
crypto: s5p-sss - Fix missed interrupts when working with 8 kB blocks

Marek Szyprowski (1):
crypto: s5p-sss - fix incorrect usage of scatterlists api

Michal Hocko (1):
crypto: lzo - get rid of superfluous __GFP_REPEAT

Mike Galbraith (1):
crypto: ccp - Fix RT breaking #include <linux/rwlock_types.h>

Nicolai Stange (14):
lib/mpi: mpi_write_sgl(): fix skipping of leading zero limbs
lib/mpi: mpi_write_sgl(): fix style issue with lzero decrement
lib/mpi: mpi_write_sgl(): purge redundant pointer arithmetic
lib/mpi: mpi_write_sgl(): fix out-of-bounds stack access
lib/mpi: mpi_write_sgl(): replace open coded endian conversion
lib/mpi: mpi_read_buffer(): optimize skipping of leading zero limbs
lib/mpi: mpi_read_buffer(): replace open coded endian conversion
lib/mpi: mpi_read_buffer(): fix buffer overflow
lib/mpi: mpi_read_raw_from_sgl(): replace len argument by nbytes
lib/mpi: mpi_read_raw_from_sgl(): don't include leading zero SGEs in nbytes
lib/mpi: mpi_read_raw_from_sgl(): purge redundant clearing of nbits
lib/mpi: mpi_read_raw_from_sgl(): fix nbits calculation
lib/mpi: mpi_read_raw_from_sgl(): sanitize meaning of indices
lib/mpi: mpi_read_raw_from_sgl(): fix out-of-bounds buffer access

Paulo Flabiano Smorigo (1):
crypto: vmx - comply with ABIs that specify vrsave as reserved.

Peter Meerwald (1):
crypto: omap-des - Improve wording for CRYPTO_DEV_OMAP_DES in Kconfig

Peter Ujfalusi (3):
crypto: omap-aes - Use dma_request_chan() for requesting DMA channel
crypto: omap-des - Use dma_request_chan() for requesting DMA channel
crypto: omap-sham - Use dma_request_chan() for requesting DMA channel

Richard W.M. Jones (1):
crypto: testmgr - Add a flag allowing the self-tests to be disabled at runtime.

Romain Perier (1):
crypto: marvell/cesa - Improving code readability

Steffen Trumtrar (3):
Documentation: devicetree: add Freescale SCC bindings
ARM: i.MX25: add scc module to dtsi
crypto: mxc-scc - add basic driver for the MXC SCC

Stephan Mueller (1):
crypto: drbg - set HMAC key only when altered

Tadeusz Struk (12):
crypto: af_alg - add async support to algif_aead
crypto: qat - make sure const_tab is 1024 bytes aligned
crypto: qat - explicitly stop all VFs first
crypto: qat - changed adf_dev_stop to void
crypto: qat - adf_dev_stop should not be called in atomic context
crypto: qat - move vf2pf_init and vf2pf_exit to common
crypto: qat - check if PF is running
crypto: qat - interrupts need to be enabled when VFs are disabled
crypto: qat - fix section mismatch warning
crypto: qat - Fix typo in comments
crypto: qat - make adf_vf_isr.c dependant on IOV config
crypto: qat - change the adf_ctl_stop_devices to void

Tom Lendacky (1):
MAINTAINERS: Add a new maintainer for the CCP driver

Tudor Ambarus (3):
crypto: qat - avoid memory corruption or undefined behaviour
crypto: qat - fix address leaking of RSA public exponent
lib: asn1_decoder - add MODULE_LICENSE("GPL")

Documentation/DocBook/crypto-API.tmpl | 6 +-
.../devicetree/bindings/crypto/fsl-imx-scc.txt | 21 +
.../devicetree/bindings/crypto/samsung-sss.txt | 6 +-
Documentation/devicetree/bindings/rng/hisi-rng.txt | 12 +
Documentation/kernel-parameters.txt | 3 +
MAINTAINERS | 1 +
arch/arm/boot/dts/imx25.dtsi | 9 +
crypto/algif_aead.c | 268 ++++++-
crypto/asymmetric_keys/pkcs7_parser.c | 1 +
crypto/drbg.c | 39 +-
crypto/lzo.c | 2 +-
crypto/testmgr.c | 9 +
drivers/char/hw_random/Kconfig | 29 +-
drivers/char/hw_random/Makefile | 2 +-
drivers/char/hw_random/exynos-rng.c | 33 +-
drivers/char/hw_random/hisi-rng.c | 126 ++++
drivers/char/hw_random/ppc4xx-rng.c | 147 ----
drivers/crypto/Kconfig | 27 +-
drivers/crypto/Makefile | 1 +
drivers/crypto/amcc/Makefile | 1 +
drivers/crypto/amcc/crypto4xx_core.c | 7 +-
drivers/crypto/amcc/crypto4xx_core.h | 4 +
drivers/crypto/amcc/crypto4xx_reg_def.h | 1 +
drivers/crypto/amcc/crypto4xx_trng.c | 131 ++++
drivers/crypto/amcc/crypto4xx_trng.h | 34 +
drivers/crypto/caam/jr.c | 2 +-
drivers/crypto/ccp/Kconfig | 2 +
drivers/crypto/ccp/Makefile | 6 +-
drivers/crypto/ccp/ccp-dev-v3.c | 13 +-
drivers/crypto/ccp/ccp-dev.c | 2 +-
drivers/crypto/ccp/ccp-dev.h | 49 +-
drivers/crypto/ccp/ccp-dmaengine.c | 727 +++++++++++++++++++
drivers/crypto/ccp/ccp-ops.c | 69 +-
drivers/crypto/marvell/cesa.c | 10 +-
drivers/crypto/marvell/hash.c | 3 +-
drivers/crypto/marvell/tdma.c | 5 +-
drivers/crypto/mxc-scc.c | 765 ++++++++++++++++++++
drivers/crypto/n2_core.c | 2 +-
drivers/crypto/omap-aes.c | 62 +-
drivers/crypto/omap-des.c | 165 ++---
drivers/crypto/omap-sham.c | 25 +-
drivers/crypto/qat/qat_c3xxx/adf_drv.c | 4 +-
.../crypto/qat/qat_c3xxxvf/adf_c3xxxvf_hw_data.c | 23 -
drivers/crypto/qat/qat_c3xxxvf/adf_drv.c | 6 +-
drivers/crypto/qat/qat_c62x/adf_drv.c | 4 +-
drivers/crypto/qat/qat_c62xvf/adf_c62xvf_hw_data.c | 23 -
drivers/crypto/qat/qat_c62xvf/adf_drv.c | 6 +-
drivers/crypto/qat/qat_common/Makefile | 4 +-
drivers/crypto/qat/qat_common/adf_admin.c | 2 +-
drivers/crypto/qat/qat_common/adf_cfg_strings.h | 2 -
drivers/crypto/qat/qat_common/adf_common_drv.h | 28 +-
drivers/crypto/qat/qat_common/adf_ctl_drv.c | 40 +-
drivers/crypto/qat/qat_common/adf_init.c | 15 +-
drivers/crypto/qat/qat_common/adf_isr.c | 4 +-
drivers/crypto/qat/qat_common/adf_sriov.c | 8 +-
drivers/crypto/qat/qat_common/adf_vf2pf_msg.c | 92 +++
drivers/crypto/qat/qat_common/adf_vf_isr.c | 61 +-
drivers/crypto/qat/qat_common/qat_asym_algs.c | 4 +-
drivers/crypto/qat/qat_dh895xcc/adf_drv.c | 4 +-
.../qat/qat_dh895xccvf/adf_dh895xccvf_hw_data.c | 23 -
drivers/crypto/qat/qat_dh895xccvf/adf_drv.c | 6 +-
drivers/crypto/s5p-sss.c | 368 ++++++----
drivers/crypto/sunxi-ss/sun4i-ss-cipher.c | 10 +-
drivers/crypto/talitos.c | 64 ++
drivers/crypto/vmx/ppc-xlate.pl | 20 +
fs/ecryptfs/crypto.c | 32 +-
fs/ecryptfs/ecryptfs_kernel.h | 3 +-
fs/ecryptfs/inode.c | 7 +-
fs/ecryptfs/super.c | 5 +-
include/crypto/aead.h | 3 +-
include/crypto/hash.h | 3 +-
include/crypto/skcipher.h | 3 +-
include/linux/ccp.h | 36 +-
include/linux/crypto.h | 3 +-
lib/asn1_decoder.c | 3 +
lib/mpi/mpicoder.c | 122 ++--
76 files changed, 3091 insertions(+), 777 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-05-20 08:41:05

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.7

Hi Linus:

This push fixes a regression that causes sha-mb to crash.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Josh Poimboeuf (1):
crypto: sha1-mb - make sha1_x8_avx2() conform to C function ABI

arch/x86/crypto/sha-mb/sha1_x8_avx2.S | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-05-30 06:31:54

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.7

Hi Linus:

This push fixes the following issues:

- Missing selection in public_key that may result in a build failure.
- Potential crash in error path in omap-sham.
- ccp AES XTS bug that affects requests larger than 4096.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Arnd Bergmann (1):
crypto: public_key: select CRYPTO_AKCIPHER

Dan Carpenter (1):
crypto: omap-sham - potential Oops on error in probe

Tom Lendacky (1):
crypto: ccp - Fix AES XTS error for request sizes above 4096

crypto/asymmetric_keys/Kconfig | 1 +
drivers/crypto/ccp/ccp-crypto-aes-xts.c | 17 ++++++++++++-----
drivers/crypto/omap-sham.c | 2 +-
3 files changed, 14 insertions(+), 6 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-06-27 06:28:19

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.7

Hi Linus:

This push fixes the following issue:

- Missing length check for user-space GETALG request.
- Bogus memmove length in ux500 driver.
- Incorrect priority setting for vmx driver.
- Incorrect ABI selection for vmx driver.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Anton Blanchard (2):
crypto: vmx - Fix ABI detection
crypto: vmx - Increase priority of aes-cbc cipher

Linus Walleij (1):
crypto: ux500 - memmove the right size

Mathias Krause (1):
crypto: user - re-add size check for CRYPTO_MSG_GETALG

crypto/crypto_user.c | 1 +
drivers/crypto/ux500/hash/hash_core.c | 4 ++--
drivers/crypto/vmx/aes_cbc.c | 2 +-
drivers/crypto/vmx/aes_ctr.c | 2 +-
drivers/crypto/vmx/ppc-xlate.pl | 2 +-
5 files changed, 6 insertions(+), 5 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-07-22 03:39:01

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.7

Hi Linus:

This push fixes a sporadic build failure in the qat driver.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Jan Stancek (1):
crypto: qat - make qat_asym_algs.o depend on asn1 headers

drivers/crypto/qat/qat_common/Makefile | 1 +
1 file changed, 1 insertion(+)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-07-23 03:10:57

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.7

Hi Linus:

This push fixes a sporadic build failure in the qat driver as well
as a memory corruption bug in rsa-pkcs1pad.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Herbert Xu (1):
crypto: rsa-pkcs1pad - fix rsa-pkcs1pad request struct

Jan Stancek (1):
crypto: qat - make qat_asym_algs.o depend on asn1 headers

crypto/rsa-pkcs1pad.c | 4 ++--
drivers/crypto/qat/qat_common/Makefile | 1 +
2 files changed, 3 insertions(+), 2 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-07-25 10:53:35

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 4.8

Hi Linus:

Here is the crypto update for 4.8:

API:

* First part of skcipher low-level conversions.
* Add KPP (Key-agreement Protocol Primitives) interface.

Algorithms:

* Fix IPsec/cryptd reordering issues that affects aesni.
* RSA no longer does explicit leading zero removal.
* Add SHA3.
* Add DH.
* Add ECDH.
* Improve DRBG performance by not doing CTR by hand.

Drivers:

* Add x86 AVX2 multibuffer SHA256/512.
* Add POWER8 optimised crc32c.
* Add xts support to vmx.
* Add DH support to qat.
* Add RSA support to caam.
* Add Layerscape support to caam.
* Add SEC1 AEAD support to talitos.
* Improve performance by chaining requests in marvell/cesa.
* Add support for Araneus Alea I USB RNG.
* Add support for Broadcom BCM5301 RNG.
* Add support for Amlogic Meson RNG.
* Add support Broadcom NSP SoC RNG.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Amitoj Kaur Chawla (1):
crypto: bfin_crc - Simplify use of devm_ioremap_resource

Andrea Gelmini (2):
crypto: doc - Fix typo
crypto: powerpc - Fix typo

Anton Blanchard (2):
powerpc: define FUNC_START/FUNC_END
crypto: powerpc - Add POWER8 optimised crc32c

Arnd Bergmann (2):
crypto: caam - fix misspelled upper_32_bits
crypto: ux500 - do not build with -O0

Ben Dooks (1):
hwrng: exynos - fixup IO accesors

Bhaktipriya Shridhar (1):
crypto: qat - Remove deprecated create_workqueue

Bin Liu (2):
crypto: omap-sham - set sw fallback to 240 bytes
crypto: omap-sham - increase cra_proirity to 400

Bob Ham (2):
hwrng: chaoskey - Add support for Araneus Alea I USB RNG
hwrng: chaoskey - Fix URB warning due to timeout on Alea

Conor McLoughlin (1):
crypto: qat - Use alternative reset methods depending on the specific device

Cristian Stoica (1):
crypto: caam - fix offset field in hw sg entries

Dan Carpenter (2):
crypto: drbg - fix an error code in drbg_init_sym_kernel()
crypto: nx - off by one bug in nx_of_update_msc()

Florian Fainelli (2):
hwrng: bcm2835 - Add support for Broadcom BCM5301x
Documentation: devicetree: bindings: Add BCM5301x binding

Geert Uytterhoeven (2):
MAINTAINERS: Add file patterns for crypto device tree bindings
MAINTAINERS: Add file patterns for rng device tree bindings

Geliang Tang (1):
crypto: skcipher - remove unused header cpumask.h

Giovanni Cabiddu (1):
crypto: hash - shrink hash down to two types

Harsh Jain (1):
crypto: authenc - Remove redundant sg_init_table call.

Herbert Xu (63):
crypto: gcm - Filter out async ghash if necessary
Revert "crypto: user - no parsing of CRYPTO_MSG_GETALG"
crypto: chacha20-simd - Use generic code for small requests
crypto: cryptd - Add helpers to check whether a tfm is queued
crypto: aesni - Fix cryptd reordering problem on gcm
crypto: ablk_helper - Fix cryptd reordering
crypto: ghash-clmulni - Fix cryptd reordering
crypto: ghash-ce - Fix cryptd reordering
KEYS: Use skcipher for big keys
crypto: tcrypt - Use unsigned long for mb ahash cycle counter
crypto: tcrypt - Fix memory leaks/crashes in multibuffer hash speed test
crypto: authenc - Consider ahash ASYNC bit
crypto: ahash - Add padding in crypto_ahash_extsize
crypto: tcrypt - Use skcipher
crypto: aesni - Use crypto_cipher to derive rfc4106 subkey
crypto: ccp - Use skcipher for fallback
crypto: mxs-dcp - Use skcipher for fallback
crypto: picoxcell - Use skcipher for fallback
crypto: qce - Use skcipher for fallback
crypto: sahara - Use skcipher for fallback
crypto: s390/aes - Use skcipher for fallback
crypto: api - Add crypto_inst_setname
crypto: tcrypt - Add speed test for cts
crypto: testmgr - Allow leading zeros in RSA
crypto: rsa - Generate fixed-length output
lib/mpi: Do not do sg_virt
crypto: rsa-pkcs1pad - Require hash to be present
crypto: rsa-pkcs1pad - Remove bogus page splitting
crypto: rsa-pkcs1pad - Always use GFP_KERNEL
crypto: rsa-pkcs1pad - Move key size check to setkey
crypto: rsa-pkcs1pad - Avoid copying output when possible
crypto: tcrypt - Do not bail on EINPROGRESS in multibuffer hash test
crypto: rsa-pkcs1pad - Fix regression from leading zeros
crypto: skcipher - Add low-level skcipher interface
crypto: null - Add new default null skcipher
crypto: aead - Add chunk size
crypto: authenc - Use skcipher
crypto: authencesn - Use skcipher
crypto: ctr - Use skcipher in rfc3686
crypto: ccm - Use skcipher
crypto: gcm - Use skcipher
crypto: chacha20poly1305 - Use skcipher
crypto: aead - Add skcipher null for IV generators
crypto: echainiv - Use skcipher
crypto: seqiv - Use skcipher
crypto: aead - Remove blkcipher null for IV generators
crypto: null - Remove default null blkcipher
crypto: cts - Convert to skcipher
crypto: user - Remove crypto_lookup_skcipher call
crypto: skcipher - Remove top-level givcipher interface
crypto: omap - Stop using crypto scatterwalk_bytes_sglen
crypto: scatterwalk - Remove scatterwalk_bytes_sglen
crypto: scatterwalk - Add no-copy support to copychunks
crypto: api - Optimise away crypto_yield when hard preemption is on
crypto: scatterwalk - Fix test in scatterwalk_done
crypto: scatterwalk - Remove unnecessary advance in scatterwalk_pagedone
crypto: scatterwalk - Remove unnecessary BUG in scatterwalk_start
crypto: scatterwalk - Inline start/map/done
crypto: testmgr - Print akcipher algorithm name
crypto: skcipher - Add comment for skcipher_alg->base
crypto: vmx - Fix aes_p8_xts_decrypt build failure
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

Horia Geantă (7):
asm-generic/io.h: allow barriers in io{read,write}{16,32}be
asm-generic/io.h: add io{read,write}64 accessors
arm64: add io{read,write}64be accessors
powerpc: add io{read,write}64 accessors
crypto: caam - handle core endianness != caam endianness
crypto: caam - add ARCH_LAYERSCAPE to supported architectures
arm64: dts: ls1043a: add crypto node

Jeff Garzik (1):
crypto: sha3 - Add SHA-3 hash algorithm

Krzysztof Kozlowski (2):
crypto: s5p-sss - Use consistent indentation for variables and members
crypto: tcrypt - Fix mixing printk/pr_err and obvious indentation issues

LEROY Christophe (7):
crypto: talitos - using helpers for all talitos_ptr operations
crypto: talitos - move mapping helpers before IPSEC functions
crypto: talitos - making mapping helpers more generic
crypto: talitos - Implement AEAD for SEC1 using HMAC_SNOOP_NO_AFEU
crypto: talitos - sg_to_link_tbl() not used anymore, remove it
crypto: talitos - implement cra_priority
crypto: talitos - templates for AEAD using HMAC_SNOOP_NO_AFEU

Leonidas S. Barbosa (1):
crypto: vmx - Adding support for XTS

Lokesh Vutla (2):
crypto: omap-aes - Fix registration of algorithms
crypto: omap - do not call dmaengine_terminate_all

Masanari Iida (1):
crypto: doc - Fix double words "the the" in crypto-API.tmpl

Maxime Coquelin (1):
hwrng: stm32 - fix maybe uninitialized variable warning

Megha Dey (15):
crypto: sha1-mb - stylistic cleanup
crypto: sha1-mb - async implementation for sha1-mb
crypto: sha256-mb - SHA256 multibuffer job manager and glue code
crypto: sha256-mb - Enable multibuffer support
crypto: sha256-mb - submit/flush routines for AVX2
crypto: sha256-mb - Algorithm data structures
crypto: sha256-mb - Crypto computation (x8 AVX2)
crypto: tcrypt - Add speed tests for SHA multibuffer algorithms
crypto: sha1-mb - rename sha-mb to sha1-mb
crypto: sha512-mb - SHA512 multibuffer job manager and glue code
crypto: sha512-mb - Enable SHA512 multibuffer support
crypto: sha512-mb - submit/flush routines for AVX2
crypto: sha512-mb - Algorithm data structures
crypto: sha512-mb - Crypto computation (x4 AVX2)
crypto: tcrypt - Add new mode for sha512_mb

Neil Armstrong (1):
hwrng: meson - Add Amlogic Meson Hardware Random Generator

Nicolai Stange (8):
lib/mpi: purge mpi_set_buffer()
lib/mpi: mpi_read_raw_data(): purge redundant clearing of nbits
lib/mpi: mpi_read_raw_data(): fix nbits calculation
lib/mpi: mpi_read_from_buffer(): return error code
lib/digsig: digsig_verify_rsa(): return -EINVAL if modulo length is zero
lib/mpi: mpi_read_from_buffer(): return -EINVAL upon too short buffer
lib/mpi: mpi_read_from_buffer(): sanitize short buffer printk
lib/mpi: refactor mpi_read_from_buffer() in terms of mpi_read_raw_data()

Nishanth Menon (1):
hwrng: omap - Fix assumption that runtime_get_sync will always succeed

Paulo Flabiano Smorigo (2):
crypto: vmx - Adding asm subroutines for XTS
crypto: vmx - Ignore generated files

Romain Perier (11):
crypto: marvell - Add a macro constant for the size of the crypto queue
crypto: marvell - Check engine is not already running when enabling a req
crypto: marvell - Fix wrong type check in dma functions
crypto: marvell - Copy IV vectors by DMA transfers for acipher requests
crypto: marvell - Move tdma chain out of mv_cesa_tdma_req and remove it
crypto: marvell - Add a complete operation for async requests
crypto: marvell - Move SRAM I/O operations to step functions
crypto: marvell - Add load balancing between engines
crypto: marvell - Add support for chaining crypto requests in TDMA mode
crypto: marvell - Increase the size of the crypto queue
crypto: marvell - Fix wrong flag used for GFP in mv_cesa_dma_add_iv_op

Salvatore Benedetto (10):
crypto: kpp - Key-agreement Protocol Primitives API (KPP)
crypto: dh - Add DH software implementation
crypto: ecdh - Add ECDH software support
crypto: qat - Switch to new rsa_helper functions
crypto: testmgr - Set err before proceeding
crypto: rsa - Store rest of the private key components
crypto: testmgr - Add 4K private key to RSA testvector
crypto: qat - Add RSA CRT mode
crypto: qat - Add DH support
crypto: qat - Stop dropping leading zeros from RSA output

Stephan Mueller (8):
crypto: sha-ssse3 - add MODULE_ALIAS
crypto: user - no parsing of CRYPTO_MSG_GETALG
crypto: drbg - reduce number of setkey calls
crypto: drbg - use CTR AES instead of ECB AES
crypto: drbg - use aligned buffers
crypto: drbg - use full CTR AES for update
crypto: drbg - avoid duplicate maintenance of key
crypto: jitterentropy - use ktime_get_ns as fallback

Stephen Rothwell (1):
crypto: ecdh - make ecdh_shared_secret unique

Tadeusz Struk (3):
crypto: qat - fix typos sizeof for ctx
MAINTAINERS: update maintainer for qat
crypto: rsa-pkcs1pad - fix rsa-pkcs1pad request struct

Tero Kristo (2):
crypto: omap-sham - use runtime_pm autosuspend for clock handling
crypto: omap-sham - change queue size from 1 to 10

Tim Chen (1):
crypto: sha-mb - Cleanup code to use || instead of |

Tudor Ambarus (3):
crypto: rsa - return raw integers for the ASN.1 parser
crypto: caam - replace deprecated EXTRA_CFLAGS
crypto: caam - add support for RSA algorithm

Wu Fengguang (1):
crypto: drbg - fix semicolon.cocci warnings

Yendapally Reddy Dhananjaya Reddy (4):
dt-bindings: rng: Northstar Plus SoC rng bindings
hwrng: bcm2835 - Support Broadcom NSP SoC rng
ARM: dts: nsp: Add rng device tree entry
hwrng: bcm2835 - Read as much data as available

raveendra padasalagi (2):
crypto: sha3 - Add SHA-3 Test's in tcrypt
crypto: sha3 - Add HMAC-SHA3 test modes and test vectors

Documentation/DocBook/crypto-API.tmpl | 4 +-
Documentation/crypto/asymmetric-keys.txt | 2 +-
.../devicetree/bindings/rng/brcm,bcm2835.txt | 8 +-
MAINTAINERS | 5 +-
arch/arm/boot/dts/bcm-nsp.dtsi | 5 +
arch/arm/crypto/ghash-ce-glue.c | 40 +-
arch/arm64/boot/dts/freescale/fsl-ls1043a-rdb.dts | 4 +
arch/arm64/boot/dts/freescale/fsl-ls1043a.dtsi | 43 +
arch/arm64/include/asm/io.h | 4 +-
arch/powerpc/crypto/Makefile | 2 +
arch/powerpc/crypto/aes-spe-regs.h | 2 +-
arch/powerpc/crypto/crc32c-vpmsum_asm.S | 1553 ++++++++++++++++
arch/powerpc/crypto/crc32c-vpmsum_glue.c | 167 ++
arch/powerpc/include/asm/ppc-opcode.h | 12 +
arch/powerpc/include/asm/ppc_asm.h | 3 +
arch/powerpc/kernel/iomap.c | 24 +
arch/s390/crypto/aes_s390.c | 113 +-
arch/x86/crypto/Makefile | 4 +-
arch/x86/crypto/aesni-intel_glue.c | 94 +-
arch/x86/crypto/chacha20_glue.c | 2 +-
arch/x86/crypto/ghash-clmulni-intel_glue.c | 40 +-
arch/x86/crypto/{sha-mb => sha1-mb}/Makefile | 0
arch/x86/crypto/{sha-mb => sha1-mb}/sha1_mb.c | 288 +--
.../{sha-mb/sha_mb_ctx.h => sha1-mb/sha1_mb_ctx.h} | 2 +-
.../{sha-mb/sha_mb_mgr.h => sha1-mb/sha1_mb_mgr.h} | 0
.../{sha-mb => sha1-mb}/sha1_mb_mgr_datastruct.S | 0
.../{sha-mb => sha1-mb}/sha1_mb_mgr_flush_avx2.S | 0
.../{sha-mb => sha1-mb}/sha1_mb_mgr_init_avx2.c | 2 +-
.../{sha-mb => sha1-mb}/sha1_mb_mgr_submit_avx2.S | 0
arch/x86/crypto/{sha-mb => sha1-mb}/sha1_x8_avx2.S | 0
arch/x86/crypto/sha1_ssse3_glue.c | 6 +
arch/x86/crypto/sha256-mb/Makefile | 11 +
arch/x86/crypto/sha256-mb/sha256_mb.c | 1030 +++++++++++
arch/x86/crypto/sha256-mb/sha256_mb_ctx.h | 136 ++
arch/x86/crypto/sha256-mb/sha256_mb_mgr.h | 108 ++
.../crypto/sha256-mb/sha256_mb_mgr_datastruct.S | 304 ++++
.../crypto/sha256-mb/sha256_mb_mgr_flush_avx2.S | 304 ++++
.../x86/crypto/sha256-mb/sha256_mb_mgr_init_avx2.c | 65 +
.../crypto/sha256-mb/sha256_mb_mgr_submit_avx2.S | 215 +++
arch/x86/crypto/sha256-mb/sha256_x8_avx2.S | 593 +++++++
arch/x86/crypto/sha256_ssse3_glue.c | 10 +
arch/x86/crypto/sha512-mb/Makefile | 11 +
arch/x86/crypto/sha512-mb/sha512_mb.c | 1046 +++++++++++
arch/x86/crypto/sha512-mb/sha512_mb_ctx.h | 130 ++
arch/x86/crypto/sha512-mb/sha512_mb_mgr.h | 104 ++
.../crypto/sha512-mb/sha512_mb_mgr_datastruct.S | 281 +++
.../crypto/sha512-mb/sha512_mb_mgr_flush_avx2.S | 291 +++
.../x86/crypto/sha512-mb/sha512_mb_mgr_init_avx2.c | 67 +
.../crypto/sha512-mb/sha512_mb_mgr_submit_avx2.S | 222 +++
arch/x86/crypto/sha512-mb/sha512_x4_avx2.S | 529 ++++++
arch/x86/crypto/sha512_ssse3_glue.c | 6 +
crypto/Kconfig | 77 +
crypto/Makefile | 12 +-
crypto/ablk_helper.c | 6 +-
crypto/ablkcipher.c | 223 ---
crypto/aead.c | 16 +-
crypto/ahash.c | 6 +-
crypto/algapi.c | 24 +-
crypto/authenc.c | 116 +-
crypto/authencesn.c | 106 +-
crypto/blkcipher.c | 185 --
crypto/ccm.c | 72 +-
crypto/chacha20poly1305.c | 89 +-
crypto/chainiv.c | 317 ----
crypto/cryptd.c | 132 +-
crypto/crypto_null.c | 11 +-
crypto/crypto_user.c | 57 +-
crypto/ctr.c | 183 +-
crypto/cts.c | 495 +++---
crypto/dh.c | 189 ++
crypto/dh_helper.c | 95 +
crypto/drbg.c | 269 ++-
crypto/ecc.c | 1018 +++++++++++
crypto/ecc.h | 83 +
crypto/ecc_curve_defs.h | 57 +
crypto/ecdh.c | 151 ++
crypto/ecdh_helper.c | 86 +
crypto/echainiv.c | 16 +-
crypto/eseqiv.c | 242 ---
crypto/gcm.c | 115 +-
crypto/jitterentropy-kcapi.c | 22 +-
crypto/kpp.c | 123 ++
crypto/mcryptd.c | 132 +-
crypto/rsa-pkcs1pad.c | 325 ++--
crypto/rsa.c | 113 +-
crypto/rsa_helper.c | 172 +-
crypto/rsaprivkey.asn1 | 10 +-
crypto/scatterwalk.c | 81 +-
crypto/seqiv.c | 176 +-
crypto/sha3_generic.c | 300 ++++
crypto/skcipher.c | 196 +-
crypto/tcrypt.c | 442 +++--
crypto/testmgr.c | 288 ++-
crypto/testmgr.h | 1036 ++++++++++-
drivers/char/hw_random/Kconfig | 16 +-
drivers/char/hw_random/Makefile | 1 +
drivers/char/hw_random/bcm2835-rng.c | 47 +-
drivers/char/hw_random/exynos-rng.c | 4 +-
drivers/char/hw_random/meson-rng.c | 131 ++
drivers/char/hw_random/omap-rng.c | 16 +-
drivers/char/hw_random/stm32-rng.c | 10 +-
drivers/crypto/bfin_crc.c | 5 -
drivers/crypto/caam/Kconfig | 18 +-
drivers/crypto/caam/Makefile | 4 +-
drivers/crypto/caam/caamhash.c | 5 +-
drivers/crypto/caam/caampkc.c | 607 +++++++
drivers/crypto/caam/caampkc.h | 70 +
drivers/crypto/caam/compat.h | 3 +
drivers/crypto/caam/ctrl.c | 125 +-
drivers/crypto/caam/desc.h | 11 +-
drivers/crypto/caam/desc_constr.h | 51 +-
drivers/crypto/caam/jr.c | 22 +-
drivers/crypto/caam/pdb.h | 188 +-
drivers/crypto/caam/pkc_desc.c | 36 +
drivers/crypto/caam/regs.h | 151 +-
drivers/crypto/caam/sg_sw_sec4.h | 17 +-
drivers/crypto/ccp/ccp-crypto-aes-xts.c | 43 +-
drivers/crypto/ccp/ccp-crypto.h | 3 +-
drivers/crypto/marvell/cesa.c | 142 +-
drivers/crypto/marvell/cesa.h | 120 +-
drivers/crypto/marvell/cipher.c | 157 +-
drivers/crypto/marvell/hash.c | 150 +-
drivers/crypto/marvell/tdma.c | 130 +-
drivers/crypto/mxs-dcp.c | 47 +-
drivers/crypto/nx/nx.c | 2 +-
drivers/crypto/omap-aes.c | 36 +-
drivers/crypto/omap-des.c | 14 +-
drivers/crypto/omap-sham.c | 47 +-
drivers/crypto/picoxcell_crypto.c | 60 +-
drivers/crypto/qat/Kconfig | 3 +-
drivers/crypto/qat/qat_c3xxx/adf_c3xxx_hw_data.c | 1 +
drivers/crypto/qat/qat_c62x/adf_c62x_hw_data.c | 1 +
drivers/crypto/qat/qat_common/Makefile | 11 -
drivers/crypto/qat/qat_common/adf_accel_devices.h | 1 +
drivers/crypto/qat/qat_common/adf_aer.c | 49 +-
drivers/crypto/qat/qat_common/adf_common_drv.h | 2 +
drivers/crypto/qat/qat_common/adf_sriov.c | 2 +-
drivers/crypto/qat/qat_common/adf_vf_isr.c | 2 +-
drivers/crypto/qat/qat_common/qat_algs.c | 8 +-
drivers/crypto/qat/qat_common/qat_asym_algs.c | 872 +++++++--
drivers/crypto/qat/qat_common/qat_rsaprivkey.asn1 | 11 -
drivers/crypto/qat/qat_common/qat_rsapubkey.asn1 | 4 -
.../crypto/qat/qat_dh895xcc/adf_dh895xcc_hw_data.c | 1 +
drivers/crypto/qce/ablkcipher.c | 27 +-
drivers/crypto/qce/cipher.h | 2 +-
drivers/crypto/s5p-sss.c | 80 +-
drivers/crypto/sahara.c | 112 +-
drivers/crypto/talitos.c | 672 ++++---
drivers/crypto/ux500/cryp/Makefile | 6 +-
drivers/crypto/ux500/hash/Makefile | 2 +-
drivers/crypto/vmx/.gitignore | 2 +
drivers/crypto/vmx/Makefile | 2 +-
drivers/crypto/vmx/aes_xts.c | 190 ++
drivers/crypto/vmx/aesp8-ppc.h | 4 +
drivers/crypto/vmx/aesp8-ppc.pl | 1863 +++++++++++++++++++-
drivers/crypto/vmx/vmx.c | 2 +
drivers/usb/misc/Kconfig | 11 +-
drivers/usb/misc/chaoskey.c | 21 +-
include/asm-generic/io.h | 71 +-
include/asm-generic/iomap.h | 8 +
include/crypto/aead.h | 12 +-
include/crypto/algapi.h | 4 +
include/crypto/cryptd.h | 5 +
include/crypto/dh.h | 29 +
include/crypto/drbg.h | 12 +
include/crypto/ecdh.h | 30 +
include/crypto/internal/aead.h | 21 +
include/crypto/internal/geniv.h | 2 +-
include/crypto/internal/hash.h | 12 +-
include/crypto/internal/kpp.h | 64 +
include/crypto/internal/rsa.h | 42 +-
include/crypto/internal/skcipher.h | 122 +-
include/crypto/kpp.h | 330 ++++
include/crypto/mcryptd.h | 8 +-
include/crypto/null.h | 12 +-
include/crypto/scatterwalk.h | 48 +-
include/crypto/sha3.h | 29 +
include/crypto/skcipher.h | 207 ++-
include/linux/crypto.h | 31 +-
include/linux/mpi.h | 3 +-
include/uapi/linux/cryptouser.h | 5 +
lib/digsig.c | 16 +-
lib/mpi/mpicoder.c | 249 +--
security/keys/big_key.c | 30 +-
184 files changed, 19350 insertions(+), 4261 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-08-01 09:58:21

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.8

Hi Linus:

This push fixes a number of regressions in the marvell cesa driver
caused by the chaining work, and a regression in lib/mpi that
leads to a GFP_KERNEL allocation with preemption disabled.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Herbert Xu (1):
lib/mpi: Fix SG miter leak

Romain Perier (4):
crypto: marvell - Fix memory leaks in TDMA chain for cipher requests
crypto: marvell - Don't chain at DMA level when backlog is disabled
crypto: marvell - Update cache with input sg only when it is unmapped
crypto: marvell - Don't copy IV vectors from the _process op for ciphers

drivers/crypto/marvell/cesa.c | 7 ++++---
drivers/crypto/marvell/cipher.c | 25 +++++++------------------
drivers/crypto/marvell/hash.c | 12 ++++++------
lib/mpi/mpicoder.c | 14 +++++++-------
4 files changed, 24 insertions(+), 34 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-08-16 08:48:58

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.8

Hi Linus:

This push fixes the following issue:

- Missing ULL suffixes for 64-bit constants in sha3.
- Two caam AEAD regressions.
- Bogus setkey hooks in non-hmac caam hashes.
- Missing kbuild dependency for powerpc crc32c.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Geert Uytterhoeven (1):
crypto: sha3 - Add missing ULL suffixes for 64-bit constants

Horia Geantă (2):
crypto: caam - fix echainiv(authenc) encrypt shared descriptor
crypto: caam - defer aead_set_sh_desc in case of zero authsize

Michael Ellerman (1):
crypto: powerpc - CRYPT_CRC32C_VPMSUM should depend on ALTIVEC

Russell King (1):
crypto: caam - fix non-hmac hashes

crypto/Kconfig | 2 +-
crypto/sha3_generic.c | 16 ++++++++--------
drivers/crypto/caam/caamalg.c | 13 ++++++++-----
drivers/crypto/caam/caamhash.c | 1 +
4 files changed, 18 insertions(+), 14 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-08-23 09:51:30

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.8

Hi Linus:

This push fixes a number of memory corruption bugs in the newly
added sha256-mb/sha256-mb code.

Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Xiaodong Liu (2):
crypto: sha256-mb - fix ctx pointer and digest copy
crypto: sha512-mb - fix ctx pointer

arch/x86/crypto/sha256-mb/sha256_mb.c | 4 ++--
arch/x86/crypto/sha256-mb/sha256_mb_mgr_flush_avx2.S | 7 ++++---
arch/x86/crypto/sha512-mb/sha512_mb.c | 4 ++--
3 files changed, 8 insertions(+), 7 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-08-31 14:19:51

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.8

Hi Linus:

This push fixes the following issues:

- Kconfig problem that prevented mxc-rnga from being enabled.
- Bogus key sizes in qat aes-xts.
- Buggy aes-xts code in vmx.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Fabian Frederick (1):
hwrng: mxc-rnga - Fix Kconfig dependency

Giovanni Cabiddu (1):
crypto: qat - fix aes-xts key sizes

Li Zhong (1):
crypto: vmx - fix null dereference in p8_aes_xts_crypt

drivers/char/hw_random/Kconfig | 2 +-
drivers/crypto/qat/qat_common/qat_algs.c | 4 ++--
drivers/crypto/vmx/aes_xts.c | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-09-05 09:33:18

by Herbert Xu

[permalink] [raw]
Subject: Re: Crypto Fixes for 4.8

Hi Linus:

This push fixes a regression in the cryptd code that breaks certain
accelerated AED algorithms as well as an older regression in the
caam driver that breaks IPsec.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Herbert Xu (1):
crypto: cryptd - Use correct tfm object for AEAD tracking

Horia Geantă (1):
crypto: caam - fix IV loading for authenc (giv)decryption

crypto/cryptd.c | 3 +-
drivers/crypto/caam/caamalg.c | 77 ++++++++++++++++++++---------------------
2 files changed, 39 insertions(+), 41 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-09-13 10:35:23

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.8

Hi Linus:

This push fixes a bug in the cryptd code that may lead to crashes.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Ard Biesheuvel (1):
crypto: cryptd - initialize child shash_desc on import

crypto/cryptd.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-09-19 11:21:30

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.8

Hi Linus:

This push fixes a potential weakness in IPsec CBC IV generation,
as well as a number of issues that arose out of an OOM crash on
ARM with CTR-mode AES.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Ard Biesheuvel (2):
crypto: arm/aes-ctr - fix NULL dereference in tail processing
crypto: arm64/aes-ctr - fix NULL dereference in tail processing

Herbert Xu (2):
crypto: echainiv - Replace chaining with multiplication
crypto: skcipher - Fix blkcipher walk OOM crash

arch/arm/crypto/aes-ce-glue.c | 2 +-
arch/arm64/crypto/aes-glue.c | 2 +-
crypto/blkcipher.c | 3 +-
crypto/echainiv.c | 115 +++++++++--------------------------------
4 files changed, 28 insertions(+), 94 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-09-23 14:48:35

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.8

Hi Linus:

This push fixes a regression RSA that was only half-fixed earlier
in the cycle. It also fixes an older regression that breaks the
keyring subsystem.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Herbert Xu (2):
KEYS: Fix skcipher IV clobbering
crypto: rsa-pkcs1pad - Handle leading zero for decryption

crypto/rsa-pkcs1pad.c | 41 +++++++++++++++++-------------
security/keys/encrypted-keys/encrypted.c | 11 +++++---
2 files changed, 31 insertions(+), 21 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-10-10 03:35:55

by Herbert Xu

[permalink] [raw]
Subject: Crypto Update for 4.9

Hi Linus:

Here is the crypto update for 4.9:

API:

* The crypto engine code now supports hashes.

Algorithms:

* Allow keys >= 2048 bits in FIPS mode for RSA.

Drivers:

* Memory overwrite fix for vmx ghash.
* Add support for building ARM sha1-neon in Thumb2 mode.
* Reenable ARM ghash-ce code by adding import/export.
* Reenable img-hash by adding import/export.
* Add support for multiple cores in omap-aes.
* Add little-endian support for sha1-powerpc.
* Add Cavium HWRNG driver for ThunderX SoC.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Ananth Jasty (1):
PCI: quirk fixup for cavium invalid sriov link value.

Ard Biesheuvel (3):
crypto: arm/sha1-neon - add support for building in Thumb2 mode
crypto: arm/ghash-ce - add missing async import/export
crypto: arm/ghash - change internal cra_name to "__ghash"

Arnd Bergmann (1):
crypto: mv_cesa - remove NO_IRQ reference

Arvind Yadav (2):
hwrng: bcm2835 - handle of_iomap failures
crypto: caam - Unmap region obtained by of_iomap

Baoyou Xie (2):
crypto: caam - add missing header dependencies
crypto: sun4i-ss - mark sun4i_hash() static

Catalin Vasile (2):
crypto: caam - fix rfc3686(ctr(aes)) IV load
crypto: caam - fix sg dump

Corentin LABBE (17):
crypto: xts - fix a little typo
crypto: sun4i-ss - fix a few signed warning
crypto: sun4i-ss - unify update/final function
crypto: sun4i-ss - clean unused ss
crypto: sun4i-ss - fix spelling
crypto: sun4i-ss - Always use sun4i_tfm_ctx for storing pointer to dev ss
crypto: sun4i-ss - fix indentation of two crypto alg
hwrng: amd - Fix style problem with blank line
hwrng: amd - use the BIT macro
hwrng: amd - Be consitent with the driver name
hwrng: amd - Remove asm/io.h
hwrng: amd - release_region must be called after hwrng_unregister
hwrng: amd - Replace global variable with private struct
hwrng: amd - Access hardware via ioread32/iowrite32
hwrng: amd - Convert to new hwrng read() API
crypto: engine - move crypto engine to its own header
crypto: engine - permit to enqueue ashash_request

Daniel Thompson (1):
hwrng: core - Improve description of the ->read() interface

Dave Gerlach (1):
hwrng: omap - Only fail if pm_runtime_get_sync returns < 0

Eric Biggers (1):
crypto: doc - fix documentation for bulk registration functions

Fabio Estevam (1):
crypto: mxc-scc - check clk_prepare_enable() error

Gary R Hook (13):
crypto: ccp - Fix non-conforming comment style
crypto: ccp - Abstract PCI info for the CCP
crypto: ccp - Shorten the fields of the action structure
crypto: ccp - Refactoring: symbol cleanup
crypto: ccp - Refactor the storage block allocation code
crypto: ccp - Refactor code supporting the CCP's RNG
crypto: ccp - Refactor code to enable checks for queue space.
crypto: ccp - Let a v5 CCP provide the same function as v3
crypto: ccp - Add support for the RNG in a version 5 CCP
crypto: ccp - Enable DMA service on a v5 CCP
crypto: ccp - Enable use of the additional CCP
crypto: ccp - clean up data structure
crypto: ccp - Make syslog errors human-readable

Giovanni Cabiddu (1):
crypto: qat - fix leak on error path

Govindraj Raja (1):
crypto: img-hash - Add suspend resume hooks for img hash

Herbert Xu (4):
crypto: xor - Fix warning when XOR_SELECT_TEMPLATE is unset
crypto: algif_hash - Handle NULL hashes correctly
PCI: Fix cavium quirk compile failure with PCI_ATS off
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

James Hartley (2):
crypto: img-hash - Add support for export and import
crypto: img-hash - log a successful probe

Jan Stancek (1):
crypto: testmgr - add guard to dst buffer for ahash_export

Lokesh Vutla (2):
crypto: omap-aes - Add support for multiple cores
crypto: omap-aes - Add fallback support

Maksim Lukoshkov (2):
crypto: qat - fix constants table DMA
crypto: qat - fix incorrect accelerator mask for C3X devices

Marcelo Cerri (4):
crypto: ghash-generic - move common definitions to a new header file
crypto: vmx - Fix memory corruption caused by p8_ghash
crypto: sha1-powerpc - little-endian support
crypto: vmx - Ensure ghash-generic is enabled

Markus Elfring (7):
hwrng: pic32 - Delete unnecessary assignment for the field "owner"
crypto: caam - Use kmalloc_array() in ahash_setkey()
crypto: caam - Rename jump labels in ahash_setkey()
crypto: caam - Rename a jump label in five functions
crypto: caam - Return a value directly in caam_hash_cra_init()
crypto: caam - Delete an unnecessary initialisation in seven functions
crypto: caam - Move common error handling code in two functions

Martin Schwidefsky (1):
crypto: xor - skip speed test if the xor function is selected automatically

Masahiro Yamada (1):
crypto: squash lines for simple wrapper functions

Omer Khaliq (1):
hwrng: cavium - Add Cavium HWRNG driver for ThunderX SoC.

Ondrej Mosnáček (1):
crypto: gcm - Fix IV buffer size in crypto_gcm_setkey

PrasannaKumar Muralidharan (9):
hwrng: omap3-rom - Remove obsoleted functions
hwrng: Remove check for max less than 4 bytes
hwrng: tx4939 - Use devm_hwrng_register instead of hwrng_register
hwrng: pasemi - Migrate to managed API
hwrng: pasemi - Use linux/io.h instead of asm/io.h
hwrng: core - Allocate memory during module init
hwrng: amd - Migrate to managed API
hwrng: geode - Migrate to managed API
hwrng: geode - Use linux/io.h instead of asm/io.h

Quentin Lambert (3):
crypto: ixp4xx - Fix a "simple if" coding style warning
crypto: ixp4xx - Add missing npe_c release in error branches
crypto: ccp - add missing release in ccp_dmaengine_register

Romain Perier (3):
crypto: marvell - Update transformation context for each dequeued req
crypto: marvell - Don't overwrite default creq->state during initialization
crypto: marvell - Don't hardcode block size in mv_cesa_ahash_cache_req

Russell King (12):
crypto: caam - fix DMA API mapping leak
crypto: caam - ensure descriptor buffers are cacheline aligned
crypto: caam - incorporate job descriptor into struct ahash_edesc
crypto: caam - mark the hardware descriptor as cache line aligned
crypto: caam - replace sec4_sg pointer with array
crypto: caam - ensure that we clean up after an error
crypto: caam - check and use dma_map_sg() return code
crypto: caam - add ahash_edesc_alloc() for descriptor allocation
crypto: caam - move job descriptor initialisation to ahash_edesc_alloc()
crypto: caam - add ahash_edesc_add_src()
crypto: caam - get rid of tasklet
crypto: caam - avoid kernel warnings on probe failure

Stephan Mueller (3):
crypto: drbg - do not call drbg_instantiate in healt test
crypto: rsa - allow keys >= 2048 bits in FIPS mode
crypto: FIPS - allow tests to be disabled in FIPS mode

Sudip Mukherjee (1):
crypto: rockchip - use devm_add_action_or_reset()

Tero Kristo (14):
crypto: omap-sham - avoid executing tasklet where not needed
crypto: omap-sham - fix software fallback handling
crypto: omap-sham - fix SW fallback HMAC handling for omap2/omap3
crypto: omap-aes - use runtime_pm autosuspend for clock handling
crypto: omap-aes - fix crypto engine initialization order
crypto: omap-des - fix crypto engine initialization order
crypto: omap-sham - add context export/import stubs
crypto: omap-sham - align algorithms on word offset
crypto: omap-sham - rename sgl to sgl_tmp for deprecation
crypto: omap-sham - add support functions for sg based data handling
crypto: omap-sham - change the DMA threshold value to a define
crypto: omap-sham - convert driver logic to use sgs for data xmit
crypto: omap-sham - add support for export/import
crypto: omap-sham - shrink the internal buffer size

Thomas Petazzoni (4):
crypto: marvell - be explicit about destination in mv_cesa_dma_add_op()
crypto: marvell - remove unused parameter in mv_cesa_ahash_dma_add_cache()
crypto: marvell - turn mv_cesa_ahash_init() into a function returning void
crypto: marvell - make mv_cesa_ahash_cache_req() return bool

Tudor Ambarus (1):
crypto: caam - treat SGT address pointer as u64

Wei Yongjun (10):
crypto: ccp - Fix non static symbol warning
crypto: sun4i-ss - fix missing unlock on error in sun4i_hash()
crypto: drbg - fix error return code
hwrng: st - Fix missing clk_disable_unprepare() on error in st_rng_probe()
crypto: omap-des - fix error return code in omap_des_probe()
crypto: omap-aes - fix error return code in omap_aes_probe()
crypto: ccp - use kmem_cache_zalloc instead of kmem_cache_alloc/memset
hwrng: amd - Fix return value check in mod_init()
hwrng: geode - fix return value check in mod_init()
crypto: ccp - Fix return value check in ccp_dmaengine_register()

Will Thomas (4):
crypto: img-hash - Fix null pointer exception
crypto: img-hash - Fix hash request context
crypto: img-hash - Reconfigure DMA Burst length
crypto: img-hash - Fix set_reqsize call

Yanjiang Jin (1):
crypto: testmgr - fix !x==y confusion

Documentation/DocBook/crypto-API.tmpl | 38 +-
arch/arm/crypto/ghash-ce-glue.c | 26 +-
arch/arm/crypto/sha1-armv7-neon.S | 1 -
arch/powerpc/crypto/sha1-powerpc-asm.S | 13 +-
crypto/algif_hash.c | 73 +-
crypto/crct10dif_generic.c | 5 +-
crypto/crypto_engine.c | 187 +++-
crypto/drbg.c | 31 +-
crypto/gcm.c | 2 +-
crypto/ghash-generic.c | 13 +-
crypto/mcryptd.c | 7 +-
crypto/rsa_helper.c | 4 +-
crypto/testmgr.c | 24 +-
crypto/testmgr.h | 4 +
crypto/xor.c | 41 +-
crypto/xts.c | 2 +-
drivers/char/hw_random/Kconfig | 13 +
drivers/char/hw_random/Makefile | 1 +
drivers/char/hw_random/amd-rng.c | 140 +--
drivers/char/hw_random/bcm2835-rng.c | 5 +-
drivers/char/hw_random/cavium-rng-vf.c | 99 +++
drivers/char/hw_random/cavium-rng.c | 94 ++
drivers/char/hw_random/core.c | 37 +-
drivers/char/hw_random/geode-rng.c | 58 +-
drivers/char/hw_random/meson-rng.c | 3 -
drivers/char/hw_random/omap-rng.c | 4 +-
drivers/char/hw_random/omap3-rom-rng.c | 10 +-
drivers/char/hw_random/pasemi-rng.c | 39 +-
drivers/char/hw_random/pic32-rng.c | 1 -
drivers/char/hw_random/st-rng.c | 4 +-
drivers/char/hw_random/tx4939-rng.c | 11 +-
drivers/crypto/Kconfig | 3 +
drivers/crypto/caam/caamalg.c | 161 ++--
drivers/crypto/caam/caamhash.c | 581 ++++++------
drivers/crypto/caam/ctrl.c | 3 +
drivers/crypto/caam/desc.h | 6 -
drivers/crypto/caam/desc_constr.h | 17 +
drivers/crypto/caam/intern.h | 1 -
drivers/crypto/caam/jr.c | 26 +-
drivers/crypto/caam/regs.h | 8 +
drivers/crypto/caam/sg_sw_sec4.h | 2 +-
drivers/crypto/ccp/Makefile | 1 +
drivers/crypto/ccp/ccp-crypto-sha.c | 18 +-
drivers/crypto/ccp/ccp-dev-v3.c | 182 ++--
drivers/crypto/ccp/ccp-dev-v5.c | 1017 ++++++++++++++++++++++
drivers/crypto/ccp/ccp-dev.c | 113 ++-
drivers/crypto/ccp/ccp-dev.h | 312 +++++--
drivers/crypto/ccp/ccp-dmaengine.c | 11 +-
drivers/crypto/ccp/ccp-ops.c | 576 ++++++------
drivers/crypto/ccp/ccp-pci.c | 23 +-
drivers/crypto/hifn_795x.c | 12 +-
drivers/crypto/img-hash.c | 108 ++-
drivers/crypto/ixp4xx_crypto.c | 9 +-
drivers/crypto/marvell/cesa.c | 1 +
drivers/crypto/marvell/hash.c | 44 +-
drivers/crypto/marvell/tdma.c | 1 +
drivers/crypto/mv_cesa.c | 7 +-
drivers/crypto/mxc-scc.c | 4 +-
drivers/crypto/omap-aes.c | 141 +--
drivers/crypto/omap-des.c | 35 +-
drivers/crypto/omap-sham.c | 568 +++++++-----
drivers/crypto/qat/qat_c3xxx/adf_c3xxx_hw_data.h | 2 +-
drivers/crypto/qat/qat_common/adf_admin.c | 20 +-
drivers/crypto/qat/qat_common/qat_uclo.c | 8 +-
drivers/crypto/rockchip/rk3288_crypto.c | 6 +-
drivers/crypto/sunxi-ss/sun4i-ss-cipher.c | 6 +-
drivers/crypto/sunxi-ss/sun4i-ss-core.c | 68 +-
drivers/crypto/sunxi-ss/sun4i-ss-hash.c | 165 ++--
drivers/crypto/sunxi-ss/sun4i-ss.h | 2 +-
drivers/crypto/vmx/Kconfig | 1 +
drivers/crypto/vmx/ghash.c | 31 +-
drivers/pci/quirks.c | 11 +
include/crypto/algapi.h | 70 --
include/crypto/engine.h | 107 +++
include/crypto/ghash.h | 23 +
include/linux/ccp.h | 3 -
include/linux/hw_random.h | 4 +-
77 files changed, 3853 insertions(+), 1655 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2016-10-25 02:35:05

by Herbert Xu

[permalink] [raw]
Subject: Crypto Fixes for 4.9

Hi Linus:

This push fixes a regression caused by the stack vmalloc change.


Please pull from

git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git linus


Andrew Lutomirski (1):
hwrng: core - Don't use a stack buffer in add_early_randomness()

drivers/char/hw_random/core.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)

Thanks,
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt