Merge tag 'v6.16-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

Pull crypto updates from Herbert Xu:
 "API:
   - Fix memcpy_sglist to handle partially overlapping SG lists
   - Use memcpy_sglist to replace null skcipher
   - Rename CRYPTO_TESTS to CRYPTO_BENCHMARK
   - Flip CRYPTO_MANAGER_DISABLE_TEST into CRYPTO_SELFTESTS
   - Hide CRYPTO_MANAGER
   - Add delayed freeing of driver crypto_alg structures

  Compression:
   - Allocate large buffers on first use instead of initialisation in scomp
   - Drop destination linearisation buffer in scomp
   - Move scomp stream allocation into acomp
   - Add acomp scatter-gather walker
   - Remove request chaining
   - Add optional async request allocation

  Hashing:
   - Remove request chaining
   - Add optional async request allocation
   - Move partial block handling into API
   - Add ahash support to hmac
   - Fix shash documentation to disallow usage in hard IRQs

  Algorithms:
   - Remove unnecessary SIMD fallback code on x86 and arm/arm64
   - Drop avx10_256 xts(aes)/ctr(aes) on x86
   - Improve avx-512 optimisations for xts(aes)
   - Move chacha arch implementations into lib/crypto
   - Move poly1305 into lib/crypto and drop unused Crypto API algorithm
   - Disable powerpc/poly1305 as it has no SIMD fallback
   - Move sha256 arch implementations into lib/crypto
   - Convert deflate to acomp
   - Set block size correctly in cbcmac

  Drivers:
   - Do not use sg_dma_len before mapping in sun8i-ss
   - Fix warm-reboot failure by making shutdown do more work in qat
   - Add locking in zynqmp-sha
   - Remove cavium/zip
   - Add support for PCI device 0x17D8 to ccp
   - Add qat_6xxx support in qat
   - Add support for RK3576 in rockchip-rng
   - Add support for i.MX8QM in caam

  Others:
   - Fix irq_fpu_usable/kernel_fpu_begin inconsistency during CPU bring-up
   - Add new SEV/SNP platform shutdown API in ccp"

* tag 'v6.16-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (382 commits)
  x86/fpu: Fix irq_fpu_usable() to return false during CPU onlining
  crypto: qat - add missing header inclusion
  crypto: api - Redo lookup on EEXIST
  Revert "crypto: testmgr - Add hash export format testing"
  crypto: marvell/cesa - Do not chain submitted requests
  crypto: powerpc/poly1305 - add depends on BROKEN for now
  Revert "crypto: powerpc/poly1305 - Add SIMD fallback"
  crypto: ccp - Add missing tee info reg for teev2
  crypto: ccp - Add missing bootloader info reg for pspv5
  crypto: sun8i-ce - move fallback ahash_request to the end of the struct
  crypto: octeontx2 - Use dynamic allocated memory region for lmtst
  crypto: octeontx2 - Initialize cptlfs device info once
  crypto: xts - Only add ecb if it is not already there
  crypto: lrw - Only add ecb if it is not already there
  crypto: testmgr - Add hash export format testing
  crypto: testmgr - Use ahash for generic tfm
  crypto: hmac - Add ahash support
  crypto: testmgr - Ignore EEXIST on shash allocation
  crypto: algapi - Add driver template support to crypto_inst_setname
  crypto: shash - Set reqsize in shash_alg
  ...

diff --cc MAINTAINERS
Simple merge

diff --cc arch/arm/lib/Makefile
Simple merge

diff --cc arch/arm64/configs/defconfig
index c4ce2c67c0e067a711b6fbe13a3814cb18727816,4166bc4d3cec0ff21a0e2f39c3a18a7e36f7a35e..370ad70b4be846996fe43c6cea83c5f2a8b5710f
--- 1/arch/arm64/configs/defconfig
--- 2/arch/arm64/configs/defconfig
+++ b/arch/arm64/configs/defconfig
@@@ -1729,15 -1729,14 +1729,14 @@@ CONFIG_NLS_CODEPAGE_437=
  CONFIG_NLS_ISO8859_1=y
  CONFIG_SECURITY=y
  CONFIG_CRYPTO_USER=y
- CONFIG_CRYPTO_TEST=m
 +CONFIG_CRYPTO_CHACHA20=m
+ CONFIG_CRYPTO_BENCHMARK=m
  CONFIG_CRYPTO_ECHAINIV=y
  CONFIG_CRYPTO_MICHAEL_MIC=m
  CONFIG_CRYPTO_ANSI_CPRNG=y
  CONFIG_CRYPTO_USER_API_RNG=m
 -CONFIG_CRYPTO_CHACHA20_NEON=m
  CONFIG_CRYPTO_GHASH_ARM64_CE=y
  CONFIG_CRYPTO_SHA1_ARM64_CE=y
- CONFIG_CRYPTO_SHA2_ARM64_CE=y
  CONFIG_CRYPTO_SHA512_ARM64_CE=m
  CONFIG_CRYPTO_SHA3_ARM64=m
  CONFIG_CRYPTO_SM3_ARM64_CE=m

diff --cc arch/arm64/lib/Makefile
Simple merge

diff --cc arch/powerpc/lib/Makefile
Simple merge

diff --cc arch/powerpc/lib/crc-t10dif.c
Simple merge

diff --cc arch/powerpc/lib/crc32.c
Simple merge

diff --cc arch/s390/configs/debug_defconfig
index 24b22f6a9e9959d5898421627829e80ac64224ff,bc960b1eabaef67914189bbc1475e4ad0f1ade28..8ecad727497e1351dc66cc3f0f571143e1479ed8
--- 1/arch/s390/configs/debug_defconfig
--- 2/arch/s390/configs/debug_defconfig
+++ b/arch/s390/configs/debug_defconfig
@@@ -751,14 -741,12 +751,14 @@@ CONFIG_IMA=
  CONFIG_IMA_DEFAULT_HASH_SHA256=y
  CONFIG_IMA_WRITE_POLICY=y
  CONFIG_IMA_APPRAISE=y
 +CONFIG_FORTIFY_SOURCE=y
 +CONFIG_HARDENED_USERCOPY=y
  CONFIG_BUG_ON_DATA_CORRUPTION=y
  CONFIG_CRYPTO_USER=m
- # CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set
+ CONFIG_CRYPTO_SELFTESTS=y
  CONFIG_CRYPTO_PCRYPT=m
  CONFIG_CRYPTO_CRYPTD=m
- CONFIG_CRYPTO_TEST=m
+ CONFIG_CRYPTO_BENCHMARK=m
  CONFIG_CRYPTO_DH=m
  CONFIG_CRYPTO_ECDH=m
  CONFIG_CRYPTO_ECDSA=m

diff --cc arch/s390/configs/defconfig
Simple merge

diff --cc arch/s390/lib/Makefile
Simple merge

diff --cc arch/sparc/lib/Makefile
Simple merge

diff --cc arch/x86/kvm/svm/sev.c
Simple merge

diff --cc arch/x86/lib/Makefile
Simple merge

diff --cc crypto/Makefile
index 186f968baa39efae66c1c7834931029937733136,0b4641c5bbe1fecb7eda0c558b433dfebda3e73e..017df3a2e4bb3174edbf0ed7c8876c02511dc203
--- 1/crypto/Makefile
--- 2/crypto/Makefile
+++ b/crypto/Makefile
@@@ -148,16 -148,14 +148,16 @@@ obj-$(CONFIG_CRYPTO_KHAZAD) += khazad.
  obj-$(CONFIG_CRYPTO_ANUBIS) += anubis.o
  obj-$(CONFIG_CRYPTO_SEED) += seed.o
  obj-$(CONFIG_CRYPTO_ARIA) += aria_generic.o
- obj-$(CONFIG_CRYPTO_CHACHA20) += chacha_generic.o
- obj-$(CONFIG_CRYPTO_POLY1305) += poly1305_generic.o
+ obj-$(CONFIG_CRYPTO_CHACHA20) += chacha.o
+ CFLAGS_chacha.o += -DARCH=$(ARCH)
  obj-$(CONFIG_CRYPTO_DEFLATE) += deflate.o
  obj-$(CONFIG_CRYPTO_MICHAEL_MIC) += michael_mic.o
 -obj-$(CONFIG_CRYPTO_CRC32C) += crc32c_generic.o
 -obj-$(CONFIG_CRYPTO_CRC32) += crc32_generic.o
 -CFLAGS_crc32c_generic.o += -DARCH=$(ARCH)
 -CFLAGS_crc32_generic.o += -DARCH=$(ARCH)
 +obj-$(CONFIG_CRYPTO_CRC32C) += crc32c-cryptoapi.o
 +crc32c-cryptoapi-y := crc32c.o
 +CFLAGS_crc32c.o += -DARCH=$(ARCH)
 +obj-$(CONFIG_CRYPTO_CRC32) += crc32-cryptoapi.o
 +crc32-cryptoapi-y := crc32.o
 +CFLAGS_crc32.o += -DARCH=$(ARCH)
  obj-$(CONFIG_CRYPTO_AUTHENC) += authenc.o authencesn.o
  obj-$(CONFIG_CRYPTO_KRB5ENC) += krb5enc.o
  obj-$(CONFIG_CRYPTO_LZO) += lzo.o lzo-rle.o

diff --cc crypto/crc32.c
Simple merge

diff --cc crypto/crc32c.c
Simple merge

diff --cc fs/bcachefs/checksum.c
index ff5ab8ada777a4942498044166b7d0532402bec1,a4df8eba75f3ebc82c3a163af97a5fd12d0e071e..d3e2e4f776c695dc59df3ffb6ab5374b6367aff0
--- 1/fs/bcachefs/checksum.c
--- 2/fs/bcachefs/checksum.c
+++ b/fs/bcachefs/checksum.c
@@@ -106,14 -106,14 +106,14 @@@ static void bch2_chacha20_init(struct c
        memzero_explicit(key_words, sizeof(key_words));
  }
  
 -static void bch2_chacha20(const struct bch_key *key, struct nonce nonce,
 -                        void *data, size_t len)
 +void bch2_chacha20(const struct bch_key *key, struct nonce nonce,
 +                 void *data, size_t len)
  {
-       u32 state[CHACHA_STATE_WORDS];
+       struct chacha_state state;
  
-       bch2_chacha20_init(state, key, nonce);
-       chacha20_crypt(state, data, data, len);
-       memzero_explicit(state, sizeof(state));
+       bch2_chacha20_init(&state, key, nonce);
+       chacha20_crypt(&state, data, data, len);
+       chacha_zeroize_state(&state);
  }
  
  static void bch2_poly1305_init(struct poly1305_desc_ctx *desc,