From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Mon, 26 May 2025 20:47:28 +0000 (-0700)
Subject: Merge tag 'v6.16-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
X-Git-Tag: v6.16-rc1~206
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=14418ddcc2c2055743ac7ee53d5ac2cf8a8660a7;p=thirdparty%2Fkernel%2Flinux.git

Merge tag 'v6.16-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

Pull crypto updates from Herbert Xu:
 "API:
   - Fix memcpy_sglist to handle partially overlapping SG lists
   - Use memcpy_sglist to replace null skcipher
   - Rename CRYPTO_TESTS to CRYPTO_BENCHMARK
   - Flip CRYPTO_MANAGER_DISABLE_TEST into CRYPTO_SELFTESTS
   - Hide CRYPTO_MANAGER
   - Add delayed freeing of driver crypto_alg structures

  Compression:
   - Allocate large buffers on first use instead of initialisation in scomp
   - Drop destination linearisation buffer in scomp
   - Move scomp stream allocation into acomp
   - Add acomp scatter-gather walker
   - Remove request chaining
   - Add optional async request allocation

  Hashing:
   - Remove request chaining
   - Add optional async request allocation
   - Move partial block handling into API
   - Add ahash support to hmac
   - Fix shash documentation to disallow usage in hard IRQs

  Algorithms:
   - Remove unnecessary SIMD fallback code on x86 and arm/arm64
   - Drop avx10_256 xts(aes)/ctr(aes) on x86
   - Improve avx-512 optimisations for xts(aes)
   - Move chacha arch implementations into lib/crypto
   - Move poly1305 into lib/crypto and drop unused Crypto API algorithm
   - Disable powerpc/poly1305 as it has no SIMD fallback
   - Move sha256 arch implementations into lib/crypto
   - Convert deflate to acomp
   - Set block size correctly in cbcmac

  Drivers:
   - Do not use sg_dma_len before mapping in sun8i-ss
   - Fix warm-reboot failure by making shutdown do more work in qat
   - Add locking in zynqmp-sha
   - Remove cavium/zip
   - Add support for PCI device 0x17D8 to ccp
   - Add qat_6xxx support in qat
   - Add support for RK3576 in rockchip-rng
   - Add support for i.MX8QM in caam

  Others:
   - Fix irq_fpu_usable/kernel_fpu_begin inconsistency during CPU bring-up
   - Add new SEV/SNP platform shutdown API in ccp"

* tag 'v6.16-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (382 commits)
  x86/fpu: Fix irq_fpu_usable() to return false during CPU onlining
  crypto: qat - add missing header inclusion
  crypto: api - Redo lookup on EEXIST
  Revert "crypto: testmgr - Add hash export format testing"
  crypto: marvell/cesa - Do not chain submitted requests
  crypto: powerpc/poly1305 - add depends on BROKEN for now
  Revert "crypto: powerpc/poly1305 - Add SIMD fallback"
  crypto: ccp - Add missing tee info reg for teev2
  crypto: ccp - Add missing bootloader info reg for pspv5
  crypto: sun8i-ce - move fallback ahash_request to the end of the struct
  crypto: octeontx2 - Use dynamic allocated memory region for lmtst
  crypto: octeontx2 - Initialize cptlfs device info once
  crypto: xts - Only add ecb if it is not already there
  crypto: lrw - Only add ecb if it is not already there
  crypto: testmgr - Add hash export format testing
  crypto: testmgr - Use ahash for generic tfm
  crypto: hmac - Add ahash support
  crypto: testmgr - Ignore EEXIST on shash allocation
  crypto: algapi - Add driver template support to crypto_inst_setname
  crypto: shash - Set reqsize in shash_alg
  ...
---

14418ddcc2c2055743ac7ee53d5ac2cf8a8660a7
diff --cc arch/arm64/configs/defconfig
index c4ce2c67c0e06,4166bc4d3cec0..370ad70b4be84
--- a/arch/arm64/configs/defconfig
+++ b/arch/arm64/configs/defconfig
@@@ -1729,15 -1729,14 +1729,14 @@@ CONFIG_NLS_CODEPAGE_437=
  CONFIG_NLS_ISO8859_1=y
  CONFIG_SECURITY=y
  CONFIG_CRYPTO_USER=y
 +CONFIG_CRYPTO_CHACHA20=m
- CONFIG_CRYPTO_TEST=m
+ CONFIG_CRYPTO_BENCHMARK=m
  CONFIG_CRYPTO_ECHAINIV=y
  CONFIG_CRYPTO_MICHAEL_MIC=m
  CONFIG_CRYPTO_ANSI_CPRNG=y
  CONFIG_CRYPTO_USER_API_RNG=m
 -CONFIG_CRYPTO_CHACHA20_NEON=m
  CONFIG_CRYPTO_GHASH_ARM64_CE=y
  CONFIG_CRYPTO_SHA1_ARM64_CE=y
- CONFIG_CRYPTO_SHA2_ARM64_CE=y
  CONFIG_CRYPTO_SHA512_ARM64_CE=m
  CONFIG_CRYPTO_SHA3_ARM64=m
  CONFIG_CRYPTO_SM3_ARM64_CE=m
diff --cc arch/s390/configs/debug_defconfig
index 24b22f6a9e995,bc960b1eabaef..8ecad727497e1
--- a/arch/s390/configs/debug_defconfig
+++ b/arch/s390/configs/debug_defconfig
@@@ -751,14 -741,12 +751,14 @@@ CONFIG_IMA=
  CONFIG_IMA_DEFAULT_HASH_SHA256=y
  CONFIG_IMA_WRITE_POLICY=y
  CONFIG_IMA_APPRAISE=y
 +CONFIG_FORTIFY_SOURCE=y
 +CONFIG_HARDENED_USERCOPY=y
  CONFIG_BUG_ON_DATA_CORRUPTION=y
  CONFIG_CRYPTO_USER=m
- # CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set
+ CONFIG_CRYPTO_SELFTESTS=y
  CONFIG_CRYPTO_PCRYPT=m
  CONFIG_CRYPTO_CRYPTD=m
- CONFIG_CRYPTO_TEST=m
+ CONFIG_CRYPTO_BENCHMARK=m
  CONFIG_CRYPTO_DH=m
  CONFIG_CRYPTO_ECDH=m
  CONFIG_CRYPTO_ECDSA=m
diff --cc crypto/Makefile
index 186f968baa39e,0b4641c5bbe1f..017df3a2e4bb3
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@@ -148,16 -148,14 +148,16 @@@ obj-$(CONFIG_CRYPTO_KHAZAD) += khazad.
  obj-$(CONFIG_CRYPTO_ANUBIS) += anubis.o
  obj-$(CONFIG_CRYPTO_SEED) += seed.o
  obj-$(CONFIG_CRYPTO_ARIA) += aria_generic.o
- obj-$(CONFIG_CRYPTO_CHACHA20) += chacha_generic.o
- obj-$(CONFIG_CRYPTO_POLY1305) += poly1305_generic.o
+ obj-$(CONFIG_CRYPTO_CHACHA20) += chacha.o
+ CFLAGS_chacha.o += -DARCH=$(ARCH)
  obj-$(CONFIG_CRYPTO_DEFLATE) += deflate.o
  obj-$(CONFIG_CRYPTO_MICHAEL_MIC) += michael_mic.o
 -obj-$(CONFIG_CRYPTO_CRC32C) += crc32c_generic.o
 -obj-$(CONFIG_CRYPTO_CRC32) += crc32_generic.o
 -CFLAGS_crc32c_generic.o += -DARCH=$(ARCH)
 -CFLAGS_crc32_generic.o += -DARCH=$(ARCH)
 +obj-$(CONFIG_CRYPTO_CRC32C) += crc32c-cryptoapi.o
 +crc32c-cryptoapi-y := crc32c.o
 +CFLAGS_crc32c.o += -DARCH=$(ARCH)
 +obj-$(CONFIG_CRYPTO_CRC32) += crc32-cryptoapi.o
 +crc32-cryptoapi-y := crc32.o
 +CFLAGS_crc32.o += -DARCH=$(ARCH)
  obj-$(CONFIG_CRYPTO_AUTHENC) += authenc.o authencesn.o
  obj-$(CONFIG_CRYPTO_KRB5ENC) += krb5enc.o
  obj-$(CONFIG_CRYPTO_LZO) += lzo.o lzo-rle.o
diff --cc fs/bcachefs/checksum.c
index ff5ab8ada777a,a4df8eba75f3e..d3e2e4f776c69
--- a/fs/bcachefs/checksum.c
+++ b/fs/bcachefs/checksum.c
@@@ -106,14 -106,14 +106,14 @@@ static void bch2_chacha20_init(struct c
  	memzero_explicit(key_words, sizeof(key_words));
  }
  
 -static void bch2_chacha20(const struct bch_key *key, struct nonce nonce,
 -			  void *data, size_t len)
 +void bch2_chacha20(const struct bch_key *key, struct nonce nonce,
 +		   void *data, size_t len)
  {
- 	u32 state[CHACHA_STATE_WORDS];
+ 	struct chacha_state state;
  
- 	bch2_chacha20_init(state, key, nonce);
- 	chacha20_crypt(state, data, data, len);
- 	memzero_explicit(state, sizeof(state));
+ 	bch2_chacha20_init(&state, key, nonce);
+ 	chacha20_crypt(&state, data, data, len);
+ 	chacha_zeroize_state(&state);
  }
  
  static void bch2_poly1305_init(struct poly1305_desc_ctx *desc,