]> git.ipfire.org Git - thirdparty/linux.git/commitdiff
Merge tag 'v7.1-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
authorLinus Torvalds <torvalds@linux-foundation.org>
Wed, 15 Apr 2026 22:22:26 +0000 (15:22 -0700)
committerLinus Torvalds <torvalds@linux-foundation.org>
Wed, 15 Apr 2026 22:22:26 +0000 (15:22 -0700)
Pull crypto update from Herbert Xu:
 "API:
   - Replace crypto_get_default_rng with crypto_stdrng_get_bytes
   - Remove simd skcipher support
   - Allow algorithm types to be disabled when CRYPTO_SELFTESTS is off

  Algorithms:
   - Remove CPU-based des/3des acceleration
   - Add test vectors for authenc(hmac(md5),cbc({aes,des})) and
     authenc(hmac({md5,sha1,sha224,sha256,sha384,sha512}),rfc3686(ctr(aes)))
   - Replace spin lock with mutex in jitterentropy

  Drivers:
   - Add authenc algorithms to safexcel
   - Add support for zstd in qat
   - Add wireless mode support for QAT GEN6
   - Add anti-rollback support for QAT GEN6
   - Add support for ctr(aes), gcm(aes), and ccm(aes) in dthev2"

* tag 'v7.1-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (129 commits)
  crypto: af_alg - use sock_kmemdup in alg_setkey_by_key_serial
  crypto: vmx - remove CRYPTO_DEV_VMX from Kconfig
  crypto: omap - convert reqctx buffer to fixed-size array
  crypto: atmel-sha204a - add Thorsten Blum as maintainer
  crypto: atmel-ecc - add Thorsten Blum as maintainer
  crypto: qat - fix IRQ cleanup on 6xxx probe failure
  crypto: geniv - Remove unused spinlock from struct aead_geniv_ctx
  crypto: qce - simplify qce_xts_swapiv()
  crypto: hisilicon - Fix dma_unmap_single() direction
  crypto: talitos - rename first/last to first_desc/last_desc
  crypto: talitos - fix SEC1 32k ahash request limitation
  crypto: jitterentropy - replace long-held spinlock with mutex
  crypto: hisilicon - remove unused and non-public APIs for qm and sec
  crypto: hisilicon/qm - drop redundant variable initialization
  crypto: hisilicon/qm - remove else after return
  crypto: hisilicon/qm - add const qualifier to info_name in struct qm_cmd_dump_item
  crypto: hisilicon - fix the format string type error
  crypto: ccree - fix a memory leak in cc_mac_digest()
  crypto: qat - add support for zstd
  crypto: qat - use swab32 macro
  ...

19 files changed:
1  2 
MAINTAINERS
arch/s390/configs/debug_defconfig
arch/s390/configs/defconfig
arch/s390/crypto/Kconfig
arch/s390/crypto/Makefile
arch/x86/crypto/Kconfig
arch/x86/crypto/Makefile
crypto/Kconfig
crypto/af_alg.c
crypto/jitterentropy-kcapi.c
crypto/tcrypt.c
crypto/testmgr.c
crypto/testmgr.h
drivers/crypto/Kconfig
drivers/crypto/caam/caamalg_qi2.c
drivers/crypto/caam/caamhash.c
drivers/crypto/ccp/sev-dev.c
drivers/crypto/tegra/tegra-se-aes.c
drivers/crypto/tegra/tegra-se-hash.c

diff --cc MAINTAINERS
Simple merge
index 2ad83fab2b45fe772b0776ebd4bc7e4b44013337,74e4bb236623d516dfefedd37bc163af7e72c800..34b5ea7885f5c7306deeb7c0392d3913e2820ccb
@@@ -807,8 -809,8 +807,7 @@@ CONFIG_CRYPTO_USER_API_HASH=
  CONFIG_CRYPTO_USER_API_SKCIPHER=m
  CONFIG_CRYPTO_USER_API_RNG=m
  CONFIG_CRYPTO_USER_API_AEAD=m
 -CONFIG_CRYPTO_GHASH_S390=m
  CONFIG_CRYPTO_AES_S390=m
- CONFIG_CRYPTO_DES_S390=m
  CONFIG_CRYPTO_HMAC_S390=m
  CONFIG_ZCRYPT=m
  CONFIG_PKEY=m
index 5e3e2fe31b6b57271960dbbeaaaef497847b30f1,5cb7b715ba6b5b849a85002300fca55798c6793c..d89c988f33ea12b40e2dee29eb838c9ec7c436bd
@@@ -792,8 -794,8 +792,7 @@@ CONFIG_CRYPTO_USER_API_HASH=
  CONFIG_CRYPTO_USER_API_SKCIPHER=m
  CONFIG_CRYPTO_USER_API_RNG=m
  CONFIG_CRYPTO_USER_API_AEAD=m
 -CONFIG_CRYPTO_GHASH_S390=m
  CONFIG_CRYPTO_AES_S390=m
- CONFIG_CRYPTO_DES_S390=m
  CONFIG_CRYPTO_HMAC_S390=m
  CONFIG_ZCRYPT=m
  CONFIG_PKEY=m
Simple merge
Simple merge
Simple merge
Simple merge
diff --cc crypto/Kconfig
Simple merge
diff --cc crypto/af_alg.c
Simple merge
index 4ad729357441021b72de8bbfc5298b28c09873d7,5edc6d285aa1497e504e42774b506798ae46830b..652852649a3124df3be87af9fe6c06f87f291546
@@@ -172,18 -194,27 +173,18 @@@ void jent_read_random_block(struct sha3
   ***************************************************************************/
  
  struct jitterentropy {
-       spinlock_t jent_lock;
+       struct mutex jent_lock;
        struct rand_data *entropy_collector;
 -      struct crypto_shash *tfm;
 -      struct shash_desc *sdesc;
 +      struct sha3_ctx hash_state;
  };
  
  static void jent_kcapi_cleanup(struct crypto_tfm *tfm)
  {
        struct jitterentropy *rng = crypto_tfm_ctx(tfm);
  
-       spin_lock(&rng->jent_lock);
+       mutex_lock(&rng->jent_lock);
  
 -      if (rng->sdesc) {
 -              shash_desc_zero(rng->sdesc);
 -              kfree(rng->sdesc);
 -      }
 -      rng->sdesc = NULL;
 -
 -      if (rng->tfm)
 -              crypto_free_shash(rng->tfm);
 -      rng->tfm = NULL;
 +      memzero_explicit(&rng->hash_state, sizeof(rng->hash_state));
  
        if (rng->entropy_collector)
                jent_entropy_collector_free(rng->entropy_collector);
  static int jent_kcapi_init(struct crypto_tfm *tfm)
  {
        struct jitterentropy *rng = crypto_tfm_ctx(tfm);
 -      struct crypto_shash *hash;
 -      struct shash_desc *sdesc;
 -      int size, ret = 0;
 +      int ret = 0;
  
-       spin_lock_init(&rng->jent_lock);
+       mutex_init(&rng->jent_lock);
  
        /* Use SHA3-256 as conditioner */
 -      hash = crypto_alloc_shash(JENT_CONDITIONING_HASH, 0, 0);
 -      if (IS_ERR(hash)) {
 -              pr_err("Cannot allocate conditioning digest\n");
 -              return PTR_ERR(hash);
 -      }
 -      rng->tfm = hash;
 -
 -      size = sizeof(struct shash_desc) + crypto_shash_descsize(hash);
 -      sdesc = kmalloc(size, GFP_KERNEL);
 -      if (!sdesc) {
 -              ret = -ENOMEM;
 -              goto err;
 -      }
 -
 -      sdesc->tfm = hash;
 -      crypto_shash_init(sdesc);
 -      rng->sdesc = sdesc;
 +      sha3_256_init(&rng->hash_state);
  
 -      rng->entropy_collector =
 -              jent_entropy_collector_alloc(CONFIG_CRYPTO_JITTERENTROPY_OSR, 0,
 -                                           sdesc);
 +      rng->entropy_collector = jent_entropy_collector_alloc(
 +              CONFIG_CRYPTO_JITTERENTROPY_OSR, 0, &rng->hash_state);
        if (!rng->entropy_collector) {
                ret = -ENOMEM;
                goto err;
diff --cc crypto/tcrypt.c
Simple merge
index a8079cff775508d2a2aea1e8574826e23a6646b1,30671e7bc349d6d05fda30e6bade4c1cbcd7d4cf..4d86efae65b217321caccaf2e1f89a60826bce6a
@@@ -4128,12 -4149,17 +4149,17 @@@ static const struct alg_test_desc alg_t
                }
        }, {
                .alg = "authenc(hmac(sha1),rfc3686(ctr(aes)))",
-               .test = alg_test_null,
+               .generic_driver = "authenc(hmac-sha1-lib,rfc3686(ctr(aes-lib)))",
+               .test = alg_test_aead,
                .fips_allowed = 1,
+               .suite = {
+                       .aead = __VECS(hmac_sha1_aes_ctr_rfc3686_tv_temp)
+               }
        }, {
                .alg = "authenc(hmac(sha224),cbc(aes))",
 -              .generic_driver = "authenc(hmac-sha224-lib,cbc(aes-generic))",
 +              .generic_driver = "authenc(hmac-sha224-lib,cbc(aes-lib))",
                .test = alg_test_aead,
+               .fips_allowed = 1,
                .suite = {
                        .aead = __VECS(hmac_sha224_aes_cbc_tv_temp)
                }
                }
        }, {
                .alg = "authenc(hmac(sha256),rfc3686(ctr(aes)))",
-               .test = alg_test_null,
+               .generic_driver = "authenc(hmac-sha256-lib,rfc3686(ctr(aes-lib)))",
+               .test = alg_test_aead,
                .fips_allowed = 1,
+               .suite = {
+                       .aead = __VECS(hmac_sha256_aes_ctr_rfc3686_tv_temp)
+               }
        }, {
                .alg = "authenc(hmac(sha384),cbc(aes))",
 -              .generic_driver = "authenc(hmac-sha384-lib,cbc(aes-generic))",
 +              .generic_driver = "authenc(hmac-sha384-lib,cbc(aes-lib))",
                .test = alg_test_aead,
+               .fips_allowed = 1,
                .suite = {
                        .aead = __VECS(hmac_sha384_aes_cbc_tv_temp)
                }
Simple merge
Simple merge
Simple merge
Simple merge
Simple merge
Simple merge
Simple merge