From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Wed, 15 Apr 2026 22:22:26 +0000 (-0700)
Subject: Merge tag 'v7.1-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
X-Git-Url: http://git.ipfire.org/index.cgi?a=commitdiff_plain;h=aec2f682d47c54ef434b2d440992626d80b1ebdc;p=thirdparty%2Fkernel%2Flinux.git

Merge tag 'v7.1-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

Pull crypto update from Herbert Xu:
 "API:
   - Replace crypto_get_default_rng with crypto_stdrng_get_bytes
   - Remove simd skcipher support
   - Allow algorithm types to be disabled when CRYPTO_SELFTESTS is off

  Algorithms:
   - Remove CPU-based des/3des acceleration
   - Add test vectors for authenc(hmac(md5),cbc({aes,des})) and
     authenc(hmac({md5,sha1,sha224,sha256,sha384,sha512}),rfc3686(ctr(aes)))
   - Replace spin lock with mutex in jitterentropy

  Drivers:
   - Add authenc algorithms to safexcel
   - Add support for zstd in qat
   - Add wireless mode support for QAT GEN6
   - Add anti-rollback support for QAT GEN6
   - Add support for ctr(aes), gcm(aes), and ccm(aes) in dthev2"

* tag 'v7.1-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (129 commits)
  crypto: af_alg - use sock_kmemdup in alg_setkey_by_key_serial
  crypto: vmx - remove CRYPTO_DEV_VMX from Kconfig
  crypto: omap - convert reqctx buffer to fixed-size array
  crypto: atmel-sha204a - add Thorsten Blum as maintainer
  crypto: atmel-ecc - add Thorsten Blum as maintainer
  crypto: qat - fix IRQ cleanup on 6xxx probe failure
  crypto: geniv - Remove unused spinlock from struct aead_geniv_ctx
  crypto: qce - simplify qce_xts_swapiv()
  crypto: hisilicon - Fix dma_unmap_single() direction
  crypto: talitos - rename first/last to first_desc/last_desc
  crypto: talitos - fix SEC1 32k ahash request limitation
  crypto: jitterentropy - replace long-held spinlock with mutex
  crypto: hisilicon - remove unused and non-public APIs for qm and sec
  crypto: hisilicon/qm - drop redundant variable initialization
  crypto: hisilicon/qm - remove else after return
  crypto: hisilicon/qm - add const qualifier to info_name in struct qm_cmd_dump_item
  crypto: hisilicon - fix the format string type error
  crypto: ccree - fix a memory leak in cc_mac_digest()
  crypto: qat - add support for zstd
  crypto: qat - use swab32 macro
  ...
---

aec2f682d47c54ef434b2d440992626d80b1ebdc
diff --cc arch/s390/configs/debug_defconfig
index 2ad83fab2b45f,74e4bb236623d..34b5ea7885f5c
--- a/arch/s390/configs/debug_defconfig
+++ b/arch/s390/configs/debug_defconfig
@@@ -807,8 -809,8 +807,7 @@@ CONFIG_CRYPTO_USER_API_HASH=
  CONFIG_CRYPTO_USER_API_SKCIPHER=m
  CONFIG_CRYPTO_USER_API_RNG=m
  CONFIG_CRYPTO_USER_API_AEAD=m
 -CONFIG_CRYPTO_GHASH_S390=m
  CONFIG_CRYPTO_AES_S390=m
- CONFIG_CRYPTO_DES_S390=m
  CONFIG_CRYPTO_HMAC_S390=m
  CONFIG_ZCRYPT=m
  CONFIG_PKEY=m
diff --cc arch/s390/configs/defconfig
index 5e3e2fe31b6b5,5cb7b715ba6b5..d89c988f33ea1
--- a/arch/s390/configs/defconfig
+++ b/arch/s390/configs/defconfig
@@@ -792,8 -794,8 +792,7 @@@ CONFIG_CRYPTO_USER_API_HASH=
  CONFIG_CRYPTO_USER_API_SKCIPHER=m
  CONFIG_CRYPTO_USER_API_RNG=m
  CONFIG_CRYPTO_USER_API_AEAD=m
 -CONFIG_CRYPTO_GHASH_S390=m
  CONFIG_CRYPTO_AES_S390=m
- CONFIG_CRYPTO_DES_S390=m
  CONFIG_CRYPTO_HMAC_S390=m
  CONFIG_ZCRYPT=m
  CONFIG_PKEY=m
diff --cc crypto/jitterentropy-kcapi.c
index 4ad7293574410,5edc6d285aa14..652852649a312
--- a/crypto/jitterentropy-kcapi.c
+++ b/crypto/jitterentropy-kcapi.c
@@@ -172,18 -194,27 +173,18 @@@ void jent_read_random_block(struct sha3
   ***************************************************************************/
  
  struct jitterentropy {
- 	spinlock_t jent_lock;
+ 	struct mutex jent_lock;
  	struct rand_data *entropy_collector;
 -	struct crypto_shash *tfm;
 -	struct shash_desc *sdesc;
 +	struct sha3_ctx hash_state;
  };
  
  static void jent_kcapi_cleanup(struct crypto_tfm *tfm)
  {
  	struct jitterentropy *rng = crypto_tfm_ctx(tfm);
  
- 	spin_lock(&rng->jent_lock);
+ 	mutex_lock(&rng->jent_lock);
  
 -	if (rng->sdesc) {
 -		shash_desc_zero(rng->sdesc);
 -		kfree(rng->sdesc);
 -	}
 -	rng->sdesc = NULL;
 -
 -	if (rng->tfm)
 -		crypto_free_shash(rng->tfm);
 -	rng->tfm = NULL;
 +	memzero_explicit(&rng->hash_state, sizeof(rng->hash_state));
  
  	if (rng->entropy_collector)
  		jent_entropy_collector_free(rng->entropy_collector);
@@@ -194,15 -225,34 +195,15 @@@
  static int jent_kcapi_init(struct crypto_tfm *tfm)
  {
  	struct jitterentropy *rng = crypto_tfm_ctx(tfm);
 -	struct crypto_shash *hash;
 -	struct shash_desc *sdesc;
 -	int size, ret = 0;
 +	int ret = 0;
  
- 	spin_lock_init(&rng->jent_lock);
+ 	mutex_init(&rng->jent_lock);
  
  	/* Use SHA3-256 as conditioner */
 -	hash = crypto_alloc_shash(JENT_CONDITIONING_HASH, 0, 0);
 -	if (IS_ERR(hash)) {
 -		pr_err("Cannot allocate conditioning digest\n");
 -		return PTR_ERR(hash);
 -	}
 -	rng->tfm = hash;
 -
 -	size = sizeof(struct shash_desc) + crypto_shash_descsize(hash);
 -	sdesc = kmalloc(size, GFP_KERNEL);
 -	if (!sdesc) {
 -		ret = -ENOMEM;
 -		goto err;
 -	}
 -
 -	sdesc->tfm = hash;
 -	crypto_shash_init(sdesc);
 -	rng->sdesc = sdesc;
 +	sha3_256_init(&rng->hash_state);
  
 -	rng->entropy_collector =
 -		jent_entropy_collector_alloc(CONFIG_CRYPTO_JITTERENTROPY_OSR, 0,
 -					     sdesc);
 +	rng->entropy_collector = jent_entropy_collector_alloc(
 +		CONFIG_CRYPTO_JITTERENTROPY_OSR, 0, &rng->hash_state);
  	if (!rng->entropy_collector) {
  		ret = -ENOMEM;
  		goto err;
diff --cc crypto/testmgr.c
index a8079cff77550,30671e7bc349d..4d86efae65b21
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@@ -4128,12 -4149,17 +4149,17 @@@ static const struct alg_test_desc alg_t
  		}
  	}, {
  		.alg = "authenc(hmac(sha1),rfc3686(ctr(aes)))",
- 		.test = alg_test_null,
+ 		.generic_driver = "authenc(hmac-sha1-lib,rfc3686(ctr(aes-lib)))",
+ 		.test = alg_test_aead,
  		.fips_allowed = 1,
+ 		.suite = {
+ 			.aead = __VECS(hmac_sha1_aes_ctr_rfc3686_tv_temp)
+ 		}
  	}, {
  		.alg = "authenc(hmac(sha224),cbc(aes))",
 -		.generic_driver = "authenc(hmac-sha224-lib,cbc(aes-generic))",
 +		.generic_driver = "authenc(hmac-sha224-lib,cbc(aes-lib))",
  		.test = alg_test_aead,
+ 		.fips_allowed = 1,
  		.suite = {
  			.aead = __VECS(hmac_sha224_aes_cbc_tv_temp)
  		}
@@@ -4190,12 -4220,17 +4220,17 @@@
  		}
  	}, {
  		.alg = "authenc(hmac(sha256),rfc3686(ctr(aes)))",
- 		.test = alg_test_null,
+ 		.generic_driver = "authenc(hmac-sha256-lib,rfc3686(ctr(aes-lib)))",
+ 		.test = alg_test_aead,
  		.fips_allowed = 1,
+ 		.suite = {
+ 			.aead = __VECS(hmac_sha256_aes_ctr_rfc3686_tv_temp)
+ 		}
  	}, {
  		.alg = "authenc(hmac(sha384),cbc(aes))",
 -		.generic_driver = "authenc(hmac-sha384-lib,cbc(aes-generic))",
 +		.generic_driver = "authenc(hmac-sha384-lib,cbc(aes-lib))",
  		.test = alg_test_aead,
+ 		.fips_allowed = 1,
  		.suite = {
  			.aead = __VECS(hmac_sha384_aes_cbc_tv_temp)
  		}